Trading Software > Help Desk > Knowledgebase

Search help:

General Data Protection Regulation: TSL Policy Document


GDPR Policy



Trading Software Limited (TSL)

Reg Co: GB 08934266


Scope of policy


TSL has no data processors acting in its behalf.

Our policy covers data controlled on our own servers and devices exclusively.


Policy operational date


1st May 2018


Policy prepared by


Ben Stevens


Date approved by Board/ Management Committee




Policy review date


31 March 2021





Purpose of policy



·         comply with the law

·         protect clients, staff and other individuals

·         protect the TSL


Types of data


TSL maintains data in the following categories:


Customer Specific Data for day to day trading

Customer contact information

Customer specific connectivity credentials

Customer specific trading information


Backup copies of customer databases

Including trading data and contact information specific to the ‘controller’ of the database


For marketing purposes

Business contact and address information collected manually – ie not purchased from list providers




Policy statement


TSL is committed to:

·         complying with both the law and good practice

·         respect individuals’ rights

·         be open and honest with individuals whose data is held

·         provide training and support for staff who handle personal data, so that they can act confidently and consistently

·         Notify the Information Commissioner voluntarily, even if this is not required should a notable event occur


Key risks


Regarding these 2 key areas:

1) Data getting into the wrong hands.

 All TSL data is held on devices and servers secured with Password Access Control. The TSL network is secured behind standard firewall access control.


2) Individuals being harmed through data being inaccurate or insufficient

 TSL assess that this is not a risk inherent in data controlled by the company.




The Board / Company Directors


Ben Stevens MD

Blue Ramsey Director


Data Protection Officer


Ben Stevens


Specific Department Heads




Employees & Volunteers











Data recording and storage



No specific data accuracy checks are explicit in this policy




Updates provided by individual customers and other contacts are posted into the TSL controlled dataset




TSL maintains no differentiation between types of contact information.


Retention periods


Backup copies of customer databases are held until the earlier of:

-   The purpose of the data-copy has been fulfilled

-   The controller of the data requests that the copy be deleted


Customer specific contact and trading data is retained in accordance with HMRC requirements


Marketing contact information is maintained as required with no specific cleansing, archiving or removal policy.


Staff and contractor details are maintained in accordance with HMRC requirements




Archive backup copies of TSL specific data are held in accordance with HMRC requirements.




Right of Access



TSL will provide an account of all data held against an individual or business within our databases with 28 data of a request being received in writing.


Overall responsibility for meeting this obligation fall to:

Ben Stevens


Procedure for making request


Right of access requests must be in writing.


Provision for verifying identity


Where an individual requesting information is not known to TSL, proof of eligibility and identity will be required before and data will be released.


Examples may be driving licence or passport and/or a verifiable letter of authority provided by the company making the request or about whom the data relates.




Data requests are serviced free of charge except where requests are manifestly unfounded or repetitive whereupon an administration fee amounting to £30.00 + VAT will be charged.


Procedure for granting access


TSL does not currently maintain a ‘self service’ access point for recovering data stored against an individual or organisation.


Data provided as part of a data request will be provided in TEXT format, and where appropriate delimited by comma or semicolon.







TSL is committed to ensuring that Data Subjects are aware that their data is being held where the data subject is a customer, employee or contractor.




TSL is a data controller.

Our invoice documents, and terms and conditions maintain references to this document









Lawful Basis

Underlying principles


TSL maintains data in order to trade


Opting out




Withdrawing consent


Consent for TSL to maintain data on a given subject may be withdrawn, but not retrospectively.  There may be occasions where the organisation has no choice but to retain data for a certain length of time, even though consent for using it has been withdrawn





Policy review



Ben Stevens








Was this article helpful? yes / no
Related articles Data Protection Obligations
Price Lists
Access Control Overview
Import Contacts
Projects Overview
Article details
Article ID: 155
Category: TSL Documents
Rating (Votes): Article rated 4.3/5.0 (64)

« Go back

Powered by Help Desk Software HESK, in partnership with SysAid Technologies