Last updated: 24 May 2018.
For the purpose of the General Data Protection Regulation (“GDPR”, from the GDPR implementation date) or, until GDPR implementation date, the Data Protection Act 1998, (collectively the “Data Protection Laws”) the Data Controller is RNA Analytics Limited.
RNA Analytics may need to update this policy from time to time. You should check this page regularly to ensure that you are happy with any changes.
Personal Data we hold
How we use your Personal Data
We use your personal data to:
- understand your reasons for contacting us and respond to enquiries
- discuss products or services that you require
- negotiate, enter into and meet the obligations under our customer and supplier agreements
- respond to and resolve our customer’s support issues
We may periodically send promotional emails about RNA Analytics that we feel are relevant to the business that you work for, or training and workshop information which we think you may find interesting and valuable. You may opt-out of receiving promotional communications at any time and request that your details be removed from our records by sending a request to the contact details below. Once you have opted-out, you may re-register at any time by sending a request to the contact details below but it is important that we receive your express consent for us to use your information again.
RNA Analytics will never sell your personal information to any third party.
If you have any questions about how we use data collected which relates to you, please contact us by sending a request to the contact details below.
Our legal basis for processing your data
We rely on legitimate interest as the lawful basis on which we collect and use your personal data. Our legitimate interests are performance of contracts with our customers and suppliers and marketing and promotion of our business to individuals and organisations who we have identified as genuine prospects.
Sharing your information
RNA Analytics does share personal data with other RNA group companies, which means our subsidiaries and any other companies that are ultimately controlled by the same person or entity.
We may also share your personal data with contractors, partners or suppliers who provide us with services or provide you with services on our behalf. They will only ever have access to the specific information necessary to perform the required tasks on our behalf and are obligated not to disclose or use it for other purposes. In all cases, information is transferred to data processors securely and, as the data controller, RNA Analytics retains full responsibility for your personal data. These activities are carried out under a contract which imposes strict requirements on all third parties to keep your personal data confidential and secure.
We may also disclose your personal data to third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
- if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our contracts with customers and suppliers
- to protect our rights, property, or safety or that of our affiliated entities and our users and any third party we interact with to provide the website
Other than as set out above, and save insofar as is necessary in order for us to carry out our obligations arising from any contracts entered into between you and us, we will not share your data with third parties unless we have procured your express consent to do so.
Where your information is stored
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our group companies or suppliers, in particular RNA group companies and branch offices in Japan, Hong Kong, Singapore and South Korea. Such staff may be engaged in, among other things, the fulfilment of your orders, the provision of support services and marketing and business development.
Japan, Hong Kong, Singapore, South Korea and other countries outside the EEA do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal data will be subject to a European Commission approved contract (as permitted under Article 46(5) of the General Data Protection Regulation) that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data. To obtain a copy of such contracts, please contact us using the contact details set out below.
We will not otherwise transfer your personal data outside of the United Kingdom or EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
How your personal data is kept secure
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, IT and managerial procedures to safeguard and secure the information we collect online. We use Microsoft systems to retain current and prospective client and partner details.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data from misuse, interference, loss and unauthorised disclosure, we cannot guarantee the security of your data transmitted to the website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long your information will be held
We will only retain your personal data for as long as it is required for the purposes for which we collected it (e.g. we have a genuine and legitimate reason and we’re not harming any of your rights and interests). This will depend on our legal obligations and the nature and type of information and the reason for which we collected it. For example, should you ask us not to send you marketing emails, we will stop storing your email address for marketing purposes; we will, however, need to keep a record of your preference.
Keeping your personal data up to date
If your personal details change you may update them by contacting us using the contact details below. If you are no longer the correct person to contact at your organisation, you may request that your information be deleted from our database, however, we may require you to put us in touch with someone else from your organisation so that we can continue to perform our contract with our customer or supplier, in which case we will require you to provide their details before we can remove your details. Confirmation will then be sent to you using your email address one last time, after which your details will no longer be available to us, other than to maintain a record of who has asked us not to contact them.
We will endeavour to update your personal data within seven (7) working days of any new or updated personal data being provided to us, in order to ensure that the personal data we hold about you is as accurate and up to date as possible.
Under the GDPR you have a number of important rights free of charge. In summary, those include rights to:
- access your personal data and to certain other supplementary information that this Policy is already designed to address
- require us to correct any mistakes in your information which we hold
- require the erasure of personal data concerning you in certain situations
- receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal data concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal data
- otherwise restrict our processing of your personal data in certain circumstances
- claim compensation for damages caused by our breach of any data protection laws
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please get in touch using the contact details below and:
- let us have enough information to identify you
- let us have proof of your identity and address
- let us know the information to which your request relates
Links to other websites (Third Parties)
How to complain
We hope that we can resolve any query or concern you raise about our use of your information. Please contact us using the contact details set out below.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or by telephone: 0303 123 1113.
All questions, comments and requests regarding this Privacy and Cookies Policy should be addressed to:
RNA Analytics Limited
Ground Floor, Bancroft Place
10 Bancroft Road
Alternatively, you may contact us via this website or email us at firstname.lastname@example.org.