1. Who we are
The expression “we”, “us” and “our”, where used in this Policy, means rg+p Ltd.
In order to provide our services to you and to promote our business, we will need to collect and process certain personal information about you. We are committed to respecting the privacy and security of clients’ and other individuals’ personal information with whom it communicates in accordance with the applicable data protection laws, including the General Data Protection Regulation.
For the purposes of the applicable Data Protection Laws, rg+p Limited is the Data Controller of your personal data collected in connection with our relationship with you.
3. Purposes for which we collect information
We shall only use an individual’s personal data to the extent that the law allows us to do so. Most commonly, we will use personal data so that we can:
4. Types of personal data we collect
‘Personal data’ means any information which identifies (or from which we can identify) a natural person, as opposed to a company or other organisation. We may collect, use, store and transfer the following different kinds of personal data about individuals:
We may also collect ‘Aggregated Data’, such as statistical or demographic data. Aggregated Data may be derived from an individual’s personal data but does not constitute “personal data” in law as it does not directly or indirectly reveal an individual’s identity. For example, we may aggregate Usage Data to calculate the percentage of users accessing a specific area of our website.
Special Categories of Personal Data
We may also collect ‘Special Categories of Personal Data’. Data concerning an individual’s health to enable us to take these considerations into account when designing adaptations to a living space specifically to meet the needs of the individual. Data concerning religious or philosophical beliefs to enable us to design a space to specifically to meet the individual’s needs. We shall only collect and use Special Categories of personal data where such circumstances apply.
Minimum Required Information
Where we need to collect personal data by law or in order to provide multi-disciplinary architectural services to an individual or company and the individual or company fails to provide the minimum required data when requested, we may not be able to provide the services and may as a consequence have to cancel our agreement to provide the services in question. In that event we shall notify the individual or the organisation accordingly.
5. How and when do we collect information?
We may collect personal data on an individual in the following ways:
We also collect information given to us in the following circumstances:
When we collect information automatically:
When we collect information from other sources:
6. How we use personal data
We have set out below all the ways in which we intend to use any personal data, and the legal bases on which we intend to rely on in order to do so. We have also identified what our Legitimate Interests are where appropriate. We may use and disclose personal data for the following purposes:
Delivery of services and client management
To establish an individual or organisation as a client and provide multi-disciplinary architectural services, to perform our contractual obligations towards you and/or your employer, to account to you and/or your employer for the services provided and collect payment of fees, disbursements and other monies we may use an individual’s Identity Data, Contact Data, Financial Data, Transaction Data and Marketing and Communications Data.
Client relationship management
We may send updates about the services that we offer and details of new services and updates on
developments in our industry. We may ask for feedback about the quality of the services provided and the client’s overall experience of dealing with us. We may also collect and review historical information about services, fee proposals or enquiries that we have previously provided to or received from an individual or organisation. This is necessary in order to keep clients updated about any services that we provide, to develop and enhance the range and quality of the services that we provide and generally to grow our business.
Marketing and advertising
If it is in our ‘Legitimate Interests’ to do so or we currently provide an individual or organisation with services and the individual or organisation has not previously asked us not to do so, we may send, to an individual other forms of marketing materials, for example regarding other services that we provide. We will seek consent and ensure that the individual or organisation has the option to opt out of receiving any such material.
We may use the information that we collect from you to deliver relevant website content and advertisements to individuals or organisations in the most effective manner for you and to grow our business, improve our services and inform our marketing strategy.
Administer and protect our business and website
We will only use your personal information when the law allows us to, for the purposes for which we collected it, to comply with our legal and regulatory obligations and to pursue our legitimate interests, unless we reasonably consider that we need to use it for another lawful reason and that reason is compatible with the original purpose.
We may also use data analytics to improve our business and website, to help us monitor and improve our services, marketing and client relationships. This includes troubleshooting, statistical and data analysis, testing, system maintenance, support, reporting and hosting of data. This is necessary for the running of our business, the provision of administration and IT services and network security; and in order for us to be able to ensure the quality of the services that we provide to our clients.
We will rely on your consent to send you electronic communications such as our newsletters and emails with information about our products and/or services, but we will always provide you with an option to opt out from future communications of this kind. See the ‘Direct mailings’ section below for more details.
Some of the above grounds and purposes for processing will overlap and there may be several grounds which justify our use of your personal information.
If an individual requires an explanation of why we are using personal data or the legal basis on which we are using it, a request may be made by contacting us by email at firstname.lastname@example.org or by telephoning 0116 204 5800. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
7. Disclosures of your information
We may allow our staff, consultants and external service providers acting on our behalf, to access and use your personal data for the activities we have described above. We only permit them to use it to deliver the relevant services, and if they apply an appropriate level of security protection.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. All our third-party service providers are required to take appropriate security measures to protect your personal information. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We may partner with another party to provide specific services. When you sign up for these services, we will share names or other contact information that is necessary for the third party to provide these services. These parties are not allowed to use any personally identifiable information except for the purpose of providing these services.
We also reserve the right to disclose the information collected about you to our professional advisors and/or if we, in good faith, believe it necessary to protect the personal safety of users or the public.
We may share your personal information with the following third parties:
8. Direct mailings
We may occasionally send out newsletters, information about our services which we think may be of interest to you, industry guidance, invitations to events and surveys to our clients and business contacts.
Where required by the Data Protection Laws you can opt-out from receiving such communications at any time – please see ‘Your rights section below. Participation in these surveys is completely voluntary and you, therefore, have a choice whether or not to disclose this information. Information requested may include your contact information. Survey information will be used for purposes of monitoring and improving the services we provide.
9. Transfers of your information out of the EEA
We may need to transfer your personal data outside the European Economic Area (EEA), for example, if one of our suppliers or group companies is located outside the EEA. We will ensure that any transfer of your data will be subject to appropriate safeguards, such as a European Commission approved contract (if appropriate) that will ensure you have appropriate remedies in the unlikely event of a security breach.
10. Keeping your data secure
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify all
individuals affected and any applicable regulator of a suspected breach where we are legally required to do so.
Please note that the electronic transmission of information to us is not completely secure. Although we shall do our best to preserve the security of personal data, we cannot guarantee the security of data transmitted to us; any transmission is at the individual’s own risk. Once we have received an individual’s personal data, we shall use effective safeguarding procedures and security features to try to prevent any unauthorised access to it.
11. How long will we retain personal data?
We shall only securely retain your personal data for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process or may foreseeably need to process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Project information is retained in accordance with industry guidance. At the end of the retention period set we will securely destroy your personal information in accordance with applicable laws and regulations.
In some circumstances, we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Where an individual has given consent to be contacted for marketing purposes, we shall contact the individual every five years from the date on which the consent was originally given in order to ensure that the individual still wishes to be contacted in this way.
If you require further information, please feel free to contact us for a copy of our retention policy by emailing us at email@example.com or telephoning 0116 204 5800.
12. Subject rights
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current, please let us know if your personal information changes during your relationship with us.
Under certain circumstances, by law, an individual has the following rights:
If you would like to exercise any of the above rights, please:
Please note that if you request erasure, object to our processing of your personal data or request the restriction of our processing of your personal data we may not be able to provide our multi-disciplinary architectural services to you or to the organisation by which you are employed or engaged.
You also have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by contacting us at: firstname.lastname@example.org, telephoning 0116 204 5800 or by following the unsubscribe link in our email communication.
We shall comply with any request made under this section as soon as possible, and normally within one month from the date on which the request is received. However, if necessary, for example if the request is particularly complex or we receive a number of similar requests, we may extend this period by an additional two months, but we shall notify the individuals who have made the request if we need to do this.
13. Contact us or the ICO
If you have any concerns or complaints about our privacy activities, you have the right to lodge a complaint with our data controller who can be contacted at email@example.com. You can also contact the Information Commissioner’s Office on 0303 123 1113.
If you are unhappy in any way with how we have treated your personal information we would, however, appreciate the opportunity to deal with an individual’s concerns before a complaint is made to the Information Commissioner’s Office, and would therefore ask individuals please to contact us in the first instance on 0116 204 5800.
For more details about your rights under the Act, the rules we have to adhere to in collecting and storing your information, and how you can check your data records, please visit https://www.gov.uk/dataprotection/the-data-protection-act.