Data Protection

Our commitment to You and the protection of Your data

Enquiry Tracker is committed to partnering with customers and Enquirers to help them understand and comply with the various regulations the rights individuals have regarding organisations holding personal data relating to them. Below are some examples of how Enquiry Tracker is committed to data protection.

Data Protection Commitments

Privacy Protection Commitments

  • Enquiry Tracker’s Terms of Use and Privacy Policy defines what data is collected, how it is used, and our Security Practices outlines how your data is protected.
  • In short, Enquiry Tracker will NEVER share your data to anyone without your consent.

Data processing necessary for purpose

  • Enquiry Tracker only processes personal data to help data controllers fulfil a necessary purpose, and improve the ongoing experience of fulfilling that purpose.

Data Protection Team

  • Enquiry Tracker has a Data Protection team whose responsibility is to ensure Enquiry Tracker is compliant, and leads our Critical Incident Response process.
  • If you have a question, you can contact via email – [email protected]

Data Protection

Privacy Settings set at highest level

By default, no other Organisation can see any information about Enquirers added into Enquiry Tracker.

Privileged Access Controls

  • For Enquiry Tracker employees, access rights and levels are based on job function and role, using the concepts of least-privilege and need-to-know to match access privileges to defined responsibilities.
  • Requests for additional access follow a formal process that involves a request and an approval from a data or system owner, manager, or other executives, as dictated by Enquiry Tracker’s security policies.

Protecting Rights of Data Subjects

Collecting Consent

  • All Enquiry Tracker Users are required consent to the Terms of Use before they can create a Enquiry Tracker Account, and enter any data into Enquiry Tracker. Enquiry Tracker’s Terms of Use and Privacy Policy are explicit about what data is collected, and the purpose the data is used for.
  • Enquiry Tracker will NEVER share your data to anyone without your consent.

Data Retention

  • Enquiry Tracker stores data until it is no longer necessary to provide services to the Enquirer or the Organisation.
  • Enquiry Tracker does not automatically delete information about Enquirers because Enquiry Tracker is fully User controlled.
  • If the Enquirer completed any WebForm with an Organisation (e.g. event registration form), the data entered becomes the property of that organisation.
  • Enquiry Tracker enables the Customer to archive or permanently delete data when it is no longer required. It is the responsibility of the Organisation to know how long data is required to be kept, which depends on local laws and regulations.

Deletion of Data (right to erasure, and the right to refuse)

  • Enquirers can request to have their information permanently deleted at anytime by contacting the Organisation.
  • Enquirers have a right to erasure, and can contact the organisation to delete any personal data related to them. Enquiry Tracker provides the tools for the Organisation to find that information, and permanently delete their record of Enquirer data.
  • The Organisation has a right to refuse the request to erasure of personal data if that data is required to:
    • To comply with legal obligations for the performance of a public interest task or exercise of official authority
    • When the data is necessary for the exercise or defence of legal claims
  • A key purpose of Enquiry Tracker is to collect and store consent forms, such as Compliance with Code of Conduct, that are required for an organisation to deliver on their compliance obligations. Organisations are bound by data retention guidelines set out by their local authorities. Therefore, it is the responsibility of the Organisation to know their regulations and be certain data is not required for compliance or future legal cases before permanently deleting any data.
  • If the Organisation has no grounds to refuse an Enquirer’s request to erasure, they must comply without undue delay or at most within a month of the request.

Ongoing Protection

Protection Policies and Procedures

  • Enquiry Tracker applies stringent internal processes to keep your data safe throughout design, development, testing and day to day operations.

Risk Assessment

  • Enquiry Tracker has a risk management program to ensure appropriate measure are taken to protect personal information. This procedure applies to all systems, employees, consultants, temporaries and other workers at Enquiry Tracker.

Data Breach Notifications

  • In the event of a suspected data breach, Enquiry Tracker has a Critical Incident Response Team , and a Data Breach Policy and Incident Response Plan that is reviewed regularly.

Any Questions?

Please feel free to contact us with any questions: [email protected]