1. What is the purpose of this privacy policy?
Since 2018, the EU General Data Protection Regulation (“GDPR”) protects individuals and creates greater transparency for individuals about what happens with their personal data. Rudich Advisory (“the Company” or “we” or “us”) will be a “data controller” for the purposes of GDPR.
This privacy notice describes how Rudich Advisory ( “we”, “us”, the “Company”) uses your personal information
when you make contact with us.
This privacy notice tells you:
- How we obtain your personal data
- The type of information we hold
- How your information is used
- Our policy on sensitive information
- Your rights
- How to make a complaint
2. How do we obtain your personal data?
Most of the personal data we process is provided to us directly by you for one of the following reasons:
- You have made a complaint or inquiry to us
- You have made an information request to us
- You wish to attend, or have attended, an event
- You have applied for a job or contract with us
- You are representing your organization
Where we have received your personal information indirectly, if it is not disproportionate or prejudical, we will contact you to let you know we are processing your personal information.
3. What type of information do we hold?
Personal information or data means any information about an individual from which that person can be identified.
It does not include data where the identity has been removed (that is, anonymous data).
If you contact us in some way (via email or telephone), we may have access to and collect the following personal
information:
- Name
- Job Title
- Contact information, including email address, phone number
- Name of the company you work for and place of work
- Any other information you include in your communication
We will only collect, store, use and protect your personal data in a manner that is lawful, legitimate and necessary.
4. What is our policy on holding personal and sensitive information?
We will not as a matter of course hold or process “sensitive personal information” as defined by the UK Data Protection Act (the “DPA”) or “special category data” as defined by the General Data Protection Regulation (“GDPR”) during our interaction with you including as related to your racial or ethnic origin, political opinions, alleged or proven criminal activity, religious and philosophical beliefs, trade union membership, biometric and genetic data, sexual orientation or any other category of data defined by law as “sensitive personal information” or “special category data”.
5. How do we use your personal information?
We will generally use your personal information in the following situations:
- To provide you with information and/or services that you request from us or which we think may interest you;
- To respond effectively to any communication that we receive from you;
- To carry out obligations arising from any contracts entered into between you and us;
- To improve our products and services;
- To notify you about changes to our services;
- To periodically send emails about new products or publications or other information which we think you may find interesting using the email address you have provided;
- To enforce our Privacy Policy and other rules about your use of this site;
- To protect our rights or property;
- To comply with law or regulation, court order or other legal processes;
We will only use your personal information when the applicable laws allow us to.
We will retain your personal information for as long as is required for the relevant purpose or purposes for which it is held and processed, and the associated “lawful basis” (which could be based on your consent, to fulfill a contract or other legitimate interest).
If your personal information is included within emails, these emails may be processed on the servers of an email hosting/service provider who is able to offer IT security at the same level as that which is provided by our email host service.
6. Do we disclosure of your personal information to third parties?
Other than a transfer to an email service provider or website cloud-based host, we will not sell, distribute, or lease your personal information to third parties unless we have your permission or are required by law to do so. We will not share your personal information with other parties for the purposes of direct marketing.
7. What is our policy on automated decision-making?
We do not currently use automated decision making (including profiling) under any circumstances.
8. What is our policy on the retention of personal information?
Your personal data will be stored as follows:
- For visitors to the Site – at least three years from the date of our last interaction with you through the site if any;
- For Service provision to any client – at least six years from the date of our last interaction with that client All personal data will be retained in compliance with our obligations under the EU General Data Protection Regulation (GDPR), local equivalent or similar legislation around the world, or for longer if we are required to do so according to our regulatory obligations or professional indemnity obligations.
We may then destroy such files without further notice or liability.
If personal information is only useful for a short period e.g. for specific marketing campaigns, we may delete it.
9. What are your rights?
Under the General Data Protection Regulation (GDPR), you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to the processing as well as in certain circumstances the right to data portability.
If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
If you have a complaint, you should set out in detail the reason for your complaint with sufficient information to allow us to conduct a thorough investigation. We will acknowledge receipt of your complaint promptly and aim to resolve the matter within 5 days, with more complex complaints possibly taking longer to resolve.
You have the right to lodge a complaint to the Information Commissioners’ Office if you believe that we have not complied with the requirements of the GDPR with regard to your personal data.
10. How do we protect your personal information?
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information we collect.
Your personal information may be held within the EEA or held on cloud hosting service outside the EEA if the processor is recognized as having data protection security that meets the requirements of GDPR regulation, more specifically a provider that has certification under the EU-US Privacy Shield Framework (see https://www.privacyshield.gov/welcome).
11. Links to other websites.
Our website and our emails may contain links to third-party websites which may be of interest to you. We do not have any control over third party websites so we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
12. What do we do with non-personal information?
If you only read or download information on our site, we do not collect or learn your name, email address, home address or other personal information about you; however, certain non-personal or anonymous information may be passively collected using various technologies, such as cookies, internet tags or web beacons and navigational data collection. Your internet browser automatically transmits to this site some of this anonymous information such as the URL of the web site you just came from, the internet protocol (IP) address and the browser version your computer is currently using.
There are no restrictions on the way we can use or share non-personal information. We will use non-personal information to help us ensure that content from our website is presented in the most effective manner for you and your device. We may prepare reports and other materials using non-personal information. Since these reports and materials contain no personal information, we may share them with others.
13. How do we use cookies?
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
The table below explains the cookies we use and why.
There are two kinds of cookies: "session" cookies and "persistent" cookies.
- Session cookies are stored in your computer’s memory and only exist while your browser is open. They are deleted from your computer when you close your browser.
- Persistent cookies outlast user sessions and remain stored on your computer until they reach their expiry date or you delete them.
Cookies do not contain any information that personally identifies you unless you have entered that information into a form on our website. A cookie does not give us access to your computer or any information about you, other than that which you deliberately provide.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
14. Cookies on this Website.
We use persistent cookies on this website to provide links to social network sharing services and provide website
usage data.
15. Changes to this privacy notice.
This privacy notice may need to be updated from time to time. You should, therefore, check this page from time to time to ensure that you are aware of any changes.
16. How do you contact us regarding data privacy?
If you have any concerns as to how your data is processed you can contact [email protected] or write to the following address of Rudich Limited, 3 Lloyds Avenue, London, EC3N 3DS.