Privacy Policy for Tulloch Group
1. Introduction
Tulloch Group (“we”, “us”, or “our”) is committed to protecting and respecting your privacy. We recognize the importance of safeguarding personal data and are dedicated to maintaining the confidentiality, integrity, and security of information entrusted to us. This Privacy Policy outlines our practices regarding the collection, use, disclosure, and protection of your personal data when you use our website, tullochgroup.com (the “Site”), and any associated services. We operate in strict compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all users of tullochgroup.com and governs the collection and processing of personal data by the Tulloch Group as a “Data Controller” under GDPR and as a “Business” under CCPA. It covers all personal data gathered through the Site and its related services, communications, and interactions.
By accessing or using tullochgroup.com, you acknowledge that you have read, understood, and agreed to the terms of this Privacy Policy.
3. Categories of Data Processed
We collect various categories of personal data to deliver, improve, and secure our services. The types of data we may collect include:
– Usage Data: This includes information about how you use the Site, such as your IP address, browser type, access times, pages viewed, and session metadata. We use this to maintain system security, detect fraud, and understand user behavior.
– Account Data: When you create an account or complete forms, we may collect your full name, postal address, email address, telephone number, and account login details.
– Profile Data: This consists of information related to your preferences, service usage patterns, purchase history, and behavioral data derived from interactions with the Site.
– Communication Data: Any correspondence you send to us, including support requests, contact form submissions, chat records, emails, and call transcripts, may be stored and analyzed to improve service quality.
– Technical Data: We may collect device identifiers, system configuration, operating system, browser, and related diagnostics data while you interact with tullochgroup.com.
– Transaction Data: Information about payments and deliveries through the Site, such as billing information, shipping address, transaction timestamps, and financial data where necessary.
– Preference Data: We retain information about marketing and communication preferences, consent records, and your stated interests in any products or services we offer.
4. Legal Bases for Processing
We process your personal data based on the following lawful grounds, as required under GDPR:
– Consent: When you provide clear and informed permission to process your personal data for specific purposes.
– Contract: Processing necessary for the performance of a contract to which you are a party or to take steps prior to entering into such a contract.
– Legitimate Interests: Processing that is necessary for our legitimate business interests, except where your rights and interests override those interests. These may include analytics, business improvement, fraud detection, and direct marketing (subject to opt-out rights).
– Legal Obligation: Where processing is necessary to comply with legal and regulatory requirements.
5. Your Rights under GDPR and CCPA
Under applicable data protection laws, you have the following rights:
a. Right of Access – You may request confirmation about whether we process your personal data, and, if so, a copy of such data.
b. Right of Rectification – You may request correction of inaccurate or incomplete personal data.
c. Right of Erasure – You may request deletion of your personal data in certain circumstances.
d. Right to Restrict Processing – You may request us to restrict processing if you contest the accuracy or legality of processing.
e. Right to Data Portability – You may request your data in a structured, commonly used format for your use or transfer to a third party.
f. Right to Object – You may object to the processing of your data based on our legitimate interests, including for direct marketing.
g. Right to Opt-Out (CCPA) – You may direct us not to sell your personal information or share it for cross-context behavioral advertising (if applicable).
To exercise these rights, please contact us at: [email protected].
We will not discriminate against you for exercising your privacy rights.
6. Security Measures
We employ comprehensive security safeguards to protect your personal data, including:
– Data encryption during transmission and at rest using industry-standard protocols.
– Role-based access controls and authentication procedures to prevent unauthorized access.
– Regular security audits and vulnerability assessments.
– Scheduled data backups and redundant systems to ensure business continuity.
– Ongoing privacy and security training for personnel with access to personal data.
While we strive to protect your information, no transmission or storage system is completely secure. You are responsible for maintaining the confidentiality of your login credentials.
7. International Data Transfers
Your personal data may be transferred to and stored in countries outside your region, including jurisdictions that may not offer the same level of data protection. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as:
– Standard Contractual Clauses (SCCs) approved by the European Commission.
– Frameworks under applicable privacy laws, such as adequacy decisions or binding corporate rules.
– Agreements requiring recipients to adhere to EU or equivalent data protection standards.
8. Data Retention
We retain personal data only as long as reasonably necessary for the purposes stated in this Privacy Policy or as required by applicable law. Our retention periods include:
– Usage Data: Up to 24 months.
– Account Data: Retained for the life of the account and up to 6 years thereafter for legal or audit purposes.
– Profile and Preference Data: Retained for 3 years from last activity or until revoked.
– Communication Data: Retained for 2 years post-resolution unless required longer for legal compliance.
– Transaction Data: Retained for 7 years to satisfy accounting and tax obligations.
– Technical Data: Retained for a maximum of 12 months.
Upon expiration of the retention period, data is securely deleted or anonymized.
9. Cookie Policy
Tullochgroup.com uses cookies and similar tracking technologies for several purposes:
– Essential Cookies: Required for basic functionality, such as account login and preferences.
– Functional Cookies: Enhance website performance and store user choices.
– Analytics Cookies: Collect aggregated data to understand site traffic and interactions.
– Performance Cookies: Monitor load time, uptime, and operational metrics to improve user experience.
These technologies help us deliver a secure, efficient browsing experience and tailor services to your preferences.
10. Cookie Management and Compliance
We comply fully with GDPR and CCPA cookie requirements. Upon visiting tullochgroup.com, you may be presented with a cookie banner soliciting your consent for non-essential cookies. You may:
– Accept or reject specific types of cookies via the cookie settings tool on our Site.
– Withdraw consent at any time through the same mechanism.
– Configure your browser to block or delete cookies.
By continuing to use the Site after consenting to cookies, you affirm your acceptance of our cookie practices.
11. Children’s Privacy
Tullochgroup.com is not intended for use by individuals under the age of 13. We do not knowingly collect personal data from children. If we become aware that a child under 13 has provided us with personal data without verifiable parental consent, we will delete such information promptly. Parents or guardians who believe we may have collected data from a child should contact us via [email protected].
12. Policy Updates
We may modify this Privacy Policy from time to time to reflect legal, technical, or operational changes. If material changes are made, we will provide reasonable advance notice through appropriate means, such as a notice on the Site or by contacting you directly, if feasible. Continued use of tullochgroup.com after updates constitutes acceptance of the revised policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us at:
Email: [email protected]
Website: https://tullochgroup.com
We are committed to safeguarding your privacy and complying with all relevant laws and industry standards. Your trust is important to us—please do not hesitate to reach out regarding any privacy matter.