Integrated Risk Management
Through the application of technology and automation, we'll help you manage your risks efficiently and effectively across the entire enterprise.
Identity and Access Management
We'll help you ensure everybody within your organisation has access to the right systems and data, for the right reasons, and at the right time.
Cyber & Application Security
Our experts will uncover security weaknesses within your security design and business-critical applications. Helping you protect your organisation from both internal and external threats.
About us
A group of passionate individuals with a shared purpose to help the world's leading companies embrace best practices for GRC and risk management.
Partners
Turnkey's strategic partner network consists of selected organisations that complement our capabilities.
Corporate Social ResponsibilityCSR
We are committed to being agents for change through our Climate Action Plan, championing diversity in our workplaces, and more.
Get in touch
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Careers
We have operations in all corners of the globe, so see which office is nearest to you and connect with them.
Webinars & eBooks
All of Turnkey's webinars, guides and other insights available in one place.
Blogs
Read the latest insights from our experts on GRC and risk management, covering the latest industry topics.
Press Coverage
See all the publications where Turnkey, our experts and our successes have been noted.
Key events
See the key industry conferences on GRC, SAP security and risk management which we are attending.
Case Studies
Client satisfaction is of the utmost importance to us, and we strive to constantly deliver above expectations, going the extra mile at every opportunity.
FAQs
We've put together a comprehensive list of frequently asked questions - along with our responses - to the most common GRC and SAP security issues.

Turnkey's Privacy Policy

By using our website, you agree to this privacy policy. We respect the privacy of site visitors and recognise that when you choose to provide us with information about yourself, you trust us to act in a responsible manner. Our policy is for you, to protect your personal information.

Turnkey Consulting ("We") are committed to protecting and respecting your privacy.

This policy and any other documents referred to in it sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the General Data Protection Regulation (the Regulation), the data controller is Turnkey Consulting Ltd, 58 Ayres Street, London, SE1 1EU.

 

INFORMATION WE MAY REQUEST AND/OR COLLECT FROM YOU

We may request and/or collect and process the following data about you:

  • Information that you provide by filling in forms on our site www.turnkeyconsulting.com (our site). This includes information provided when you complete our on- line enquiry and/or request forms.
  • If you contact us, we may keep a record of that correspondence.
  • We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
  • Details of your visits to our site including, but not limited to: traffic data; location data; weblogs and other communication data; and the resources that you access.

The personal information you give us may include, but is not limited to, your name, address, email address, phone number, job title and the name of your employer.

We intend to gather this information to communicate with you strictly on a corporate basis, we will not gather any information that will be used to communicate with you outside of any professional relationship. In particular we will only seek to collect corporate email addresses (such as name@org.co.uk or department@org.co.uk). To this end, we may also ask you for information on the organisation you work for or are associated to.

 

IP ADDRESSES AND COOKIES

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration purposes. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:

  • To estimate our audience size and usage pattern.
  • To store information about your preferences, and so allow us to customise our site according to your individual interests.
  • To speed up your searches.
  • To recognise you when you return to our site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

 

INFORMATION COLLECTED VIA OUR WEBSITE:

Such information includes which URL you have come from and which URL you exited our site to (including date and time), the pages you have viewed, how quick those pages loaded, download errors, lengths of visits to certain pages, page interaction information (such as scrolling and clicks), forms you have submitted, methods used to browse away from the page, if you linked to the site from a search engine, the address of that search engine and the search term you used.

 

STORING YOUR PERSONAL DATA

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

 

USES MADE OF THE INFORMATION

We use information held about you in the following ways:

  • To ensure that content from our site is presented in the most effective manner for you and for your computer.
  • To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
  • To carry out our obligations arising from any contracts entered into between you and us.
  • To allow you to participate in interactive features of our service, when you choose to do so.
  • To notify you about changes to our service.

We may also use your data, or permit selected third parties to use your data, to provide you with information about services which we think may be of interest to you, and we or they may contact you about these by post, telephone, or email (where you have provided contact details).

If you have provided us with your corporate email address via the website, telephone, email or otherwise and at that time you did not OPT-OUT of receiving marketing communications from us, we may also send you relevant, informative information to your corporate email address. And, on occasion and where requested, information on our products and services. No marketing emails will be sent to personal email addresses, sole traders or certain types of partnerships unless explicit consent is given to send such information.

 

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If Turnkey Consulting or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our agreements; or to protect the rights, property, or safety of Turnkey Consulting, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

 

CORPORATE SUBSCRIBERS

We will only hold your information as a corporate subscriber, being somebody that has provided us with their information on a professional basis, or has been provided to us by a legitimate third-party (including email addresses such as name@org.co.uk or department@org.co.uk) and you are not a current or past customer. If you meet this criteria, we will communicate with you via both telephone and email unless you have opted out of communications through our preferences page, or via a third party opt-out service (such as the Corporate Telephone Preference Service). We have made efforts to restrict the collection of data from non-corporate subscribers, however on the occasion that this information is collected we will not communicate with you or process your data unless explicitly requested.

 

OUR LEGAL BASIS FOR DATA PROCESSING

Although we are able to communicate with you if you are a corporate subscribers via your corporate telephone number (if not registered to the CTPS) or email address without consent, we may process other pieces of personal data (identified above) to support this activity.

We have a Legitimate Interest in processing this data as it allows us to personalise the communications we deliver to you. This increases the success of our marketing activities and in turn drives business critical revenue generation. We also consider the processing of such data to be in your interest. This is because it helps us provide personalised communications that you are more likely to find of interest. There is no feasible alternative way of achieving this purpose without processing the data.  In addition to the processing of such data being mutually beneficial, we have considered, due to the nature of the personal data processed and the way in which it is used, that processing will have a minimal negative impact on you. This is because the measures taken ensure that data is processed on a strictly professional basis and to enable you to object to the processing of your data at any time. Furthermore, we have deemed that you are likely to expect communications that are directly related to your area or work, location, website usage or job role.

If you are a customer or previous customer we may also process your data based on the interests given above. However, we may also process your information as a current or past customer to inform you of changes to your service, billing and any other activity we are required to carry out in order to fulfil our contractual arrangement with you.

 

YOUR RIGHTS

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.

You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data via email or by visiting our preferences center.

Under data protection regulation you also have other rights in relation to how your data is used. These include:

  • You have the right to be informed on how we will process your data, which is the purpose of this policy. 
  • You have the right to access any personal data that we might hold on you. If you would like access to the data we hold on you we will process your request free of charge and provide the data to you in a commonly used format within 30 days of receipt. However, where requests are deemed to be excessive we may charge a reasonable fee for accessing such data at our discretion.
  • Although we endeavor to ensure that all of the data we may hold on you is accurate and up to date, you have the right to rectify data if you feel it is inaccurate. You may make a request for rectification in writing and we will respond to your request within 30 days of receipt.
  • Under certain circumstances you also have right to request that we erase your data. You may request that we erase your data if you object to us processing your data and there is no overriding legitimate interest for us to do so. You may make this request in writing and we will respond to your request within 30 days.
  • In certain circumstances you may also restrict the processing of your personal data. This means that we may hold your data but we may not process it. Often this right is exercised when verifying the accuracy of data, when the data has been collected unlawfully and you request restriction, instead of erasure, when we no longer need the personal data but you need us to keep it in order to establish, exercise or defend a legal claim or if you have requested erasure of your data but we are reviewing if we have legitimate interest to hold it. You may make this request in writing and we will respond to your request within 30 days.
  • You have the right to obtain and reuse your personal data for your own purposes across different services. You may make this request in writing and we will respond to your request within 30 days.
  • You have the right to object to us processing your personal data for direct marketing unless it is deemed that we have a compelling legitimate interest to do so. You may make this request in writing and we will respond to your request within 30 days.
  • Although we do not carry out automated decision making or profiling exercises you have the right to object that we do not do so in the future. You may make this request in writing and we will respond to your request within 30 days.

You can exercise your right to prevent such processing by contacting us at Turnkey Consulting Ltd, 58 Ayres Street, London, SE1 1EU.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

 

KEEPING YOUR DATA

We will only keep your data for as long we have legitimate interest justification to hold it, or until you make a legitimate request for us to delete your data.

 

ACCESS TO INFORMATION

The General Data Protection Regulation gives you the right to access information held about you. Your right of access can be exercised in accordance with the Regulation.

 

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

 

CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to Turnkey Consulting Ltd, 58 Ayres Street, London, SE1 1EU.

 

COMPLAINTS PROCEDURE

If you feel we have misused your data and have not taken appropriate actions to rectify any misuse, then you can report your complaint to the Information Commissioner's Office. Their contact details are as follows:

Information Governance department

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

0303 123 1113

https://ico.org.uk/