Privacy Policy
This policy sets out how RE: INTERNET SYSTEMS LIMITED (‘the Company’ ‘We’ ‘us’) uses and protects any information that you give us when using this website or any of the Company’s services. For existing customers, it should be viewed in conjunction with the REIS Licence Agreement.
We are committed to ensuring that your privacy is protected. This Privacy Policy contains information about collecting users' Personal Data and the manner of its processing. We respect the right to privacy of all users who communicate with us and take reasonable steps to ensure you are familiar with the manner in which data provided is processed.
This policy also applies to anyone contacting the Company or any visitors to our public websites, including www.re-systems.co.uk.
The acceptance of the REIS Licence Agreement or deciding on using or purchasing any product offered by the Company means accepting the Company Privacy Policy.
This policy may vary from time to time, so please check it regularly.
Recourse, enforcement and liability
We are of course committed to processing and storing all Personal Data received in accordance with the UK Government Data Protection Act 2018 (DPA) and ensuring that data received about any European Union or Swiss national is handled in accordance with the EU General Data Protection Regulation (GDPR) and the Privacy and Electronic Communications Regulations (PECR).
What information do we collect?
We gather information about you in several ways in order to fulfil your requirements and to provide the contracted service offering, the information collected includes:
- Registration and Engagement: When you register with us, use our online live chat on our website, or order our services.
- Marketing Material and Demonstrations: Upon downloading marketing materials or requesting a demonstration, we collect your Personal Data to add you to our marketing database, fulfil your requests, and provide information about our products and services. This typically includes your name and contact details. If you contact us by phone, we may record this information.
- Opt-out Option: You have the right to opt out of our marketing communications at any time via the “unsubscribe” link in our emails or you can contact us for assistance.
We may use the information we collect from you to:
- Fulfil information requests.
- Provide details on services similar to those you've shown interest in.
- Notify you about changes to our service.
Your comprehensive prospect profile is securely stored in our IT systems, accessible only to employees who require it for legitimate business reasons, such as our Marketing and Sales Teams.
Types of Information Collected
In conducting business with you or when you submit an information request via our contact mechanisms, such as the contact form on our website, REIS collects personal data that is pertinent to our engagement. This may include, but is not limited to:
- Your name, email address, job title, and contact details, including office and mobile phone numbers.
- Business addresses.
- Information related to your business processes.
- Geo-location data: the Company may have access to geo-location data as indicated by your IP address. We collect and process IP addresses of all devices where some of our services are made available on (i.e. www.re-systems.co.uk). Collecting and processing your geo-location data refers to mobile devices as well as computers.
We collect data exclusively with your explicit consent; for instance, you would express this by actively selecting an opt-in checkbox or submitting a request for information form.
REIS strictly refrains from employing automatic opt-in mechanisms, this practice is in full alignment with the General Data Protection Regulation (GDPR) and the UK Data Protection Act, ensuring that we only gather personal data necessary to fulfil your requests or to deliver the services outlined in our contract with you.
We are committed to handling your personal data in compliance with the GDPR and will only use this information for the specific purposes for which it was collected.
How will we use the information about you?
The Company reserves the right to disclose Personal Data and other information relating to the user to third parties, natural persons or entities providing services to us or acting as our agents as part of our provision of the service (customer/support services, email, text messages providers, live chat providers, or others), this we would consider as standard business practice.
We commit to not transferring your Personal Data outside the EU and Switzerland to third parties unless they are bound by privacy protection commitments equivalent to those mandated by the EU GDPR / UK Data Protection Act.
Data transfers are limited to agents or third-party service providers requiring this information to perform services on our behalf, aligned with the purposes outlined in this Privacy Policy.
Upon request, we can provide a list of entities with access to your Personal Data, emphasising that such access is strictly for necessary service provision. We ensure all data processing by these entities adheres to our Privacy Policy and applicable laws.
Personal Data can be disclosed to entities into which the Company is merged, or to which our assets, site or operations have been transferred. Merged entities will be able to use your Personal Information under the terms of this Privacy Policy. We will notify you if any of these events occur by updating this Privacy Policy and, if practically possible, via other means.
The Company will not share or sell your information for marketing purposes with other companies.
Obligation to Provide Personal Data
In certain circumstances, you may be required to provide personal data to us either due to legal obligations or as part of a contractual requirement necessary for entering into a contract with us. It is important for you to understand that some personal information must be supplied to us so we can fulfil our contractual commitments to you or to comply with legal requirements. Failing to provide this data might prevent us from being able to enter into a contract with you or might hinder our ability to provide you with the services or products you have requested. Whenever we request personal data under these conditions, we will inform you whether the provision of your personal data is a statutory or contractual requirement, and we will also explain the possible consequences of failing to provide such data. Our commitment is to ensure transparency and to provide you with all necessary information to make informed decisions about your personal data.
Use of Automated Decision Making and Profiling
In alignment with the General Data Protection Regulation (GDPR) and the UK Data Protection Act, our organisation reserves the right to employ automated decision-making and profiling processes where deemed beneficial to enhance our service offerings and customer experience.
These processes might be utilised to facilitate more efficient operations and to deliver personalised service features tailored to your preferences and needs.
While we may engage in such activities, it is important to note that we take your privacy seriously and ensure that all such processes are conducted in compliance with relevant data protection laws.
We maintain measures to safeguard your rights, freedoms, and legitimate interests, including the provision for you to request human intervention or to challenge decisions made about you without human involvement. We are committed to transparency and will provide further details on the use of any automated decision-making or profiling as appropriate.
Security
In alignment with the General Data Protection Regulation (GDPR) and the UK Data Protection Act, our commitment to safeguarding your personal information is evidenced by our certification against ISO27001 and Cyber Essentials Plus standards. These certifications underscore our dedication to implementing robust technical and organisational measures designed to shield personal data against loss, misuse, unauthorised modification, or breach.
Our defence in depth strategy includes deploying multiple layers of protection to ensure the confidentiality, integrity and availability of personal data.
This multifaceted approach to security ensures that your personal information remains secure from unauthorised access, disclosure, duplication, alteration, and destruction, thereby upholding our commitment to data protection compliance and best practices.
Special Categories of Data
We do not request or require you to provide any special categories of Personal Data including for example genetic data, biometric data for the purpose of uniquely identifying a natural persona, or information relating to your racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, or sexual orientation. If we become aware of any such data having been submitted to us, we will, where reasonably practicable, endeavour to delete it.
Data Retention
The amount of time we hold your Personal Data will vary but shall be kept for no longer than is necessary for the original purposes for which it is being processed.
Marketing
We may wish to send you information about products and services of ours and other companies we partner with which may be of interest to you. If you have consented to receive marketing, you may opt out later. You have a right at any time to stop us from contacting you for marketing purposes. If you are already subscribed to the Company for marketing purposes and wish to no longer be contacted, please contact us.
Access to your Information, Correction & Your Rights
Right of Access
Under the GDPR and UK Data Protection Act, you are entitled to access the personal information that we hold about you. If you wish to receive a copy of your personal data, please contact us using the details provided at the end of this Privacy Policy.
We are committed to providing a copy of your personal data within one calendar month of receiving your request after applying sufficient scrutiny to the legitimacy of the request.
Right to Rectification
We want to make sure that your personal information is accurate and up to date. Should you find that the information we hold about you is incorrect or incomplete and you do not have the direct facility to amend, you have the right to request a correction, if so please contact us and we will review accordingly.
Right to Erasure
You also have the right to request the deletion or removal of your personal data from our systems, commonly referred to as the "right to be forgotten." Upon receiving a request for erasure, we will assess the grounds for your request and respond within one month, considering any legal obligations or legitimate interests that might affect the erasure process. If we decide to archive your profile, it will involve retaining a minimal amount of your personal data necessary to comply with legal obligations or to protect or exercise our legal rights.
Data Portability
In accordance with the General Data Protection Regulation (GDPR) and the UK Data Protection Act, you are entitled to the right of data portability. This right allows you to obtain and reuse your personal data for your own purposes across different services. Specifically, you can request that we transfer a copy of your personal data to you or another organisation in a structured, commonly used, and machine-readable format. This right applies to personal data you have provided to us, where the processing is based on your consent or for the performance of a contract, and when processing is carried out by automated means. We are committed to facilitating this process efficiently ensuring you can maintain control over your personal data. Should you wish to exercise your right to data portability, please contact us using the details provided at the end of this Privacy Policy.
The Right to be Informed.
REIS is committed to upholding your Right to be Informed as stipulated by the General Data Protection Regulation (GDPR). We ensure transparency by providing you with clear, concise, and accessible information about the processing of your personal data. This encompasses explaining the purposes for processing your data, the retention periods for that information, and who it will be shared with.
The Right to Restrict Processing.
Under the General Data Protection Regulation (GDPR), you have the right to restrict the processing of your personal data. This means you can limit the way we use your data when certain conditions apply, such as if you contest the accuracy of your data or when you have objected to our use of it. During the time when processing is restricted, we are permitted to store your data, but not use it. This ensures that your privacy is safeguarded while we resolve any issues or comply with your requests. You can exercise this right at any time, and upon doing so, we will assess your request promptly and adhere to your wishes in accordance with GDPR regulations.
The right to object
REIS honours your right to object to the processing of your personal data, in accordance with the General Data Protection Regulation (GDPR). This right allows you to challenge the processing of your data on grounds relating to your situation. We will cease processing your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights, or for the establishment, exercise, or defence of legal claims.
The right to withdraw consent.
Under the General Data Protection Regulation (GDPR) and the UK Data Protection Act, you hold the fundamental right to withdraw your consent at any time for personal data processing based on consent. This means if you have previously agreed to allow us to process your personal information for specific purposes, you can change your mind. To withdraw your consent, please contact us. Upon receipt of your request to withdraw consent, we will cease processing your personal information for the purposes you initially agreed to, unless we have another legal basis for continuing the processing. It's important to note that the withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal, however withdrawal of consent may impact our ability to provide you with services as a result. We are committed to ensuring that exercising your right to withdraw consent is as easy as granting it, aiming to process all such requests promptly and within any legislative timeframes.
Complaints
Complaints can be made to the supervisory authority which in the UK is the Information Commissioners Office who can be contacted directly via their website https://ico.org.uk/ .
Changes to our Privacy Policy
We keep our privacy policy under regular review, and we will place any updates on this web page.
Details in respect of our assigned Data Protection Officer can be provided on request.