Tiller Technologies Limited
We take the security of the data and information we hold seriously and are committed to protecting and respecting your privacy. This Policy is designed to help you understand what kind of information we collect in connection with our websites and online services and how we will process and use this Personal Data.
This Policy describes how and why we collect, use, share, retain and safeguard Personal Data. This Policy also sets out your individual rights and who you should contact if wishing to discuss the use of your Personal Data.
Please read the Policy carefully to understand our practices regarding your Personal Data and how we will; collect, use, share, secure and retain it.
When you use our websites, services, or your organisation enters into an agreement with us to provide products and services, we ask you to give us some of your Personal Data to enable us to carry out these services or contractual obligations to your employer that affect you.
Failure by you to provide the requested information may prevent or delay the fulfilment of these obligations, and consequently have an impact on you. We also collect your Personal Data at other times, for example when you contact us directly. We are committed to keeping all the Personal Data we hold about you secure, private and confidential. This Policy explains why we need to collect your Personal Data and what we do with it. It also sets out the legal basis on which we collect and use your Personal Data and outlines the rights you have under Data Protection (Jersey) Law 2018 and General Data Protection Regulation (“GDPR”) (Regulation (EU) 2016/679).
Personal Data is information relating to an identified or identifiable natural person.
There are three scenarios when we may be collecting your personal data:
In each of these scenarios different Personal Data may be collected and be used or shared differently, however your data remains secure and is only retained by us for as long as it is needed. What Personal Data is collected and how it is used or shared is described below.
When you browse our websites www.tillertech.com or www.tiller-verify.com, we will collect the Internet Protocol (“IP”) address of the device you are using, but will be unable to identify you at this point. We collect this data so that we can identify where customers are dropping out of the websites and to identify areas of improvement to make the experience more engaging for our customers.
Where you have consented to receive news or marketing from Tiller or when you have requested contact with Tiller, for example to book a demo, we may collect the following information from you:
Where you request further information from us by completing a form on our websites in relation to our products and services, your details will be added to our marketing database to receive marketing from Tiller relevant to the products and services you have an interest in. We will collect the following data from you:
Tiller attends numerous conferences and events. Tiller will obtain from each event organiser a delegate list of all attendees who have consented to their personal data being shared with Tiller.
When your organisation enters into discussions or an agreement with Tiller to provide products and services, we will collect additional information, which is necessary for:
All personal data we collect is held electronically within our HubSpot Customer Relationship Management system (“CRM”) which is located in the European Economic Area (“EEA”).
When you are asked to use our services by your employer to perform tasks it is necessary to hold some basic data on you so as to be able to identity you as an authorised user of the service and to support the operation of the service.
The service will initially collect the Internet Protocol (“IP”) address of the device you are using but will be unable to identify you at this point. We collect this data so that we can identify where users are accessing our site from so as to assist in resolving any issues with the service and to identify areas of improvement to make the experience more useful for users.
We hold the following information on users of the service in line with the contract between Tiller and your employer so as to be able to identify you and your activities within the service. If you are unhappy with the following information being held please contact your employer and/or request you removal of your data as a user from the service. As a user of the service, we will process the following Personal Data and data you enter into the service:
Economic Area (“EEA”).
When you are asked to use our services for the purposes of identity, address, source of funds verification, and for the prevention of fraud or other financial crimes by the organisation you are engaging with, we will ask you to provide some or all of the following information depending on the degree of verification requested by that organisation. Before any of this data is collected you will be asked to provide your consent for this data to be processed, stored and shared with that organisation.
When you use our Verify by Tiller service mobile application we will collect the Internet Protocol (“IP”) address and type of the device you are using, but we will be unable to identify you at this point. We collect this data so that we can identify where customers are having difficulty with the service and to identify areas of improvement to make the experience more engaging for our customers.
Once you have entered the invite code sent to you and you have given your consent, you will be asked to provide some or all of the following information:
Once this information is collected, we will perform checks on this data to assist in verifying its accuracy and validity. These checks may include sharing your data with select organisations so as to:
Under the data protection legislation we are known as the data processor for this information. We collect information as agreed with the organisation who has asked you to use our Verify by Tiller service. We are answerable to them as well as you, as that organisation is your Data Controller.
We use selected organisations to help us deliver the service we provide. When you provide consent for us to verify or identity and perform regulatory Anti Money Laundering (“AML”) checks on you, we may share your Personal Data with:
We may also share your Personal Data with government bodies, law enforcement agencies, courts or other third parties to comply with our legal obligations or lawful disclosure requests, for example.
We are committed to ensuring the confidentiality of the Personal Data that we hold, and we continue to review our security controls and related policies and procedures to ensure that your Personal Data remains secure.
When we contract with third parties, we require that they have appropriate security, privacy and confidentiality measures in place to ensure that Personal Data is kept secure.
We keep your Personal Data where we have an ongoing legitimate or lawful need to do so. For example, we keep some records for audit purposes for up to seven years after the relationship with us has ended. When we no longer have a legitimate or lawful need to keep your Personal Data, we will delete it.
We will give you or your organisation information about the products and services we provide. If we need to get in touch, we will call you or write to you by email and or post. To make sure you can receive information and communications from us, please make sure you tell us whenever you change your name, address, phone number or email address.
Here we summarise the lawful basis on which we collect and use your Personal Data and outline the rights you have under GDPR.
The processing of Personal Data will only be lawful if it satisfies at least one of the following conditions:
We process your information because you have consented for us to do so and it is necessary for the legitimate interests of the professional services organisation that has asked you to use Verify by Tiller service.
We have a legitimate interest in promoting our services. For this reason, we may use your Personal Data to, for example, where explicit consent is given, send you marketing information about our own products or services that we think you may be interested in. You can ask us to stop sending you marketing and/or research at any time by clicking on the “unsubscribe” links in any of the electronic messages we may use for marketing purposes or amending your communication preferences in account management.
Under certain circumstances, you have the following rights in relation to your Personal Data such as, the right to:
You have the right to know what Personal Data we collect of you and how we process the data we have collected.
You have the right to access Personal Data that we hold about you under GDPR by making a “Subject Access Request”. You can request the form from firstname.lastname@example.org or by writing to us:
Subject Access Request
Tiller Technologies Limited
5 St Andrews Place
You have the right to ask us to rectify Personal Data we hold about you if it is inaccurate or not complete.
You can request that we erase your Personal Data. We may keep basic data to identify you and retain it solely for preventing further unwanted processing or to meet our legal or regulatory obligations.
You have the right to ask us to restrict how we process your data. This means we are permitted to store the data but not further process it. We will keep just enough data to make sure we respect your request in the future.
Where processing is based on consent or performance of a contract, you have the right to data portability. We must allow you to obtain and reuse your Personal Data for your own purposes in a safe and secure way without this effecting the usability of your data. This right only applies to Personal Data that you have provided to us as the Data Controller.
Where processing is based on legitimate interests, you have the right to object to us processing your data. We will consider your request to discontinue processing your data in relation to our legitimate grounds for the processing. With Verify by Tiller service your refusal to continue processing may change your relationship with your professional service provider that uses us to verify your identify.We may keep basic data to identify you and retain it solely for preventing further unwanted processing.
If we have made a decision about you based solely on an automated process (e.g. through automatic profiling) that affects your ability to use the services or has another significant effect on you, you can ask to not to be subject to such a decision unless we can demonstrate to you that such decision is necessary for entering into, or the performance of, a contract between you and us. Even where a decision is necessary for entering into or performing a contract, you may contest the decision and require human intervention.Verify by Tiller service uses automated process within its service. There are no automated decision making or profiling services operated by Tiller for Verify by Tiller service.
There are exceptions to a number of these rights and not all rights will be applicable in all circumstances, but we will always respond to any request related to your rights within a month. If we are unable to do so, we will inform you of the reasons for the delay. You are not required to pay any charge for exercising your rights.
A cookie is a small file of letters and numbers which asks permission to be placed onto your computer’s hard drive. Once you have accepted a cookie the file is added to the hard drive of your computer. Cookies help analyse web traffic and lets web applications respond to you as an individual. Web applications can tailor their operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide you with a better browsing experience, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
Under the data protection legislation, we are known as the data processor for the information we hold about you through Verify by Tiller. We collect information as agreed with the organisation who has asked you to use Verify. We are answerable to them as well as you, and organisation is your Data Controller.
This means that Tiller acts as the data controller of some of your personal information if you are:
for Verify by Tiller service, Tiller acts as the data processor of some of your personal information if you are:
Your professional service adviser – the organisation requesting the check – is the data controller of your personal information and you should therefore refer to their company privacy policies first.
We implement the following type of cookies in our websites:
These cookies are essential to enable you to move around our websites and online services and use its features, such as accessing secure areas of our websites or online services.
These cookies collect information about how visitors use our websites, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.
Further information on Google Analytics can be found at www.google.com/analytics.
These cookies allow the website to remember choices you make (such as your username, language or the region you are in) and provide enhanced, more personal features.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Disabling or blocking may prevent you from taking full advantage of websites, including ours. When deleting cookies, please be aware that cookies that are already stored on your computer will not be affected. For that reason, you might want to delete the cookies already stored on your computer before deleting cookies on your browser.
From time to time, we may update this Policy. You can see the latest version on www.tillertech.com or www.tiller-verify.com websites.
If you have questions about this Policy, or need further information about our privacy practices, please write to us:
Tiller Technologies Limited
5 St Andrews Place
If you wish to raise a complaint about how we have handled your Personal Data, you can contact us and we will investigate the matter.
Tiller Technologies Limited
5 St Andrews Place
If you are not satisfied with our response you can complain to the Jersey Office of the Information Commissioner (“JOIC”) at www.jerseyoic.org
Date of Issue: 30th January 2023