Privacy Policy
Introduction
TLC Marketing Worldwide is committed to protecting the privacy and security of your personal data.
Please read this Privacy Notice and any other privacy notice or fair processing notice we may provide on specific occasions carefully, as it is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your information.
This Privacy Notice has been drafted is in accordance with the relevant laws of the United Kingdom but may be applied to personal information processing activities globally. The processing activities may be more limited in some jurisdictions due to the restrictions of their laws. For example, the laws of a particular country may limit the types of personal information we can collect or the way we process that personal information. In those instances, we may adjust our internal policies and/or practices to adapt to the requirements of local law.
This Privacy Notice supplements the other notices and is not intended to override them.
Who we are
TLC Worldwide is made up of different legal entities, details of which can be found here. This privacy notice is issued on behalf of the TLC Worldwide Group so when we mention ” TLC Worldwide “, “we”, “us” or “our” in this privacy policy, we are referring to the relevant company in the TLC Worldwide Group responsible for processing your data. TLC Marketing Worldwide Group Limited is the controller and responsible for this website.
Our Contact Details
- Name: Please contact us via the TLC Worldwide Privacy Team
- By email: privacy@tlcworldwide.com
- By mail: 54 Baker Street, London, W1U 7BU, United Kingdom
Our Data Protection Officer (DPO)
We have appointed GRCI Law Limited as our DPO, who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, our privacy practices or how we handle your personal data, please contact our DPO at dpoaas@grcilaw.com.
TLC Worldwide Group Companies
Companies that make up the TLC Worldwide Group are:
- TLC Marketing Worldwide Group Limited (based in UK)
Registered office – TLC Marketing Worldwide, 54 Baker Street, London, W1U 7BU, United Kingdom
- TLC Loyalty Limited (based in Ireland)
- TLC Marketing Worldwide (Propriety) Ltd. (based in South Africa)
- TLC Marketing Worldwide (Singapore) PTE Ltd (based in Singapore)
- TLC Marketing Worldwide Australia & NZ PTY Limited (based in Australia)
- TLC Marketing Worldwide France & Benelux Sarl (based in France)
- TLC Marketing Worldwide Germany GmbH (based in Germany)
- TLC Marketing Worldwide HQ Limited (based in UK)
- TLC Marketing Worldwide Iberia, S.L. (based in Spain)
- TLC Marketing Worldwide Italia SRL (based in Italy)
- TLC Marketing Worldwide Latin America Ltd (based in Brazil)
- TLC Marketing Worldwide `Middle East DMCC (based in UAE)
- TLC Marketing Worldwide North America, Inc. (based in USA)
- TLC Marketing Worldwide Portugal LDA (based in Portugal)
- TLC Marketing Worldwide UK Limited (based in UK)
- TLC Rewards (Pty) Limited (based in South Africa)
Websites
The following websites are provided by the TLC Worldwide Group
What is meant by personal data or personal information and Data Protection Law?
Personal data (also called personal information) is information which identifies you as an individual.
Some examples are outlined below:
- Personal data is anything which may identify you, for example your name, address, bank account details, internet protocol (IP) address, username, or another identifier.
- Some personal data is unique to you and therefore requires greater protection. This data is referred to as sensitive or special category data which includes information regarding your health, religious or philosophical beliefs, race, or ethnicity to provide a few examples.
In this privacy notice Data Protection Law means the applicable legislation protecting the fundamental rights and freedoms of individuals and, where required by law, legal entities, and in particular, their right to privacy with respect to the processing of personal data and which contains restrictions on the cross-border transfer of personal data, including but not limited to the EU GDPR, UK GDPR, the Brazilian Data Protection Law (LGPD), the California Privacy Rights Act (CPRA) and any national legislation supplementing the GDPR in Member States of the EEA.
How we get the information about you
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: Get in Touch
- Subscribe to our service or publications.
- Subscribe to our mailing lists or request marketing to be sent to you.
enter a competition, promotion, or survey.
- Send us information, such as when you register with us, contact us (including via email or customer contact forms).
- Apply for a vacancy.
- Register or fill in forms on our site TLC Marketing Worldwide
- Correspond with us, or report a problem with our site; or
- Take part in consumer research.
Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Our website will prompt you with details of cookies and provide options to accept or decline.
Third parties or publicly available sources. We will receive personal data about you from various third parties and public source as set out below :
Technical Data from the following parties:
- analytics providers such as Google based outside the UK
What personal information we use
We may collect, use, store and transfer different kinds of personal information about you depending on our relationship with you:
- Candidate data: Includes information you have provided to us in your curriculum vitae, covering letter and/or application form, including name, title, address, telephone number(s), personal email address, date of birth, job title, job role, location, employment history, qualifications, areas of specialisms and registrations with professional bodies.
- Contact Data: Includes, delivery address, email address and telephone numbers.
- Financial Data: Payment receipt.
- Identity Data: Includes first name, last name, username or similar identifier, , title, age group and gender.
- Location data: We may collect your location data from your IP address, telephone codes and through your communications and C.V.
- Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties and your marketing communication preferences and includes details of any contact or correspondence we have had with you.
- Profile Data: Includes your username and password, your interests, preferences, feedback, and survey responses.
- Technical Data: Includes Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Usage Data: Includes Information about how you use our website (Information about how you use our website (for example, traffic data, location data and, weblogs), promotions, products and services
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
The specific purposes of us using your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data to:
- Provide you with products or services you have requested either from us or our partners.
- Provide you with a personalized experience and understand your needs better.
- Provide you with relevant marketing communications and adverts.
- Provide you with Updates from us or our partners which you have asked for.
- Provide you with information relating to products, services or
- Provide you with promotions (for example, confirming your order, reminding you of an upcoming event or letting you know about changes that may affect you).
- Provide you with emails about specific topics, news and updates you have been asked to hear about.
- Provide you with opportunities to take part in consumer research.
- Measure and understand how people respond to a variety of marketing activities so that we can ensure our work is well-targeted, relevant and effective.
- Analyze and continually improve the services we offer, our website and our other products.
- Keep our accounts, records, and databases accurate and relevant.
- Fulfil our legal obligations to regulators and official authorities.
- Exercise our legal rights (including in relation to legal proceedings).
Legal basis for processing your personal information.
We need your personal information to conduct our business and provide you with our website and services. Most commonly we will use your personal information in the following circumstances:
- Where you have consented before the processing.
- When we need to fulfil a contract, we are about to enter or have entered with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
We will only collect, process and/or use personal information where we are satisfied that we have an appropriate legal basis to do so.
EEA and UK residents: For more information on how we use and process your information see the section called “UK and EEA residents.”
Californian residents: For more information on how we use and process your information see the section called “Californian residents”.
Canadian residents: For more information on how we use and process your information see the section called “ Canadian residents”.
Brazil: For more information on how we use and process your information see the section called “Brazil residents”.
Saudia Arabian residents: For more information on how we use and process your information see the section called “Saudia Arabian residents”.
South African residents: For more information on how we use and process your information see the section called “South African residents”.
If we collect information for one purpose and then intend to use it for a different purpose, we will seek your consent to do so and/or inform you were necessary or appropriate.
Automated decision making
We do not use automated decision making on our website.
Sharing your information
At TLC Marketing Worldwide, we understand the importance of your privacy, and we want to be transparent about how your personal information is handled. We may need to disclose your personal data to third-party organizations that assist us in various capacities related to data management and storage. These organizations include:
- Dot Mailer – TLC partner in email marketing excellence
- Survey Monkey – Empowering insights through surveys and data
- Microsoft Azure – Cloud platform for scalable apps, data, and services worldwide
- Zendesk – Services, and Digital Properties to TLC
- Twilio Limited (SendGrid) – Email service
- FiveTran Inc – Data warehouse connections
- Snowflake Inc – Data warehouse
- ThoughtSpot – Data visualization
- LEIT – Data warehouse support
In addition, there are instances where we collaborate with partner organizations to provide you with a broader range of products, services, or promotions. These partners may include:
- Brand Partners – Joining forces for a stronger brand presence.
- Independent Partners – Collaborating for diverse and unique solutions.
- Digital Agencies- Driving your online success with expertise and innovation.
- Fulfilment Houses- Streamlining order fulfilment for seamless customer experience.
- Sub Processor
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We or the third parties mentioned above occasionally also share personal data with:
- Our and their external auditors, e.g., in relation to the audit of our or their accounts, in which case the recipient of the information will be bound by confidentiality obligations.
- Our and their professional advisors (such as lawyers and other advisors), in which case the recipient of the information will be bound by confidentiality obligations.
- Law enforcement agencies, courts, tribunals, and regulatory bodies to comply with our legal and regulatory obligations.
- Other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymized, but this may not always be possible. The recipient of any of your personal data will be bound by confidentiality obligations.
We will not share your personal data with any other third party without your consent.
The specific kind of information we share will depend on your activities with us and only to the extent as required or permitted by law, and/or with your consent.
Please note however that this privacy notice does not apply to sharing of personal information by third party providers who may collect personal information from you and may share it with us. In these situations, we strongly advise you to review the applicable third-party provider’s privacy notice before submitting your personal information.
Safeguarding your personal information
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We will review, monitor and update these security measures to meet our business needs, changes in technology and regulatory requirements. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties that have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we do not have any control over what happens between your device and the boundary of our information infrastructure. You should be aware of the many Information security risks that exist and take appropriate steps to safeguard your own information.
We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Third-party services, websites and plugins
You should be aware that information about your use of our website (including your IP address) may be retained by your ISP (Internet Service Provider), the hosting provider or any third party that has access to your Internet traffic.
Our Websites may contain links to third-party websites and plugins, for instance a social media login plugin. If you choose to use these websites, plugins, or services, you may disclose your information to those third parties.
We are not responsible for the content or practices of those websites, plugins, or services. The collection, use and disclosure of your personal information will be subject to the privacy notices of these third parties and not this privacy notice. We urge you to read the privacy and cookie notices of the relevant third parties.
Transferring information overseas
We do business globally and may centralize certain aspects of our information processing activities and data storage in different countries. We may therefore have to share and transfer your personal information from one country to another, or even across multiple jurisdictions. Your personal information may therefore be subject to privacy laws that are different from those in the country where the personal information is collected or those in your country of residence.
We will ensure your personal information has an appropriate level of protection and will undertake appropriate due diligence and risk assessments prior to transferring the information. We will ensure the transfer of your personal information in line with applicable Data Protection Law. Often, this protection is set out under a contract with the organization that receives your personal information. You can find more details of the protection given to your information when it is transferred overseas by contacting us.
For residents of Saudi Arabia: – We transfer your Personal Data outside Saudi Arabia where a corresponding approval from the regulatory authority was obtained.
How long do we keep your personal information.
To help TLC Worldwide operate our service and meet our legal obligations we will store personal information for 90 days after the date of the product, service, or promotion for which the information was originally used. We will only hold information for a longer or shorter period when we are under a legal obligation to do so.
What Happens If You Don’t Provide your Information?
You may always choose what personal information (if any) you wish to provide to us. Please note, however, some of our products and services to you may be affected if you choose not to provide certain details, for example, we cannot reply to you without a name or contact details.
We also need your personal information to be able to assess your application for our vacant job roles.
Opting out of Marketing
If you provide us with your contact details (e.g., email address), we may contact you to let you know about the products, services, promotions, and events offered that we think you may be interested in.
You can unsubscribe from our marketing and promotional communications by clicking on the unsubscribe link in the emails or by contacting us at privacy@tlcworldwide.com
You will then be removed from the marketing list; however, we may still communicate with you for example to send you service-related messages that are necessary to respond to your requests or for other non-marketing related purposes.
Cookies and other tracking technologies
Each time you interact with our website, we may, depending on the consent provided and your jurisdiction, automatically collect personal information, including technical data about your device, your browsing actions and patterns, content, and usage data. We collect this data using Cookies, server logs and other similar technologies like pixels, tags, and other identifiers in order to remember your preferences, to understand how our website is used, and to customize our marketing offerings.
What are your Rights?
In some regions such as Brazil, Canada, the EEA, and UK you have rights that allow you greater control of and access to your personal information.
These rights may include the right:
- To request and obtain a copy of your personal information.
- To request rectification and/or erasure
- To restrict processing of your personal information
- Data portability (if applicable)
In certain circumstances you may also have the right to object to the processing of your personal data. You can make a request to exercise your rights by contacting us at privacy@tlcworldwide.com.
We will consider and act upon any requests in accordance with applicable data protection laws.
Questions or Concerns
If you have any questions, concerns, or complaints about this Privacy Notice, or our privacy practices in general, please email us at privacy@tlcworldwide.com.
Further information for EEA and UK residents
We are subject to the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR) in relation to goods and services we offer to individuals and our wider operations in the UK and European Economic Area (EEA).
Details about our processing of your personal information
The table below describes the ways we plan to use your personal data, and which Lawful Basis we rely on to do so. We have also identified what our legitimate interests are where appropriate.
LAWFUL BASIS | PURPOSE EXAMPLES |
Contract
We use your personal information on the basis that it is necessary for us evaluate applications and candidates for a vacant role prior to entering into an employment contract for that role with the most suitable candidate. |
Recruitment of candidates (contractors, employees and providers)
We will use the personal information we collect about you to assess your skills, qualifications, and suitability for the role for which you applied. We may use the following personal data:
|
Legitimate interest
When we rely on this, we will carry out a Legitimate Interests Assessment to ensure we consider and balance any potential impact on you (both positive and negative), and your rights under Data Protection Law. Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you unless we have your consent or are otherwise required or permitted to by law. |
Managing our business
We process Personal Data for our own legitimate business interest. This relates to us managing our business to enable us to maintain and monitor the performance of our website and to constantly look to improve the website and the services it offers to our users, including when we respond to your queries and complaints, where you are not a client or supplier, or a potential client or supplier. We may use the following personal data:
Provide and maintain our websites. To provide and maintain our website, including to monitor the usage of these, troubleshooting, data analysis, network security and system testing necessary for our legitimate interests in maintaining the useability, security and integrity of our website We may use the following personal data:
Recommendations and marketing To make recommendations to you about services that may interest you. We may use the following personal data:
To measure and analyse the effectiveness of the advertising we serve you. We may use the following personal data:
To make suggestions and recommendations to you about goods or services that may be of interest to you and necessary for our legitimate interests (to develop our products/services and grow our business). We may use the following personal data:
Rights and claims To enforce or apply our website terms of use, our policy terms and conditions, or other contracts. To exercise our rights, to defend ourselves from claims and to keep to laws and regulations that apply to us and the third parties we work with. We may use the following personal data:
Data subject rights Verifying your identity when you exercise your data subject rights. Fulfilling data subject rights requests. We may use the following personal data:
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud, and in the context of a business reorganisation or group restructuring exercise. |
Legal obligations
We may use your Personal Data to comply with laws (for example, if we are required to co-operate with a police investigation after a court order orders us to). |
Legal requirement
The processing is necessary for compliance with legal obligations, such as but not limited security requirements. To comply with applicable law, for example in response to a request from a court or regulatory body, where such request is made in accordance with the law. Criminal activity To detect fraudulent or criminal activity, we may share information with forces such as the police. |
Consent
We may have to get your consent to use your Personal Data, such about you or when we want to send you marketing. Wherever consent is the only reason for using your Personal Data, you have the right to change your mind and/or withdraw your consent at any time by clicking the Unsubscribe button at the bottom of an applicable email or by contacting us. |
Marketing
To measure and analyse the effectiveness of the advertising we serve you. We may collect IP addresses and store Cookies on visitors’ devices. We may use the following personal data, depending on what you consent to:
Data analytics We use data analytics to improve our website, products/services, marketing, customer relationships and experiences. We may use the following personal data:
|
Details about sharing
More details about who we share your personal data with and why are set out in the table below. In most circumstances, you do not need to pay any charge for exercising your rights. We have one month to respond to you.
To exercise your rights or get more information about exercising them, please contact us at, privacy@tlcworldwide.com giving us enough information to identify you
Details about Data Transfers overseas
The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.
It is sometimes necessary for us to transfer your personal data to countries outside the UK and EEA. In those cases, we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data.
Under data protection laws, we can only transfer your personal data to a country outside the UK/EEA where:
- in the case of transfers subject to UK data protection law, the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR. A list of countries the UK currently has adequacy regulations in relation to is available here.
- in the case of transfers subject to EEA data protection laws, the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy decision’) further to Article 45 of the EU GDPR. A list of countries the European Commission has currently made adequacy decisions in relation to is available here.
- there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or
- a specific exception applies under relevant data protection law.
Where we transfer your personal data outside the UK, we do so on the basis of an adequacy regulation or (where this is not available) legally approved standard data protection clauses recognised or issued further to Article 46(2) of the UK GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time, we will not transfer your personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law and reflected in an update to this policy.
Where we transfer your personal data outside the EEA, we do so on the basis of an adequacy decision or (where this is not available) legally approved standard data protection clauses issued further to Article 46(2) of the EU GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the EEA unless we can do so based on an alternative mechanism or exception provided by applicable data protection law and reflected in an update to this policy.
Your Rights
Please see more details about your rights in the table below. In most circumstances, you do not need to pay any charge for exercising your rights. We have one month to respond to you.
YOUR RIGHT | DETAILS |
---|---|
Right to be informed | We have a legal obligation to provide you with concise, transparent, intelligible, and easily accessible information about your personal information and our use of it. We have written this notice to do just that, but if you have any questions or require more specific information. |
Right of access | You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information. When you request this data, this is known as making a data subject access request (DSAR). In most cases, this will be free of charge; however, in some limited circumstances, for example repeated requests for further copies, we may apply an administration fee. |
Right to rectification | You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies. |
Right to erasure | You have the right to ask us to erase your personal information in certain circumstances. We have the right to refuse to comply with a request for erasure if we are processing the Personal Data for one of the following reasons:
|
Right to restriction of processing | You may ask us to stop processing your Personal Data. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies, you may exercise the right to restrict processing:
|
Right to object to processing | You have the right to object to processing in certain circumstances. You can also object if the processing is for a task carried out in the public interest, the exercise of official authority vested in you, or your legitimate interests (or those of a third party). |
Right to data portability | This right only applies if we are processing information based on your consent or for the performance of a contract and the processing is automated. |
Complaints
We hope that we can resolve any query or concern you raise about our use of your information. Please contact us at privacy@tlcworldwide.com first and title your email “Complaint”. All complaints will be treated in a confidential manner, and we will try our best to deal with your concerns. You have the right to lodge a complaint with a supervisory authority in the EEA member state where you work or normally live, or where any alleged infringement of Data Protection Law occurred.
The details of European supervisory authorities can be found here: Our Members | European Data Protection Board (europa.eu)
The supervisory authority in the UK is the ICO, which may be contacted at https://ico.org.uk/concerns or by telephone on 0303 123 1113.
The details of the supervisory authority in Switzerland can be found here: Startseite (admin.ch)
Further information for Brazilian residents
Lawful Basis of Processing
Article 7 of the LGPD sets out 10 legal grounds for data processing. You can’t collect personal data unless you can justify it under one of these grounds:
- Individual consent
- Performance of a contract with the individual
- Complying with your legal obligations
- Protecting a credit score
- Legitimate interest
- Public health
- The individual’s safety
- Performing public statutory duties
- Research
- Legal proceedings
Only use your personal information when the law allows us to. This means we Must have one or more legal basis to use your personal information. Most of these will be self-explanatory. The most common legal basis which will apply to our use of your personal information or set out below:
- We need to perform the contract we have entered into with you, which covers your relationship with us, or to take steps to enter into the contract.
- Where we need to comply with a legal obligation which applies to us
- Where it is necessary for legitimate interest pursued by us or third party, and your interests and fundamental rights do not override those interests.
- Where you have given your consent.
Legitimate Interests Details
Legitimate interest
When we rely on this, we will carry out a Legitimate Interests Assessment to ensure we consider and balance any potential impact on you (both positive and negative), and your rights under Data Protection Law. Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you unless we have your consent or are otherwise required or permitted to by law. |
Managing our business
We process Personal Data for our own legitimate business interest. This relates to us managing our business to enable us to maintain and monitor the performance of our website and to constantly look to improve the website and the services it offers to our users, including when we respond to your queries and complaints, where you are not a client or supplier, or a potential client or supplier. We may use the following personal data:
Provide and maintain our websites. To provide and maintain our website, including to monitor the usage of these, troubleshooting, data analysis, network security and system testing necessary for our legitimate interests in maintaining the useability, security and integrity of our website We may use the following personal data:
Recommendations and marketing To make recommendations to you about services that may interest you. We may use the following personal data:
To measure and analyse the effectiveness of the advertising we serve you. We may use the following personal data:
To make suggestions and recommendations to you about goods or services that may be of interest to you and necessary for our legitimate interests (to develop our products/services and grow our business). We may use the following personal data:
Rights and claims To enforce or apply our Website terms of use, our policy terms and conditions, or other contracts. To exercise our rights, to defend ourselves from claims and to keep to laws and regulations that apply to us and the third parties we work with. We may use the following personal data:
Data subject rights Verifying your identity when you exercise your data subject rights. Fulfilling data subject rights requests. We may use the following personal data:
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud, and in the context of a business reorganisation or group restructuring exercise. |
Details about sharing
More details about who we share your personal data with and why are set out in the table below. In most circumstances, you do not need to pay any charge for exercising your rights. We have one month to respond to you.
To exercise your rights or get more information about exercising them, please contact us at, privacy@tlcworldwide.com. giving us enough information to identify you.
The transfer of personal data to other jurisdictions is allowed only subject to compliance with the requirements of the LGPD. Prior specific and informed consent is needed for such transfer, unless:
Data Transfers out of Brazil
We will only transfer personal data to other countries where allowed to do so by the LGPD where:
- The transfer is to countries or international organizations with an adequate level of protection of personal data
- There are adequate guarantees of compliance with the principles and rights of data subject provided by LGPD, in the form of
- Specific contractual clauses for a given transfer
- Standard contractual clauses
- Global corporate norms, or
- Regularly issued stamps, certificates and codes of conduct
- The ANPD has provided authorization
- The transfer is necessary for compliance with a legal or regulatory obligation, execution of a contract or preliminary procedures related to a contract, or the regular exercise of rights in judicial, administrative or arbitration procedures
Rights of Brazilian Residents
That said, you may exercise to protect your personal data. You may access those rights at anytime by contacting us at privacy@tlcworldwide.com.
You have several rights under Data Protection Law (Brazilian Data Protection Law (LGPD) (As amended by Law No. 13,853/2019) including (but not limited to);
- Right to be informed. Data subjects are entitled to be informed in detail, in a simple, express, and unequivocal manner, prior to the collection of their personal data, of all the relevant aspects of the processing according to the consent requirements.
- Right to access. Data subjects have the right to access information about themselves that is processed in private or public administration databanks, the manner in which their personal data was collected, the reasons for its collection and at whose request it was collected, as well as transfers made or planned to be made.
- The right to prevent disclosure of personal data. Data subjects have the right to prevent the disclosure of personal data to third parties especially when it impacts their fundamental rights. This right does not apply to disclosure to managers of personal data banks.
- The right to update, include, rectify, or delete personal data. Data subjects have the right to update, include, rectify, or delete personal data (including your biological samples), when (1) the data is partially or totally inaccurate, incomplete, false. there is an omission or error; (2) the data is no longer necessary or relevant for its collection purpose; or (3) the expiration date established for the data processing occurs.
- Right to object/opt-out – Data subjects may object to personal data processing for legitimate reasons relating to the individual. The controller, and the manager of a personal data bank must then delete the personal data. Data subjects have the right to object when:
- there is no law that forces to carry out the act of data processing objected.
- there are legitimate and grounded reasons, due to a specific personal situation; or
- Personal data was obtained from public sources, and the data subject did not consent to such collection.
- The right to be indemnified. The holder of personal data has the right to be indemnified or to claim compensation for any damages that a data protection law infringement cause,
- Consent Withdrawal. If you wish to withdraw your consent no further personal data will be collected about you
- Right to lodge a complaint with the Data Protection Authority of Brazil.
Details of the Data Protection Authority of Brazil
National Data Protection Authority (ANPD) https://www.gov.br/anpd/pt-br
Further information for Californian residents
Rights of California Residents
We do not sell your personal information.
Under California’s “Shine the Light” law, website visitors who are California residents may request and obtain a notice once a year about the personal information we share with other businesses for their direct marketing purposes. Such a notice includes a list of the categories of personal information that was shared (if any), and the names and addresses of all third parties with which the personal information was shared (if any). The notice covers the preceding calendar year. To obtain such a notice, please contact us as previously described.
Verified California residents have the right to:
- Request and receive a copy of the personal information we have collected about them during the prior 12 months, we will endeavour to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy.
- Request and receive disclosure of our information sharing practices during the prior 12 months, including a list of the categories of personal information sold with the category of third-party recipients and a list of the categories of personal information that we disclosed for a business purpose
- Request that we not sell personal information about them and
- Request that we delete (and direct our service providers to delete) their personal information subject to certain exceptions.
For purposes of the CCPA personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household.
In order to make a request for disclosure California residents may contact us at privacy@tlcworldwide.com. We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and will use that information only for that purpose.
For requests for deletion of your information please understand that California law permits us to retain certain information and not to delete it under certain circumstances. By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations. If we receive such a request from you, we will notify any service providers we have engaged to delete your information as well.
We will not discriminate against you as a result of your exercise of any of these rights.
In addition, under this law you are entitled to be advised how our site handles “do not track” browser signals. We do not use technology recognising do-not-track signals from your browser.
Further information for Canadian residents
We may process your information if you have given us specific permission (express consent) to do use your information for a specific purpose, or in situations where your permission may be inferred (implicit consent), You can with draw your consent at any time by emailing us at privacy@tlcworldwide.com
In some exceptional instances we may be able to process your information without your consent:
- If collection is clearly in the consent of the individual and consent cannot be obtained in a timely manner
- For investigations in fraud and crime prevention
- For business transactions provided certain conditions are met
- If disclosure is required to comply with applicable law
- If it is reasonable to expect collection with consent would compromise the accuracy and/or availability of the information and the collection is reasonable for the purposes related to investigating a breach of agreement or a contravention of the laws of Canada
- If it was produced by an employee in the course of their employment, business or profession and the collection is consistent with the purpose for which the information was produced.
- If the collection is solely for artistic, journalistic or research purposes.
- The information is publicly available and specified in the applicable regulations.
Further information for Saudi Arabian residents
For any of the purposes of the processing, the legal basis for the processing of your Personal Data will always be your implicit or explicit consent unless the personal information we collect and process from you:
- achieves a “definite interest” of yourself and it is impossible or difficult to contact you.
- if the processing is in accordance with another law, or in the implementation of an earlier agreement to which you are a party.
Contact Information, Notifications, and Updates
If you have any concerns regarding privacy at TLC Marketing Worldwide or wish to contact one of our data controllers, please reach out to us with a comprehensive description of your issue to Get in touch, and we will endeavor to address it promptly. Additionally, you may contact the Data Protection Officer for the data controllers at privacy@tlcworldwide.com.
Our business is subject to continuous evolution, and as a result, our Privacy Notice may undergo periodic updates. We encourage you to visit our website regularly to stay informed about recent changes. Unless otherwise specified, our current Privacy Notice applies to all the information we hold about you and your account. We are committed to upholding the assurances we provide and will not make material alterations to our policies and practices that would diminish the protection of customer information collected in the past without the consent of the affected customers, in accordance with data regulations.
Revision history
Revision | Date | Record of changes | Approved by |
1.0 | 10/07/2023 | Initial version | GRCI Law, DPO |
2.0 | 12/09/2023 | Update in the Policy | GRCI Law, DPO |