TR Benchmark

Data Protection

Our commitment to protecting your data and privacy

1. Our Commitment to Data Protection

TR Benchmark is committed to protecting your personal data and respecting your privacy rights. We comply with the EU General Data Protection Regulation (GDPR) and other applicable data protection laws.

As a data controller, we are responsible for ensuring that your personal data is processed lawfully, fairly, and transparently. This page outlines our data protection practices and your rights under GDPR.

2. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR Article 6:

Contract Performance

Processing necessary to provide our services and fulfill our contractual obligations to you.

Legitimate Interest

Processing for our legitimate business interests, such as improving our services and preventing fraud.

Legal Obligation

Processing required to comply with legal requirements, such as tax and accounting obligations.

Consent

Processing based on your explicit consent, which you can withdraw at any time.

3. Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

Article 15Right of Access

You have the right to request copies of your personal data and information about how we process it.

Response time: Within 1 month of request

Article 16Right to Rectification

You have the right to request correction of inaccurate or incomplete personal data.

Response time: Within 1 month of request

Article 17Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data in certain circumstances.

Note: Some data may need to be retained for legal or regulatory compliance

Article 18Right to Restrict Processing

You have the right to request limitation of processing in certain circumstances.

Article 20Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format.

Article 21Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing.

Article 22Rights Related to Automated Decision Making

You have rights regarding automated decision-making, including profiling.

4. Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

Technical Measures

  • End-to-end encryption
  • Secure data transmission (TLS/SSL)
  • Database encryption at rest
  • Regular security updates
  • Intrusion detection systems
  • Regular backups and recovery procedures

Organizational Measures

  • Access controls and permissions
  • Employee data protection training
  • Data processing agreements
  • Privacy by design principles
  • Regular security audits
  • Incident response procedures

5. International Data Transfers

When transferring your personal data outside the European Economic Area (EEA), we ensure adequate protection through:

  • Adequacy Decisions: Transfers to countries deemed adequate by the European Commission
  • Standard Contractual Clauses (SCCs): EU-approved contractual terms with data processors
  • Binding Corporate Rules: Internal data protection rules for multinational organizations
  • Certification Schemes: Approved certification mechanisms demonstrating adequate protection

6. Data Breach Notification

In the event of a personal data breach, we will:

72 hoursNotify the relevant supervisory authority without undue delay
Without delayNotify affected individuals if there's a high risk to their rights and freedoms
ImmediatelyTake measures to contain the breach and minimize its impact

7. How to Exercise Your Rights

To exercise any of your data protection rights, please contact us using the information below. We will:

  • Verify your identity before processing your request
  • Respond within 1 month (may be extended to 3 months for complex requests)
  • Provide clear information about any actions taken
  • Inform you if we cannot fulfill your request and why

Data Protection Contact

Email: dpo@trbenchmark.com

Subject Line: Data Protection Request - [Type of Request]

Required Information: Full name, email address, description of request

8. Complaints and Supervisory Authority

If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with a supervisory authority.

UK Information Commissioner's Office (ICO)

For UK residents:

  • Website: ico.org.uk
  • Phone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

For residents of other EU countries, please contact your local data protection authority.

9. Contact Our Data Protection Officer

If you have any questions about our data protection practices or this page, please contact our Data Protection Officer:

Data Protection Officer

TR Benchmark

Email: dpo@trbenchmark.com

Address: London, United Kingdom

Phone: +44 20 7123 4567

Data Protection - TR Benchmark