This website is not intended for children and minors and we do not knowingly solicit or collect Personal Data from children and minors. As a parent or legal guardian, please do not allow your children to submit Personal Data without your permission. Please contact us if you think that we have collected personal information from a child under the age of 18.
Personal Data we collect
How we use Personal Data
How we share Personal Data
How we transmit, protect and store Personal Data
1.Personal Data we collect
The term “Personal Data” refers to any personal data that can be used to identify you as an individual.
1.1 We may collect and process the following Personal Data about you.
(a) Personal information about you ► personal information that you provide to us, such as when you create a user account, read certain information regarding your accounts and additional information provided by or through TFO, or submit a question, such as your e-mail address;
(b) Our correspondence ► if you contact us such as when you make a general inquiry or request technical support, we may keep a record of that correspondence;
(c) Survey information ► we may also ask you to complete surveys that we use for research purposes. In such circumstances we shall collect the information provided in the completed survey; and
(d) Your use of our website ► details of your visits to our website and information collected through cookies and other tracking technologies including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.
(g) Do-not-track ► Because there is not yet a consensus on how companies should respond to web browser-based “do-not-track” (“DNT”) mechanisms, we do not respond to web browser-based DNT signals at this time.
Please note that not all tracking will stop even if you delete cookies.
1.2 We may collect your Personal Data from you directly. We may also collect Personal Data from third parties including agents that give instructions on your behalf.
2.How we use Personal Data
2.1 We may use your Personal Data in the following ways.
(a) To provide you with data, services and publications that you request ► to provide you with data and publications that we make available, and to facilitate any special requests or assistance that you have asked for.
Use justification: consent, contract performance, legitimate interests (to enable us to perform our obligations and provide services to you);
(b) To customize our services and products to you ► to assure attention to your individual needs, we collect and store specific information about you, such as your past transactions and other special requests.
Use justification: legitimate interests (to allow us to provide customized services and products to you);
(c) To register you as a user ► to create your user account. You can set up, review or update your user account information (including your Personal Data) online at any time.
Use justification: consent, contract performance, legitimate interests (to allow us to on-board you as a user);
(d) To provide marketing materials to you ► to provide you with updates and offers, where you have chosen to receive these. We typically use third party e-mail service providers to send e-mails. These service providers are contractually prohibited from using your e-mail address for any purpose other than to send e-mails related to TFO’s operations. We provide you the ability to unsubscribe from all marketing communications. Every time you receive an e-mail, you will be provided with the choice to opt-out of future e-mails by following the instructions provided in the e-mail. You may also opt-out of receiving promotional materials by updating your TFO account, or contacting us as set out in section 6 below.
Use justification: consent (which can be withdrawn at any time - please see paragraph 5.1 below);
(e) For analytics and profiling ► to tailor our marketing to you. In connection with our marketing activities, we analyse information that we collect about customers to determine what offers are most likely to be of interest to different categories of customers in different circumstances and at different times. We call this the creation of “segments”. Such Personal Data include customer behavioural information such as transaction history, preferences, service requests and interactions with us. From time to time, we will assess the Personal Data that we hold about you in order to assign you to a particular segment. We may use the segment that you have been assigned to in order to tailor our marketing communications to include offers and content that are relevant to you. We may also use this method to avoid sending you offers that are inappropriate or unlikely to be of interest to you. You have the right to opt out of such analysis of your Personal Data that we use to tailor the direct marketing that we send to you, at any time. You can exercise this right by contacting us as set out in section 6 below.
Use justification: consent (which can be withdrawn at any time - please see section 5.2 below); legitimate interests (to enable us to tailor our marketing to you);
(f) To comply with our legal obligations ► to comply with our legal obligations such as financial reporting requirements imposed by our auditors and government authorities, and to cooperate with law enforcement agencies, government authorities, regulators and/or the court in connection with proceedings or investigations anywhere in the world where we are compelled to do so.
Use justification: legal obligation, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities);
(g) To handle incidents and process any claims we receive► to handle any accidents and incidents such as liaising with emergency services, and to handle any claims made by customers;
Use justification: vital interest, legal claims, legitimate interests (to ensure that incidents and accidents are handle appropriately and to allow us to assist our customers);
(h) To improve our services and products ► to assist in developing new services and products and to improve our existing services and products.
Use justification: legitimate interests (to allow us to continuously improve and develop our services);
(i) To help our website function correctly ► to help content from our website get presented in the most effective manner for you and for your device
Use justification: contract performance, legitimate interests (to allow us to provide you with the content and services on this website);
(j) In connection with any reorganization of our business ► To analyse, or enable the analysis of, any proposed sale, merger, asset acquisition, or reorganization of our business.
Use justification: contract performance, legitimate interests (to allow us to continue providing services to you).
3 How we share Personal Data
3.1 We may share your Personal Data in the following ways.
(a) Third party service providers who process Personal Data on our behalf to help us undertake the activities described in section 2 ► We may permit selected third parties such as business partners, suppliers, service providers, agents, contractors and other TFO companies to use your Personal Data for the purposes set out in section 2, including mail houses and e-mail service providers that we engage to send and disseminate promotional materials for TFO products, data center providers that host our servers and third party agents that process mailing, requests, and transactions on our behalf. These parties are contractually prohibited from using Personal Data for any purpose other than for the purpose specified in their respective contracts, and will be subject to obligations to process Personal Data in compliance with the same safeguards that we deploy. We also provide non-personally identifiable information to these parties for their use on an aggregated basis for the purpose of performing their contractual obligations to us. We do not permit the sale of Personal Data to entities outside of TFO for any use unrelated to our group operations or use of Personal Data by third party for their own purposes.
(b) Law enforcement agencies, government authorities, regulators and the court in order to comply with our legal obligations or to handle incidents/ claims► We may disclose your Personal Data when required by relevant law or court order, or as requested by other government or law enforcement authorities to assist with proceedings or investigations. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime. This also applies when we have reason to believe that disclosing the Personal Data is necessary to obtain legal advice, to identify, investigate, protect, contact, or bring legal action against someone who may be causing interference with our guests, visitors, associates, rights or properties, or to others, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
Use justifications and legal grounds
We note the grounds we use to justify each use of your information next to the use in the How we use Personal Data and How we share Personal Data sections of this policy.
These are the principal legal grounds that justify our use of your Personal Data:
Consent: where you have consented to our use of your Personal Data (you will have been presented with a consent form in relation to any such use)
Contract performance: where your Personal Data is necessary to enter into or perform our contract with you.
Legal obligation: where we need to use your Personal Data to comply with our legal obligations.
Legitimate interests: where we use your Personal Data to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
Legal claims: where your information is necessary for us to defend, prosecute or make a claim against you, us or a third party.
Vital interest: where we need to process your Personal Data to protect the vital interest of you or another natural person e.g. where you require urgent assistance
4 How we transmit, protect and store Personal Data
Security over the internet
4.1 It is important to note that all Internet communication is not secure. There is a risk inherent in the use of e-mail. Please be aware of this when requesting information or sending forms to us by e-mail, for example, from the “Contact Us” section. We recommend that you do not include any sensitive information including credit card details when using e-mail or using any public computers/public WIFI. Our e-mail responses to you may not include any sensitive or confidential information. Please bear in mind that no security system or system of transmitting information over the Internet is guaranteed to be secure.
4.2 You should always close your browsers when you have finished completing a form. Although the session will automatically terminate after a short period of inactivity, it is easier for a third party to gain access to your profile whilst you are logged onto your account.
4.3 We treat all Personal Data that you provide to us as confidential information. To prevent Personal Data from unauthorised access or leakage, we have adopted and regularly monitor our security and data privacy policies and procedures. We use SSL protocol – an industry standard for encryption over the Internet, to protect the Data. When you type in sensitive information such as credit card details, it will be automatically encrypted and transferred over a SSL connection. This ensures that your sensitive Data is encrypted as it travels over the Internet. You will know that you are in a secure mode when the security icon (such as a lock) appears in the screen.
4.4 Where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.
4.6 We store certain customer information in our Customer Information System. Both systems are secure customer databases stored on a dedicated server located in a data center in Ireland hosted by a third party service provider. Our server resides behind firewalls to protect Personal Data collected from you against unauthorised or accidental access. Because laws applicable to personal information vary by country, our business operations may put in place additional measures that vary depending on the applicable legal requirements.
Data transmission across international borders
4.8 Where your Personal Data may be transferred to a country in which data protection laws may be of a lower standard than in transferor country, TFO will impose the same data protection safeguards that we deploy in the countries in which we operate.
4.9 Your Personal Data will be stored for the period of time required or permitted by law in the jurisdiction of the operation holding the information (for example certain transaction details and correspondence may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such data). So if information is used for two purposes we will retain it until the purpose with the latest period expires; but we will stop using it for the purpose with a shorter period one that period expires.
4.10 Our retention periods are based on business needs and your information that is no longer needed is either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed. By way of example:
(a) use for your user account: in relation to your Personal Data stored for your user account, you may edit and delete such Personal Data at any time.
(b) use for marketing: in relation to your Personal Data used for marketing purposes, we may retain your Personal Data for that purpose after we have obtained a consent to market to you, or the date you last responded to a marketing communication from us (other than to opt out of receiving further communications);
(c) use to perform a contract: in relation to your Personal Data used to perform any contractual obligation with you, we may retain that Personal Data whilst the contract remains and for a certain period thereafter to deal with any queries or claims thereafter; and
(d) where claims are contemplated: in relation to any information where we reasonably believe it will be necessary to defend or prosecute or make a claim against you, us or a third party, we may retain that information for as long as that claim could be pursued.
5 Your rights
Opt-out of marketing
5.1 You have the right to ask us not to process your Personal Data for marketing purposes. We will inform you if we intend to use your Personal Data for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the data collection forms. You can also exercise the right at any time by contacting us as set out in section 6 below.
5.2 Subject to various exceptions and data protection laws in your country, you may have the following rights:
(a) Access: you can ask us to provide you with further details on the use we make of your Personal Data and a copy of the Persona-l Data we hold about you;
(b) Correction: you can ask us to correct any inaccuracies in the Personal Data we hold about you;
(c) Complaint: if you are not satisfied with our use of your Personal Data or our response to any exercise of these rights, you have the right to complain to the data protection authority in your country;
(d) Erasure: you can ask us to delete your Personal Data if we no longer have a lawful ground to use;
(e) Withdrawal of consent: where processing is based on consent (e.g. marketing), you can withdraw your consent to processing so that we stop that particular processing
(f) Object to processing: you have the right to object to other types of processing (e.g. analytics and profiling activities carried out in relation to your Personal Data), unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights;
(g) Restriction: you can restrict how we use your Personal data, for example whilst we are verifying the accuracy of your Personal Data or where we are verifying the grounds that use as the basis of holding your Personal Data;
(h) Portability: where technically feasible, you have the right to ask us to transmit the Personal Data that you have provided to us to a third party in a structured, commonly use and machine readable form.
Updating or modifying information
5.3 We will use reasonable endeavours to ensure that your Personal Data is accurate. In order to assist us with this, you should notify us of any changes to the Personal Data that you have provided to us by updating your details through your user account or by contacting us as set out in section 6 below.
Notifications in the event of breach
5.4 In the unlikely event of a data breach, we are prepared to follow any laws and regulations which would require us to notify you of the disclosure of private information.
6 Contacting Us
Strictly Necessary ► These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but if you do so, some parts of the site will not work. These cookies do not store any personal information.
Performance Cookies ► These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Functional Cookies ► These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.
Targeting Cookies ► These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant ads on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Social Media Cookies ► These cookies are set by a range of social media services that we may have added to the site to enable you to share our content with your friends and social or professional networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies, you may not be able to use or see these sharing tools.
9 Other Sites
9.1 This website may contain links to other third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third party websites.
10 Additional Rights