1. About this notice
This notice (the “Privacy Notice”) provides information about how Tenzo Ltd (“Tenzo”, “we”, “us”, “our”) gathers and uses personal information. We are committed to respecting the confidentiality of the personal information you supply to us and all data will be processed in accordance with data privacy laws.
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Privacy Notice.
2. About us
We are Tenzo Ltd (company number 10167410), registered at 17 Meadway Park, Gerrards Cross, SL9 7NN. We are registered on the UK Information Commissioner’s Office (ICO) register with registration number A8325051. For the purposes of data privacy legislation, we will be a ‘controller’.
Our US Subsidiary is Tenzo Inc., operating at 2108 Cipriani Boulevard, Belmont, CA 94002, United States.
3. Contacting us
- Should you have any questions or concerns about this Privacy Notice or the processing of personal data we hold about you, please contact us:
- By post:
- Tenzo Ltd., 17 Meadway Park, Gerrards Cross, SL9 7NN, United Kingdom
- Tenzo Inc., 2108 Cipriani Boulevard, Belmont, CA 94002, United States
- By email: [email protected]
- By post:
4. Your rights and choices
4.1 Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Update your preferences, ask us to remove your information from our mailing lists, delete your account, submit a request to exercise your rights available under applicable law, or express your concern about the use of your information at any time.
- Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are processing it lawfully.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see above).
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party in a machine-readable, commonly used and structured format.
- If you want to exercise any of these rights then please contact us using the details at section 3. The various rights are not absolute and each is subject to certain exceptions or qualifications.
- We will respond to your request within one month of receipt of your request. In some cases we may not be able to fulfil your request to exercise the right before this date, and may need to request more time. Where we cannot provide a full response to you for any reason, we will let you know about this in our initial reply to your request.If you would like to access, amend, erase, export (i.e., data portability), or object to or restrict the processing of Personal Data collected via the Tenzo Platform, you may submit a request to email@example.com
4.2 Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). In some cases, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or if you request multiple copies of the information. Alternatively, we may refuse to comply with the request in such circumstances.
4.4 What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
4.5 Right to complain
If you wish to request further information about any of the above rights, or if you are unhappy with how we have handled your information, contact us (see section 3 for contact details).If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the data protection authority in your home country (for data subjects based in the United Kingdom you can make a complaint to the Information Commissioner’s Office: https://ico.org.uk/global/contact-us/or 0303 123 1113).
5. Information we collect
We collect your personal information from a variety of sources, as set out in this Privacy Notice. Where necessary we collect information directly from you or indirectly from third parties, and through your use of our website.
5. 1 Information you provide to us
This section details the information we collect about you in the course of your use of Tenzo’s website, your use of Tenzo’s products and services and otherwise in your interaction and correspondence with Tenzo and representatives of Tenzo. We will collect:
basic personal details including your name and billing address, email address, telephone number and any other contact details you supply; and payment card information.
5.2 Information we collect from other sources
We will receive information about you from third parties. We will collect the following information from third parties:
- basic personal details including your name, address, email address, telephone number and other contact details; and
- banking details.
5.3 Information from your use of our website
We collect information about your use of our website and the devices you use. We collect information on:
- how often you access our website;
- the way in which you navigate around it;
- how long you spend on particular pages;
- the operating system, hardware, software versions, browser configuration of the devices you use;
- location information;
- any web chat messages and email correspondence with us; and
- connection information such as IP addresses.
6. How we use the information we collect
6.1 General uses of information
- The information which we collect and what we use it for will depend on the nature of our business relationship with you. We use your information:
- to provide you with products and services which you have requested and to fulfil our contractual obligations towards you;
- to fulfil our contractual obligations to third parties to whom you have provided your information;
- for our internal business administration and record keeping purposes;
- to respond to your enquiries submitted through our website; and
- for legal and regulatory compliance purposes, including as necessary to respond to governmental, regulatory or law enforcement agency requests.
6.2 Information for marketing purposes
- We use your information to identify products and services events that we think may be of interest to you.We will only send you marketing messages where you have consented to such contact, or in the case of products and services, where these are similar to those that we have already provided to you.You have the right to ask us not to not send you marketing messages by post or e-mail or any combination of these at any time.You can do this:
- in case you wish to withdraw from all marketing communications, you can unsubscribe from all marketing by clicking the appropriate link in any email you receive;
- at any time by changing or updating your marketing preferences on your Tenzo account; or
- at any time by contacting us (see section 3).
If you choose to unsubscribe, we will cease to send you such communications as mentioned above.
7. Our bases for collecting and using the information
- We are entitled to use your personal data in the ways set out in this policy on the following bases:
- the use of personal data in this way is necessary for the performance of a contract with you for provision of our products and/or services or to take steps at your request prior to entering into such a contract;
- we have legal obligations that we have to discharge;
- the use of your personal data is necessary for our legitimate interests in:
- ensuring the quality of the products and services we provide to you;
- collecting information for marketing purposes; and
- statistical analysis;
- you have consented to such use;
- to establish, exercise or defend our legal rights for the purposes of legal proceedings.If provision of your personal information is a legal or contractual requirement or a requirement necessary to enter into a contract with us, and you choose not to provide it, we may not be able to perform some of the tasks we need to in order to provide certain products or services to you.If you do choose to provide your consent you can withdraw it at any time by contacting us (see section 3).
8. Sharing your information
We will not disclose your personal information to third parties except as detailed in this Privacy Notice.
Where necessary, we disclose your personal data to entities within Tenzo’s group globally who will safeguard such personal data in accordance with this Privacy Notice. Where necessary, we may share your personal data with the following third parties:
- software providers;
- web analytics providers;
- cloud computing providers;
- payment processing and accounting providers;
- social media providers;
- law enforcement agencies and regulators, government departments or competent authorities of the UK or of other countries; and
- if you have consented to any disclosure to a third party. Specific third parties that we use, include:
- Amazon Web Services, for hosting and infrastructure
- Microsoft Azure, for hosting and infrastructure
- MixPanel, for detailed user analytics
- SendGrid, for transactional email management
- Smartlook.com, for detailed user analytics
- Google, for user authentication (we only store Google users’ email addresses, first and last names, which are held securely and can be removed at any time by the user)
- Google Analytics, for user analytics
- Salesforce, for managing CRM and contracting
- Zendesk, for managing customer support
9. Where we store your information
We transfer, use and/or store your personal information outside of the European Economic Area (“EEA”) and the laws of some of these destination countries may not offer the same standard of protection for personal information as countries within the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers.
We currently transfer data to the following countries outside of the EEA:
- United States of America. We may update this list from time to time and any changes will be communicated to you via an update to this Privacy Notice.
Transfers to our third party service providers are to enable them to use and store your personal information on our behalf. We will, however, put in place appropriate security procedures in order to protect your personal information. We also ensure that, where your information is transferred to any country outside the EEA this is done using specific legally-approved safeguards. You can request further details and a copy of these by contacting us (see section 3).
10. Keeping your information
We will keep your information only for as long as necessary depending on the purpose for which it was provided. When determining the relevant retention periods, we will take into account factors including:
- our contractual and business relationships with you;
- legal obligations under applicable law to retain data for a certain period of time;
- statute of limitations under applicable law(s); and
- guidelines issued by relevant supervisory authorities.
We acknowledge that the information you provide may be confidential and will maintain the confidentiality of and protect your information in accordance with our normal procedures and all applicable laws. We employ appropriate technical and organisational security measures to help protect your personal data against loss and to guard against access by unauthorised persons. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
In addition, those employees, agents, contractors and other third parties who process your personal data will only do so on our instructions and they will be subject to a duty of confidentiality.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, for example by encrypting our outgoing email communications, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.
12. Links to other websites
Links on Tenzo’s website may take you to third party sites over which we have no control. While such links are provided for your convenience, you should be aware that the information handling practices of the linked web sites might not be the same as ours. You should review any privacy notices on those linked websites. We are not responsible for any linked websites.
13. EU-US Privacy Shield
Tenzo is responsible for the processing of personal data it receives, under the Privacy Shield, and subsequently transfers to a third party acting as an agent on its behalf.
Tenzo complies with the Privacy Shield for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
In compliance with the Privacy Shield Principles, Tenzo commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Tenzo at:
- By post:
- Tenzo Ltd, 4 Miller Place, Gerrards Cross SL9 7QQ
- Tenzo Inc., 2108 Cipriani Boulevard, Belmont, CA 94002, United States
- By email: firstname.lastname@example.org
You may invoke binding arbitration when other dispute resolution procedures have been exhausted under certain conditions, as described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint,
Tenzo commits to cooperate with EU data protection authorities (DPAs ) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship. Therefore, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
14. Changes to our Privacy Notice
We reserve the right, at our discretion, to change, modify, add to, or remove portions from, our Privacy Notice. We will of course notify you of any changes where we are required to do so.
Last updated: March 15th, 2023.
If you have any questions, please contact support.