Back to Home
Data Protection
Last updated: January 2025
Enterprise Outbound, a trading name of Tower Clicks Limited, is committed to protecting your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data Controller
For the purposes of UK GDPR, Tower Clicks Limited is the data controller of your personal information. Our registered address is:
2. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Contract: To provide our services and fulfill our contractual obligations
- Legitimate Interest: To improve our services and communicate with you
- Consent: For marketing communications and non-essential cookies
- Legal Obligation: To comply with applicable laws and regulations
3. Personal Data We Collect
We may collect the following types of personal data:
- Identity Data: Name, job title, company information
- Contact Data: Email address, phone number, address
- Financial Data: Payment information (processed securely by Stripe)
- Technical Data: IP address, browser type, device information
- Usage Data: How you interact with our website and services
- Marketing Data: Your preferences for receiving marketing communications
4. How We Use Your Data
We use your personal data for the following purposes:
- Providing and managing our consultation services
- Processing payments and transactions
- Communicating with you about our services
- Sending marketing communications (with your consent)
- Improving our website and services
- Complying with legal obligations
- Preventing fraud and ensuring security
5. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
- Client Data: 7 years (for tax and legal compliance)
- Marketing Data: Until you withdraw consent or opt out
- Website Analytics: 2 years
- Payment Data: As required by Stripe's terms of service
6. Your Data Protection Rights
Under UK GDPR, you have the following rights:
- Right of Access: Request a copy of your personal data
- Right to Rectification: Correct inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data
- Right to Restrict Processing: Limit how we use your data
- Right to Data Portability: Receive your data in a structured format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Withdraw consent for marketing communications
7. Data Security
We implement appropriate technical and organizational measures to protect your personal data:
- Encryption of data in transit and at rest
- Regular security assessments and updates
- Access controls and authentication
- Staff training on data protection
- Incident response procedures
8. International Data Transfers
Your personal data may be transferred to and processed in countries outside the UK. We ensure appropriate safeguards are in place, such as:
- Adequacy decisions by the UK government
- Standard contractual clauses
- Certification schemes
9. Third-Party Processors
We may share your data with trusted third-party processors who assist in our operations:
- Stripe: Payment processing
- Google Analytics: Website analytics
- Email Service Providers: Marketing communications
10. Data Breaches
In the event of a personal data breach, we will:
- Assess the risk to your rights and freedoms
- Notify the Information Commissioner's Office (ICO) within 72 hours if required
- Notify affected individuals without undue delay if there is a high risk
- Document all breaches and our response
11. Contact Us
If you have any questions about this Data Protection Policy or wish to exercise your rights, please contact us:
12. Complaints
You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data in accordance with the law. You can contact the ICO at:
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Website: ico.org.uk