T2A.io privacy notice
Last update: 06 Dec 2018
This privacy notice tells you what to expect when Simunix collects personal information from the website T2A.io.
Cookies are information packets sent by web servers to web browsers, and stored by the web browsers.
The information is then sent back to the server each time the browser requests a page from the server. This enables a web server to identify and track web browsers.
There are two main kinds of cookies: session cookies and persistent cookies. Session cookies are deleted from your computer when you close your browser, whereas persistent cookies remain stored on your computer until deleted, or until they reach their expiry date.
Cookies on our website
t2a.io uses the following cookies on this website, for the following purposes:
Stores the referring URL when the User purchases credits, so we know where to return them to when they are finished.
- Most browsers allow you to refuse to accept cookies.
- In Internet Explorer, you can refuse all cookies by clicking "Tools", "Internet Options", "Privacy", and selecting "Block all cookies" using the sliding selector.
- In Firefox, you can adjust your cookies settings by clicking "Tools", "Options" and "Privacy".
- Blocking cookies will have a negative impact upon the usability of ukphonebook.com
Contact via social media
We do not use any third party providers to manage our social media interactions. Any direct messages received will be bound by the Privacy Notices of the relevant social media sites and stored in line with the policies outlined in those notices.
Contact via email
We use Transport Layer Security (TLS) to encrypt and protect email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.
We will also monitor any emails sent to us, including file attachments, for viruses or malicious software.
Individuals who register on www.t2a.io
By submitting registration information you permit Simunix to contact you by email from time to time with information relating to this service, and our associated services; Orbis and ukphonebook.com. This continued contact is required to allow us to manage your account effectively, and to inform you of any new features that have been added to our services.
Any communication from Simunix to the Customer will include an opt-out or unsubscribe link that will remove the user from or contact list. The Customer can also opt out of marketing or delete their account on the account management page under 'Privacy settings'.
Simunix does not share your personal data with third parties or data processors.
Your personal data.
Personal data is held in a secure and encrypted format using the latest protocols and procedures. We check for account activity on a quarterly basis and we will delete any account details, including all personal data, if an account has not been active for a period of 3 years.
t2a.io resides on dedicated servers within a secure server centre located in the UK. We implement security protocols, in order to satisfy the security requirements of:-
- Our clients
- Our suppliers, whose data we host.
- Our partners, such as credit card processors.
Our service lives on dedicated servers, currently located in a secure hosting facility in Oldham (see https://www.ukfast.co.uk/our-datacentres.html).
The servers reside behind a firewall, which only allows port 80 and 443 access to the web server part – all other IP traffic is limited to our office IP.
The servers use RAIDed SSDs. The data is not "in the cloud".
No physical access is permitted to those servers, not even by ourselves.
They are fully protected against malware or viruses, and fully patched with software updates.
Secure Connections (https)
Our service is browser-based, so we recognise the critical importance of the secure (https) connection between our client’s agents and our servers. Our Https strength is highly rated (see our SSL Labs Test), securing the client’s confidential data. We currently permit TLS 1.0-1.2; TLS 1.1 will be disabled in Q2 2018. The key exchange is 2048 bits; the data exchange is normally 256 bits (128 bits to be disabled in Q3 2018). Forward secrecy supported. SSL3 and earlier protocols not permitted.
We are 'A' rated on the SSL Labs test.
As part of the https strength, we no longer allow the use secure of our service from older browsers (Internet Explorer 8 or older, or Internet Explorer on Windows XP) which are technically unable to create the highly secure connection that we now require. In Q2 2018, clients using Internet Explorer 9 will also be unable to access our websites via Https, after we cease to permit secure connections under the TLS 1.0 protocol.
Under the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT, you have rights as an individual which you can exercise in relation to the information we hold about you.
Access to personal information
Simunix tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘subject access request’ under the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT. If we do hold information about you we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
To make a request to Simunix for any personal information we may hold you need to submit the request via our contact form.
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
To reiterate, Simunix only hold personal data to service our customers effectively. We do not share this information with 3rd parties.
General Data Protection Regulation (GDPR)
Simunix provides data to their customers from a number of licenced and permissioned sources. These are:
- BT OSIS
- Companies House
- The Edited Electoral roll
- Royal Mail
- Ordnance Survey
- Land Registry
- Consumer Data
Additionally, Simunix can check all the records produced from these sources against the TPS and CTPS registers, which are updated daily.
(Please note: The following information is based on our understanding of the GDPR legislation and should not be interpreted as legal advice).
It is important that your business understands its responsibilities under the GDPR when conducting a marketing campaign using any of the above data sources.
Under the GDPR, direct marketing can be categorised as a legitimate interest, however, the campaign must be conducted in such a way that will not override the rights of the data subject.
Your business will need to run a balancing test to determine whether the rights of the data subject will not be overridden by your direct marketing campaign. Any measures that are implemented as a result of your balancing test will need to be documented internally so that they can be produced upon request. For example:
- If you are marketing through sales calls, are the telephone and mobile numbers TPS and CTPS checked?
- Do you apply an internal suppression against the customers that you have already marketed to?
- Do you have clear rules in place regarding data retention and deletion?
Any complaints from data subjects regarding their inclusion should be directed back to the supplier:
- Their Local Authority
- Their telecoms provider
Entries in Companies House and the Land Registry are in the public domain.
If required, Simunix can help you trace the data source to ensure the complaint is channelled to the correct supplier.
Privacy Notice Updates
We may change this Privacy Statement from time to time as we add new features to our products. The 'last update' date will always be present at the top of this page. Any changes will become effective upon our posting of the revised Privacy Notice on our website.