Data Processor: Riversimple
We collect and process a range of information about you, including:
● Full name;
● Residential address;
● Email address;
● Telephone numbers;
● Occupation; and
● Your views and opinions on our products and services
We collect information through a number of means, including:
● Contact form on our website;
● Post; and
● In person;
● Events and activities; and
● General Riversimple updates and information.
(B) to communicate with you about:
● Requesting and receiving feedback on the design of our products and services.
For 6.4 (A) the lawful basis is: Clear consent from you to process your information (Article 6(1)(a) of the General Data Protection Regulation).
You have chosen to opt in to receiving communications from Riversimple. See, also, your rights under 6.10.
For 6.4 (B) the lawful basis is: Processing is necessary for the legitimate interests pursued by the Data Controller (Article 6(1)(f) of the General Data Protection Regulation).
The data you provide in response to our requests will enable Riversimple to develop its products and services.
We use a number of trusted third parties to provide us with necessary services to run our business, and who may process your information on our behalf:
● Google – Email and data storage provider;
● Mailchimp – Mailing list processing service provider; and
● We are the Missing Link – Web developer & hosting provider.
We take appropriate technical and operational measures to ensure that your information is managed carefully and appropriately and to protect against unlawful or unauthorised use and accidental loss or destruction, including:
● Only providing access to those who need access to carry out the Purpose;
● Passwords are protected and, wherever possible, two-factor authentication is employed for extra protection;
● Our file storage provider uses encrypted sessions to protect files as they are uploaded and downloaded; and
● Hard-copy information is stored securely in locked cabinets with access limited to only those who need to have access to carry out the Purpose.
(A) Transfers within the European Economic Area:
(B) Transfering of your information outside the European Economic Area:
Information you submit to us is stored on our third party cloud-based data storage and email provider’s servers. Country: United States of America Safeguard(s) used: our email and cloud-base provider is self certified under the EU-US privacy shield scheme.
For 6.4 (A) we will retain your data for only as long as you are a member of the Design Forum. Should you withdraw your consent we will erase your data.
For 6.4 (B) we will retain this data for as long as you are a member of the Design Forum. In the event you withdraw your consent we may retain your feedback in anonymised form.
(A) You have the right to object to the processing of your information, or to request that we restrict how your information is processed. We are obliged to comply with such requests unless there is a legitimate basis for not doing so. Please contact firstname.lastname@example.org to register any objections to or request any restrictions of processing.
(B) Access requests – you may request that we supply all the information we hold about you, at any time. We will endeavourto respond with such information within 30 days. There is no charge for this, except where such requests are clearly unreasonable, in which case a fee of £10 may be charged. We may require proof of ID to ensure such information is not disclosed to persons other than those to which the information pertains. Please contact email@example.com if you wish to make an access request.
(C) If you feel your information has not been processed in a lawful, fair or transparent manner you have the right to lodge a complaint with the Information Commissioner’s Office. Their website can be accessed at www.ico.org.uk and concerns may be reported at https://ico.org.uk/concerns