Fax Preference Service (FPS) Privacy Notice
FPS understands its obligations to protect your privacy, the information that you provide to us is valuable in tackling the problem of unsolicited direct marketing fax. We therefore value it and wouldn’t want to use it in a way that you won’t expect.
This Privacy Notice informs you about what we do to protect your privacy and how you can control the way we use your personal data.
If you have any concern about how we use your data including making changes please contact us using the methods below:
· By Email: firstname.lastname@example.org
· By Phone: 020 7291 3330
· By Post: FPS, DMA House, 70 Margaret Street, London, W1W 8SS
Information you provide to us
Information is provided to us directly via our website, email, fax, over the phone, by letter or face to face, we will only ask for information that we need to enable us to provide the service requested. In order to administer the central ‘Do Not Fax’ register and the value added complaints handling service we normally ask you to provide us with:
· Your name
· Your contact details
· Your fax number registered (or to be registered)
Information provided to us by other organisations
You may also provide your information to us via another website e.g. agencies who promote FPS e.g. local authority, consumer protection organisations or telephone service providers.
Any such information should have been collected under the other organisations Privacy Notice, we ask that you read and fully understand how they handle your personal data.
Information provided to us via cookies
A “cookie” is a piece of information, like a tag, which some websites create on your PC. Our cookies allocate each user of this website with a random number. The cookies used on this site are not used for the collection of any personal information. Our cookies will not be used to analyse your visits to other websites or track any internet searches you may undertake whilst on the website. The information collected via cookies will be used to track movement on this website and for statistical analysis.
How we use your data
We use your personal information in various ways to:
· Register your fax number unto the central ‘Do Not Fax’ register
· Process your complaint about receipt of unsolicited direct marketing fax
· Process query relating to registration or complaint handling
· Administer the process of enabling organisations who send direct marketing fax with a licence to facilitate screening against the central ‘Do Not Fax’ register so they can identify numbers to which unsolicited direct marketing fax must not be sent
· Report to regulatory and enforcement bodies to enable enforcement against organisations who are reported by you to have failed to comply with their obligations relating to FPS
· Research and statistical analysis
Who we share your data with
We only share your personal data for reasons directly relating to registration or complaint handling including enforcement.
We use processors for our business operations who process personal data under our control:
· The Information Commissioners Office (ICO) on whose behalf TPS Limited (TPSL) runs the service and who are the regulatory body responsible for taking enforcement action against organisations who fail to comply with their obligations.
· Upon approval by the ICO other regulatory and enforcement bodies
· Acxiom for number registration unto the central ‘Do Not Fax’ register
· MIQ Solutions for website hosting and complaint handing applications
· Aspire Technology Solution who provide our office and email hosting system
All servers unto which personal data is stored are held and processed within the European Economic Area (EEA).
If required we will disclose or share your information without your consent, for example if we are required to do so by the courts, the police or other legal reasons.
How we keep your personal information safe
We understand and take our obligations to keep your personal data safe and secure very seriously. We comply with all regulatory and best practice guides including the DMA Code.
We hold Cyber Essential Plus certification, a UK government backed scheme that protects against a whole range of the most common cyber attacks.
Personal information is accessible on a job specific basis with all staff members undergoing data handling training as part of their ongoing development.
We hold a document library of information governance policies and procedures which all staff members comply with.
We have specific technical controls in place to restrict access.
How long we keep your personal information
As part of our information governance we hold a data retention policy, we keep personal information in line with our data retention policy.
We hold on the register active fax numbers registered by an individual for as long as the number remains active.
The service is only intended for live fax numbers as such, as part of our process we will remove from the register fax numbers that are inactive.
Our retention period for complaints reported about receipt of an unsolicited direct marketing fax is 6 years.
In relation to organisations who purchase a licence to enable screening against the register in order to identify fax numbers to which unsolicited direct marketing fax must not be sent, we have a statutory obligation to keep financial information.
Our retention period is 7 years for financial auditing purpose.
How to keep your personal information up to date
It is vital that we hold the correct fax number for you on the register for the service to be effective to you, we also require up to date contact details in order to communicate with you in direct relation to your registration or complaint handling.
Organisations who receive complaints about receipt of unsolicited direct marketing fax must ensure that we are always provided with valid contact details to issue complaints.
To update your personal information please email email@example.com .
How you can find out about the information we hold about you
It is your right to request from us a copy of the information that we hold about you.
To request a copy of some or all of your personal information, please write or email us using the contact details provided in this policy.
Once we have verified your identity which may involve asking you for various information and we have ascertained that we hold information about you we will:
· Give you a description of it
· Tell you why we are holding it
· Tell you who it may be shared with
· Provide you with a clear and coherent copy of the information
Our legal basis for processing your personal information
The legal basis upon which FPS relies is that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
TPSL administers FPS on behalf of the ICO and in doing so are joint controller. The relevant regulation is the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).
Asking us to suppress or remove your personal information
We would only contact you in direct relation to registration, complaints handling or administering the licence for access to the register.
Should you wish to remove your information entirely from our records (and assuming we have no other obligation to keep it) then please contact us notifying us of your wish.
We may need to hold for the purpose of suppression only.
Transfer to third countries
Organisations who are based abroad including outside the European Economic Area (EEA) who send direct marketing fax to UK fax subscribers are obliged to comply with PECR and screen against the FPS as appropriate.
The register which contains fax numbers only is made available to organisations in third countries for the purpose of suppression only. This is done under a licence agreement in order to ensure the same level of data protection in the United Kingdom will apply.
What to do if you have a complaint
If you have a complaint regarding your personal information please contact us at firstname.lastname@example.org .
If after our response you remain unsatisfied with the way your complaint was handled, it is your right to contact the Information Commissioners Office (ICO) https://ico.org.uk/concerns/
Links to other websites
Sale of business
Should TPSL be sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers’ advisers, passing it onto the new owners of the business. We will notify you should this occur and you will have the opportunity to request suppression or deletion at that time.
Changes to this policy
We ensure that this policy notice is reviewed regularly. This policy was last updated in May 2018.
We are The Telephone Preference Service Limited (TPSL)
· Our company registration number is 3729928
· TPSL is a subsidiary of the Direct Marketing Association (UK) Limited, registration number 2667995
· Our Office is registered at DMA House, 70 Margaret Street, London, W1W 8SS
· Our ICO registration number is Z6261147
The Fax Preference Service is a service run by Telephone Preference Service Limited (TPSL).