Our privacy promise covers how we treat your data and put you in control of what happens to it.
We take the protection of your privacy and confidentiality seriously. We understand that all visitors to our website, prospective clients, customers and staff are entitled to know that their personal data will not be used for any purpose unintended by them and that we continue to maintain our professional duty of care.
Our principle guidelines are simple, and we will be clear about the data we collect and why.
When we use your personal data we are regulated under the General Data Protection Regulation (GDPR) which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal data for the purposes of the GDPR.
We hope the following sections answer any questions you might have.
It would be helpful to start by explaining some key terms used in this policy:
|Ridgeway, we, us, our||Shall mean Ridgeway IT Limited|
|Our Privacy Compliance Officer||Tom Douglas (firstname.lastname@example.org)|
|Personal data||Any information relating to an identified or identifiable individual|
The personal information we may collect and use
We may collect, process and store the following data about you:
- Email address
- Postal address
- Telephone number
- Information about how you use our website, IT, communication and other systems
- Your responses to surveys, competitions and promotions
How your personal information is collected
How and why we use your personal information
Under data protection law, we can only use your personal data if we have a proper reason for doing so, eg:
- to comply with our legal and regulatory obligations;
- for the performance of our contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent. A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains what we use (process) your personal data for and our reasons for doing so:
What we use your personal data for
When completing web forms on our website
For legitimate interests to ensure we respond to and fulfil any requests.
To fulfil orders and product delivery to you
For the performance of our contract with you or those of a third party, i.e. purchase through Ridgeway that might lead to share contact information with a third party where we resell their products.
To service requests for support by email, telephone, text or via our helpdesk
For the performance of our contract with you when providing and support and resolution services.
Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies
To comply with our legal and regulatory obligations
Operational reasons, such as improving efficiency, training and quality control
For our legitimate interests, ie to be as efficient as we can so we can deliver the best service to you and in line with our internal policies and procedures.
Marketing our services to existing and former customers
For our legitimate interests, ie to promote our business to existing and former customers
We may use your personal data to send you updates (by email, text message, telephone or post) about legal developments that might be of interest to you and/or information about our services, including exclusive offers, promotions or new services or products.
We have a legitimate interest in processing your personal data for promotional purposes (see above ‘How and why we use your personal information’).
You have the right to opt out of receiving promotional communications at any time by emailing us at email@example.com or by clicking the ‘unsubscribe’ link in any email communication that we send to you.
How we will not use your data
We will always treat your personal data with the utmost respect and never sell OR share it with other organisations outside of Ridgeway IT Limited for marketing purposes or seek to make financial gain from your information.
Where your personal data is held
All information you provide to us is stored on our secure servers (within the EEA) or the servers of our service providers. Information may be held by third party agencies and service providers.
Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal data when this occurs, see below: ‘Transferring your personal data out of the EEA’.
How long will your personal data be kept for?
Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as necessary for the purpose for which it was collected:
- to provide you with the services you have requested
- to comply with other law, including for the period demanded by our tax authorities
- to support a claim or defence in court
We will not retain your data for longer than necessary for the purposes set out in this policy.
When it is no longer necessary to retain your personal data, we will delete or anonymise it. We will share personal information with law enforcement or other authorities if required by applicable law.
Transfer of your information out of the EEA
We may have cause to transfer your personal information outside the European Economic Area (EEA) from time to time. However, should such transfer occur, we shall ensure that either the European Commission has made a positive finding of adequacy for transfer to such a country or that any transfer of your personal information will be subject to a European Commission approved contract (as permitted under Article 46(5) of the General Data Protection Regulation that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
- claim compensation for damages caused by our breach of any data protection laws
If you would like to exercise any of those rights and to help us process your request, please:
- email, call or write to our Privacy Compliance Officer (details below)
- let us have enough information to identify you (eg account number, user name, email address)
- let us know the information to which your request relates, including any account or reference numbers, if you have them
After receiving the request, we shall take reasonable steps to verify your identity. This is important to safeguard your information.
Once this is clarified we will tell you when we expect to provide you with the information. Before doing so we shall take reasonable steps to verify your identity.
If you would like to unsubscribe from any email newsletter you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter.
Age limit for using our services
Our services are designed for business and users over the age of 16. We do not sell products or provide services for purchase by children, nor do we market to children. If you are under 16, you may use our websites only with consent from a parent or guardian.
How to raise a complaint
The General Data Protection Regulation also provides you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work normally live or where any alleged infringement of data protection laws occurred.
The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
This privacy notice was published on 01/02/2020 and last updated on 24.05.2020.
We may change this privacy notice from time to time. You should check this policy occasionally to ensure you are aware of the most recent version.
We are registered with the Information Commissioner's Office in the UK. ico.org.uk/register. Our reference number is ZA758278.
How to contact us
Please contact our Privacy Compliance Officer if you have any questions about this privacy notice or the information we hold about you. If you wish to contact our Privacy Compliance Officer, Tom Douglas, please send an email to firstname.lastname@example.org, write to Ridgeway IT Limited, 3 Diamond Way, Chilton, Oxfordshire, OX11 0TT or call 01235 250015.