Skip to main content

Privacy Statement

1. Introduction

We respect your privacy and are committed to protecting it through our compliance of this agreement. The term ‘Tactuum’ in this document covers Tactuum Inc (US) and Tactuum LTD (UK). This document covers the websites Tactuum.com, Quris.com and the Quris Platform. This includes but is not limited to Antimicrobial Companion from NHS Education for Scotland and the Right Decision Service from Healthcare Improvement Scotland.

These websites and/or mobile app uses Google Analytics. Use of this website or mobile app is voluntary. By using this website or mobile app, you consent to the collection and use of your personally identifiable information ('PII') and non-personal information as described in this privacy policy. This policy only governs the use and disclosure of information collected through this website and the associated mobile app(s).

By using our services, you consent to the information practices and other terms set forth in this privacy agreement.

2. Types of Data we collect

2.1 Non-personal data

Tactuum collects non-personal technical data such as IP address, domain used to access the website, if any page referred you, access date and time, pages viewed, browser and operating system, viewing duration, and search terms with results. This information does not identify you and is used solely to monitor site performance and improve functionality

2.2 Personal Data

This refers to any information that can identify an individual, either directly or when combined with other data. Examples include names, addresses, full postcodes, dates of birth, and email addresses. Under the UK GDPR, this also includes online identifiers and location data

2.3 Aggregated Data

This refers to statistical or summary data compiled from multiple individuals. It is used to identify trends or patterns without revealing any individual’s identity.

2.4 Special Categories

Websites using the Quris platform may collect special category data such as health data, please refer to their individual privacy policy for this information.

3. Legal Basis to collect data

Use of this website is voluntary; by using websites on this platform, you agree to non-personal data being shared with Google analytics to track the efficiency of the website.

By submitting personal data through the contact us form or support portal, you consent to sharing personal data with Tactuum. By extension, by submitting any data to websites within Quris, you consent to sharing your data with them and must review their individual privacy policy as they may share your data with other companies, including Tactuum.

Our legal basis for collecting data is consistent with Article 6 of GDPR regulations.

4. How we collect data

4.1 Google analytics

Google analytics compiles usage statistics for the website or app to assess performance and user engagement using non-personal and aggregated data shared with Google.

4.2 Contact us form

Tactuum collects personal and non-personal data sent by the data subject, such as email address and name to rectify queries sent directly to the Tactuum email. This is only stored in this location.

Quris transfers personal and non-personal data sent through the contact us form, such as a full name, email address and comment to rectify queries. This personal data is not stored by Tactuum, as it is immediately transferred to the provider through SendGrid. SendGrid is an email service that sends the information provided in the contact us form to the provider in the form of an email.

4.3 Zendesk portal

Quris platforms with a support portal will share data with Zendesk to raise a support ticket. Non-personal data (e.g. device name/ subject/ priority) and personal data (requester name, email address, request description) are obtained through this portal.

4.4 App usage data

Quris platforms do not store any data from the user’s device, the app may store notes or bookmarks made by the user but this is locally stored on the user’s device only. This data is non-personal.

These can be deleted by the user at any time.

5. How we use data

To manage and support your use of the website or mobile application.

  • To share updates or information that may be relevant or of interest to you.
  • To respond to your requests for services, resources, or materials.
  • To communicate with you directly when necessary.
  • To conduct user research or surveys to improve our services.
  • To compile usage statistics for the website or app to assess performance and user engagement.

If you wish to have your personal information removed, you may contact the Data Protection Officer (DPO) or reach out via the Tactuum support email.

6. Use of Cookies and Applets

Tactuum may place cookies and applets on your device’s hard drive through your web browser to collect non-personal information about your visit. Tactuum use cookies from Google analytics, Azure and Microsoft ASP.Net.

  • Cookies are alphanumeric identifiers used to recognize your device and improve functionality.
  • Applets are small applications that transmit information back to Tactuum for performance and usability purposes.

These tools help us:

  • Administer and maintain the website or app
  • Assess technical performance
  • Track page visits to evaluate content effectiveness

You can manage cookie settings through your browser’s help menu. Please note that disabling cookies may limit certain features of Tactuum websites or applications.

7. How long do we retain data?

7.1 Analytics

Tactuum shares non-personal data tracking the use of the website. Google deletes this data after 14 months.

Azure and Microsoft ASP.Net session cookies are retained until the app or browser is exited.

7.2 Contact us

Tactuum will retain personal information within the email for 6 months before deletion if Tactuum are emailed directly.

If you wish to delete or amend this information, please contact Tactuum.

Tactuum do not retain any personal data obtained through the ‘contact us’ form as this is transferred to the Provider (the company website connected to the Contact us form) immediately by SendGrid.

7.3 Zendesk

When a support ticket is raised through our website portal, the information is shared with Zendesk. Zendesk track and retain this information until deletion is requested.

If you wish to delete this data, please contact Tactuum.

8. How do we delete data?

If you wish to request the deletion of any data, please contact Tactuum by email. For personal or special category data, you may be prompted to submit a SAR request. The user will be directed to the relevant data controller to complete this request.

App usage data, such as notes or bookmarks, can be deleted by the user at any time and never leave the user’s device.

Any data stored by Tactuum directly (direct emails or Zendesk tickets) may be deleted upon request by email. Emails will be permanently deleted after 6 months.

Analytic data is deleted by Google as per their policy.

9. Information security 

Our information security framework is governed by a comprehensive policy and supported by documented technical and organizational measures designed to safeguard data throughout its lifecycle. These measures include:

  • Technical Controls: Encryption of data at rest and in transit, secure network configurations, multi-factor authentication for user access and OWASP ZAP tool to carry out vulnerability testing, code review, penetration testing and runtime testing.
  • Physical Controls: Secure facilities with restricted access, surveillance systems, and controlled entry points to prevent unauthorized physical access to servers and storage devices.
  • Organizational Controls: Role-based access management, staff training on data protection, regular audits, and incident response procedures to ensure compliance and readiness.

Tactuum applies these safeguards to protect data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access, and other foreseeable risks.

Our corporate security standards are aligned with ISO 27001 principles, ensuring a systematic approach to managing sensitive information. We conduct regular internal and external reviews, vulnerability assessments, and penetration testing to maintain the effectiveness of our security posture and adapt to emerging threats.

9. Opting out

You may request information on the collection, processing, amendment or removal of personal data collected through this website by contacting Tactuum and submitting a SAR request.

You may be asked if you wish to opt-out of receiving cookies on our website, or you can manage this in your browser settings.

This is aligning with the Article 12 GDPR regulation of transparency.

10. Changes

It is important to point out that we may amend this Privacy Notice from time to time, with a review every 12 months. If you are dissatisfied with any aspect of our Privacy Notice, please contact Tactuum.

11. More information

  1. https://www.google.com/intl/en/policies/privacy/ 
  2. https://ec.europa.eu/info/law/law-topic/data-protection_en

Questions, comments, or complaints can be made via US@tactuum.com or UK@tactuum.com 

Glasgow 280 St Vincent Street, Glasgow G2 5RL, UK

hello@tactuum.com +44(808) 196 51 81

Inverness Solasta House 8, Inverness Campus Inverness-shire IV2 5NA, UK

hello@tactuum.com +44(808) 196 51 81

London 58 Victoria Embankment, London EC4Y 0DS, UK

hello@tactuum.com +44(808) 196 51 81

Seattle 14725 NE 20th Street, D34 Bellevue, Washington 98007, USA

hello@tactuum.com +1(425) 502-6957

Toronto 180 John Street, Toronto M5T 1X5, Canada

hello@tactuum.com +1(647) 475-5500