Privacy Policy

Effective Date: 10 September 2024

Introduction

This document explains how Tym Diary Management System handles your personal information and data. It’s important to inform you, as a user of our services, how we collect, manage, and store your data. Should any changes be made to this policy, we will notify you, and the latest version will always be available here.

Due to the nature of our platform, it’s crucial to understand that our data handling practices may also affect your clients. As a result, you may need to inform your clients of these practices through your own privacy policy.

Inkedup LTD (Company number 09706847) is a company registered in  England and Wales with a registered address of  2 Tyburn Road, Erdington, Birmingham, B24 8LA ('we', 'our', 'us' in this privacy policy). We are responsible for collecting, processing, and safeguarding personal and other information as part of our services and business operations. We manage this information in compliance with relevant data protection laws, including the Data Protection Act 2018 and GDPR.

For any questions related to the processing of your personal data, please contact us at:
Email: info@tym.online

Data Processing Principles

We take your privacy and data security seriously. This Privacy Policy explains how we process personal data, including what information we collect, how we use it, store it, protect it, and your rights.

We are guided by the following principles:

  1. We will collect data for specific and stated purposes.
  2. We will not collect more data than is necessary to fulfil those purposes.
  3. We will collect and use personal information only for legitimate business reasons, such as providing our services to you.
  4. We will not use your data for purposes other than those for which it was collected, without your consent.
  5. We will apply high standards to protect your data.
  6. We will not store personal data for longer than necessary, except where required by law.

What Information We Collect

We collect and process information in accordance with data protection laws and will only collect the data necessary to meet the purposes outlined. The data we may collect includes, but is not limited to:

  1. Contact details: Name, email address, phone number.
  2. Personal details and identifiers: Address, date of birth.
  3. Financial information: Payment and transaction data.
  4. Diary information: Calendar entries, client names, tattoo imagery and notes.
  5. Technical data: IP address, browser type, and access times.

We may also request special category data (such as health-related information) when necessary to provide our services. Such data will only be collected with your express consent and will be handled in line with best practices for special category data.

How We Collect, Use, and Share Personal Data

We collect most personal data directly from you when:

  1. You sign up for or use the Tym Diary Management System.
  2. You subscribe to newsletters or mailing lists.
  3. You contact us through our website, social media, or customer service.
  4. You use our system as part of your business operations.

We may also collect personal data from third-party sources, such as social media logins. This data is used only where these third parties have your consent or are otherwise legally permitted to share it.

We use the collected information to:

  1. Provide and manage our services.
  2. Process bookings or product purchases.
  3. Respond to queries or support requests.
  4. Provide personalised content based on your preferences.
  5. Communicate updates or changes to our services.
  6. Ensure the functionality and security of the system.

We do not sell your personal data to third parties. However, we may share your data with third-party service providers (e.g., payment processors, email service providers) as needed to deliver our services. These third parties are required to comply with relevant data protection regulations, including GDPR, and maintain adequate safeguards for your data.

How We Store and Process Your Data

We have implemented appropriate technical and organisational measures to ensure your data is secure. Your data is securely stored using third-party platforms such as:

  1. [Cloud Storage Provider]: For personal data storage.
  2. [Email Service Provider]: For communications.
  3. [Payment Processor]: For managing payments and subscriptions.

These platforms comply with GDPR, and where necessary, we ensure proper data transfer mechanisms for data processed outside the UK/EEA (such as under the EU-U.S. Data Privacy Framework).

We retain personal data only for as long as necessary for the purposes for which it was collected, typically up to 6 years, unless required by law to retain it for longer. After this period, your data will be deleted unless there is a legitimate reason to retain part of it.

Disclosure of personal information to third parties

  1. Third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, web-hosting and server providers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators;
  2. our employees, contractors and/or related entities;
  3. our existing or potential agents or business partners;
  4. payment systems operators;
  5. sponsors or promoters of any competition we run;
  6. anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;

Legal Basis for Processing Your Data

Our legal grounds for processing personal data include:

  1. Consent: Where you’ve given explicit consent.
  2. Contract: To fulfil a contract with you.
  3. Legal Obligation: For compliance with legal requirements.
  4. Legitimate Interests: For business or third-party interests, balanced against your rights.

Your Rights

As a data subject, you have several rights, including:

  1. Access: The right to request a copy of the personal data we hold about you.
  2. Rectification: The right to have inaccurate or incomplete data corrected.
  3. Erasure: The right to request the deletion of your data.
  4. Restriction: The right to request restricted processing of your data.
  5. Objection: The right to object to certain types of processing, such as marketing.
  6. Portability: The right to request that we transfer your data to another party in a structured, machine-readable format.

To exercise any of these rights, please contact us at: [Insert Email Address].

Cookies and Analytics

We use cookies and third-party analytics tools to monitor usage and improve our services. These tools may collect information such as:

  1. Site usage patterns.
  2. Browser and device data.
  3. Page interaction and navigation information.

If you wish to limit cookies, you can adjust your browser settings. Please note that disabling cookies may affect your experience on the Tym Diary Management System.

Marketing Emails

We may send you marketing communications where you have consented to receive them. You can unsubscribe at any time by clicking the “unsubscribe” link in any email or contacting us directly at [Insert Email Address].

Data Breaches

In the event of a data breach, we will follow the appropriate procedures in line with data protection legislation and notify the relevant authorities. Affected individuals will be informed if required by law.

Changes to This Privacy Policy

This policy was last updated on [Insert Date] and will be reviewed periodically. Any significant changes will be communicated to you via email or through our system. You can always check the latest version on our website.

For any further questions about our Privacy Policy, please contact us at:

Email: hello@tymbooking.com