Privacy Policy

Last updated: 17 February 2025

1. Who We Are

TwinPine Digital ("we", "us", "our") operates the TwinPine ITAD service, providing IT asset disposition, data destruction, and equipment recovery services. We are based in Halifax, West Yorkshire, United Kingdom.

For any privacy-related enquiries, please contact us at: enquiries@twinpinedigital.co.uk

2. Information We Collect

We collect and process the following types of personal data:

Information you provide directly:

  • Contact details (name, email address, phone number)
  • Company name and business address
  • Details of IT assets you wish to dispose of
  • Account credentials for our customer portal

Information collected automatically:

  • Technical data (IP address, browser type, device information)
  • Usage data (pages visited, features used within the portal)
  • Cookies and similar technologies (see Section 7)

Information related to services:

  • Asset serial numbers and hardware identifiers
  • Data destruction certificates and audit trails
  • Collection and processing records

3. How We Use Your Information

We use your personal data for the following purposes:

  • Service delivery: To provide quotes, collect equipment, perform data destruction, and issue certificates
  • Communication: To respond to enquiries, send service updates, and provide customer support
  • Portal access: To manage your account and provide access to certificates and asset tracking
  • Legal compliance: To meet our regulatory obligations, including maintaining audit trails for data destruction
  • Business operations: To improve our services, manage our relationship with you, and process payments

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contract: Processing necessary to fulfil our service agreement with you
  • Legal obligation: Processing required to comply with UK law, including data protection and environmental regulations
  • Legitimate interests: Processing necessary for our business operations, provided it does not override your rights
  • Consent: Where you have given specific consent for marketing communications

5. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected:

  • Service records and certificates: 7 years (for audit and compliance purposes)
  • Account information: Duration of our business relationship plus 2 years
  • Enquiry data: 2 years from last contact
  • Technical logs: 12 months

6. Data Sharing

We do not sell your personal data. We may share your information with:

  • Service providers: Third parties who assist with our operations (e.g., cloud hosting, payment processing)
  • Regulatory bodies: Where required by law or to demonstrate compliance
  • Professional advisers: Lawyers, accountants, and auditors where necessary

All third parties are required to respect the security of your data and process it in accordance with the law.

7. Cookies

Our website uses essential cookies to:

  • Maintain your session when logged into the customer portal
  • Remember your preferences
  • Ensure security and prevent fraud

We do not use advertising or tracking cookies. Essential cookies cannot be disabled as they are necessary for the website to function.

8. Your Rights

Under UK GDPR, you have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your data (subject to legal retention requirements)
  • Restriction: Request that we limit how we use your data
  • Portability: Request transfer of your data to another provider
  • Objection: Object to processing based on legitimate interests

To exercise any of these rights, please contact us at enquiries@twinpinedigital.co.uk. We will respond within one month.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Secure authentication for portal access
  • Regular security assessments
  • Staff training on data protection

10. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.

11. Complaints

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ico.org.uk/make-a-complaint