Privacy Policy
Who we are
Our website address is: http://www.tacticalhazmat.com
What personal data we collect and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Contact forms
When visitors use contact forms to send enquiries, we collect their names, email addresses, the names of organisations they work for. It is necessary to obtain this information in order to provide the required service. The information is stored in the CRM system while there are commercial interests between Tactical Hazmat and the organisation of the person making the enquiry.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Analytics
Who we share your data with
Your data is stored in our CRM system. It is not shared with other organisations. If you enquire about a service or a product which we are unable to provide, we may recommend another organisation.
Where we engage third parties to process data on our behalf (such as event booking system), we will ensure, via a data processing agreement with the third party, that the third party takes such measures in order to maintain the company’s commitment to protecting data.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You have the following rights in relation to the personal data we hold on you:
- The right to be informed about the data we hold on you and what we do with it;
- The right of access to the data we hold on you. More information on this can be found in the section headed “access to data” below and in our separate policy on subject access requests”;
- The right for any inaccuracies in the data we hold on you, however they come to light, to be corrected. This is also known as ‘rectification’;
- The right to have data deleted in certain circumstances. This is also known as ‘erasure’;
- The right to restrict the processing of the data;
- The right to transfer the data we hold on you to another party. This is also known as ‘portability’;
- The right to object to the inclusion of any information;
- The right to regulate any automated decision-making and profiling of personal data.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Additional information
Under GDPR, all personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:
- Processing will be fair, lawful and transparent
- Data be collected for specific, explicit, and legitimate purposes
- Data collected will be adequate, relevant and limited to what is necessary for the purposes of processing
- Data will be kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay
- Data is not kept for longer than is necessary for its given purpose
- Data will be processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures
- We will comply with the relevant GDPR procedures for international transferring of personal data
How we protect your data
In order to protect the personal data of relevant individuals, those within our business who must process data as part of their role have been made aware of our policies on data protection.
We have also appointed employees with responsibility for reviewing and auditing our data protection systems.
Data security
Employees are aware of their roles and responsibilities when their role involves the processing of data. All employees are instructed to store files or written information of a confidential nature in a secure manner so that are only accessed by people who have a need and a right to access them and to ensure that screen locks are implemented on all pcs, laptops etc when unattended. No files or written information of a confidential nature are to be left where they can be read by unauthorised people.
Where data is computerised, it should be coded, encrypted or password protected both on a local hard drive and on a network drive that is regularly backed up. If a copy is kept on removable storage media, that media must itself be kept in a locked filing cabinet, drawer, or safe.
Employees must always use the passwords provided to access the computer system and not abuse them by passing them on to people who should not have them.
What third parties we receive data from
Information from social media sites and other publicly available sources: when you interact or engage with us on social media sites such as Linkedin, Twitter, Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products and services, or better understand user reactions and issues. We must tell you that once collected, this information may remain with us even if you delete it from the social media sites. Tactical hazmat may also add and update information about you, from other publicly available sources.
Data breaches
All data breaches will be recorded on our data breach register. Where legally required, we will report a breach to the information commissioner within 72 hours of discovery. In addition, where legally required, we will inform the individual whose data was subject to breach.
More information on breach notification is available in our breach notification policy.
Records
The company keeps records of its processing activities including the purpose for the processing and retention periods. These records will be kept up to date so that they reflect current processing activities.
We retain the customer’s personal information for as long as it is required for the purposes stated in this Policy. Sometimes, we may retain information for longer periods as permitted or required by law, if required in connection with a legal claim or proceeding, to enforce our agreements, for tax, accounting, or to comply with other legal obligations. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.