Data Security and Privacy Policy

 

Introduction
 

Your privacy and trust are important to us and this Privacy Policy (“Policy”) provides important information about how Redwing Interactive Limited (“Redwing”, “Company” “we” or “us”) handle personal information. This Policy applies to personal information which we process in the course of doing business including information processed through the Company’s website and the services we provide (collectively, our “Services”).

Please read this Policy carefully and contact us if you have any questions about our privacy practices or your personal information choices. 

It is important that you check back often for updates to this Policy. If we make changes we consider to be important, we will let you know by placing a notice on our website and/or contacting you using other methods such as email. 

This Policy was last updated on 11th December 2023.


Purpose of the processing


We may process personal information about you in different ways depending on our relationship with you. Please click on the link below which most closely identifies your relationship with us:

1.    You are a client or an employee of a client of our services
2.    You are a supplier or an employee of a supplier to Redwing
3.    You are a third party with whom we are in contact during the delivery of services to our clients or the possible delivery of services to prospective clients
4.    You are a prospective client or an employee of a prospective client. You are a prospective supplier or an employee of a prospective supplier
5.    You are an employee
6.    You are a prospective employee
7.    We have received your information from a third party
8.    We handle data on your behalf as part of our services
9.    Your relationship with us is not covered by any of the above

 

1.    Clients and employees of clients of our services
We will collect and store personal information including contact details of our clients and those employees of the client who are involved in instructing us so that we can provide our services in accordance with our contract with you. We will also retain that information and any information relating to the contract between us in accordance with our retention policy following completion of the contract(s) between us so that we can review our performance if any complaints or issues arise after completion of the contract. The length of time that we keep client files will depend on the nature of the services provided and of the specific contractual terms agreed.

We may also collect and store personal information about employees of the client for whom we are providing goods or services. This information may include names, contact details and/or details relating to your employment. We are processing this information on behalf of your employer (our client) in order to provide them with the services. You should therefore contact your employer for further information about how we process your information on their behalf.

Unless you request us not to do so, we may also contact those employees of the client who are involved in instructing us on an individual basis about similar services which we offer by telephone, e-mail or post. We will only do this if we believe that you would reasonably expect us to contact you in this way. We will not send you general marketing information as part of a group e-mailing campaign unless you have consented to be contacted in this way.


2.    You are a supplier or an employee of a supplier to us
We will collect and store personal information including contact details of our suppliers and those employees of the supplier who are involved in the delivery of the contract so that we can receive your goods or services in accordance with our contract with you. We will also retain that information and any information relating to the contract between us for a period of six years following completion of the contract(s) between us so that we can review your performance if any complaints or issues arise after completion of the contract.

We may also contact you about new business opportunities for us to work together with you and to keep you informed of our activities. We will only do this if we believe that you would reasonably expect us to contact you in this way and that such processing does not have an impact on you in a way that would make this processing unfair. 

We will not send you general marketing information as part of a group e-mailing campaign unless you have consented to be contacted in this way.


3.    You are a third party with whom we are in contact during the delivery of services to our clients or the possible delivery of services to prospective clients
We will collect and store personal information including contact details of third parties with whom we are in contact during the delivery of services to our clients, or discussions relating to services to prospective clients. We process that information because it is in our legitimate interests to do so in order for us to be able to perform our contracts for our clients or pitch for work from prospective clients. We believe that you would reasonably expect us to process your personal information in this way and that such processing does not an impact on you in a way that would make this processing unfair. Where your personal information is kept as part of a file relating to the performance of a contract with one of our clients, we will also retain that information and any information relating to that contract in accordance with our file retention policy following completion of that contract(s) so that we can review the file if any complaints or issues arise after completion of the contract. The length of time that we keep client files will depend on the nature of the services provided. 

Where your information is stored in our contacts database but is not kept in a client or supplier file, we carry out a review of our contacts database every 2 years when we consider whether or not we still have a legitimate interest to keep your contact information. Where we consider that we no longer have a legitimate interest to keep your contact information we will delete it.

We may also contact you about new business opportunities for us to work together with you and to keep you informed of our activities. We will only do this if we believe that you would reasonably expect us to contact you in this way and that such processing does not an impact on you in a way that would make this processing unfair. 

We will not send you general marketing information as part of a group e-mailing campaign unless you have consented to be contacted in this way.

4.    You are a prospective client or an employee of a prospective client. You are a prospective supplier or an employee of a prospective supplier
We will collect and store personal information including contact details of people who we might do business with as a supplier or a client. We may collect this information from you when you contact us (including through this website) or from a mutual contact. We will only collect contact information from your website or another third party website if we have identified you specifically as someone who may be interested in receiving services from us or delivering goods or services to us. 


We may contact you about new business opportunities for us to work together with you and to keep you informed of our activities.  We believe that you would reasonably expect us to process your personal information in this way and that such processing does not impact on you in a way that would make this processing unfair. Where your information is stored in our contacts database but is not kept in a client or supplier file, we carry out a review of our contacts database every 2 years at which point we consider whether or not we still have a legitimate interest to keep your contact information. Where we consider that we no longer have a legitimate interest to keep your contact information we will delete it.

We will not send you general marketing information as part of a group e-mailing campaign unless you have consented to be contacted in this way.

5.    You are an employee
Employees should refer to the Staff Handbook for further information about our privacy policy in respect of employees.

6.    You are a prospective employee
If we have received your details in response to a recruitment initiative, we will store the personal information that either you, your recruitment agent or another third party has provided us with. We process that information because it is in our legitimate interests to do so in order for us to be able to make an informed decision about whether to interview you and, ultimately, recruit you. We believe that you would reasonably expect us to process your personal information in this way and that such processing does not impact on you in a way that would make this processing unfair. Where your personal information is kept as part of a file relating to prospective employees of the Company, we will retain that information and any information relating to that matter. This is so that we can review the file if any complaints or issues arise after the recruitment process. The length of time that we keep prospective employee files is usually 12 months after conclusion of the relevant recruitment process.

7.    We have received your information from a third party 
Unless you request us not to do so, we may also contact those individuals who are referred to in any information you provide us with, for example referees, this contact may be made by telephone, e-mail or post. We will only do this if we have your express permission to contact them in this way. 

If we have received your personal information from a third party, for example your employer or service provider, that third party will be the controller in relation to that personal information and we will be processing it on their behalf. You should therefore contact that third party to review their privacy policy.

8.    We handle data on your behalf as part of our services
Where we handle a client's customer data on their behalf as part of the services we provide, then data is always handled in accordance with the individual contractual arrangements with that client. In all cases data is handled with full adherence to GDPR and succeeding legislation. We are are security certified by Cyber Essentials, and registered as data handlers with the Information Commissioners Office (ICO).

9.    Your relationship with us is not covered by any of the above
We may hold your contact details and personal information as a result of an interaction between you and one of our employees. We believe that you would reasonably expect us to process your personal information in this way and that such processing does not impact on you in a way that would make this processing unfair.  We carry out a review of our contacts database every 2 years when we consider whether or not we still have a legitimate interest to keep your contact information. Where we consider that we no longer have a legitimate interest to keep your contact information we will delete it.

 

Where you provide us with personal information about another person
 

If you give us personal information about another person, you must ensure that:
(a) you are legally entitled to give us that information;
(b) the disclosure is in accordance with any applicable data protection or privacy laws; and
(c) such other person has also read this privacy policy

 

Personal information we hold
 

We will store contact information and the contents of any correspondence between us. We may also record or take notes during telephone calls and meetings which we will store on any applicable file.

We may also process sensitive information, for example, relating to your health or religious belief. Such sensitive information will only be processed where that information is relevant to the services we are providing or receiving from you.
Some of our services provide data and document storage as an integral part of the service offering. Documents and data stored by our clients may contain personal information on their customers such as name, address, contact details and transactional data, for example. Any information stored by or on behalf of our clients is controlled and managed by and only made accessible to those clients, Company personnel or others our clients may authorise from time to time. 

We may be required to use and retain personal information for other legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. 

When someone visits our website we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed by us in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it. The Company sets and uses cookies and similar technologies to store and manage user preferences, deliver targeted advertising, enable content, and gather analytic and usage data. Please see more about cookies in the section below.


When we share personal information


The Company shares or discloses personal information when necessary to provide services or conduct our business operations as described below. When we share personal information, we do so in accordance with data privacy and security requirements. We do not sell any personal information to third parties. We may occasionally share non-personal, anonymised, and statistical data with third parties. Below are the parties with whom we may share personal information and why.

- to comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities;
- in the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings);
- to protect our rights, users, systems, and services.

 

Where we store and process personal information


We take steps to ensure that the information we collect is processed according to this Policy and the requirements of applicable law wherever the data is located.

We store information in hard copy files, which are stored in our offices and/or in archived storage space in the UK. We also store information in electronic files using hosting servers in the UK through Netservers. We collaborate with third parties such as hosting services, suppliers, and technology support to serve the needs of our business, workforce, and clients. We take appropriate steps to ensure that personal information is processed, secured, and transferred according to applicable law. In some cases, we may need to disclose or transfer your personal information within the Company or to third parties in areas outside of your home country, but we will not transfer your data outside of the European Economic Area without your express written consent. 


How we secure personal information


The Company takes data security seriously, and we use appropriate technologies and procedures to protect personal information. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.


How long we keep personal information


We retain personal information for as long as we reasonably require it for legal or business purposes. In determining data retention periods, the Company takes into consideration local laws, contractual obligations, and the expectations and requirements of our clients and suppliers. When we no longer need personal information or when you request us to delete your information, where this is legal, we will securely delete or destroy it. The length of time that we keep client and supplier files will depend on the nature of the services provided or received. 


Your right to access and correct your personal information


We respect your right to access and control your information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information.

 

Cookies

 

Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. The next time you visit the website using that device the details of your previous visit are remembered. Cookies help us maintain the performance of the website and allow us to remember your preferences and make improvements based on visitor statistics.


Types of Cookie we use
The categories of cookies we use on the website and the function they perform is listed below.


Necessary Cookies

Functional Cookies


Analytics Cookies


Managing Cookies
Most web browsers allow you to manage which cookies you accept via their settings – you can normally use the ‘Help’ functionality on your browser to find out how it handles cookies, or visit the site you downloaded it from for more information.


General Information about cookies
You can find more information about cookies at www.allaboutcookies.org
The IAB provides information about Internet Advertising and your privacy at www.youronlinechoices.eu.


Managing Analytics Cookies
Google analytics provide a browser plugin to prevent their analytics cookies being placed https://tools.google.com/dlpage/gaoptout or you can use your browser settings to disallow analytics cookies.

 

Phishing or False Emails


If you receive an email that appears to be from Redwing that requests personal information (such as your credit card, login, or password), or that asks you to verify or confirm your account or other personal information by clicking on a link, that email was possibly sent by someone trying to unlawfully obtain your information. We never ask for this type of information in an email. Do not provide the information or click on the link. Please contact us at info@red-wing.com if you get an email like this.

 

Children’s privacy


Our services are not directed to children under 13. If you learn that a child under 13 has provided us with personal information without consent, please contact us. 

 

How to contact us


Please contact us with any requests related to your personal information.

We understand that you may have questions or concerns about this Policy or our privacy practices or may wish to file a complaint. Please feel free to contact us in one of the following ways:

 

Email: info@red-wing.com
Address: 14 Small Street, Bristol, BS1 4DE
Telephone: 0117 9105820


 

If you think we can help you,
please call us on

+44 (0)117 910 5820

or email us at

info@red-wing.com