Privacy Policy
US Privacy Policy
1. Introduction
1.1. TOOT Digital Ltd is committed to safeguarding the privacy of our TOOT Digital Ltd service users; in this policy we explain how we will handle your personal data.
1.2. TOOT Digital Ltd is a data Processor. ‘Processing’ data means doing any of the following with the information:
- obtaining it
- recording it
- storing it
- updating it
- sharing it
‘Personal information’ or ‘personal data’ means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.
1.3. TOOT Digital Ltd processes data on behalf of its Clients who will be the organisation (s) whose website has TOOT Digital Ltd installed on. These Clients are the Data Owners. By using a website with TOOT Digital Ltd installed and agreeing to the website’s cookie policy you consent to our use of cookies, collection of behavioural data and personal information in accordance with the terms of this policy.
2. How we use your personal data
2.1. In this Section 2 we have set out:
(a) the general categories of personal data that we may process
(b) in the case of personal data that we did not obtain directly from you, the source and specific categories of that data
(c) the purposes for which we may process personal data
(d) the legal bases of the processing.
2.2. If you visit a website with TOOT Digital Ltd installed, we may process anonymous data about your use of it (“usage data”). The usage data may include your geographical location, browser type and version, operating system and referral source. We may also process anonymous data about your behaviour on a website which has TOOT Digital Ltd installed (“behavioural data”). The behavioural data may include the length of your visit, the pages you have viewed and how you have navigated through these pages during your session on the site. This data may be processed for the purposes of analysing the use of our website or any website that uses our services.
This usage and behavioural data is obtained using cookies. Cookies are most commonly used to track website activity. When you visit websites that have TOOT Digital Ltd installed, the server gives you a cookie that acts as your identifier. Upon each return visit to that site, your browser passes that cookie back to our server.
Should you decide to block cookies, our service may not be available to you. Most browsers will allow you to automatically block these types of cookies. Please refer to your browser’s privacy setting for more information.
2.3. If you submit your PII (“personally identifiable information”), either in a form submission, live chat, text, or any other means of digital communication, your personal information may be retained, used and attributed to your behavioural data and usage data. The personal information could include a phone number, name, email address or address.
After a live chat interaction, should you revisit the same website using the same device, you are not automatically re-identified and are freely able to browse the site anonymously. Should you re-enter into live chat with an operator, as before, your previous communications, current session usage and current session behavioural data will be attributed to the new interaction.
The legal basis for this processing is our legitimate interests, namely monitoring and improving our services, to better understand how visitors use websites with TOOT Digital Ltd installed, to give continuance to previous and ongoing communications and to offer a customized experience to the visitor should they engage in communication with an operator.
2.4. Under any circumstances, please do not supply any other person’s personal data or your own personal data to us, unless we prompt you to do so.
2.5. We may process client account data (“client account data”). The account data may include your name, company name and email address. The source of the account data is you or your employer. The account data may be processed for the purposes of, providing our services, ensuring the security of our website and services and communicating with you. The legal basis for this processing is both by your consent and our legitimate interests, namely the proper administration of our business.
2.6. We may process client information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (“Client notification data”). The notification data may be processed for the purposes of sending you the relevant update notifications and/or newsletters.
3. Providing your personal data to others
3.1. Unless requested otherwise within the chat on the TOOT Digital Ltd chat box, we do not share any personal information with any third party except for the Clients (this may include third party service providers and data processors of the company) whom TOOT Digital Ltd is providing the service to and the visitor has submitted personal information to. TOOT Digital Ltd will obtain consent (collected during a chat interaction with you) to send your chat contact information (PII) to its customers (our Clients) for the purpose outlined by you during a chat interaction with us. (Consent is achieved in recorded, text format.)
3.2. We may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
3.3 Any request you make for contact to be made to you by our Clients (or indeed their clients) will be considered as a request to the Data Owner. The Data Owner may then request us as the Data Processor to pass your details on either within their organisation or to any other organisation that you may have requested contact from. This data will be shared under the control of the Client’s Privacy Policy which will be available on their website. Nothing in your request will be considered as empowering the Client or their clients as giving wider marketing privileges to yourself other that the right to make direct contact in respect of your request.
4. International transfers of your personal data
4.1. In this Section 4, we provide information about the circumstances in which your personal data may be transferred to countries inside or outside the European Economic Area (EEA).
4.2. The European Commission has made an “adequacy decision” with respect to the data protection laws. As a result, from their findings, data transfers outside of the UK will be restricted to information that contains no personally identifiable data. Personal data is hereby restricted to the EU/UK only.
4.3. The hosting facilities for our website and database are situated in Ireland, a member state of the European Union. All Data is securely transferred to Amazon AWS encrypted by SSL (TLS 256bit Keys – provided by Comodo CA Limited).
4.4. If your personal data originates from outside the EEA, any personal data we collect and maintain will be transferred to our hosting facilities in Ireland and to our Clients as specified in section 3.3, above.
5. Retaining and deleting personal data
5.1. This Section 5 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
5.2. Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
5.3. We will retain your personal data as follows:
(a) For a minimum period of three months following collection
(b) For a maximum period of the length of the contract with the Client. plus three months.
5.4. Notwithstanding the other provisions of this Section 5, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
6. Amendments
6.1. We may update this policy from time to time by publishing a new version on our website.
6.2. You should check this page occasionally to ensure you are happy with any changes to this policy.
6.3. We may notify you of changes to this policy by email or through the private messaging system on our website.
7. Your rights
7.1. You have the right to request that we disclose what personal information about you we collect, use, disclose, and sell. In order to make such a request, you must send an email, using an email address that you have included in the personal details we have on file for you, to our contact email address below. We may ask you to confirm certain other personal details in order to verify that the request comes from you, including your name, birth date, and a physical address that you have placed on file with us, together with a photocopy of your passport certified by a solicitor, notary or bank plus an original copy of a utility bill showing your current address. We will review the information you submit to us and send an email to you confirming your request, before we make a decision on whether the request appears to be valid.
7.2. In the past twelve (12) months, we have collected the following kinds of information from consumers: name (first and last), email address, telephone number, postal (or ZIP) code, length and frequency of visits to the Website, pages viewed on the Website, IP address used to visit the Website, type of device (i.e., mobile or PC) used to access the Website, and geo location. We collected this information for the following business purposes: to enable live chat services, and if requested by a customer, to allow the customer to be contacted by our Client for the marketing and sale of vehicles. We have disclosed the above-listed information to relevant Clients to effectuate the aforementioned services.
7.3. We have not sold any consumer personal information to any third parties in the past twelve (12) months. We have disclosed the information listed in Section 7.2 only to our Clients, who provide the services described in Section 7.2, for valid business purposes, within the past twelve (12) months. Since we do not permit minors to make use of our website or services, we have not sold or disclosed any personal information concerning minors to any third parties within the past twelve (12) months.
7.4. You have the right to request that we delete any of your personal information that we have collected or maintained. You may request the deletion of personal information by sending an email to our contact email address below, using an email address that you have included in the personal details we have on file for you. We may ask you to confirm certain other personal details in order to verify that the request comes from you, including your name, birth date, and a physical address that you have placed on file with us, together with a photocopy of your passport certified by a solicitor, notary or bank plus an original copy of a utility bill showing your current address. We will review the information you submit to us and send an email to you confirming your request, before we make a decision on whether the request appears to be valid.
7.5. You have the right to request that we change certain details or items of personal information we maintain or have on file for you. In order to make such a request, you must send an email, using an email address that you have included in the personal details we have on file for you, to our contact email address below. We may ask you to confirm certain other personal details in order to verify that the request comes from you, including your name, birth date, and a physical address that you have placed on file with us, together with a photocopy of your passport certified by a solicitor, notary or bank plus an original copy of a utility bill showing your current address. We will review the information you submit to us and send an email to you confirming your request, before we make any decision on whether the request appears to be valid.
7.6. While you have the right to opt out of the sale by us of your personal information, at this time, we do not sell any personal information to third parties.
7.7. You have the right not to receive discriminatory treatment by us or our agents or employees simply because you have exercised any privacy rights under this policy or provided by law. It is our policy not to engage in any discrimination against individuals who exercise their privacy rights.
7.8. You may designate an authorized agent who is authorized to make requests to us concerning your personal information. In order to designate such an agent, you will need to contact us at the email address below, using an email address that you have included in the personal details we have on file for you. We may ask you to confirm certain other personal details in order to verify that the request comes from you, including your name, birth date, and a physical address that you have placed on file with us, together with a photocopy of your passport certified by a solicitor, notary or bank plus an original copy of a utility bill showing your current address. We will review the information you submit to us and send an email to you confirming your designation. Your written designation should include the name and full contact details (physical address, telephone number, and email) of the authorized agent.
7.9. We are not responsible for any Client website, however, our TOOT Digital Ltd responds to “do not track” signals.
7.10. We do not collect personally identifiable information concerning any consumer that concerns an individual consumer’s online activities over time and across different websites when the consumer uses our website or services. However, we are not responsible for any collection of such information by the websites of Clients.
7.11. We may withhold personal information that you request to the extent permitted by law.
8. Our details
8.1. TOOT Digital Ltd We are registered in England and Wales under registration number 14704861, and our registered office is at:
TOOT Digital Ltd, Monomark House, 27 Old Gloucester Street, London, England, WC1N 3AX 8.1.
You can contact us:
- by post, to [the postal address given above]
- using our website contact form
- by telephone, on 0330 053 2915
- by email, using clientservices@tootdigital.com
- text us +44 7451 280 500
9. Data protection officer
9.1. Our data protection officer’s contact details are available upon request.
UK Privacy Policy
This policy sets out the basis on which we process your personal data for our own business purposes, rather than on behalf of a third party. We are the data controller under this policy.
Where we process your personal data on behalf of a third party, we are the data processor. This is typically the case where we provide live chat services on another organisation’s website. In that situation, full data protection information is available from the data controller who instructed us. You can usually find this information linked at the bottom of their web page.
We are TOOT Digital Ltd Ltd (registered in england company number 14704861).
Our registered office is TOOT Digital Ltd Ltd, Monomark House, 27 Old Gloucester Street, London, England, WC1N 3AX. Our website is http://tootdigital.com.
1 INFORMATION WE PROCESS
1.1 We may collect and process the following data about you:
- Information you give us. You may give us information about yourself by filling in forms on our website, by talking to us by phone, e-mail or post, or by meeting us in person. This includes information you provide when you register to use our website on our website. The information you give us may include your name, address, job title, e-mail address, phone number, financial and payment information, personal description and photograph.
- Information we collect about you. Through our website, we may collect information which your web browser makes available to us. This includes technical information, such as your IP address, browser type, internet service provider, referring/exit pages, and date/time stamps. As you browse the site, we collect information about the individual web pages that you view, what websites or search terms referred you to the site, and information about how you interact with the site. You may be identifiable from this information. We use cookies on our website and you can refer to the ‘Cookies’ section below for more information.
- Information we receive from other sources. If you are an employee or representative of one of our suppliers or customers then your organisation might share your information with us for business purposes. The information we receive about you may include your name, contact information and job title. We may also receive information about you if you use any of the other websites we operate or the other services we provide, or from one of our external partners (including, for example, technical, payment and delivery service providers, advertising networks, analytics providers, search information providers, and credit reference agencies).
1.2 We usually only keep your information for as long as it reasonably takes to achieve the purpose we collected it for. In some situations we may need to keep your information for a different purpose, for example if a dispute arises between us. We will notify you if this happens.
2 USES MADE OF YOUR INFORMATION
2.1 We may use information held about you in the following ways:
- For website visitors, we process your information using cookies for analytics purposes and to ensure that our website works optimally for you. This processing is based on your consent. We also have a legitimate interest in responding to your enquiries made through our website.
- For customers who are individuals, we process your information to perform the contract between us. This includes where we take pre-contractual steps. We also process your information because we have legitimate interests in using it to efficiently operate our business, to coordinate our marketing activities and to respond to your enquiries. We also keep certain customer records because we have a legal obligation to do so.We process customer information for marketing purposes because we have a legitimate interest in telling you about services we offer which are similar to those you have bought or enquired about. You can unsubscribe from these communications at any time by following the instructions contained in the communication or by contacting us using the details set out in the ‘Contact’ section below.
- For suppliers who are individuals, we process your information to perform the contract between us, including where we take pre-contractual steps. We also process your information because we have a legitimate interest in using it to efficiently operate our business (e.g. keeping lists of trusted suppliers, historic contracts) and to approach you with enquiries. We also keep certain supplier records because we have a legal obligation to do so.
- For employees and representatives of our customers and suppliers, we process your information because we have a legitimate interest in doing so in order to administer the business relationship between your organisation and us.
- For all other third parties, we have a legitimate interest in processing your information in order to administer our business. We may also send you marketing communications on the basis of your consent or, where we have a legitimate interest in doing so, on the basis of your soft opt-in.
- If you share information with us about your allergies, dietary requirements or accessibility needs then we process that information on the basis of your explicit consent.
3 DISCLOSURE OF YOUR INFORMATION
3.1 Your personal information is not shared with anyone except where we are required to do so to comply with the law, to protect our rights, or to effectively operate our business. We may share your personal information with the following people or groups of people:
- Other organisations within our corporate group. This is necessary for the efficient operation of our business and to ensure that we are able to provide you with the best possible service.
- Our outsourced service providers. These people may have access to your personal information as part of the service they provide to us. This includes our IT providers and credit reference agencies. Our service providers are subject to strict contractual obligations to treat your personal information with the utmost sensitivity, to keep it confidential and to comply with data protection law at all times.
- Professional advisers. We may share personal information with our legal, financial and other professional advisers for the purpose of obtaining advice, such as legal advice. These transfers are protected by our advisers’ duties of confidentiality.
- Potential purchasers. We may share personal information with potential purchasers of our business, to the extent permissible under data protection law, subject to those persons first entering into strict confidentiality obligations with us.
3.2 The hosting facilities for our website and database are provided by Amazon Web Services and are situated in Ireland, a member state of the European Union.
4 YOUR RIGHTS
4.1 Under data protection law you have the following rights:
- the right to be informed about what we do with your personal information. This policy provides you with that information;
- if we are processing your personal information on the basis of your consent then you have the right to withdraw that consent at any time. Consent can be withdrawn by notifying us using the details set out in section 9 below. The lawfulness of our historic processing based on your consent will not be retrospectively affected by your withdrawal of consent;
- the right to access a copy of your information which we hold. This is sometimes called a ‘subject access request’. Additional details on how to exercise this right are set out in section 5, below;
- the right to prevent us processing your information for direct marketing purposes. We will inform you (before collecting your data) if we intend to use your personal information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise this right at any time by contacting us. You can also opt-out using the link contained in our marketing communications;
- the right to object to decisions being made about you by automated means. We will inform you if your information is subject to automated processing;
- the right to object to us processing your personal information in certain other situations;
- the right, in certain circumstances, to claim compensation for damages caused by us breaching data protection law; and
- the right, in certain circumstances, to request that we erase, rectify, cease processing and/or delete your information.
4.2 You also have the general right to complain to us (in the first instance) and to the Information Commissioner’s Office (if you are not satisfied by our response) if you have any concerns about how we hold and process your information. The Information Commissioner’s Office website is www.ico.org.uk.
5 ACCESS TO INFORMATION
5.1 Under data protection law you can exercise your right of access by making a written request to receive copies of some of the information we hold on you. We may request proof of your identity, or proof of authority if you are making the request on behalf of someone else, before we can supply the information to you. Requests should be sent to us using the contact details in section 9 below.
5.2 You do not need to pay a fee to exercise this right unless you are requesting copies of documents you already possess, in which case we may charge our reasonable administrative costs. We are also allowed to charge you for our reasonable administrative costs in collating and providing you with details of the requested information which we hold about you if your request is clearly unfounded or excessive.
5.3 In very limited circumstances, data protection law permits us to refuse to comply with your request. If we refuse to comply then we will notify you of that fact.
5.4 In certain circumstances, you are entitled to receive the information in a structured, commonly used and machine-readable form.
6 COOKIES
We use cookies on our website to distinguish you from other users and to monitor how you use our website. For full information about how we use cookies on our website, please read our Cookies Policy at https://visitor.chat/cookie-policy/.
7 THIRD PARTY SITES
Our website may contain links to partners’, advertisers’, affiliates and social networking sites. If you follow a link to any of these websites, please note that they have their own privacy policies which we are not responsible for. Please check those privacy policies carefully before you submit any personal information.
8 CHANGES TO OUR PRIVACY POLICY
This policy was last updated on 12 Mar July 2024. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you.
9 CONTACT
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to clientservices@toot.com. You can also contact us by post to Data Protection, TOOT Digital Ltd Ltd, Monomark House, 27 Old Gloucester Street, London, England, WC1N 3AXBottom of Form .