Digitisation Services
Privacy Policy
previous arrow
next arrow

Privacy Policy

Personal data refers to any information that identifies you as a specific individual. This page explains the what, how and why of the information we collect about you when you visit our website or use our services. It also explains the specific ways we use and disclose that information. We take your privacy extremely seriously and we never sell your data.

Who we are

TownsWeb Archiving (TWA) limited is a professional digitisation, web design and digital collections management software provider; primarily servicing cultural heritage organisations (archives, museums, special collections libraries) in the UK, in a business to business context.

TWA is the Data Controller for the personal information we hold to (i) operate our business including managing contracts with customers and partners, and (ii) market and sell to existing and potential customers and partners.

Below “we” “us” and “TWA” refer to TownsWeb Archiving ltd.

What types of Information we Collect and How we Collect them

In order to provide our digitisation, web design and software services to you, we must process some personal information about you. We may collect:

  • Contact details – including your name, organisation, organisation’s address, telephone numbers, job title and email addresses. These are collected when:
    • You complete a form on this website
    • You volunteer this information to one of our employees over the phone or at an industry event (i.e. handing your business card to us at a heritage exhibition)
    • You call or email us with an enquiry about our products or services
  • Marketing and communications data – including your preferences in receiving marketing from us and your communication preferences. This is collected when:
    • You do any of the above AND provide your consent to receive marketing communications from us
    • You electronically or verbally update your communications preferences
  • Correspondence – including email content which potentially contains personal data. This may be collected automatically when you correspond with us via email.
  • Technical data – internet protocol (IP) address, type of device, browser type and version, web pages visited

Our legal grounds for processing your data

There are different legal grounds (or bases) on which we rely to use your personal information, namely:

  • Where it is necessary to provide you with our Products and Services

We will process your data in the course of providing our products and services to you, in performance of our contract (or in the course of creating a quote, and gathering information to create a quote, for providing products and services to you).

  • Where it is in our Legitimate Interests to do so

TWA operates in a business to business context – collecting, storing and processing data only on influencers and decision makers within institutions and businesses which are likely to have an interest in our services.

Based upon conducting a Legitimate Interest Assessment (LIA) – as advised by the ICO – it is deemed that the rights and freedoms of the data subjects would not be overridden in our correspondence regarding our services and that in no way would a data subject be caused harm by our correspondence.

  • Where you have provided Consent for us to use your data for a particular purpose

Where you have given your explicit consent, we may use your data for specific purposes. Such as when you sign up to receive our blog email updates, we will process your contact details in order to send you those emails.

How we use your personal data

We use your personal data, including any of the personal data listed in the “What types of Information we collect” section above, for the following purposes:

  • Managing the project, product or service we are delivering for you and communicating updates (performance of our contract with you)
  • Direct marketing; to send you relevant communications about related products or services that are likely to be of interest to you. We’ll send marketing to you by email, phone, social media and digital channels (depending on your preferences)
  • For our records to comply with legal obligations, requirements and guidance

How long we store your data

In line with ICO guidelines, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

If you have a question about explicit retention periods for particular types of personal data we hold, please contact us (contact details below).

Who we share your data with

TWA uses trusted third parties to provide support services for certain aspects of our business. Specifically, these include secure data storage, facilitating secure online transactions, website visitor analytics and sending email marketing communications.

We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

TWA has ensured that all of the third party organisations we share your data with are GDPR compliant and have either signed a data processor agreement with us or issued a statement of compliance. We have never and will never sell your data.


This website uses Cookies – small text files which are stored on your computer when you visit websites. We may automatically collect information about you through cookies. For more information please click here to see our Cookie policy.

How we Protect your Information

We take our responsibilities around the safety and security of your data very seriously and are committed to ensuring this.

As such we take steps to safeguard this, including:

  • Employing secure HTTPS encryption across our website to protect your data when completing online forms
  • Storing all information you provide to us on our secured servers within the European Economic Area
  • Limiting access to your information to only employees who need to process it
  • Storing your information behind a password protected system internally

From time to time, your information may be transferred to and stored in a country outside the EEA in relation to provision of the services (i.e. the USA). The laws in these countries may not provide you with the same protection as in the EEA; however, any third party referred to above outside of the EEA has agreed with us to abide by European levels of data protection in respect of the transfer, processing and storage of any personal data.

Requesting a Copy of your Information

Under the GDPR you have several rights regarding your personal data, including the right to be informed about the data we hold about you, the right to ask us to rectify that data if it is incorrect, and the right to ask for a copy of that data (called a Subject Access Request).

If you would like to request a copy of the data that we hold about you, please complete our Subject Access Request form and send to [email protected]. We will aim to acknowledge your request promptly and in any event will respond to your request within one month.

If you are concerned about our Data Processing

If you are unhappy with how we have collected or processed your personal data you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), which is the UK supervisory authority for data protection issues.

However, if you have such a grievance we would politely request the chance to deal with your concerns before you approach the ICO – so please do contact us in the first instance.

Queries and Contact

If you have any queries regarding the above or would like update or obtain a copy of your data held by us, our appointed privacy representative is Calum Dow and you can contact us via email at: [email protected].

Notification of Privacy Policy changes

Whenever we make a material change to the information we collect or how we use it we’ll update the policy posted here. When this policy changes, we’ll announce it to let you know — or you can check back here after each update.

This policy was last updated on 7th June 2018