When we refer to Trisat, we include H2H Defence and other parties under contract. Trisat the collective needs to obtain and process some personal data when entering in to a contract for services with an individual or company.
Trisat takes your data privacy very seriously and will only use your personally identifiable information (PII) or Sensitive Personal Identifiable Information (SPII) for the purpose that it was given to us and to be able to communicate with you.
When you supply your personal details to Trisat they are stored and processed for 5 reasons (words in bold are the relevant terms used in the Data protection Act 2018, which includes the General Data Protection Regulation – i.e. the law):
1. Trisat needs to obtain and process some personally identifiable information (PII) when entering in to a business relationship with any individual. This is to ensure that every individual will be:
a. Identified correctly
b. Addressed correctly
c. Have their requests or concerns met
d. Able to communicate appropriately by post, phone or email.
2. We have a “Legitimate Interest” in collecting that information, because without it we couldn’t do our job effectively.
3. We also think that it is important that we can contact you to confirm your agreements with us or to update you on matters related to our business/contract. This again constitutes “Legitimate Interest”, but this time it is your legitimate interest.
4. In the course of a contractual agreement for service, we may be requiring to pass a responsible amount of your PII to clients, customers or contractors for the purpose of communication between you and the third-party.
5. Provided we have your “consent”, we may occasionally send you general information in the form of articles, advice or newsletters. You may withdraw this consent at any time – just let us know by any convenient method.
Trisat takes data privacy very seriously and will only use PII or SPII for the purpose that it was given to us and to be able to communicate effectively. We only ever use your personal data with your consent, or where is necessary:
• To enter into, a contract with you
• To comply with legal duty
• To protect your vital interests
• For our own (or third party’s) lawful interests, provided your rights don’t override these
• Be compliant to the European Union General Data Protection Regulations
• Adhere to all the GDPR Principles
• Promote and embrace EU citizens’ Rights
• Protect your PII at all times
• Be compliant to all applicable data protection laws
• Request the minimum of data necessary for our mutual purpose
• Encrypt any data that needs to be retained
• Be transparent and open to you concerning your PII
• Provide you with data access if requested
• Safely delete any PII when no longer required
Trisat will not:
• Hold any PII longer than is necessary
• Share your PII without explicit consent (other than stated above)
• Use your PII for any other purpose without explicit consent
We are based in the UK and we store our data within the UK. Some organisations which provide services to us may transfer or process personal data outside of the EU, but we will only allow them to do if your data is adequately protected (through our strict diligence process).
Some of our systems such as Microsoft 365 and Dropbox products are US Company’s and as such are compliant to the strict USA’s Privacy Shield Scheme. We also use Boxcryptor (German company) to encrypt all stored information.
We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored depends on the information in question and what it is being used for.
We continually review what information we hold and delete what is no longer required. We never store payment card information. We will not retain your data for any longer than necessary and the longest time that we will hold your data will be one year or three years if medical information is collected.
We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follows:
• the right to confirmation as to whether we have your personal data and, if we do, to obtain a copy of the personal information we hold (this is known as a data subject access request)
• the right to have your data erased (though this will not apply where it is necessary for us to continue to use the data for a lawful reason)
• the right to have inaccurate data rectified
• the right to object to your data being used for marketing or profiling; and
• where technically feasible, you have the right to personal data you have provided to us which we process automatically based on your consent or the performance of a contract. This information will be provided in a common electronic format.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
If you wish to raise a complaint on how we have handled your personal data, you can contact Trisat below who will investigate the matter.
• The Trisat Data Controller registered with the DPA is Tremaine Kent and he is contactable by email: firstname.lastname@example.org
By Mail or telephone: Trisat Ltd, 11 Kings Drive, Bradwell, Great Yarmouth,
Norfolk, NR31 8TE Tel: 0333 577 0899
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.