Privacy Policy

Introduction

RedBrick IT Solutions Ltd provide IT services and support for businesses within the UK and are committed to delivering an exceptional customer service.

We wanted to let you know that we’ve updated our Privacy Policy to reflect data law changes in the UK (GDPR).

  • We provide a clear privacy notice wherever personal data is collected to ensure that consent is requested, and that the data subject is informed of their rights in relation to their personal data.
  • Our company demonstrates data subject(s) consent to the processing of his or her personal data or explicit consent for sensitive personal data by asking for permission.
  • Our company demonstrates data subject(s) consent is intelligible and accessible using clear and plain language.
  • Our company demonstrates data subject(s) are informed of their right to withdraw consent before giving consent notice in line with our agreed consent notice.
  • Our company demonstrates processing of data is limited to that stated in the contract, bound by the explicit consent given by the data subject.

What is GDPR?

GDPR (also known as the General Data Protection Regulation) is a new European framework for data protection laws. It gives you greater protection and rights and will give you more control over how your data is used.

We fully support these new regulations and have reflected our commitment to protect your rights and interests in our new Privacy Policy statement. We’ve provided clarity on what data we have, how we use it, why we need it and who has access to it. We’ve also appointed a Data Protection Officer who you can contact if you have any concerns.

We understand that customers care about the use and storage of their personal information and we value your trust in allowing us to do this in a careful and sensible manner. We have created this privacy policy statement in order to demonstrate our commitment to the privacy of our customers.

Personal information which we collect

  • Company name and address.
  • Company contact details (including responsibilities, telephone numbers & contact email addresses).
  • Company bank account details.
  • Details on IT infrastructure & services supplied.
  • Trading history and relevant information.

How we use your information

Our legal basis for collecting your personal data is to allow us to:

  • Ensure we can trade with your business and make/receive payments as required.
  • Provide marketing information to you on related products and services,
  • Provide information on technical issues and general notifications regarding our business.

How long we will keep your personal information

We retain your information to comply with our legal obligations arising from contracts entered into with you, for example tax regulations.

We will remove your data from our systems at the end of the applicable data retention periods unless we are required by current or future law to retain your personal information for a longer period.

Our approach to information security

To protect your information, RedBrick IT has policies and procedures in place and our staff have received full training on the new legislation and what their responsibilities are.

We take significant measures to ensure the safety and security of your data due to the inherent risks with the Internet.  We have therefore implemented Cyber Essentials Framework Standards.

Our registration number with the Information Commissionaires Office is ZA277484 and is renewed annually.

The cloud infrastructure we provide (if applicable) for our clients is located within the European zone and is held in ISO27001 Certified Data Centres.

Your rights

At any point you can contact us to request details concerning the information we hold about you, why we have that information, who has access to the information and where we got the information. Your GDPR rights are;

  • The right to be informed: We will always tell individuals what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. This information must be communicated concisely and in plain language.
  • The right to access: Individuals can submit subject access requests, which oblige organisations to provide a copy of any personal data concerning the individual. Organisations have a maximum of one month to produce this information, although there are exceptions for requests that are manifestly unfounded, repetitive or excessive. We cannot charge the individual for this information processing.
  • The right to rectification: If the individual discovers that the information we hold on them is inaccurate or incomplete, they can request that it be updated. As with the right to access, we have one month to do this, and the same exceptions apply.
  • The right to erasure (also known as ‘the right to be forgotten’): Individuals can request that we erase their data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed, or it no longer meets the lawful ground for which it was collected. This includes instances where the individual withdraws consent.
  • The right to restrict processing: Individuals can request that we limit the way we use personal data. It’s an alternative to requesting the erasure of data and might be used when the individual contests the accuracy of their personal data or when the individual no longer needs the information but the organisation requires it to establish, exercise or defend a legal claim.
  • The right to data portability: Individuals are permitted to obtain and reuse their personal data for their own purposes across different services. This right only applies to personal data that an individual has provided to us by way of a contract or consent.
  • The right to object: Individuals can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority. Organisations must stop processing information unless they can demonstrate compelling legitimate grounds for the processing that overrides the interests, rights and freedoms of the individual or if the processing is for the establishment or exercise of defence of legal claims.
  • Rights related to automated decision making including profiling: The GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about individuals. There are strict rules about this kind of processing, and individuals are permitted to challenge and request a review of the processing if they believe the rules aren’t being followed.

You can withdraw your consent for us to process and hold your data by contacting us via [email protected]

Sharing your information

We would not share your data with anyone else unless we have your express consent and we will never disclose, rent, trade or sell your personal information to any third parties for their marketing purposes.

We do disclose or transfer your data or personal information to other companies, data processors or agents employed by us to perform any necessary functions on our behalf but they are bound by similar terms to those set out in our privacy policy and may not use this information for their own purposes.

Contact details

If you have any queries about this policy, need further information you can use the details below to contact us.

Data Protection Officer

RedBrick IT Solutions Ltd
Top Floor Southfield House
Falcon Way
Bourne
Lincolnshire
PE10 0FF

[email protected]

Changes to this Privacy Policy

We may change this policy from time to time. You should check this policy occasionally to ensure that you are aware of the most recent version of this policy.

© 2023 Redbrick IT Solutions LTD

REDBRICK IT SOLUTIONS     COMPANY REG. NO: 8929433     VAT NO: 211 6153 55