Data Protection- Privacy Policy Notice
The Rizues Limited
About this document
This Privacy Notice will help you understand how we collect, use and protect your personal information. If you have any queries about this Privacy Notice or how we process your personal information, please contact the Data Protection Officer by email at dpo@rizues.com or by post: Data Protection Officer, The Rizues Limited, Quayside,
Salts Mill Road, Shipley. BD18 3ST.
Who we are?
The organisation responsible for the processing of your personal information is The Rizues Limited. This means that we are a ‘data controller’ under the General Data Protection Regulation also known as the ‘GDPR’.
What personal information we collect about you?
The personal data you have provided, and we may have collected from you includes:
– Your full name and address.
– Contact details, including telephone numbers and email address.
– Financial information, including credit/debit card details (although we do not retain payment card
information)
– Identifiers assigned to your computer or other devices, including your Internet Protocol (IP) address, some login details on our website, products viewed or searched on our website and page interaction information such as scrolling and clicking.
How we collect information about you?
Most of the personal information we hold about you is that which we collect directly from you, for example:
– Each time you ask us to open a customer account.
– Each time you ask us to provide a price quotation.
– When you register to receive information from us.
– When you place an order or discuss the progress of your order with us.
– Each time you interact with us, respond to communications or surveys, or other business-related
communications.
– When you make enquiries or raise concerns with our customer service team.
– When you visit, register or order products at www.rizues.com and visit our other online portals including Face book and Twitter.
What we use your information for and the legal bases for processing?
We may store and use your personal information for the purposes of:
– To provide goods and services to you and your organisation.
– For billing and accounts.
– Administering your account, quotes and policies (as is necessary for performance of a contract between you and us and/or as is necessary for our legitimate interests).
– To carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request from us.
– Assessing financial risks, including by carrying out credit reference checks and credit scoring assessments as is necessary for the performance of a contract between you and us and/or as is necessary for our legitimate interests.
– Using your payment details to process payments relating to your orders, including fees and refunds.
– Communicating with you about your quotes, changes to our website and products, your orders and refunds including responding to your enquiries.
– Undertaking market research and statistical analysis, including analysing your use of our website. This allows us to develop new, or improve existing, products and services.
– Our subcontractors and other people who help us to provide our products and services to you.
– Our legal and other professional advisors, including our auditors.
– Fraud prevention agencies, credit reference agencies, and debt collection agencies when we open your account and periodically during the lifetime of your account.
– Government bodies and agencies, e.g. HMRC, the Financial Conduct Authority and the Information Commissioner’s Office.
– Courts, to comply with legal requirements, and for the administration of justice.
– Other parties connected with your account, such as guarantors and other people named on an application.
– Anyone else where we have your consent, as required by law, in an emergency to protect your vital interests, and if we restructure or sell our business or its assets or have a merger or re organisation
Our “legitimate interests” as referred to above (and below) include our legitimate business purposes and commercial interests in operating our business in a customer-focused, efficient and sustainable manner, in accordance with all applicable legal and regulatory requirements.
We may also disclose your personal data, if we sell any business or assets, to the prospective buyer of such business or assets as part of a necessary due diligence exercise. In addition, if The Rizues Limited or substantially all its assets are acquired by a third party, the personal data held by us about you will be one of the transferred assets and we may disclose your personal data to that third party.
We also consider that it is within our legitimate interests to send you information about our products and services for marketing purposes. You can object to receiving marketing from us at any time. Please email your request to dpo@rizues.com and provide your name and address or by post to: Data Protection Officer, The Rizues Limited,
Quayside, Salts Mill Road, Shipley. BD18 3ST
Who do we share or disclose your data with?
Where relevant given the nature of the products and services provided to you, we may also share your information with the following categories of third parties:
– third party service providers who we instruct for the purpose of delivering your goods and third parties involved in processing and completion of your order (as is necessary for the performance of a contract between you and us).
– third party service providers who support the operation of our business, such as IT, financial service providers and banks and debt collection agencies (as is necessary for the performance of a contract between you and us and/or as is necessary for our legitimate interests).
– fraud prevention agencies and associations, (as is necessary for compliance with our legal obligations and/or as is necessary for our legitimate interests).
– regulators and law enforcement agencies, including the police, the Financial Conduct Authority, HM Revenue and Customs or any other relevant authority who may have jurisdiction (as is necessary for compliance with our legal obligations).
Please contact our Data Protection Officer, if you would like details of the third party, we share your data with.
Processing outside of the European Economic Area (EEA)
The personal information that we collect from you, and which is shared with our service providers, may be transferred to and processed in a destination outside of the EEA. It may also be processed by staff operating outside the EEA who work for one of our suppliers and banks. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
To find out more about how your personal information is protected when it is transferred outside the EEA, please contact our Data Protection Officer using the details above.
How long your information is kept?
We will retain your personal information for several purposes, as necessary to allow us to carry out our business.
We will retain your personal data for the following reasons:
– In case of queries. We will retain your personal data for as long as necessary to deal with your queries, e.g. if you have any issues with your service(s); and
– In accordance with legal and regulatory requirements. We will retain your personal data after your account has been closed to meet legal and regulatory requirements.
These data retention periods are subject to change without further notice because of changes to associated law or regulations. If you have any questions in relation to the retention of your personal data, please contact our Data Protection Officer at the details provided above.
Data Anonymisation and Aggregation
Your personal data may be converted into statistical or aggregated data which means that you cannot be identified. This anonymised data will then be used to produce statistical reports and may be shared and used in all the ways described in this Policy.
Your rights
Your rights under GDPR are as follows:
– You have the right to be informed about our processing of your personal data;
– You have the right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed;
– You have the right to object to us processing your personal data;
– You have the right to have your personal data erased, otherwise known as the ‘right to be forgotten’;
– You have the right to request access to the personal data we hold about you, and information on how we process it, commonly known as a ‘data subject access request’;
– You have the right to move, copy or transfer your personal data (‘data portability’); and
– You have rights in relation to automated decision making, including profiling.
Please note that these rights may be limited by data protection legislation, and we may be entitled to refuse requests where exceptions apply.
You also have the right to complain to the Information Commissioner’s Office. It has enforcement powers and can
investigate compliance with data protection laws. More information about the Information Commissioner’s Office
can be found on their website, ico.org.uk