Contact forms

We will collect information that you complete in our contact forms in order to respond to your query.  The data is then deleted in line with our Retention Policy outlined below. We do not use any information submitted through the contact form for marketing purposes.  The Legal Basis for collecting data through the contact form is ‘Consent’.

Cookies

This website does not use cookies.  Should cookies be added, the Privacy and Cookie policies will be updated immediately.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

Your data

Outside of this website, we may collect Personal Information in order to send invoices, pay bills, create statements and provide accounting information to the relevant professional services.  

How long we retain your data

If you use our contact form to send a message, we will retain that data until 6 months from responding to you.

If you have provided your information in order for us to fulfil a service to you (e.g. customer, supplier etc) we will retain that data for 7 years after our last transaction/ service supplied. This is to ensure compliance with any matter relating to a financial relationship.

Your rights

If you have provided Refine IT Ltd with your personal information, you can request to receive a copy of the personal data we hold about you, including any data you have provided to us. This is known as a Subject Access Request (SAR). You can also request that we erase any personal data we hold about you (a Right to Erasure). This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Your data

Refine IT Ltd does not send your data outside of the EU. Should we need to do so in the future, we will first obtain your authority and will only send it outside of the EU for processing if you agree to us doing so.

Who to contact about your Personal Information at Refine IT Ltd

Should you have any queries relating to the processing of your personal information, or would like to obtain a copy of any data that we hold about you, please contact: Marie Wallace at Refine IT Ltd.

How we protect your data

We take the protection of your data very seriously. At Refine IT Ltd, we have the following security measures in place:

• Refine IT Ltd have an Information Security Policy in place;

• We regularly review our Information Security Policy and, where necessary, make improvements;

• Password access via each application is maintained;

• Personal Data is not sent in the body of an email but, should it be absolutely necessary, is encrypted;

• We understand the confidentiality, integrity and availability of the personal data we process;

• We ensure that any ‘contractor’ we use also implements technical and organisational measures;

• All staff at Refine IT Ltd are trained to ensure compliance with Data Protection regulation (i.e. Data Protection Act 2018, inc. GDPR, Computer Misuse Act);

• Risk assessments have been undertaken to establish areas where a potential breach, or risk, could occur and the necessary action has been taken.

What data breach procedures we have in place

All systems are monitored continuously in order to check for risks to personal data, loss of data, loss of service etc. If a breach, or potential breach, is found, it is reported immediately to the person responsible for Data Protection (details above) and the necessary action is taken. This may include reporting to the ICO as per GDPR requirements. Data Processors are aware of their obligations under the GDPR and Data Protection Act 2018 to notify Refine IT Ltd of a breach and action is taken as necessary.

A data breach, or potential data breach, is logged accordingly and investigated in order to a) protect data b) inform the necessary authorities c) if necessary, inform the data subject(s) involved d) to ensure measures are put in place to prevent the incident from arising again

3^rd parties

We do not receive data from any third parties at Refine IT Ltd

Profiling

We do not use any automated decision making and/or profiling at Refine IT Ltd

For further information about your rights as a Data Subject, our role as a Data Controller/Processor and any other questions regarding your Personal Information, please visit the ICO website.