Data Protection & Acceptable Use Policy

Last updated: September 18, 2025

1. Introduction

This Data Protection and Acceptable Use Policy ("Policy") applies to all users of TOR HOMES LTD services and website. This policy complements our Privacy Policy and Terms and Conditions.

Company Information:
TOR HOMES LTD
Registration Number: 16572428
Address: 12 Ashwell Lane, BA6 8BG GLASTONBURY, United Kingdom
Email: [email protected]

2. Data Protection Principles

In accordance with applicable data protection laws, including GDPR, we process personal data based on the following principles:

2.1 Lawfulness, Fairness, and Transparency

We process personal data lawfully, fairly, and transparently. We inform data subjects about data processing activities through this policy and our Privacy Policy.

2.2 Purpose Limitation

Personal data is collected for specified, explicit, and legitimate purposes and not processed in ways incompatible with those purposes.

2.3 Data Minimization

We collect and process only personal data that is adequate, relevant, and limited to what is necessary for the specified purposes.

2.4 Accuracy

We ensure personal data is accurate and, where necessary, kept up to date. We take reasonable steps to ensure inaccurate data is erased or rectified.

2.5 Storage Limitation

Personal data is retained only for as long as necessary for the purposes for which it was collected or as required by law.

2.6 Integrity and Confidentiality

We process personal data securely using appropriate technical and organizational measures to protect against unauthorized access, alteration, disclosure, or destruction.

2.7 Accountability

We are responsible for and can demonstrate compliance with data protection principles.

3. Legal Basis for Processing

We process personal data under the following legal bases:

  • Contract: To perform our browser extension development services
  • Legitimate Interest: To improve our services and website functionality
  • Consent: For marketing communications and optional cookies
  • Legal Obligation: To comply with applicable laws and regulations

4. Data Subject Rights

Under applicable data protection laws, individuals have the following rights:

4.1 Right of Access

You have the right to obtain confirmation whether we process your personal data and access to such data.

4.2 Right to Rectification

You have the right to request correction of inaccurate personal data and completion of incomplete data.

4.3 Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data under certain circumstances.

4.4 Right to Restrict Processing

You have the right to request limitation of processing under specific conditions.

4.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used format and transmit it to another controller.

4.6 Right to Object

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

4.7 Rights Related to Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces legal effects.

Exercising Your Rights: To exercise these rights, contact us at [email protected] with "Data Protection Request" in the subject line.

5. Acceptable Use Policy

This section outlines acceptable and prohibited uses of our website and services.

5.1 Permitted Uses

You may use our website and services for:

  • Legitimate business inquiries about browser extension development
  • Accessing information about our services and company
  • Communicating with us through official channels
  • Downloading publicly available resources we provide

5.2 Prohibited Uses

You may not use our website or services for:

  • Illegal activities or violation of applicable laws
  • Unauthorized access to our systems or data
  • Distribution of malware, viruses, or harmful code
  • Spam, phishing, or fraudulent activities
  • Harassment, abuse, or threatening behavior
  • Circumventing security measures or access controls
  • Automated data scraping or harvesting
  • Impersonation of others or false representation
  • Violation of intellectual property rights
  • Activities that could damage our reputation or services

5.3 Enforcement

We reserve the right to:

  • Monitor use of our website and services
  • Investigate suspected violations
  • Suspend or terminate access for policy violations
  • Report illegal activities to appropriate authorities
  • Take legal action to protect our rights and interests

6. Data Retention

We retain personal data according to the following guidelines:

6.1 Client Data

  • Project-related communications: Duration of project + 5 years
  • Contract and billing information: 7 years after completion
  • Technical documentation: Duration of support period

6.2 Website Data

  • Contact form submissions: 3 years or until inquiry resolution
  • Analytics data: 26 months maximum
  • Security logs: 1 year

6.3 Marketing Data

  • Newsletter subscriptions: Until unsubscribe + 30 days
  • Marketing preferences: Until withdrawal of consent

7. International Data Transfers

As we serve clients across CIS countries, personal data may be transferred internationally. We ensure adequate protection through:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules where applicable
  • Explicit consent for specific transfers

8. Security Measures

We implement comprehensive security measures including:

8.1 Technical Measures

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security updates and patches
  • Secure development practices
  • Network security and monitoring

8.2 Organizational Measures

  • Staff training on data protection
  • Confidentiality agreements
  • Regular security assessments
  • Incident response procedures
  • Vendor security requirements

9. Data Breach Response

In the event of a data breach, we will:

  • Assess the breach within 24 hours
  • Notify supervisory authorities within 72 hours if required
  • Notify affected individuals without undue delay if high risk
  • Document the breach and response actions
  • Implement measures to prevent future breaches

10. Complaints and Supervisory Authority

If you have concerns about our data processing practices, you may:

  • Contact us directly at [email protected]
  • Lodge a complaint with the UK Information Commissioner's Office (ICO)
  • Contact your local data protection authority

UK ICO Contact Information:
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113
Website: ico.org.uk

11. Updates to This Policy

We may update this policy to reflect:

  • Changes in applicable laws or regulations
  • Updates to our data processing practices
  • New services or business requirements
  • Enhanced security measures

Material changes will be communicated through our website and, where appropriate, directly to affected individuals.

12. Contact Information

For questions about this policy or our data protection practices:

TOR HOMES LTD
Email: [email protected]
Address: 12 Ashwell Lane, BA6 8BG GLASTONBURY, United Kingdom
Registration Number: 16572428

Data Protection Officer: [email protected]
Data Protection Inquiries: Use subject line "Data Protection Request"

Return to Homepage Privacy Policy