Privacy Policy

Who we are

We are committed to maintaining your privacy and we take our responsibility regarding the security of your personal information very seriously. This section explains how we collect, handle and protect your Personal Data.

What we need

We only collect basic Personal Data about you – we DO NOT collect any special category data. The information we collect might include your name, your address, your email, your IP address.

We need to know your basic Personal Data in order to:

  • provide you with software licenses and analysis support and services in line with the contract in place. We will not collect any Personal Data from you we do not need in order to provide and oversee this service to you.
  • provide you with updates by email about new versions of R-sw Platform and MapHelp and similar analytical products or associated analytical services when they become available (only applies if you Subscribe to our Updates service).
  • help us improve the website and enhance your browsing experience (through the performance and functionality cookies used by our website)
  • manage and reply to your emails and other written/verbal communications between us.

How we handle your Personal Data

The basic Personal Data collected through the cookies are not shared with anybody, except for those required by the website, by the emailing systems, by the antispam plugin, browsing statistics and social/business networking, and by the plugin for UK GDPR compliance.

We may also share your Personal Data with any law enforcement agency, court, regulator, government authority or other third party in order to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.

We promise we’ll never share your Personal Data with anyone else.

For the purposes of IT hosting, logistics and maintenance personal data is currently located on servers within the UK or the European Union.

How long we keep it 

  • If you have a R-sw Platform or MapHelp licenses or have purchased some analytical support and services, your information we use to provide you with the services according to the contract in place will be kept for the duration of the contract.
  • If you have subscribed to our updates (our Subscribe to our Updates service), the information will be kept until you tell us you no longer with to receive such updates.
  • Website cookies expire after various time periods varying from 1 day to 2 years.
  • If you have sent us an email or you have engaged in any other type of communication with us, we will keep the information for 5 years to facilitate potential follow-ups.

What are your rights?

We acknowledge that individuals have the following rights:

  • the right to be informed;
  • the right of access;
  • the right to rectification;
  • the right to erasure;
  • the right to withdraw consent;
  • the right to restrict processing;
  • the right to data portability;
  • the right to object;
  • rights in relation to automated decision making and profiling.

If an individual requests that one or more of these rights is exercised and the relevant conditions are met, we shall review and respond to this request with assistance within 30 days.

This means that at any point you can request to see the information we process on you and, if you believe this is incorrect, you can request to have it corrected. If you have subscribed to our updates (our Subscribe to our Updates service), you can un-subscribe at any time by contacting us at support@rsw-software.com

IT Security

A key principle of the UK GDPR is that we process personal data securely by means of ‘appropriate technical and organisational measures’. We acknowledge that:

  • we are required to consider things like risk analysis, organisational policies, and physical and technical measures;
  • we also have to take into account additional requirements about the security of our processing – and these also apply to data processors;
  • we can consider the state of the art and costs of implementation when deciding what measures to take – but they must be appropriate both to our circumstances and the risk our processing poses;
  • where appropriate, we will adopt measures such as pseudonymisation and encryption;
  • our measures must ensure the ‘confidentiality, integrity and availability’ of our systems and services and the personal data we process within them;
  • the measures must also enable us to restore access and availability to personal data in a timely manner in the event of a physical or technical incident;
  • we also need to ensure that we have appropriate processes in place to test the effectiveness of our measures, and undertake any required improvements.

We undertake the following specific actions:

  • files are stored on an encrypted system whenever practical;
  • periodic backup copies are made;
  • amount of paper documents with Personal Data is minimized, and electronic archival is preferred;
  • paper documents with Personal Data to be disposed of are physically destroyed.

Data Minimisation

We will not hold Personal Data longer than is necessary and shall minimise the amount of Personal Data in our possession.

International transfers

The UK GDPR imposes restrictions on the transfer of personal data outside the UK or the European Union, to third countries or international organisations. These restrictions are in place to ensure that the level of protection of individuals afforded by the UK GDPR is not undermined.

If UK or EU Personal Data is to be transferred outside the UK or the European Union, we will ensure that adequate protection or safeguards are in place.

Audit
Internal audits are carried out to ensure that we are acting in compliance with this policy. We may also have audits from clients from time to time and we shall endeavour to comply with such exercises where necessary to meet our contractual obligations.

Personal data breaches

The UK GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. We must do this within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we must also inform those individuals without undue delay. We should ensure we have robust breach detection, investigation and internal reporting procedures in place. This will facilitate decision-making about whether or not we need to notify the relevant supervisory authority and the affected individuals. We must also keep a record of any personal data breaches, regardless of whether we are required to notify.

Changes to our Privacy Policy

If we decide or are required by data protection laws to change our Privacy Policy, we will post the new document on this website.

Further information and complaints

If you need more information on our Privacy Policy, or if you wish to raise a complaint on how we have handled your personal data, you can contact us at support@rsw-software.com

If you are not satisfied with our response or believe we are processing your Personal Data not in accordance with the law you can complain to the UK Information Commissioner’s Office (ICO) at https://ico.org.uk/