Privacy and GDPR Statement

Redware Research Limited. Registered in England No. 3883653.

What personal data do we hold ?

Depending on the services you use, the data we hold are:

1. Names, addresses, and telephone numbers .
2. Emails and email addresses.
3. IP addresses.
4. Customer account information.
5. Customer billing and payment processing information.
6. Software licensing information.
7. Software configuration information including authentication details.
8. Company data from Companies House.
9. Telecoms call detail records and customer billing information.
10. Authentication details for third party services (mostly OAUTH access tokens).

Where do we store your data ?

Depending on the services you use, your data is stored at:

1. Our customer's local data storage facilities.
2. Our local data storage facilities.
3. Our Cloud backup (Microsoft One Drive and Dropbox).
4. Database storage with our hosting providers (Heart Internet and Microsoft Azure).
5. For Customer Relationship Management, at Microsoft Dynamics 365.
6. For emailing - at Mailchimp.
7. For credit card and Direct Debit processing at Stripe.

What use do we make of your data ?

The uses we make of this data are:

1. To provide customers with access to the data they create.
2. To enable us to carry out maintenance on customers’ IT systems.
3. To provide backup for customers’ data.
4. To enable us to bill our customers.
5. To enable us to enforce our software licensing,

What don't we do with your data ?

Uses we do not make of your personal data are:

1. We do not share your personal data.
2. We do not collect personal data about our customers from sources other than the customer and Companies House House.
3. We do not aggregate your personal data.
4. We do not transfer your personal data outside the EEA.

Our legal basis for processing your personal Data

All data processing carried out by ourselves is carried out on the basis of the consent provided by customers in accordance with our contracts with our customers and instructions provided to us by our customers.

How we protect your personal data

We use technical and administrative security measures to reduce the risks of loss, misuse, unauthorised access, disclosure and alteration. Some of the safeguards we use are; firewalls and data encryption and information access authorisation controls including password protection and dual authorisation access. Accessing, correcting and deleting your personal data Personal data processed by us is accessible to our customers on the basis of their ordinary access to their IT. Any request to access, correct or delete our customers personal data can be addressed to our data controller.

How long do we hold your personal data ?

We retain your personal data for so long as is necessary to enable us to perform our duties under our contracts with our customers and the instructions provided by them. Subsequently we retain email information for marketing purposes only.

Who is our data controller ?

Our data controller is

Stamati Crook

Redware Research Limited
32 Welbeck Avenue
Hove BN3 4JL
England.

Email: stamati.crook@redware.com
Telephone: +44 203 1799 444

What relationships do we have that affects personal data we hold ?

Our suppliers are:

• Heart Internet Ltd, 2 Castle Quay, Castle Boulevard, Nottingham, NG7 1FWG7 1FW
• The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA (Mailchimp)
• Microsoft Limited, Microsoft Campus, Thames Valley Park, Reading, Berkshire, RG6 1WG for Azure, Dynamics 365 and Power BI.
• Stripe Payments UK Limited, 9th Floor, 107 Cheapside, EC2V 6DN for Credit Card Payments and Direct Debit.
• Sage (UK) Limited, C23 5 & 6 Cobalt Park Way, Cobalt Business Park, Newcastle-upon-Tyne, Tyne & Wear, NE28 9EJ.
  
• Xero (UK) Limited, 5th Floor, 100 Avebury Boulevard, Milton Keynes, MK9 1FH.
• Intuit Limited, 5th Floor Cardinal Place, 80 Victoria Street, London, SW1E 5JL for QuickBooks Online.

V 1.2 Updated 28/08/2024.