Introduction and Applicability
The use and disclosure of personal data is governed in the United Kingdom by the UK General Data Protection Regulations (GDPR).
This privacy notice explains:
- how we collect store, use, disclose, retain and destroy personal data (those activities are also referred to as processing personal data) through the use of our website or otherwise when you communicate or interact with us in the course of business
- the steps we take to ensure personal data we process is protected properly and used only for the purposes outlined in this Privacy Notice
- the rights individuals have when we process their personal data
- how to contact us and supervisory authorities in the event that you wish to exercise your rights or have a complaint.
This Privacy Notice is applicable to you as a client of ‘Tyck’ or a Freelance Assistant.
Tyck Limited (Trading as ‘Tyck’) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the GDPR which applies across the European Union (including in the United Kingdom) and we (Tyck) are responsible as ‘data controller’ of that personal information for the purposes of those laws.
What is personal data?
Personal data is any information we handle that relates to an identified or identifiable natural person. An ‘identifiable natural person’ is anyone who can be identified, directly or indirectly from information, including by reference to a name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Why do we process your personal data?
We process your data to provide our services to you (if you are a client) or receive services from you (if you are a virtual assistant freelancer, to improve our service or our dealings with freelancers, and to meet and enforce our legal obligations).
As a ‘Client’
We collect your data only when necessary in the course of providing you with a service. We require your information to maintain your account and complete briefs on your behalf. Without this information, we would not be able to do business with you.
Other data, including website usage data is used to better improve our services.
How do we collect your personal data?
As a ‘Client’
Direct Interactions – We collect the majority of your data when you choose to give this to us on our website, by email, over the phone, in person at meetings or otherwise.
Automated Interactions – We collect this personal data by using cookies, and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. For more information about the cookies we use, and how to disable them, please see our cookies policy.
Our Lawful basis for processing data
We collect the following personal information when you provide it to us. References to the basis of processing (e.g. “Basis: Legitimate Interest”) are a reference to the article of the General Data Protection Regulation under which we undertake the processing in question.
- Information you provide when signing up for our service, or enquire about registering for our service. We use this information to provide you with a quote and help provide you with a service. Basis: Performance of Contract; Legitimate Interest.
- Further information you provide to us in ‘on-boarding’ emails and phone calls with you following your having submitted your information. We use this for the same purposes as above. Basis: Performance of Contract; Legitimate Interest
- Instructions and information you provide to us as part of a brief you have asked us to carry out. Basis: Performance of Contract
- Communications you send to us in relation to your briefs, we use this to provide our service to you. Basis: Performance of Contract
- Any sensitive data you provide including passwords in order to carry out briefs allocated by you. This information is stored in secure vaults within the EU and access is strictly controlled. Basis: Performance of Contract
- Any feedback you give us regarding your service. We use this to help us improve the service. Basis: Legitimate Interest
- Information about how you use our website, including (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website. Basis: Legitimate Interest
- Additionally, we will also use your information in the event that we need to enforce our client terms of service. Basis: Legitimate Interest; Performance of Contract
- We may also need to process your data for compliance with a legal obligation to which we are subject.
Who we share your information with
We will routinely share your information with third party providers in the course of providing you with a service. Disclosures are considered on a case by case basis, ensuring that only personal information which is necessary and proportionate to a specific lawful purpose is disclosed with appropriate controls and safeguards in place.
Some third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.
- If you are a client, we will share relevant information about you from your client account (including your name, email address, profile, biography) and the nature of your brief with a freelancer we think is suitable for your brief.
- We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party.
How we store your data
We store your personal information securely and only for as long as we need to, in order to provide you with a service or satisfy our lawful requirements.
- Personal Information (Clients) – stored, where necessary in 3rd party software in order to maintain your client account, track time spent on tasks and complete your briefs. We keep this information as long as you are a client with us, and for 5 years afterwards.
- Personal Information (Enquiries) – stored, where necessary in 3rd party software such as HubSpot. We keep this information for 2 years.
- Sensitive Data – information such as passwords are only ever stored in a secure vault, protected by 2 Factor Authentication with individual access audited and tightly controlled. This information is not transferred outside of the EEA. This information is destroyed securely by the 3rd party software as soon as you cease being our client.
- Financial Information – information relating to the billing for our services is stored on a 3rd party software, which may transfer your information outside of the EEA. They have taken appropriate safeguards to protect this information and can be found here. Financial data is stored for 7 years after the end of the tax year in which it relates.
- Cookie Data – cookies are deleted after a maximum of 365 days.
How we keep your information secure
We take the protection of your data very seriously and have measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way.
- We ensure that appropriate policy, training technical and procedural measures are in place to protect our manual and electronic information systems from data loss and misuse.
- We limit access to your personal information to those who have a legitimate business reason and those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
- We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Transferring your information out of the EEA
We may transfer your personal information to third party service providers which are located outside the European Economic Area (EEA). We do this to help us provide our service and take every step to ensure your data is secure.
We will not otherwise transfer your personal data outside of the United Kingdom or EEA.
What are your rights?
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
- Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
- Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation here.
How to Exercise your Rights
If you would like to exercise your rights at any time, please:
- Email us at [email protected]
- Provide us with enough information to identify you
- Provide us with proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill)
- Be specific about the information to which your request relates
If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email.
Changes to this Notice
This privacy notice was published on 30th August 2022.
We may change this privacy notice from time to time, when we do in any way that affects you significantly we will inform you.
Our Contact Details
Name: Tyck Limited
Address: Windover House, St Ann Street, SP1 2DR
Email: [email protected]
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://ico.org.uk