GP Networks: Tempo
Date of Review: November 2023
Tempo ("us", "we", or "our") operates https://www.tempo.gpnetworks.co.uk and we are committed to protecting the privacy and security of our users’ and visitors’ personal information and being transparent about how we do this.
This Privacy Notice informs you of our policies regarding the processing of the personal data we receive. This can mean collecting, recording, organising, storing, sharing, or destroying data. Our privacy procedures have been implemented to comply with the UK General Protection Regulation (UK GDPR) 2018 and any other legislation and regulations relevant to the United Kingdom.
Our relationship with your data
There are a number of different ways that we might hold your personal data and these define our role in relation to your data:
As Data Controller:
- When we receive your data directly through the use of our site e.g. if you submit an enquiry about our products and services.
- When we have a direct contract with you for our products and services when and you submit data to us through this process
As Data Processor:
- When we have a contract with your employer or other similar organisation who are using our products and services. In these circumstances your employer will be the ‘Data Controller’ and we will process data on behalf of them. In this situation you will be submitting personal information to us or you consent to your employer to do so on your behalf.
What data do we have?
In the two roles outlined above we may hold the following types of data:
- Personal Details e.g. name, address, e-mail address, phone numbers
- Your financial details e.g. for invoices, national insurance, pension, tax etc.
- Compliance documents e.g. DBS checks etc.
- Job role related information e.g. skills, location of work, types of rotas you have and are planned to work etc.
- Details of the type of contact we have had with you e.g. providing business quotes, invoices, requests regarding your data etc.
- Tracking cookie data
- Any other information you input through using our products. Please note that if you are inputting details on behalf of a third party, it is your responsibility to have obtained the necessary consent from the data subject before doing so.
- Business contact details
- Details of products and services we had with you
- Information on enquiries, complaints, and Freedom of Information Requests
Why do we have this data?
We collect this data in order to:
- To respond to your inquiry when you contact us, request a download or request a demo
- To advise you about new products and services that may be of interest to you (provided that you can choose not to receive any invitations or direct mail from us by indicating your preference as outlined below under Contact Us)
- For the performance of a contract with you e.g. as user of our services
- For our own legitimate interests e.g. marketing, development, managements or analytics as long as it does not come into conflict with your own interests
- To process data under instruction of a Data Controller, e.g. your employer, to whom we have a contractual obligation. In this case it is the Data Controller who is responsible for telling us what data we can process
We process this information with the following legal basis with reference to GDPR:
- Explicit Consent (6(1)(a))
- For the purposes of delivery of a contract (6(1)(b))
- Legitimate Interest (6(1)(f))
- Where we have a legal obligation (6(1)(c))
You may withdraw or modify your consent at any time through contacting Tempo’s Privacy Officer, Joe Aliferis at: email@example.com.
Who do we share your information with?
We only process your data for the reasons outlined above. In this process we may collect data from or share data with:
- You or legal representatives
- Organisations for which you work for by whom we have been instructed to process your data (it is their responsibility to decide what data we can process)
- Other organisations for which you have explicitly consented to share your information with e.g. because you have entered into a contract of work with them
How long do we hold your data?
As data controller we retain personal information for only as long as it is necessary to fulfill the stated purposes, except with the consent of the individual or as required by law.
As data processor we retain information for the period agreed with the data controller e.g. your employing organisation.
If we need to make a specific judgement on the retention period for your data we consider:
- the purposes for which we originally collected the personal data;
- the lawful grounds on which we based our processing;
- the types of personal data we have collected;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. GPnetworks protects personal information against unauthorized access in accordance with established policies and procedures. Information is protected by security safeguards appropriate to the sensitivity of the information.
What are my rights?
The data that we keep about you is your data and we ensure that we keep it confidential and that it is used appropriately. You have the following rights when it comes to your data:
- You have the right to request a copy of all of the data we keep about you.
- You have the right to ask us to correct any data we have which you believe to be inaccurate or incomplete. You can also request that we restrict all processing of your data while we consider your rectification request;
- You have the right to ask that we erase any of your personal data which is no longer necessary for the purpose we originally collected it for.
- You may also request that we restrict processing if we no longer require your personal data for the purpose we originally collected it for, but you do not wish for it to be erased.
- You can ask for your data to be erased if we have asked for your consent to process your data. You can withdraw consent at any time – please contact us to do so.
- If we are processing your data as part of our legitimate interests as an organisation or in order to complete a task in the public interest, you have the right to object to that processing. We will restrict all processing of this data while we look into your objection.
You may need to provide adequate information for our staff to be able to identify you, for example, a passport or driver’s licence. This is to make sure that data is not shared with the wrong person inappropriately. We will always respond to your request as soon as possible and at the latest within one month.
If you would like to contact us about your data or raise a complaint please contact us through your user login or e-mail us at: firstname.lastname@example.org.
If you are not happy with how we have dealt with your request then you can raise a complaint by contacting the ICO:
Information Commissioner’s Office
Review Date: November 2024