Privacy Notice

Privacy Notice

We take the privacy and security of your information very seriously, so please take a moment to review the below information. 

INTRODUCTION

Phishing Tackle Limited respects your privacy and we will only use your information in the way we describe in this notice. When using your information, we aim to be fair, transparent and to follow our obligations under UK data protection law.

This Privacy Notice explains what information we gather about you, what we use that information for, and who we give that information to. It also sets out your rights in relation to your information, how long we keep it and who you can contact for more information.

It is our policy to collect only the minimum information required from you. If you believe we have collected excessive information about you, please contact us to raise any concerns you may have.

Although you do not have to provide any of your personal information to us, if we ask you to do so and you refuse, we may be unable to provide you with the information, goods or services you want from us.


WHAT IS PERSONAL INFORMATION?

Personal information is anything that enables you to be identified or identifiable, such as your:

  • First and last names
  • Postal and email addresses
  • Telephone numbers
  • MAC and IP address
  • Identity documents (e.g. passports & driving licence)
  • Identity numbers (e.g. National Insurance and Bank accounts)
  • Career & educational documents (e.g. CVs & qualifications)
  • Contact information

Your personal information is sometimes called “personal data”. We collectively refer to handling, collecting, protecting or storing your personal information as ‘processing’.


COLLECTING PERSONAL INFORMATION

Below are just some examples of how you may provide personal information to us:

  • Asking us to provide goods or services to you or someone else
  • Contacting us
  • Searching and browsing our website
  • Subscribing to our newsletters
  • Accessing our online publications
  • Entering our surveys
  • Registering for or attending our events
  • Submitting CVs, references or work history information to us
  • Providing us with business cards or other contact information Registering our products

We buy or rent information about you or customers generally from third parties including credit reference information, demographic information, marketing lists, publicly available information and other information to help improve our products and services or our business.


USING PERSONAL INFORMATION

When you provide personal information to us, we may use it as described below or as stated at the point we collect it from you (or as may be obvious to you from the context of collection), including:

  • To provide services to you that you have requested
  • To develop our businesses and services
  • To consider whether to offer someone employment with us
  • To administer those employed by us
  • To administer and manage our website including:
    • To sort and analyse user data (such as determining how many users from the same organisation have subscribed to or are using the Website)
    • To understand how people, use the features and functions of our website in order to improve the user experience
  • To conduct quality and risk management reviews
  • Any other purposes for which personal information has been provided to us, including any of the purposes given in the ‘Collecting personal information’ section above.

We do not collect personally identifying information for sale to third parties.


LEGAL GROUNDS FOR PROCESSING PERSONAL INFORMATION

We rely on one or more of the following processing conditions:

  • To perform our contractual obligations to you; and/or
  • To satisfy any legal and regulatory obligations to which we are subject; and/or
  • To satisfy our legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our businesses (where this does not interfere with your rights); and/or
  • When you have agreed to us processing your personal information.


SECURITY OF PERSONAL INFORMATION

We have implemented generally accepted standards of technology and operational security in order to protect personally identifiable information from loss, misuse, alteration or destruction.

Only authorised persons are provided access to personally identifiable information we have collected, and such individuals have agreed to maintain the confidentiality of this information.

Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure.

We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to or by us.


SHARING PERSONAL INFORMATION

We may transfer, share or disclose the personal data we collect from you to third parties (other organisations or individuals) for:

  • The purposes for which the information has been submitted
  • The purposes listed above under ‘USING PERSONAL INFORMATION’
  • The administration and maintenance of our website and/or
  • Other internal or administrative purposes

We may also transfer share or disclose personal data to third party service providers of identity management, website hosting and management, data analysis, data backup, security and storage services.

These third-party providers may use their own third-party subcontractors that have access to personal data (sub-processors). It is our policy to use only third-party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by us, and to flow those same obligations down to their sub-processors.


OTHER DISCLOSURES

We may also disclose personal information to third parties under the following circumstances:

  • When explicitly requested by you
  • When required to deliver goods or services requested by you
  • When required to facilitate our conferences or events that you have asked to attend which are hosted by a third party
  • As otherwise set out in this privacy policy.

We may also disclose your personal information to law enforcement, regulatory and other government agencies and to professional bodies and other third parties, as required by and/or in accordance with applicable law or regulation.

INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION

Your personal information will not be transferred by us outside the European Economic Area (EEA) without your written consent.


RETENTION OF PERSONAL INFORMATION

We will retain your personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.

Normally, this means we will retain your personal information for seven years.

PHISHING TACKLE TOOLS

Phish Hook  Button (Google Workspace)

Our Phish Hook button’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.  See https://developers.google.com/terms/api-services-user-data-policy for further information on this.


MARKETING

Where we are legally required to obtain your consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.

If you want to unsubscribe from any subscriptions, you should look for and follow the instructions we will have provided in the relevant communications to you.

If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honour your request.


RIGHTS IN RELATION TO YOUR INFORMATION

You have certain rights in relation to the personal information we hold about you. In particular, you have the right to:

  • Request a copy of personal information we hold about you;
  • Ask that we update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
  • Ask that we delete personal information that we hold about you, or restrict the way in which we use such personal information;
  • Object to our processing of your personal information; and/or
  • Withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).

If you would like to exercise these rights or understand if these rights apply to you, please contact us.


AUTOMATED DECISION MAKING

We will not use your personal information for automated decision making or profiling.


CHILDREN

We understand the importance of protecting children’s privacy and we never knowingly collect personal information about individuals under the age of 13. We adhere to laws regarding marketing to children.


OUR WEBSITE

Our Website may link to third-party sites not controlled by us and which do not operate under our privacy practices. When you link to third-party sites, our privacy practices no longer apply. We encourage you to review each third-party site’s privacy policy before disclosing any personally identifiable information.

We do not intend to collect special category (also known as sensitive) personal information through our website (unless we are legally required to do so). Examples of special category information are:

  • Race or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade union membership
  • Physical or mental health
  • Genetic data
  • Biometric data
  • Sexual life or sexual orientation
  • Criminal records.

We ask that you do not provide us with special category personal information when using our website.


COOKIES

Cookies are small files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Any cookies that may be used by our website are used either solely on a per session basis, to maintain user preferences or to enable us to better understand how our website is used, so that we can improve it.

Force24 Cookies & Tracking

Our organisation utilises Force24’s marketing automation platform.

Force24 cookies are first party cookies and are enabled at the point of cookie acceptance on this website. The cookies are named below:

  • F24_autoID
  • F24_personID

They allow us to understand our audience engagement thus allowing better optimisation of marketing activity.

f24_autoId – This is a temporary identifier on a local machine or phone browser that helps us track anonymous information to be later married up with f24_personid. If this is left anonymous it will be deleted after 6 months . Non-essential, first party, 10 years, persistent.

f24_personId – This is an ID generated per individual contact in the Force24 system to be able to track behaviour and form submissions into the Force24 system from outside sources per user. This is used for personalisation and ability to segment decisions for further communications. Non-essential, first party, 10 years, persistent.

The information stored by Force24 cookies remains anonymous until:

  • Our website is visited via clicking from an email or SMS message, sent via the Force24 platform and cookies are accepted on the website.
  • A user of the website completes a form containing email address from either our website or our Force24 landing pages.

The Force24 cookies will remain on a device for 10 years unless they are deleted.

Other Tracking

We also use similar technologies including tracking pixels and link tracking to monitor your viewing activities

Device & browser type and open statistics

All emails have a tracking pixel ( a tiny invisible image ) with a query string in the URL. Within the URL we have user details to identify who opened an email for statistical purposes.

Link Tracking

All links within emails and SMS messages sent from the Force24 platform contain a unique tracking reference, this reference help us identify who clicked an email for statistical purposes.


CONTACT US

If you have any questions or complaints about the way your personal information is processed by us, or would like to exercise one of your rights set out above, please contact us via our support@phishingtackle.com.


COMPLAINTS

You also have the right to lodge a complaint with your local data protection regulator, which in the UK is the Information Commissioner Office (ICO). The ICO can be contacted by the following means:

Contact Form: www.ico.org.uk/global/contact-us/email/

Telephone: 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers). If you’re calling from outside the UK please call +44 1625 545 700.

Postal address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Our ICO Registration number is ZA916108


UPDATING THIS PRIVACY NOTICE

We may update this Privacy notice at any time by publishing an updated version here. So that you know when we make changes to this Privacy statement, we will amend the revision date at the bottom of this page. The new modified or amended Privacy notice will apply from that revision date. Therefore, we encourage you to review this Privacy notice periodically to be informed about how we are protecting your information.