Privacy Policy

Controller of Personal Information

Any personal information processed by Rotec Security Solutions Limited in connection with this Privacy Policy is controlled by Rotec Security Solutions Limited, which is considered the “data controller” of your personal information under European Union and UK data protection law. For the purpose of this policy, our address is; Data Protection Officer, Rotec Security Solutions Limited, Lytham Drive, Bramhall, Stockport, SK7 2LD, United Kingdom.

 

What do we mean by personal information?

Personal information means details which identify you or could be used to identify you, such as your name and contact details and purchase history. It may also include information about how you use our website.

 

When does this policy apply?

This Privacy Policy applies to personal information about you that we collect, use and otherwise process regarding your relationship with us as a customer or potential customer.

 

When do we collect personal information about you?

We collect personal information about you whenever you enquire about or use our services, when you use our website or interact with us via email.

 

What types of personal information do we collect and retain?

When you use our services, you will need to provide us with your name, email address and contact details. Along with:

• Information about the services we have provided to you in the past.
• Information about any online registration and other interactions, such as social media.
• Information about your use of our website. For more details of the methods please see ‘How we use cookies and other methods for the collection of website usage data’.
• Information about your device and your location if you have been browsing on rotecsecurity.co.uk, for example your IP address or unique device ID. (An IP address (i.e. Internet Protocol address) is a numeric code that can act as a unique identifier for your computer or other device – this can be turned off from your device).

 

When and do we collect ‘sensitive personal data’?

Certain categories of personal information, such as that about race, ethnicity, religion, health, sexuality or biometric information are special categories of data requiring additional protection under European Union and UK data protection law and is referred to here as “sensitive personal data”.

We do not collect this information; however, you may have requested services which is not ’sensitive data’ but may imply or suggest your religion, health or other information.

 

What do we use your personal information for?

The main purposes for which we use your personal information are:

• To fulfil our contractual obligations
• To provide services tailored to your requirements and to treat you in a more personal way.
• To carry out analysis and market research. i.e. We may analyse the way in which our sales channels, products and services are being used by customers so that we can understand how to improve the service we offer and encourage customers to use the best range of our products and services for them.
• To carry out marketing including online advertising and keep you informed of Rotec Security Solutions Limited’s products and services. i.e. We may send you information about our products and services by email or text message and we may tailor the content of our websites, applications, emails and other communications to ensure they are as relevant to you as possible
• To send you status updates and service communications. i.e. We may also send you communications about the services you have previously used, for example, where you experienced some form of issue or problem and we wish to contact you about it proactively to resolve it successfully.
• To improve our websites, products and services i.e. We may monitor the way that you and other customers use our website so that we can identify ways to improve the website experience.
• For management and administrative purposes i.e. We may use and retain your personal information, including your purchase history, for administrative purposes, which may include for example, accounting and billing, auditing, credit or other payment card verification, anti-fraud screening (including the use of credit reference agency searches and payment card validation checks) and systems testing, maintenance and development.

 

When will we send you marketing?

When we collect information directly from you we will ask you if you do not want to receive our marketing communications.

We will respect your choice as to what communications you wish to receive and how these are sent.

 

How can you change what marketing communications you receive and how you receive them?

If you decide you would no longer like to be sent marketing communications, you can change your mind at any time. The ways to stop being sent marketing communications are described below:

Each marketing communication we send by email will also have an unsubscribe option which will allow you to stop you receiving further marketing emails. We aim to action requests to stop being sent marketing communications within 10 working days of receiving those requests, but it is possible you will receive some marketing in the period prior to that change being made.

Please note that if you tell us that you do not wish to be sent further marketing communications, you will still receive service communications (as described above in “What we use your personal information for”) which are necessary, for example, to inform you of any updates to the standards that you hold or for any upcoming certification visits.

If you ask us to stop sending marketing communications, please note we will retain your personal information for the purposes of indicating that you do not want to receive marketing communications.

 

What is our legal basis for using your personal information?

RSS will only process your personal information where we have a legal basis to do so. The legal basis will depend on the reason or reasons RSS collected and needs to use your information. Under EU and UK data protection laws in almost all cases the legal basis will be:

• Because we need to use your information so that we can perform the contract we have with you.
• To protect the vital interests of you or another person.
• Because you have consented to RSS using your information for a purpose.

More information on each legal basis is provided below.

If processing of your data is subject to any other laws, then the basis of processing your data may be different to that set out above and may in those circumstances be based on your consent in all cases.

 

How long do we keep personal information?

We will keep your information for as long as we need it for the purpose it is being processed for

We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained.

 

Performance of a contract with you

It will be necessary for RSS to use your personal information to complete an implementation or management contract you have made with us. For example, we will need to use information such as your contact details and payment information to provide you with the services you have requested and paid for.

 

Compliance with legal obligations

There are situations where RSS is subject to a legal obligation and needs to use your personal information to comply with those obligations.

 

To protect the vital interest of you or another person

There are situations where we may need to use your personal information to protect the vital interests of you or another person i.e. There was a medical emergency during the project.

 

Consent

Alternatively, we may collect and use your personal information where you have given your specific consent to us doing so. i.e. You have ticked the “opt in box” following the issue of a quotation, or we have verbally agreed this during a face to face meeting.

If the basis of our processing your data is consent to marketing, you can withdraw your consent to such processing at any time by writing to us at; Data Protection Officer, Rotec Security Solutions Limited, Lytham Drive, Bramhall, Stockport, SK7 2LD.

However, if you withdraw your FULL consent, (rather than just marketing consent), in some circumstances, it may mean we will not be able to provide all or parts of the products/ services you have requested from us.

 

Who do we share your personal information with?

We do not share your personal information with anyone, unless you have specifically asked us to pass on your details to third parties to allow them to contact you for other services you may require.

 

Requesting a copy of your personal information

Under the UK Data Protection Act 1998, you may request a copy of any personal data about you held by Rotec Security Solutions Ltd. There is no fee for this request.

The request must be in writing and must contain the following:

• Your name and postal address.
• Details of your request.
• Any details which may help us locate the information which is the subject of your request, for example:
  • Company name
  • Any quotation, or contract reference

You must also provide:

• A photocopy of your passport or driving licence, so that we can verify your identity.
• Your signature and the date of the request.

If you are applying on behalf of another person then signed authority from the individual is required.

Please send your request to: Data Protection Officer, Rotec Security Solutions Limited, Lytham Drive, Bramhall, Stockport, SK7 2LD.

 

What are your legal rights in relation to the personal information we hold about you?

Under data protection laws in the European Union and the UK, you have certain rights in relation to your personal information. Responses to exercise your rights will be provided within one month and generally there is no fee for making these requests. If your request is particularly complicated we may extend the deadline for responding to three months, but we will let you know if this is the case.

We will handle all requests in accordance with applicable law. However, depending on the right you wish to exercise, and the nature of the personal information involved, there may be legal reasons why we cannot grant your request. Further explanation of those rights and the exceptions to them are set out below.

Details of how to exercise your rights are set out in the section below “How can you exercise your legal rights and change how we use your data?

Your rights include the following:

• You may request us to stop sending you marketing. To see how to change your permission to market please refer to the section “What marketing will we send you?” If you do so we will no longer be able to send you marketing communications. However, if you subsequently purchase additional services we will communicate with you regarding these services.
• You may request us to stop using your personal information where we are doing so under legitimate interests (see the section “What is our legal basis for using your personal information” for examples of when that applies) unless it is needed for dealing with legal claims or we have other compelling legitimate reasons that override your rights.
• You may request us to stop processing your personal information for marketing purposes including analytics for the purposes of targeted marketing, including online advertising.e. If we know you work in a market sector that is requiring a specific standard that you do not hold.
• You may access the personal information we hold on you.
  There are some limited exceptions to this right, such as information relating to others who have not consented to the disclosure of their information and information which is legally privileged. Please see “Accessing your personal information” below for more details.
• You may ask us to correct your personal information (the ‘right of rectification’) if that information is inaccurate. How to do this see section on “How can you change what marketing communications you receive and how you receive them?”
• You may ask for personal information which identifies you to be erased (or forgotten).

To do this we will remove the information that identifies you from the data we hold in our active systems (“anonymise”).

 

Considerations:

We may need to retain certain elements that relate to a contract between you and RSS because we need it for our own legal and auditing purposes (for more information on the basis on which we process your personal information see the section “What is our legal basis for using your personal information?”).

 

How can you exercise your legal rights and change how we use your data?

If you wish to change how we use your personal information you can make a request by writing to us, ensuring you mark the letter for Customer Permissions to: Customer Permissions, Data Protection Office, Rotec Security Solutions Limited, Lytham Drive, Bramhall, Stockport, SK7 2LD.

 

Accessing your personal information

Please follow the instructions as detailed in “Requesting a copy of your personal information”

 

How will we inform you of changes to this Privacy Policy?

If we change this Privacy Policy, we will let you know about the changes by publishing the updated version on www.rotecsecurity.co.uk.  We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Privacy Policy.

This Privacy Policy came into effect on 23 May 2018 replacing our previous Privacy Policy. This Privacy Policy applies to all information we process about you in connection with your relationship with us as a customer or potential customer.

Please write to the Data Protection Officer if you would like to find out more about any matters to do with this Privacy Policy.

 

How to get in touch with us and your right to complain to our supervisory authority?

If you have any questions about this policy, please contact the Data Protection Officer.

The Data Protection Officer for RSS can be contacted at Rotec Security Solutions Limited, Lytham Drive, Bramhall, Stockport, SK7 2LD.

We work hard to handle your information responsibly. If you are unhappy about the way we do this, please contact RSS’ Data Protection Officer who will address your concerns.

We hope that we will be able to resolve any concerns you may have.

However, you have a right to complain to the UK’s Supervisory Authority for data protection, the Information Commissioner

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF