top of page
Privacy Policy

Privacy Policy

Confidentiality, Data Protection and GDPR

We consider any information you share with us, confidential unless you state otherwise, and will do everything in our power to keep it secure and protected as per the ICO and GDPR guidelines.

We will only store your information and that of any third-party in line with “legitimate interests.”

We will not be held liable for any third-party information that you share with us. Should you share information with us that you do not have permission to use, you will be responsible for any fines or legal action that may result from the use of that information.

We are under paid registration with Information Commissioner’s Office (ICO). Details of this registration and the agreement we have in respect to Data Privacy can be produced for you on request.

Requests – At any point, you may request to see what records and information of yours we have, and to know how it is stored. We ask for 72 hours to produce full records.

You may request at any point to remove any information we hold on your behalf. We ask that you allow 72 hours for this to be completed.

Confidential Information and Data Privacy

We handle Personal Data in accordance with our data privacy policy.

Where a Contract/Signed Proposal involves the transfer of Personal Data outside the EU/EEA, you and we will enter into and be bound by a Non-EU/EEA Model Clauses agreement.

Your information and our confidentiality: You may need to share Confidential Information with us. It may be business information or information about individuals.

We will only use Confidential Information that you send us to perform the Services set out in the Contract/Signed Proposal or if we are required to disclose it by law. We may keep some Confidential Information to keep a record of what we did for you.

We are not liable for data that is not securely transmitted to us.

Log-ins: Where you wish us to access systems that contain information that identifies living individuals, you should provide us with a unique log in to your existing software platforms and systems.

Where multi-user log ins are not available you will securely share passwords through password lockers and change those passwords at appropriate intervals.

We will not set up any social media or email account or fan/group/web/ forum pages using our name or our brand name(s), or for people to respond to unless your Contract/Signed Proposal specifically says so. The default user will be set up using your information and contact details unless you specify otherwise.

Note that we may make and keep temporary backups to ensure continuity of service.

When you want us to access or use Personal Data about someone other than you (3rd party data), you must have completed the appropriate Data Processing Form and send a copy by email from your usual business address. While processing personal data in the provision of Services, we will be acting as ‘data processor’ for you, and you are the ‘data controller’.

We will process 3rd Party Data on your behalf only in response to your written instructions (which may be in the Contract/Signed Proposal, Data Processing Form, or in separate email or document) except where we are required by law to do so.

We are subject to a duty of confidence.

We will assist you in allowing 3rd parties to exercise any of their Data Privacy rights (including subject access). This will result in additional time-related charges.

We will apply the security measures you set out in the Data Processing Form for protecting and securing your data.

We will email you if we become aware of a Personal Data Breach. We will assist you in your investigations in establishing how this occurred. We will assist you, as you may reasonably require, in meeting your Data Privacy obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments. This will result in additional time-related charges.

On written request by you, we will delete or return all 3rd Party Data supplied by you or assembled by us in the course of delivering Services to you. This will result in additional time-related charges. You may audit and inspect how we handle your 3rd party data. We will provide you with whatever information you need to ensure that the relevant Data Privacy obligations are being met; this will result in additional time-related.

Unless the Data Processing Form specifies otherwise, we will delete all 3rd party data supplied by you from systems within our control within six weeks of the end of the Contract/Signed Proposal without returning copies to you; we will not remove data from systems you have given us access or log-ins to, since those systems will remain under your control and we would expect you to be removing our access to them after the end of a Contract/Signed Proposal.  If you wish us to store 3rd Party Data beyond the termination of the Contract/Signed Proposal and the six-week run on, you must specify this in the Data Processing Form. This will result in additional time-related charges.

We will tell you immediately if we believe we are asked to do something infringing Data Privacy law. We are not legal experts and it is up to you to take appropriate legal advice on how to comply with Data Privacy rules and regulations.

It is always your responsibility to specify suitably secure platforms and processes and to share data with us in a secure way.

Let's Connect

Prefer a telephone call??

No problem! +44 1604 214 612

  • Ruka Business Support on LinkedIn
  • Facebook
  • Instagram

Information Commissioner’s Office ZA779717

Company Number 13491763

White_Badge_PolicyBee_edited.png

Registered address:

1 Glastonbury Close, Kettering, NN15 5ES

Cookie Policy     Website Policy    Privacy Policy

We'll be in touch soon!

© 2023 by Knight Shift Services Ltd. t/a Ruka Business Support

bottom of page