Our personal information handling policy and procedures have been developed and updated in line with the requirements of the UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.
1. What information do we collect?
We collect and process personal data about you when services are procured from us. The personal data we process includes parts of the below:
- your name and gender;
- your work address, email address, and phone numbers;
- your job title;
- your bank account details in relation to where invoices are submitted or to be paid;
- photographs, where provided to us or taken as part of the services we provide;
- information related to the browser or device (through IP addresses and cookies) you use to access our website or other online services; or engage with us for web and application hosting activities;
- and/or any other information you provide.
2. How do we use this information and what is the legal basis for this use?
We process personal data for the following purposes:
- as required to establish and fulfill a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include communicating with you on an ‘economic activity’ purpose provisioning a range of services. We require this information in order to enter into a contract with you and are unable to do so without it;
- to comply with applicable laws and regulation;
- in accordance with our interests in protecting Redtangle’s legitimate business interests and legal rights, including but not limited to, use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
- with your express consent to respond to any business activity that you engage with us or complaints we may receive from you, and/or in accordance with our legitimate interests including to investigate any complaints received from you or from others, about our services to you;
- to personalise (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests;
- to monitor and enhance the use of our hosted web and application services that may contain personal information linked to (i) the business services you are offering or (ii) the business services we offer to you. Through the course of checking, improving, and protecting our products, content, services, and websites, both online and offline, in accordance with our legitimate interests, we may access certain personal information on you.
3. With whom and where will we share your personal data?
We may share your personal data with our subsidiaries and sub-contractors to process it for the purposes of technical support, administration, management, and ongoing improvement of our services.
Elements of our services are delivered by companies and individuals other than those with which you have directly contracted.
We use third parties to support us in providing our services and to help provide, run, and manage our internal IT systems and any hosted services for our clients. The systems provided by those third parties are located in secure data centres around the world.
We may also share your personal data with the below third parties:
- our professional advisors such as our auditors and external legal and financial advisors;
- our suppliers and business partners;
Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws.
In the event that our business or any part of it is sold or integrated with another business, your details will be disclosed to our advisers and those of any prospective purchaser and will be passed to the new owners of the business.
Third Party Processors
Our carefully selected partners and service providers may process personal information about you on our behalf as described below:
4. How long will you keep my personal data?
We will not keep your personal information for any purpose for longer than is necessary and will only retain the personal information that is necessary for relation to the purpose. We are also required to retain certain information as required by law or for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, or enforce our terms and conditions.
Where you are a customer, we will keep your information for the length of any contractual relationship you or your employer have with us and after that for a period of 24 months unless otherwise stated in a contract.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) while you interact with us and our content; or (b) for 12 months from when you last interacted with us or our content.
There are some instances where we are legally required to retain your data for longer than outlined above. In these cases, we will retain the data for the time period necessary to meet regulatory requirements, resolve disputes, or enforce our terms and conditions.
We will retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place.
5. Where is my data stored?
The personal data that we collect from you is stored within the UK and the European Economic Area (“EEA”).
6. What are my rights in relation to my personal data?
We promise to uphold the rights provided to you as an individual under UK General Data Protection Regulation (UK GDPR).
You have the right to ask us not to process your personal data for marketing purposes.
Where you have consented to us using your personal data, you can withdraw that consent at any time.
If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
You have a right of access to personal data held by us as a data controller. This right may be exercised by emailing us at [email protected]
We may charge for a request for access in accordance with applicable law. We will aim to respond to any requests for information promptly, and in any event within the legally required time limits (currently 30 days).
Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine-readable format.
If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved. In some circumstances you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we don’t have a good reason to continue to use it; or (d) if we haven’t handled your personal data in accordance with our obligations.
7. Where can I find more information about Article Ten’s handling of my data?
The data controller is Redtangle Ltd. (company registered in England under registration no. 05955547 and with its registered address at PLATF9RM, Floor 2, Hove Town Hall, Tisbury Road, Hove, England, BN3 3BQ, United Kingdom, and such other contractors or suppliers that are a contracting party for the purposes of providing or receiving services.
Changes to this privacy statement
We recognise that transparency is an ongoing responsibility so we will keep this privacy statement under regular review. This privacy statement was last updated on 14th June 2022.
Should you have any queries regarding this Privacy Notice, the processing of your personal data, or wish to exercise your rights you can contact the Redtangle team using this email address: [email protected]
If you are not satisfied with our response, you can contact the Information Commissioner’s Office: https://ico.org.uk/