Who we are
TwentyTwo Positive Limited of 7 Johnsdale, Oxted, Surrey RH8 0BW is the Data Controller. Our Data Protection Officer (DPO) is Matthew J. Watts. Contact telephone number 01883 371 369.
- We/Us/Our: TwentyTwo Positive Limited
- Data Controller: Determines the purposes and means of processing personal data
- Data Processor: Responsible for processing personal data on behalf of a controller
- EU: European Union
TwentyTwo Positive Limited includes the following trading names:
- TwentyTwo Agency
- Amanda C. Watts
- FreedomPreneur Business Academy
Our approach to managing private information
We respect your privacy and so promise to:
- Use your personal information to only provide you with information or service you have requested
- Keep your data safe, secure and process it in a secure way
- Assist you to change your mind at any time about the communications you have registered to receive
Why do we collect, use and process your personal information?
We need to collect data and personal information from you to provide you with the information and services you request from us.
What information do we collect?
We may collect the following information:
Contact details including;
- Email address
- Phone number
- Job title
- Company name
- Payment details for shopping basket fulfilment
We will only use your personal information for the purposes you have permitted and we will not share it for marketing purposes outside of TwentyTwo Positive Limited unless you have given us permission to do so. If this practice changes in the future, we will update this policy to identify the non-agent third parties and provide an opt-out option.
Every time you visit our website, we may also automatically collect the following information:
- Technical information, including:
- The Internet Protocol (IP) address used to connect your computer to the Internet
- Browser type and version
- Log in details to our website
- Time zone settings
- Browser plug-in types and versions
- Operating systems and platforms, etc
- Visit information, including; Uniform Resource Locators (URLs) of the websites that you came through to our website and which pages you visited (including date and time); our website page response times, download errors, length of visits to pages, visit duration, page interaction information and methods used to exit our site
What we do with the personal information we collect?
We require personal information to process your request/s and provide you with a better service. In particular for the following reasons:
- Internal record keeping
- Process payment/s
- Improve our products and services
- Send marketing emails about events, training courses or other information which we think you may find interesting
We are the sole owners of the information collected on this site and we only have access to the information you voluntarily provide. We will use your information to respond to you, regarding the reason you contacted us and we will not sell or rent this information to anyone.
Where your information is stored
Your data is stored on secure servers operated by us, and will be managed using the robust security measures described below.
Your data may also be saved with trusted third parties solely for the purposes you have provided it to us.
Your personal information may be copied or transferred by us or our trusted third party data processors outside of the EU. We take steps that, in the event your personal information is stored outside the EU that controls are in place to protect in accordance EU and UK data protection and privacy regulations.
Security and storage of personal information
We will keep your personal information safe and secure.
When you give your personal information to us, we will process and use that data in accordance with our responsibilities under the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679) and other relevant legislation.
If you provide payment information, we create payment instructions and pass them to our payment gateway provider in a secure manner.
We do not retain your payment details.
To prevent unauthorized access, maintain data accuracy and ensure the correct usage of information, we monitor and adjust our physical, electronic and managerial procedures to safeguard and secure your personal data whilst in our care, or in the care of any outside suppliers with whom we may contract to process your data on our behalf. Any third party suppliers are under strict contractual terms to mirror the security policies that we currently have in place.
How long will we keep your personal information?
Whenever we collect or process your personal data, we’ll only keep it for a period of twenty six months or for as long as we have a legitimate reason to contact you. We continually review the data records we have and should we learn that we have not received contact from you we will ask if you wish to keep hearing from us. If we do not receive a reply or opt in we will remove your data.
Should you wish for us to remove your data at any time please contact email@example.com and we will remove it.
Type of data
Type of data subject
Type of processing
Purpose of processing
Free Downloads/Mailing List
First Name, Last Name, Email Address, Telephone number, Address, Website, Company Information, Device IP Address
Stored on Ontraport
Provide PDF report
Inactive for 26 months
First Name, Last Name, Email Address, Telephone number, Address, Website, Company Information, Device IP Address, Credit/Debit Card Details, Bank Details, Date of Birth
Stored on Ontraport
Provide training workshops
Inactive for 5+ years*
First Name, Last Name, Email Address, Telephone number, Address, Website, Company Information, Device IP Address, Credit/Debit Card Details
Stored on Ontraport
Provide Purchased Product
Inactive for 5+ years*
Under GDPR regulations, you have rights regarding your personal information we retain.
Please email firstname.lastname@example.org with requests regarding any or all of your rights.
- The right of access – You are entitled to know what information we have regarding you
- The right to rectification – You are entitled to have the information regarding you corrected if it is inaccurate or incomplete
- The right to erasure – You have the right to request we remove your personal information
- The right to restrict processing – You have the right to block or suppress processing of your information we manage
- The right to data portability – You are able to transfer or copy your information from one IT environment to another, safely and securely
- The right to object – You may object to how we manage your information by contacting us in relation to automated decision making and profiling -You have the right not to be a subject of a decision based on automated processing
Further information can be found on the Information Commissioner’s Office website.
Controlling your personal information
You have the right under EU regulation and Privacy Shield to see what information we hold about you. If you want to exercise this right, please make an application to us in writing or contact us by email with a request regarding any or all of your rights.
We may ask you to provide us with sufficient information so that we can be sure of your identity.
If you would like to proceed with a request to see what data we hold about you, please email email@example.com or write to:
The Data Protection Compliance Officer
TwentyTwo Positive Limited
We hope you will benefit from all the communications we send to you, but if at any time you change your mind, you may unsubscribe. If you have given us permission to contact you and you change your mind please email firstname.lastname@example.org, let us know and we’ll unsubscribe you.
If we do not hear from you, we will assume that the information you provide to us is accurate and up-to-date and that you are happy for us to continue to use the information to send you any communications you have requested.
Privacy Shield Compliance
We comply with the EU-US Privacy Shield Framework as published by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.
To learn more about the Privacy Shield program please visit //www.privacyshield.gov/.
We have further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information or to file a complaint.
Finally, and under limited circumstances, EU individuals with unresolved complaints may direct them to the Privacy Shield Panel, a binding arbitration mechanism.
The Federal Trade Commission has jurisdiction over our compliance with the Privacy Shield, and is subject to the investigatory and enforcement powers of the Federal Trade Commission. We may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. We acknowledge our potential liability in cases of onward transfers of Privacy Shield data to third parties.
Resources & Further Information
We may change this policy to meet regulatory requirements and ensure best practice. All changes to this policy will be published on this page. Please check this page from time to time to ensure that you remain happy.