Topographical

Privacy Policy

Topographical, a trading division of Survey and Mapping Group Ltd (“we”/”us”) are predominantly involved with the provision of surveying services in a business to business capacity. We are committed to protecting and respecting any personally identifiable data and any confidential or sensitive commercial information which you share with us as part of this process.

This statement describes what types of information we collect from you, how it is used by us, how we share it with others, how you can manage the information we hold and how you can contact us.

The contents of this statement may change from time to time, so you may wish to check this page occasionally to ensure you are still happy to share your information with us. Where possible, we will also contact you directly to notify you of any substantial changes.

This version of our Privacy Policy is live from 25th May 2018. 

The information we collect 

We collect information about you and your company when you request a quote or make a query about the services we provide. We only collect information which is necessary, relevant and adequate for this purpose and to fulfil the obligations of any subsequent contract formed.

Any information within correspondence you send to us.

How we use the information 

Contractual performance - We may use and process your personal information where this is necessary to perform a contract with you or your company on your behalf or to carry out a precontract request, such as a quote or a query about our services. 

Legitimate interests – We may process your data as part of fraud protection, security measures and to assess credit worthiness. We do not currently pursue direct marketing but we may contact you/your company where we can demonstrate a balance of interests, to which you would have the right to object. One example would be to notify you of a new service offering that would complement a service you have previously enquired about. Where we have a relevant and appropriate relationship with you as an existing client, we may contact you to discuss your expectations of our firm.

Legal Obligation - We may process your personal information to comply with our legal requirements. For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order. This may include your personal information. 

Vital Interest – We may need to process your personal information to protect the vital (health) interests of an individual should the situation arise.

How we store the information 

This website is hosted by TeleData UK Ltd within a UK data centre located in Congleton, England. 

Teledata UK Ltd are one of the most reputable data centre providers in the UK, operating a Tier 3+, ISO27001:2013 certified data centre, offering the highest levels of technical resilience and physical security available. 

Some of the data centre’s more notable security features are as follows:

3m rota-spike security fence and perimeter anti-ram barriers

Blast proof anti-intruder shielded external windows and doors

Proximity access locks on all external and internal doors

Interlocked man-trap doors with biometric iris scanners to gain access into data floors

Server cabinets have locked doors (no open racks)

Perimeter and internal IP CCTV system monitored 24×7

24×7 on-site security guards with static and mobile patrols

All on-site personnel are security vetted to BS7858 standard

Only authorised security cleared staff are allowed into the facility.

All server details are stored on TeleData UK Ltd’s internal management system that is only accessible from their data centre location. This data is stored in an encrypted format and accessed via a front-end which has two-factor authentication in place on a per-user basis. 

All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS. 

We maintain a secure local copy of specific contract related data to enable us to make organisational and management decisions to deliver our service to you. This is regularly encrypted and backed up to cloud storage provider Microsoft. 

Microsoft also provide our cloud based email service.

How we share the information 

We use third parties to undertake some processes on our behalf in the interests of providing a high quality of service. Please click the names of the 3rd party data processors below to review their respective privacy policies. 

Stripe

You may pay for a contract by debit/credit card using Stripe. The details you enter are bypassed directly to Stripe and no record is made on our servers.

DropBox Quote and Survey files which may contain personal data you have previously provided - are made available to you securely via DropBox. 

Google

Google Maps and Google Analytics records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. Google also records your computer’s IP address, which could be used to personally identify you but Google do not grant us access to this.

How long we keep your information for

We will hold personal data within business information for a period of 7 years from the point the relationship ends. You may exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law.

How you can manage the information we hold about you

You have the right as an individual to access your personal information we hold about you and make corrections if necessary. You can You also have the right to withdraw any consent you have previously given us and ask us to erase information we hold about you. You can also object to us using your personal information (where we rely on our business interests to process and use your personal information).

You have a number of rights in relation to your personal information under data protection law. In relation to most rights, we will ask you for information to confirm your identity and, where applicable, to help us search for your personal information. Except in rare cases, we will respond to you within 28 days after we have received any request (including any identification documents requested).

You have the right to:

Ask for a copy of the information that we hold about you;

Correct and update your information;

Withdraw your consent (where we rely on it). Please see further How do we use this information;

Object to our use of your information (where we rely on our legitimate interests to use your personal information) provided we do not have any continuing lawful reason to continue to use and process the information.  When we do rely on our legitimate interests to use your personal information for marketing, we will always comply with your right to object;

Erase your information (or restrict the use of it), provided we do not have any continuing lawful reason to continue to use and process that information; Transfer your information in a structured data file (in a commonly used and machine readable format), where we rely on your consent to use and process your personal information or need to process it in connection with your contract.

You can exercise the above rights and/or manage your information by contacting us using the details below:

Post: Survey and Mapping Group Ltd, 35 Charles Avenue, Lenton Abbey, Nottingham, NG9 2SH

Email: hello@topographical.co.uk

Phone: 01158 497 685

If you are unhappy, you have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed.  The contact details for the Information Commissioner’s Office, the data protection regulator in the UK, are below:

Post:   Information Commissioner's Office

Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF

Call:     0303 123 1113 Email:   casework@ico.org.uk