Privacy Policy

We appreciate your trust in sharing your personal data with us and are committed to protecting it. We strictly follow the regulations set forth by data protection laws and the UK General Data Protection Regulation. This document outlines how we collect, use, and safeguard your personal data and explains your rights and how you can exercise them.

Tru-Digital Services LTD. is the parent company of Tru Digital Protection, along with their associated websites. 

Tru-Digital Services Ltd (“the Company”) is the data controller for all the organisations within the Company that are covered by this notice. Tru-Digital Services Ltd determines what data is collected, how it will be used, and how it will be protected.

Our registered office address is:

Tru-Digital Services LTD
5 Brayford Square
London
E1 0SG
United Kingdom

If you have questions about how we process personal data or want to exercise your data subject rights, please email us at privacy@trudigital.co.uk. 

Personal Information is any personally identifiable information, such as your email address, name, home or work address, telephone number, bank details, or online identifier, which can directly or indirectly identify you, as defined in Article 4 (1) of the UK General Data Protection Regulation. We refer to it as “Personal Information” here.

We collect your data for one or more of the following purposes:

• To manage communications between parties.

• Where necessary, fulfil the contract or take steps before agreeing with clients, suppliers, or other relevant parties.

• To process payments.

• To provide information that has been requested or may be relevant.

• To ensure the safe and efficient operation of the website, including performance monitoring.

• To offer dashboards that facilitate the monitoring of trends, performance analysis, and informed decision-making.

• For marketing and advertising purposes, including communication with customers who have purchased similar products and services.

• For training purposes.

• To provide Human Resources functions and services.

• To conduct pre-screening and right-to-work checks.

• Carry out disclosure and Barring Service checks to inform recruitment decisions.

• To conduct surveys and solicit customer feedback.

We only collect and use your personal information when the law allows us to. Most commonly, we use it where:

• The data subject has provided consent for the processing activity.
• The processing is necessary for the performance of a contract.
• The processing is necessary for compliance with a legal obligation to which the controller is subject.
• The processing is necessary to protect the vital interests of data subjects and those of other individuals.
• The processing is necessary for our legitimate interest. Where legitimate interest is identified as a lawful basis, we will undertake a legitimate interest assessment, which is a three-part test covering:
  • The purpose of the test is to identify legitimate interests.
  • Necessity test – to consider if the processing is necessary for the purpose identified.
  • Balancing test – considering the individual’s interests, rights, or freedoms and whether these override the legitimate interests identified.

We collect personal information from our Clients, Customers, Suppliers, and Partners. We may also collect your personal information for purposes such as marketing and reporting. These instances may include, but are not limited to, registering on or using our website, providing information on the website, requesting product information, calling us (your call may be recorded), emailing us, interacting with us on social media or Google Workspace, or using any of our services.

Personal Information

The personal information that we may collect, store, and use about you as defined in Article 4 (1) of the UK General Data Protection Regulation., which may include:

• Name
• Current and previous addresses
• Telephone number
• Job title, role, current and previous employers, employment location and qualifications
• Right to work
• Security clearances
• Email address
• Chat conversations on the website (HubSpot) and Google Workspace
• IP addresses and geographical location
• Transactional information about the services you use and how you interact with them, e.g., services viewed, page response times, download errors, length of visit, scrolling, clicks, and mouse hovers
• Browser type
• Browser language
• Operating system
• Device type
• Time zone
• Communication preferences
• Payment information (we do not store card data and are PCI DSS compliant)
• Training information

We may use technologies, such as tracking pixels, to collect some of the above information from emails we send to you. This helps us focus our marketing on your requirements and provide you with more relevant emails. It also lets us identify your lack of engagement with our marketing emails.

Special Category Personal Data

We do not process special categories of personal data as defined in Article 9 (1) of the UK General Data Protection Regulation., which the UK General Data Protection Regulation singles out as personal data, which is more sensitive.

We may also collect information from third parties such as HubSpot, Google Workspace, Xero; this list is not exhaustive.

Where data relating to criminal activities is concerned, the lawful purpose will be dealt with under Article 10 of the UK General Data Protection Regulation. and Section 10 of the Data Protection Act 2018.

Your personal data will only be kept for as long as is reasonably necessary to achieve the purposes for which it was collected, including meeting any legal, regulatory, tax, accounting, or reporting obligations. In the event of a complaint or if there is reasonable belief of potential litigation regarding our relationship with you, your personal data may be retained for a longer duration.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the data; the potential risk of harm from unauthorised use or disclosure of the data; the purposes for which we process the data and whether those purposes can be achieved through other means; and the applicable legal, regulatory, tax, accounting, or other requirements.

We take our responsibility to protect your privacy very seriously and will ensure that your data is secure in accordance with our obligations under Data Protection laws. We have implemented technical and organisational measures to safeguard personal information and to prevent your data from being accessed in an unauthorised manner, altered, or disclosed. We maintain a robust access control policy that restricts access to your personal data to only those employees, contractors, and third parties who have a legitimate business need to know. The processing of your personal data will only occur in accordance with our instructions.

We have policies and procedures in place to handle any potential data security breaches, and we will notify data subjects, third parties, and any applicable regulators where we are legally required to do so.

Unfortunately, the transmission of information via the Internet is not completely secure, so we cannot guarantee the security of your information when it is transmitted to our website or from third-party websites. Any transmission is at your own risk. However, we use strict procedures and security features to prevent unauthorised access.

The site may, from time to time, include links to and from the websites of our partner networks, advertisers, and affiliates. If you follow a link to any of these websites, we cannot accept any responsibility or liability, and you will need to agree to the relevant company’s privacy notice. Please ensure you accept such policies before submitting your data.

We recognise that the information you provide may be confidential. We do not sell, rent, distribute or otherwise make personal information commercially available to any third party; however, we may share information within the Company, our service providers and our customers for the purposes outlined in this Privacy Notice. We will keep your information confidential and protect it in accordance with our Privacy Notice and all applicable laws.

We do not knowingly collect information about children. If we have collected personal information regarding a child, please contact us immediately so we can remove and/or assess and review this information without unnecessary delay.

In this section, we have summarised your rights under the UK General Data Protection Regulation. Some of these rights are complex, and not all details have been included in our summaries. Therefore, you should refer to the relevant laws and guidance from regulatory authorities to explain these rights thoroughly.

The UK General Data Protection Regulation stipulates that we must respond to your request within one calendar month of receiving your verified request unless our assessment determines that your request is complex.

Your main rights under the UK General Data Protection Regulation, unless restricted by law, are:

• Right to Object to processing of your personal information.
• Right to Request Access to your personal information
• Right to request to be informed
• Right to request Rectification of your personal information
• Right to request Erasure of your personal information
• Right to request Restricting Processing of your personal information
• Right to make a Portability request of your Personal Data; this right only applies to information you gave us.
• Rights under automation and profiling

If you have any questions about these rights, please contact us.

If you have consented to the processing of your information, the highest-standard security measures will be employed to protect any personal information as required by data protection laws.

Where personal data is transferred outside the European Union to a country that lacks an adequate decision, we will ensure that appropriate safeguards are implemented before the transfer occurs. These may include:

• United Kingdom International Transfer Agreements (UK ITAs).
• The Data Protection (Adequacy (United States of America) Regulations 2023.
• EU-US Data Privacy Framework and Data Bridge accreditation.
• An exception in Article 49 of the UK General Data Protection Regulation.

For further information regarding transfers and safeguarding measures, please do not hesitate to contact us.

We take any complaints about our collection and use of personal information very seriously.

If you think that our collection or use of personal information is unfair, misleading, or inappropriate, or you have any other concerns about our data processing, please let us know in the first instance.

To lodge a complaint, please contact us by email at privacy@trudigital.co.uk.

Suppose you feel dissatisfied with how we handle your data or with any complaint you have made regarding our data management. In that case, you have the right to escalate your complaint to the Information Commissioner’s Office, which is our supervisory authority for data protection in the UK. You can find its contact information at https://ico.org.uk/global/contact-us/.

Currently, we are concentrating our efforts on the United Kingdom.

We regularly review this policy, which was last updated on 1 March 2025. We reserve the right to update this privacy notice at any time and will provide you with a new one when we implement any substantial changes. Additionally, we may notify you in other ways from time to time regarding the processing of your personal information.