Red Fish Systems respects your privacy and will not sell or make available in any way your personal information except where specific permission has been given. The nature of the services provided by Red Fish Systems means that we may obtain certain information about you. This statement sets out the principles governing our use of the data.
The General Data Protection Regulation (GDPR) will come into effect in the UK and EU-wide from 25 May 2018. This will replace the UK Data Protection Act 1998 (DPA)
Who does it apply to?
The Information Commissioner’s Office (ICO) states that if you are a ‘controller’ or a ‘processor’ as defined under the DPA, then it is likely that you will also be subject to the GDPR. Red Fish Systems Limited are registered with the ICO: ZA009357
Here at Red Fish Systems Limited our products and services mean that we will be known as a data ‘Processor’ of personal data. This means that data is provided to us via a controller who will be the person with whom you have a service contract.
GDPR places legal obligations onto processors to maintain records of personal data and processing activities. Controllers also have to ensure that their contracts with processors comply with the new rules.
Red Fish Systems only operates as a data ‘controller’ in the following areas.
- The role of employer and full details regarding our commitment to GDPR & data privacy for our staff and vacancy applicants are fully detailed in our employee handbook which is provided and made readily available to all staff and available for applicants upon request.
- Where you contact us directly, in all formats, we will use the data you provide to manage your contract(s), potential contract or business relationship(s) and in order to respond to your request or enquiry.
What we need
Here at Red Fish Systems Limited we only process personal data about you under the instructions of the data controller which may include special types of information or location-based information.
The data collected by controllers will include name, address, date of birth, email, bank details etc. (Article 11)
Why we need it
We need to know pertinent personal data in order to provide you with access to your contracted product but this is always in line with your controller’s overall contract.
Red Fish Systems Limited will not collect any personal data directly from you, as this is the role of the data controller who will require this data in order to provide services to you.
What we do with the data you provide
Under GDPR (Articles 7, 8 and 9) All the personal data we process is done so by our staff in the UK. Interpretation of GDPR allows for third parties (police, intelligence, health) to have access to your personal data unless you specifically object or if the law compels them to do so.
Red Fish Systems Limited have a Data Management System in place to oversee and govern the effective and secure processing of personal data.
In addition to this, GDPR (Article 14) states that should we obtain Personal Data via a means not direct from the Data Subjects Controller then Red Fish Systems Limited will also need to provide a notification to the data subject.
How long we retain data
Red Fish Systems Limited will maintain your personal information for as long as necessary to continue to fulfil the contract obligations to you and to protect your legal interest. We may need to keep data for a period following termination of your contract in line with regulatory requirement, the Financial Services Authority for example, and also legal operational reasons or for historical, statistical or research purposes. Once all obligations or regulatory timelines are met then Red Fish will arrange the safe destruction of the data.
The information provided will not be used for marketing purposes by Red Fish Systems Limited and your data will be kept as detailed or until you notify us that you wish to terminate the service.
What we must do with the data
Red Fish Systems Limited must use your name and email address to inform you of any infringement of GDPR (Articles 9 to 23) in which the data subjects rights are expressly described.
Red Fish Systems Limited will only use data under the instruction of the data controllers who contract and are accountable for our services.
Information provided is only shared with third parties by the processor for the fulfilment of the service contract with the controller or under legal obligation. All parties with whom data is shared will be a trusted service provider or sub processor instructed or approved by the data controller and or Red Fish Systems. The reasons that data sharing may be required would include but is not limited to payment processing, or IT administration as examples.
We may also share data with legal and professional advisors, Industry and compliance regulators, complaints bodies and government authorities if required.
The data subject can unsubscribe at any time by contacting your contract provider via phone, email or the website.
What are your rights?
The data subject has enhanced rights under the new regulation in respect to:
Access of data
Informed of data use
Rectification of inaccuracy
Restriction of Processing
If at any point you believe the information we process on you is incorrect you may request to see this information and even have it corrected or deleted.
If you wish to raise a complaint on how we have handled your personal data, you can contact our risk & compliance manager who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the pertinent GDPR articles you can complain in writing to the Information Commissioners Office (ICO)
Red Fish Systems & Cookies
Cookies contain no personal details about you and they can be disabled by changing your browser preferences.
Google Analytics is also used to track website trends without identifying individual visitors. The cookie used by Google Analytics stores information such as what the time and current visit occurred, whether the visitor has been to the site before, and what site referred the visitor to Red Fish Systems.
Our site may link to other websites and we are not responsible for their data policies or procedures or their content.
We endeavour to take all reasonable steps to protect your personal data but cannot guarantee the security of any data you disclose online. You accept the inherent security implications of dealing online over the internet and will not hold us responsible for any breach of security unless we have been negligent or in wilful default.
Any details that you provide to us from which we can identify you are protected by the General Data Protection Regulation.
How to contact us
If you wish to contact Red Fish Systems Ltd you can do so by phone +44 (0) 1536 527150 or post at this address:
Red Fish Systems Limited, Black Swan House, 23 Baldock Street, Ware, SG12 9DH