Privacy Policy

TTMA LIMITED - PRIVACY POLICY


Background

This Privacy Policy is issued by TTMA Limited (referred to as “TTMA”, “we”, “us” and “our” in this Privacy Policy), a non-profit making organisation whose sole purpose is to provide properly trained marshals for motorsport events in the Isle of Man. 

Your information will be held by TTMA. This privacy notice sets out how TTMA promises to look after your personal information. This notice also tells you about your privacy rights and how the law protects you.

Content 

1.         ABOUT THIS POLICY

2.         ABOUT TTMA 

3.         WHAT INFORMATION DO WE GATHER AND HOW DO WE COLLECT IT?

4.         WHEN DO WE COLLECT YOUR SENSITIVE INFORMATION?

5.         HOW THE LAW PROTECTS YOU

6.         HOW WE USE YOUR INFORMATION

7.         HOW WE SHARE YOUR INFORMATION OUTSIDE OF TTMA

8.         MARKETING

9.         OUR SITE AND COOKIES

10.       YOUR RIGHTS

11.       HOW WE LOOK AFTER YOUR INFORMATION

12.       HOW LONG WE KEEP YOUR INFORMATION FOR

13.       HOW TO CONTACT US

1.       ABOUT THIS POLICY

1.1       Scope of this policy

This Privacy Policy relates to our use of any personal information we collect from you via the following ways:

  • any TTMA website that links to this Policy (“Websites”); or
  • when you register to marshal with us; or
  • when you sign up to our newsletter; or
  • when you agree to become one of our employees or contractors; or
  • when you interact with us via the phone or otherwise deal with us in the course of our business; or
  • whilst providing agreed services to us (such as training)

It also relates to our use of any personal information we collect through other means, such as:

  • Email
  • In person
  • Other third-party sources.

We’ve approached our Privacy Policy with brevity and clarity in mind.  If you would like any additional information or explanation or would like us to answer any questions you may have please contact us using the details provided (see the “HOW TO CONTACT US” section below).

1.2      Policy updates

We will keep this Privacy Policy under regular review to make sure we’re being transparent about how we use your personal information. Any changes to our Privacy Policy will be reflected at https://www.iomttmarshals.com/legal/privacy-policy.

 

2.      ABOUT TTMA

2.1      Who are we?

We are TTMA Limited, a private company limited by guarantee without shares.  We are a non-profit making organisation whose sole purpose is to provide properly trained marshals for motorsport events in the Isle of Man.  You’ll find our registered address below. 

2.2      Who’s the Data Controller?

For the purposes of data protection laws, we are the “data controller” of all personal information that we collect, use and/or otherwise process about you under this Privacy Policy.

 

3.       WHAT INFORMATION DO WE GATHER AND HOW DO WE COLLECT IT?   

3.1       What types of information do we collect about you?

The type of information we collect about you depends on the nature of your interactions with us. Depending on the circumstances, we may receive or collect personal information about you, when you contact TTMA for example by doing any of the following:

Data you give to us:

  • When you use any TTMA website that links to this Policy (“Websites”), including when you create an account on our website.
  • When you register to marshal with us.
  • When you sign up to our newsletter.
  • When you request placement on one of our training courses.
  • When you give us some feedback.
  • When you interact with us via the phone, or in our offices or otherwise deal with us in the course of our business.
  • Whilst providing agreed services to us (such as training).
  • When we are “out on the road”, for example when we go to motorsport events.
  • In emails and letters.
  • In any surveys we may send out and you respond to.
  • When you apply for a job with TTMA or if you agree to become one of our employees

Data we collect when you interact with us:

  • We may from time to time collect profile and usage data. This includes the profile you create to identify yourself when you connect to our internet. It also includes other data about how you use those services. We will gather this data from devices you use to connect to those services, such as computers and mobile phones, using cookies and other internet tracking software.

Data from third parties we may work with:

  • Insurers.
  • Government and law enforcement agencies.
  • Third parties providing marshal training services.

3.2       Personal information about others

We may collect information from you about others, such as members of your household or family (e.g., as an emergency contact person), in the case of marshals.  If you give us information about another person it is your responsibility to ensure and confirm that:

  • you have either told the individual who we are and how we use personal information, as set out in this Privacy Policy; and have permission from the individual to provide that personal information (including any sensitive personal data) to us and for us to process it, as set out in this Privacy Policy; or
  • you are otherwise satisfied that you are not in breach of data protection legislation by providing the information to us.

4.         WHEN DO WE COLLECT YOUR SENSITIVE INFORMATION?  

In certain circumstances, we may collect information that is deemed sensitive. This may include: 

  • information about your health (for example if you are applying for a job with us); and/or
  • information about any criminal record you may have (if you apply to be a director of TTMA or apply for a job with us).

We seek to limit any sensitive personal data that we collect and, unless we have other specific lawful reasons to use this information (such as in an emergency situation), we will ask for your consent to collect it.
 

5.         HOW THE LAW PROTECTS YOU

Your privacy is protected by law. This section provides an overview of how that protection works.

Data protection law states that we are only allowed to use personal information if we have a proper reason to do so. This includes sharing it outside TTMA. The law states that we must have one or more of the following reasons:

  • when you consent to it; or
  • to fulfil a contract we have with you, or
  • when it is our legal duty, or
  • when it is in our legitimate interest.

A legitimate interest is when we have a business or commercial reason to use your information.   But even then, it must not unfairly go against what is best or right for you. If we rely on our legitimate interest, we will tell you what that is.  The section below (“How We Use Your Personal Data) contains a list of the ways in which we may use your personal information, and the reasons we rely on to do so. This is also where we tell you what our legitimate interests are.

 

6.         HOW WE USE YOUR INFORMATION

We will only use your personal data fairly and where we have a lawful reason to do so.  We are allowed to use your personal data if we have your consent or another legally permitted reason applies. These include to fulfil a contract we have with you, when we have a legal duty that we have to comply with, or when it is in our legitimate business interest to use your personal data. We can only rely on our legitimate business interest if it is fair and reasonable to do so.  We may use information to:

Uses of personal data TTMA’s lawful basis for using your personal data
  • To register you as a new marshal, or sign you on to marshal a particular event, or register you to attend, or take part in a training course

Performance of a contract/agreement with you.

  • To provide details of our marshals to selected third parties which may include
    • Isle of Man Steam Packet Co
    • Auto Cycle Union
    • itslearning UK
Where we have your consent or where it is necessary for us to comply with a legal obligation.
  • To manage and administer our business relationships, including to communicate with you, to administer payments we have to make and to keep records.
To fulfil our agreements with marshals, our service providers, and to comply with legal and regulatory obligations including accounting, tax and data protection.
  • To undertake due diligence on any of our suppliers.
  • To comply with any laws and regulations that apply to us.

Our legitimate interest in safeguarding our business.
To comply with any our legal and regulatory obligations.

  • To provide information to marshals and those who have signed up to receive information from us, including by email updates and newsletters.  This may include surveys to obtain feedback from you.
Where you have consented and expressed a preference to receive our Newsletter and other marketing communications; or if we feel it is appropriate and relevant to our business relationship with you.
  • To run our business in an efficient and proper way (e.g. undertaking an audit, managing our business capability, communications with service providers and corporate governance, responding to requests for information).
On the basis of our legitimate interest in the efficient operation of our business.
  • To maintain lists to ensure that you do not receive communications from us where you have objected to this or have unsubscribed.
To safeguard your rights and comply with our legal obligations.
  • To optimise our website.  We may from time to time collate information on how you interact with us and our services so that we can improve this if felt necessary.
Where we have consent from you or on the basis of our legitimate interests to operate and present an effective and convenient website to our website users.
  • To exercise our rights contained in agreements or contracts, website terms of use and other terms and conditions of business.  This may include complying with agreements with any service providers/suppliers we use or with a race organisation.
Fulfilling contracts or to protect our legal interests.
  • To optimise our website.  We may from time to time collate information on how you interact with us and our services so that we can improve this if felt necessary.
Where we have consent from you or on the basis of our legitimate interests to operate and present an effective and convenient website to our website users.
  • Sharing personal data if we decide to sell or transfer part of all of our business.
On the basis of our legitimate interest to operate our business and facilitate the transaction.
  • For other purposes that we have identified when we collect the information (such as processing a job application).
Where we have your consent or on the basis of our legitimate interest to recruit new employees or contractors.


 
Groups of personal information

We collect and use lots of different types of personal data.  Personal data is any information that relates to you and that identifies you either directly from that information or indirectly, by reference to other information that we have access to. The personal data that we collect, and how we collect it, depends upon how you interact with us. Categories of personal data that we may collect include (this list is not exhaustive):

Contact Such as your name, address, email address and telephone number.
Socio-Demographic This includes details about your work or profession and nationality.
Contractual Details about the services we provide to you (such as training).
Locational Data we get about where you are, such as may come from your mobile phone or the address where you connect a computer to the internet.
Behavioural Details about how you use our website.
Communications What we learn about you from letters, emails, conversations between us, feedback and survey responses.
Special types of data The law and other regulations treat some types of personal information as special. We will only collect and use these types of data if we absolutely need to and the law allows us to do so.  The type of information we are likely to collect will be limited to health data including gender and details of criminal convictions and offences in limited circumstances (such as when you apply to be an employee):
Consents Any permissions, consents, or preferences that you give us. This includes things like how you want us to contact you.

7.         HOW WE SHARE YOUR INFORMATION OUTSIDE OF TTMA

7.1       If you request information on the training we provide, your personal information may be shared with and processed by persons that are not TTMA’s employees but who work for or on behalf of TTMA, such as service providers and consultants that we appoint.  Your information may also be disclosed when we believe in good faith that the disclosure is:

  • required by law;
  • to protect the safety of our employees, the public or our property;
  • required to comply with a judicial proceeding, court order or legal process; or
  • in the event of a merger, asset sale, or other related transaction; or
  • for the prevention or detection of crime (including fraud).

7.2.      We may have to share your information to the following third parties:

  • Isle of Man Steam Packet Company Ltd (IOMSPC) – In relation to advanced travel bookings and our discount agreement with the IOMSPC.
  • The Auto Cycle Union – To enable us to arrange marshalling and event insurance.
  • DOT Performance Ltd – For IT Database management purposes.
  • itslearning UK - For online training course access.

We may also share your personal data when you have consented to us doing so.

We may also disclose your information to third party suppliers or service providers to conduct our business, for example, to assist in managing and storing data, provide data analytics and to communicate with you effectively.

Where we do share your information with third parties, we will wherever possible require them to maintain appropriate security to protect your information from unauthorised access or processing.

7.3       If you choose not to give personal information

We may need to collect personal information by law, or under the terms of a contract we have with you.

If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations.

Any data collection that is optional would be made clear at the point of collection.

7.4       Our service providers and suppliers

We are based in the Isle of Man.  If we send personal information to countries outside the Isle of Man, we will ensure that there will be a contract in place to make sure the recipient protects the data to the same standard as the Isle of Man. This may include following international frameworks for making data sharing secure.  We will only transfer your personal data outside of the Isle of Man under the following circumstances:

  • where the transfer is to a country or other territory which has been assessed by the European Commission (or an equivalent UK body) as ensuring an adequate level of protection for personal data;
  • with your consent or
  • on the basis that the transfer is compliant with data protection and other applicable laws.

 

8.         MARKETING

8.1       When you’ll hear from us

We may from time to time provide you with updates on TTMA’s services via Newsletters and emails tailored to you, whether through online services or by direct marketing (e.g. phone, e-mail, text, post) and use information we hold about you to help us identify TTMA’s services that may be of interest to you.  We will only do this if you have indicated that you are happy to receive marketing communications from us – that is, you have signed up to receive marketing communications from us and have not later told us that you don’t want to hear from us.  

8.2       Opting out of or withdrawing your consent in relation to marketing

If you no longer want to hear from us, you can opt out or unsubscribe by:

  • Log on to your marshals account with us online and select "MyAccount" where you will be able to change your contact preferences              
  • following the “unsubscribe” link contained in any marketing communications that you receive from us
  • by Email to:  office@iomttmarshals.com
  • by Phone on:  Telephone:  01624 618191
  • by contacting us on the details given in section 13 below headed “HOW TO CONTACT US”.

8.3       Third parties and marketing

Although we do not do so as at the date of this Privacy Policy, we might at some point in the future rely on third parties to help us manage our marketing communications, but we won’t share your information with any third parties for their marketing purposes unless you agree to our doing so. 

9.         OUR SITE AND COOKIES 

9.1       What we collect when you interact with our sites and apps

As you may already know, most websites collect certain information automatically about the way in which you interact with them. This might include your IP address, geographical location, device information (such as your hardware model, mobile network information, unique device identifiers) browser type, referral source, length of visit to the site, number of page views, the search queries you make, and similar information. 

We do not currently collect this information.  However, we may in the future arrange for this information to be collected by us or by a third-party site analytics service provider and if we do so, it will be collected using cookies. 

As we’ve described above, we may use this information to save your settings, such as the last item you searched for so you can find it easily the second time, help improve our functionality and services, run diagnostics, analyse trends, track visitor movements, gather broad demographic information and personalise our services. 

9.2       What do we mean by “cookies”?

Cookies are small amounts of information in the form of text files that we may store on the device you use to access our site or our marketing communications. Cookies will allow us to monitor your use of our services and improve them. For example, a temporary cookie is also used to keep track of your "session". Without that temporary cookie you will not be able to access other services that may be offered via our site.

We may also use cookies for site analytics purposes and to monitor how customers interact with and receive our marketing communications (for example if you open a marketing communication and/or click on any of our offers). If we use cookies, we will use this information to try to improve the relevance and tone of our future communications to ensure we’re serving you as best as we can. 

If you don’t want cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings, please consult the “Help” section of your internet browser or visit http://www.aboutcookies.org. Please note that if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the site. 

 

10.       YOUR RIGHTS

10.1     Your data protection rights

 Under data protection legislation you have various rights in respect of the personal information that we hold about you, including: 

  • you can require us, to update or correct any inaccurate personal data, or to complete any incomplete personal data, concerning you. If you do, we will take reasonable steps to check the accuracy of, and correct the information. Please let us know if any of your information changes so that we can keep it accurate and up to date;
  • you can require us to stop processing your information for direct marketing purposes; if you withdraw your consent, we may not be able to provide certain services to you; an
  • you have the right to object to our use of your personal data more generally.

You may also have the right, in certain circumstances to;

  • be provided with a copy of any personal data that we hold about you, with certain related information. There are exceptions to this right; for example, where information is legally privileged or if providing you with the information would reveal personal data about another person;
  • to require us, without undue delay, to delete your personal data;
  • to "restrict" our use of your information, so that it can only continue subject to restrictions; and
  • to require personal data which you have provided to us and which is processed by using automated means, based on your consent or the performance of a contract with you, to be provided to you in machine readable format so that they can be "ported" to a replacement service provider.

Please note that we reserve the right to retain certain information for our own record-keeping (for example, to ensure that you do not receive marketing communications that you have opted-out of receiving) and to defend ourselves against any claims. We may also need to send you service-related communications relating to the services that we provide to you even when you have requested not to receive marketing communications. 

10.2    How to exercise your rights

  • You can exercise your rights by contacting us using the details in the “HOW TO CONTACT US” section below, or by ticking the applicable boxes on forms that we use to collect your information, or to tell us that you don’t want to participate in marketing.
  • If you wish to remove your information from our marketing circulation lists, which includes receiving marketing emails, you can unsubscribe by scrolling to the bottom of the email and clicking the ‘unsubscribe’ link (which will be contained in any marketing communications we send to you).
  • We will comply with your requests unless we have a lawful reason not to do so. 
  • We may need you to provide satisfactory proof of your identity. This is to ensure that your personal data is disclosed only to you.

 

11.       HOW WE LOOK AFTER YOUR INFORMATION

11.1     We are committed to protecting the confidentiality and security of the information that you provide to us.  We put in place appropriate technical, physical and organisational security measures to protect against any unauthorised access or                         damage to, or disclosure or loss of, your information. By way of example we: 

  • Ensure the physical security of our offices.
  • Ensure the physical and digital security of our equipment, devices and systems by mandating appropriate password protection, encryption and access restrictions.
  • Ensure appropriate access controls so that access to your information is only granted to those of our people that need to use it in the course of their work.
  • Require that any technology providers that we appoint take sufficient steps to protect and safeguard our systems and data
  • Maintain internal policies and procedures to make sure our staff understand their responsibilities in looking after your information and take appropriate measures to enforce these responsibilities. 

11.2      Links to other sites and resources

  •  Our website may from time to time contain content and links to other sites that are operated by third parties. You should note that we do not control these third party sites or the cookies that such third parties operate and this Privacy Policy will not apply to them.   You should ensure that you consult the Terms of Use and Privacy Policy of the relevant third party site to understand how that site collects and uses your information and to establish whether and for what purposes they use cookies.
  • You should also be aware that communications over the internet, such as e-mails, are not secure unless they have been encrypted.

 

12.       HOW LONG WE KEEP YOUR INFORMATION FOR

We do not keep your personal data for any longer than is necessary to fulfil the purpose for which we collected it, or to comply with any legal or reporting obligations or to assert or defend against legal claims.  We will generally keep your data for six years for one of these reasons:

  • To comply with any legal obligations that apply to us.
  • To respond to any questions or complaints.
  • To show that we treated you fairly.
  • To maintain records according to any rules that apply to us.

We may keep your data for longer than six years if we cannot delete it for legal or technical reasons. We may also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes.

 

13.       HOW TO CONTACT US

If you have any questions about this Privacy Policy or the ways in which we handle your personal information or if you want to make a subject access request, please contact us at:

The Privacy Officer

TTMA Limited

The Grandstand
Douglas
Isle of Man
IM2 6DA

Email:  office@iomttmarshals.com

Telephone:  01624 618191

However, if you remain dissatisfied with our response, you have the right to take the matter up with the Isle of Man Information Commissioner (IC). The IC is the Isle of Man’s independent authority set up to uphold information rights. 

You can contact the Information Commissioner via the ICO website at https://www.inforights.co.im.

February 2022