GDPR

At MyTSL, we prioritize the security and privacy of your personal data. Our commitment to data protection is grounded in stringent adherence to the General Data Protection Regulation (GDPR) and relevant data privacy laws in both the UK and the USA. Below is an overview of our robust data security measures and compliance practices.

​

1. Data Collection and Processing

We ensure that personal data is collected and processed lawfully, fairly, and transparently. Our processes are designed to:

• Obtain explicit consent from users before collecting any personal data.

• Minimize data collection to only what is necessary for the specified purpose.

• Inform users about how their data will be used, stored, and shared.

 

2. Technical Security Measures

Our technical safeguards are designed to protect your data against unauthorized access, breaches, and other cyber threats:

• Encryption: We use advanced encryption methods to protect data in transit and at rest.

• Access Controls: Strict access controls are implemented, ensuring that only authorized personnel can access sensitive data.

• Regular Audits: We conduct regular security audits and vulnerability assessments to identify and address potential security risks.

• Firewalls and Intrusion Detection Systems (IDS): These systems help monitor and block unauthorized access to our networks.

 

3. Organizational Measures

We have implemented comprehensive organizational measures to ensure data security:

• Employee Training: All employees undergo regular training on data protection best practices and GDPR compliance.

• Data Protection Officer (DPO): We have appointed a DPO to oversee our data protection strategy and ensure compliance with GDPR requirements.

• Policies and Procedures: Clear policies and procedures are in place for data handling, breach response, and incident management.

 

4. Compliance with UK and USA Regulations

In addition to GDPR, we comply with relevant data protection regulations in the UK and the USA:

• UK Data Protection Act 2018: We adhere to the UK’s Data Protection Act, which supplements GDPR provisions.

• California Consumer Privacy Act (CCPA): For our US clients, we comply with the CCPA, ensuring enhanced privacy rights for California residents.

• Privacy Shield Framework: Although the EU-U.S. Privacy Shield Framework is no longer a valid mechanism for data transfers, we adhere to its principles for data transferred to the USA.

 

5. Data Subject Rights

We respect and uphold the rights of data subjects as stipulated by GDPR:

• Right to Access: You have the right to request access to your personal data held by us.

• Right to Rectification: If your data is inaccurate or incomplete, you can request correction.

• Right to Erasure: You can request the deletion of your personal data under certain conditions.

• Right to Restrict Processing: You have the right to request the restriction of your data processing.

• Right to Data Portability: You can request the transfer of your data to another service provider.

• Right to Object: You can object to the processing of your data in specific circumstances.

 

6. Breach Notification

In the unlikely event of a data breach, we are committed to:

• Promptly notifying affected individuals and relevant authorities within 72 hours of becoming aware of the breach.

• Providing details of the breach, including its nature, the data affected, and measures taken to mitigate the impact.

 

7. Contact Information

For any questions or concerns regarding our GDPR compliance and data protection practices, please contact us at:​

​

• Email: privacy@mytsl.co.uk

• Phone: +44 208 123 6797

​

By choosing MyTSL, you are partnering with a company that values and protects your privacy with the utmost diligence. Our strict adherence to GDPR and other data protection regulations ensures that your personal data is secure and your rights are respected.

​