Introduction
Scope of this Privacy Policy
This Privacy Policy applies to the use of the Personal Data of our (prospective) customer representatives, website visitors.
- (Prospective) customer representatives: when we do business with our customers, we collect the contact details of the (legal) representatives of the customer. We collect this Personal Data for example through forms submitted via our website or by having contact via e-mail or telephone. In addition, we collect Personal Data of our customer’s representatives to provide access to our platforms and services.
- Website visitors: when you visit our website, we collect your (contact) details when you browse through our website and when you fill in or download forms on or from our website, such as to request a demo or trial of our products.
TMA Solutions is responsible (as ‘data controller’) for collecting and using your Personal Data as described in this Privacy Policy. TMA Solutions has appointed info@tmasolutions.com as its TMA-representative. The contact details of both entities can be found under section “Contact us” of this Privacy Policy.
Please note that TMA Solutions does not process any personal data (either as data controller or data processor) which is placed on its platforms or solutions by its customers, other than the item details provided by the data owner to contact you for our services or solutions (as described in this Privacy Policy). Further information about how personal data is handled within TMA Solutions’ services or solutions can be found in the relevant product terms.
How we collect and use your Personal Data
The exact types of Personal Data that we collect and use are outlined below and depend on the relationship we have with you and the kind of services that we provide to you.
- (Prospective) customer representatives: In order to establish business relationships with you as a client and provide you with access to the relevant products and services, we process the following Personal Data of our customer’s business representatives (acting on behalf of the company):
- Your contact details: your name, e-mail address, phone number and any other contact details you provide to us.
- Any other personal data: any Personal Data that you disclose in the form of your contractual relationship with us.
- Website visitors: when you visit our website, we collect the following Personal Data from you:
- Automatically collected data: when you access our website, we automatically collect some of your data through your browser or device such as through cookies (such as your IP address, analytics regarding your use of our website and other unique electronic identifiers).
- Automatically collected data: when you access our website, we automatically collect some of your data through your browser or device such as through cookies (such as your IP address, analytics regarding your use of our website and other unique electronic identifiers).
The Legal Basis we have for processing your Personal Data
We will only process your Personal Data if we can rely on one of the following legal bases:
- For the performance of our agreement with you (on behalf of the company you represent);
- To comply with a legal obligation;
- To act upon your consent;
- To pursue our legitimate business interests (or those of third parties).
Purposes for which we use your Personal Data
We will only process your data for specific and limited purposes which are linked to the legal bases that we set out in the section above. These purposes are:
- For the performance of our agreement with you. To carry out the agreement that we concluded or will conclude with you on behalf of your company and to provide you with the information and services you request. For instance, we will need to process your Personal Data in order to keep in contact with you, manage and handle requests, provide (technical) support or customer service and to provide essential information regarding the services. We will also need to process your Personal Data in order to provide you with access to our products or services through a user account, as agreed with you.
- To comply with our legal obligations. To fulfill legal obligations such as maintaining appropriate business records and to comply with requests from governmental agencies, supervisory bodies or fiscal authorities and to comply with applicable laws and regulations.
- Based on your consent we may send marketing or other business-related communications to our prospective customers, such as newsletters via email, if you have consented thereto. For existing customers, we send e-marketing (such as newsletters via email) based on our legitimate interests, as set out below.
- For our legitimate (business) This includes the following:
- To send e-marketing (such as newsletters via email) to our existing customers for the purpose of advertising our products and services or otherwise engaging with our customers for marketing or commercial purposes, provided that you have not opted out.
- To manage our internal client database (CRM) system, in order to keep track of our financials and services.
- To operate and expand our business activities and services.
- To develop and improve the quality of our services (e.g., by conducting customer satisfaction surveys or analyzing the use of our website).
- To invite our customers’ representatives to relevant business events.
- To ensure and protect the integrity, security and safety of our systems. This includes the prevention of unauthorized persons from accessing our systems.
Sharing your Personal Data
Storage Location of your Personal Data
All Personal Data of our (prospective) customer representatives and website visitors is primarily stored on our website server on Azure Cloud. We will implement adequate safeguards (and, where necessary, supplementary measures) to ensure that your Personal Data is afforded a level of protection which is essentially equivalent to the level of protection guaranteed within the ISO 27001.
You can request a copy of any documentation showing the adequate safeguards that have been taken by contacting our privacy team at info@tmasolutions.com.
Protecting your Personal Data
Effective security of your Personal Data is important to us. We have therefore taken adequate technical and organizational security measures to protect your Personal Data against unauthorized or unlawful use or access. We take steps to limit access to your Personal Data to those individuals who need to have access for one of the purposes listed in this Privacy Policy.
These measures include practices such as:
- Keeping Personal Data on a secured server behind a firewall;
- Using secure socket layer ("SSL") technology;
- Using regular malware and vulnerability scanning;
- Internal reviews of our data collection practice;
- Physical security measures to guard against unauthorized access to systems where we store Personal Data.
Retaining your Personal Data
We ensure that your Personal Data will not be stored longer than is necessary for the purpose which it was obtained (such as to provide you with our services, to answer queries or resolve issues or to fulfil our contractual obligations), unless a longer period is necessary to comply with legal obligations (such as fiscal or legal obligations) or to defend ourselves against a legal claim. Generally, we will only retain Personal Data throughout the term of our business relationship and delete it as soon as possible thereafter, unless we are legally required to retain the data for a longer period. If you would like to receive further information on how long we store your Personal Data, please contact info@tmasolutions.com
Your Rights with respect to your Personal Data
You have several rights in relation to the Personal Data processed by TMA Solutions. For example, you have the right to access, update, delete or restrict the Personal Data that we collect about you and at any time you can obtain a copy of your Personal Data that we hold or request that the information is transmitted to another data controller.
You also have the right to object to the processing of your Personal Data and if you have given us consent, for example to receive newsletters, you may withdraw this consent if you have changed your mind. Please note that a withdrawal of consent does not affect the lawfulness of any processing which has taken place prior to your consent being withdrawn and that we can only act on your request in accordance with applicable law.
If you wish to exercise your rights, you can contact us by sending an e-mail to our privacy team at info@tmasolutions.com. In order for us to comply with your request in the best way possible, please indicate which Personal Data you would like to receive, have changed or removed or what limitations you would like to put on our use of the data.
If you are unsatisfied with how we process your Personal Data or if you believe that your data protection rights have been violated, you have the right to lodge a complaint with the supervisory authority in the country where you live or where you believe your rights have been infringed.
Additional Disclosures for Viet Nam Residents: Your Rights Under Decree 13/2023/NDCP
- Right to be informed: Identifiers (including name and last name) and professional information (Including business contact information).
- Right to consent: You have the right to give consent to the processing of your personal data, other than in cases specified in Article 17 of this Decree.
- Right to access personal data: You have the right to access your personal data in order to look at, rectify or request rectification of your personal data, unless otherwise provided for by law.
- Right to withdraw consent: You have the right to withdraw your consent, unless otherwise provided for by law.
- Right to delete personal data: You have the right to delete or request deletion of your personal data, unless otherwise provided for by law.
- Right to obtain restriction on processing: You have the right to obtain restriction on the processing of your personal data, unless otherwise provided for by law.
- Right to obtain personal data: You have the right to request the Personal Data Controller and the Personal Data Controller-cum-Processor to provide you with your personal data, unless otherwise provided for by law.
- Right to object to processing: You have the right to object to the Personal Data Controller and the Personal Data Controller-cum-Processor processing your personal data in order to prevent or restrict the disclosure of personal data or the use of personal data for advertising and marketing purposes, unless otherwise provided for by law.
- Right to file complaints, denunciations and lawsuits: You have the right to file complaints, denunciations and lawsuits as prescribed by law.
- Right to claim damage: You have the right to claim damage as prescribed by law when there are violations against regulations on protection of your personal data, unless otherwise agreed by parties or unless otherwise prescribed by law.
- Right to self-protection: You have the right to self-protection according to regulations in the Civil Code, other relevant laws and this Decree, or request competent agencies and organizations to implement civil right protection methods according to regulations in Article 11 of the Civil Code.
Viet Nam’s "Dân Sự" law (Civil Code 91/2015/QH13, Article 11) permits users of our website who are Viet Nam residents to request certain information regarding our disclosure of personal information to third parties for their direct purposes. To make such a request, please send an email to info@tmasolutions.com