The key engineering, legal and policy issues
Privacy and security policies
Privacy and Data Protection Policy
This website is owned and operated by PT Publishing Ltd. We process data only in compliance with the EU General Data Protection Regulation (GDPR), the UK Data Protection Act 1998 and its relevant subordinate legislation.
We will not share your data with third parties.
The types of data we collect
If you are a subscriber to our newsletter, or Research Service or a delegate at one of our training events, we will only collect from you that data necessary for the administration of the service.
As a customer of PT Publishing Ltd. you may from time to time receive emails or brochures which will give details of services and products we offer. You can unsubscribe from this service at any time.
We will also contact you from time to time in respect of certain formalities connected with your subscription, including subscription renewal reminders and, if appropriate, invoices.
We may use certain technologies - such as cookies - to record information about your visit to our web pages automatically. The information we gather does not identify you personally. We do not use third-party advertising networks and so do not download their cookies on to your computer.
If you agree, we may automatically collect and store only the following types of information about your visit:
- internet domain
- type of browser software and operating system used to access our site
- the date and time you access the site
- the pages you enter, visit and exit from
We use this information to improve our website, to learn about the number of visitors to our website, the types of technology that visitors use, and to help us identify patterns of use. We only use the information to ensure that our webpages stay compatible with as wide a readership as possible. We do not track or record information about individuals and their visits.
We may collect email and other contact information from clients or business contacts. We require this in order to provide assistance to your company and to contact you to discuss your requirements. We may also use contact information to:
- Enhance, modify, personalise our services
- Understand how people interact with our website.
- Provide email or postal communications
- Determine the effectiveness of our promotional campaigns.
- Identify and prevent fraud.
- Increase the security of our networks and information.
We will keep data for a period of ten years and then securely delete any data that is no longer functioning.
You may also phone or write to us using the details given on the contact page.
We take precautions to protect your information both online and offline.
Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https" at the beginning of the address of the web page.
We do not collect or have access to credit card data, this is processed for us by our credit card merchant.
Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. Employees are required to follow our Acceptable Use Policy (AUP) which stipulates the constraints and practices that an employee using organizational IT assets must agree to in order to access to the corporate network or the internet. This covers remote working and appropriate use of email.
We operate an Access Control Policy (ACP) which covers our organization’s data and information systems. This includes user access; network access controls; operating system software controls; the complexity of corporate passwords; methods for monitoring how corporate systems are accessed and used; and removal of access when an employee leaves the organization.
Our change management policy outlines the procedures which need to be followed when to make changes to IT, software development and security services/operations.
The computers/servers in which we store personally identifiable information are kept in a secure environment and we ensure that third party SAAS provides also follow appropriate security procedures.
In the event of a security incident we have Disaster Recovery Policies in place as well as a plan to ensure the continuity of our business.
Rationales and commonly used techniques
Practical and theoretical experience