Data & Privacy Policy

tictoc Family Ltd. is a company incorporated in Scotland of 14 Newton Terrace, Glasgow G3 7PJ. tictoc is a digital marketing agency that is committed to protecting and respecting the personal data of our clients and their clients.

For the purpose of the relevant laws concerning the protection of personal data, including the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) (collectively the “Data Protection Laws”), tictoc Family Ltd. acts as both a Data Processor and Data Controller.

This policy sets out the basis by which any personal data we collect, are provided with or control, is managed.

Our Role As A Data Processor 

When our clients use a Content Management System (CMS) to process EU personal data we act as a data processor. For example, we act as the data processor when users complete forms that are stored in the CMS.

Data Processing

tictoc only acts as a data processor on behalf of our clients in the course of providing the Content Management System (CMS) used to manage the website. The client must comply with legislation as a data controller and ensure that any data processing instructions it issues to tictoc or via the CMS also comply.

 Data processing in relation to hosting:

  • All data collected via a clients website is stored within the European Economic Area (EEA)
  • tictoc hosting providers act as sub-processors and as such have their own processes that comply with GDPR. The two primary hosting providers used by tictoc are AWS - and Linode.
  • tictoc shall not transfer any data outside the EU - our hosting data centres are located within the EU and backups of data are also stored within the EU
  • As part of our hosting, we monitor the security of our servers and provide information on any security incident
  • If a client wishes to host with a 3rd party it is their responsibility to ensure the provider complies with the required GDPR laws 

Clients can use the functionality provided within the CMS to delete data upon a Deletion of Data Request or can request that tictoc remove the data. If the required functionality is not already built into your CMS tictoc can quote to create the required function.


tictoc takes no responsibility in ensuring that a client’s website, internal processes, online processes, content, terminology and terms and conditions are GDPR compliant. Each client should seek legal advice to ensure they are fully compliant. tictoc can make requested GDPR related alterations to your digital platform as required, a suitable quotation can be supplied based on a supplied brief.

Our Role As A Data Controller 

As a data controller, we store data given to us voluntarily by clients to allow us to contact them and provide our services. By supplying this data you agree to us storing or processing your data, and to using it as part of tictoc Family Ltd's internal record keeping. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

We may also periodically send emails about new services or other information we think you may find interesting using the email address you have provided. We only send these emails to users who have consented to receive such information. 

Storage of client information

Information supplied by clients to enable us to provide our services is stored as follows: 

  • Xero - Our finance and invoicing system stores your registered address and finance point of contact. This information is used to supply invoices. View the Xero privacy notice. 
  • MailChimp - Our email system which contains our email newsletter list of contacts who have requested to be kept up to date on our latest information. View Mailchimp’s privacy notice. 
  • PB - Our bespoke quoting and management system stores information relating to each point of client contact relating to every project

Cookies and usage tracking

A cookie is a small file that is downloaded on to your computer when you visit a website. Cookies are used by the vast majority of websites and can do a number of things such as remembering your preferences, recording your actions and counting the number of people looking at a website. Certain cookies may collect personal data, however, we also use some cookies that do not collect personal information but that do help us collect anonymous information about how people use our website. We use Google Analytics for this purpose. Google Analytics generates statistical and other information about website usage by means of cookies, which are stored on users' computers. The information collected by Google Analytics about the usage of our website is not personally identifiable. The data is collected anonymously, stored by Google and used by us to create reports about website usage. View Google's privacy policy.

You can update your cookie preferences for using our site by either accepting or declining cookies using the options below. 

Your rights

You have the right to ask tictoc Family Ltd to remove your personal data or refrain from processing your data for marketing purposes. We will usually inform you before collecting data if we indent to use your data for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at tictoc Family Ltd. 14 Newton Terrace, Glasgow G3 7PJ or by emailing


Confidentiality Obligation

Both tictoc and client will not, without prior written consent of the other party, disclose any Confidential Information of the other party to a third party. In giving written consent to the disclosure of Confidential Information, a Party may impose such conditions as it thinks fit, and the other Party agrees to comply with these conditions before making the requested disclosure.

Personnel confidentiality

tictoc and client will take all reasonable steps to ensure its employees, contractors and subcontractors engaged to perform work on the project are aware that Confidential Information is confidential. Access and the use of Confidential Information is only for the purposes directly linked to providing the services required for ongoing Services.

Protection of Personal Information

tictoc agrees not to use or disclose any Personal Information for a purpose other than implementing obligations required for the provision of the proposed Services, or in accordance with the Law. tictoc further agrees to comply at all times with its obligations under the Data Protection Act 1998.

Use of Information

The parties agree that any information provided to them by the other party in connection with the project is to be used solely for the purposes of providing the agreed Services.

Breach notification

Each party must notify the other party immediately if it becomes aware of a breach of any confidentiality, preferably within a period of 72 hrs.

Data retention

Your information is retained only for as long as necessary to supply the services we provide.


We take your privacy seriously with every reasonable measure and precaution to protect and secure your personal data.

Changes To This Policy

From time to time we may make changes to this policy, updates will be posted on this page or supplied by email where appropriate.


Questions regarding this Privacy and Cookie Policy should be addressed to tictoc Family Ltd, 14 Newton Terrace G3 7PJ, or sent by email to: