Privacy Policy

Data Protection

for Recursive Software

Summary

Recursive Software is committed to protecting the privacy and security of the personal data that we collect, process and store. We comply with all applicable data protection laws and regulations, such as the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

This policy explains how we collect, use, share and protect the personal data of our customers, employees, suppliers, partners and other stakeholders. It also sets out the rights and responsibilities of the data subjects and the data controllers.

How do we collect information?

Personal data is any information that relates to an identified or identifiable natural person, such as name, email address, phone number, IP address, location data, etc. We only collect personal data that is necessary for the purposes of our business activities, such as providing our products and services, fulfilling our contractual obligations, complying with our legal duties, improving our performance and enhancing our customer experience.

Conformity

We will not be responsible for the privacy of data collected by websites not owned or managed by Charity, including those linked through our website.

 

  • Lawfulness, fairness and transparency: We process personal data only when we have a lawful basis to do so, such as consent, contract, legal obligation, legitimate interest or public interest. We inform the data subjects about the purposes and means of the processing, as well as their rights and choices.
  • Purpose limitation: We process personal data only for the specific and explicit purposes that we have communicated to the data subjects, and not for any incompatible or unrelated purposes.
  • Data minimization: We process personal data only to the extent that is adequate, relevant and necessary for the purposes of the processing.
  • Accuracy: We ensure that the personal data that we process is accurate, complete and up-to-date. We take reasonable steps to correct or delete any inaccurate or outdated personal data.
  • Storage limitation: We retain personal data only for as long as is necessary for the purposes of the processing, or as required by law. We delete or anonymize personal data when it is no longer needed or relevant.
  •  Integrity and confidentiality: We protect personal data from unauthorized or unlawful access, use, disclosure, alteration or destruction. We implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data.
  • Accountability: We are responsible for complying with this policy and demonstrating our compliance to the relevant authorities and stakeholders. We monitor and review our data protection practices regularly and update this policy as needed.

Your Rights

We respect the rights of the data subjects under the applicable data protection laws and regulations, such as:

 

  •  The right to be informed: The data subjects have the right to receive clear and concise information about how we process their personal data.
  • The right of access: The data subjects have the right to request access to their personal data that we hold and receive a copy of it.
  • The right to rectification: The data subjects have the right to request correction of any inaccurate or incomplete personal data that we hold about them.
  • The right to erasure: The data subjects have the right to request deletion of their personal data that we hold about them, when there is no longer a valid reason for us to keep it.
  • The right to restrict processing: The data subjects have the right to request restriction of the processing of their personal data, when they contest its accuracy, lawfulness or necessity.
  • The right to data portability: The data subjects have the right to request transfer of their personal data that we hold about them to another organization or service provider, when it is technically feasible and does not adversely affect the rights and freedoms of others.
  • The right to object: The data subjects have the right to object to the processing of their personal data, when it is based on our legitimate interest or public interest, or when it is used for direct marketing purposes.
  • The right not to be subject to automated decision-making: The data subjects have the right not to be subject to a decision based solely on automated processing of their personal data, when it has legal or significant effects on them, unless they have given their explicit consent or it is necessary for a contract or authorized by law.

Requests

We are committed to responding to any requests from the data subjects regarding their rights within one month of receiving them. We may charge a reasonable fee or refuse to comply with a request if it is manifestly unfounded or excessive.

We are also committed to cooperating with the relevant supervisory authorities and resolving any complaints or disputes regarding our data protection practices. If a data subject is not satisfied with our response or believes that we are not processing their personal data in accordance with the law, they have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or their local data protection authority.

We may share personal data with third parties who provide us with services or support our business activities, such as hosting providers, payment processors, marketing agencies, etc. We ensure that these third parties comply with this policy and the applicable data protection laws and regulations. We do not sell or rent personal data to anyone.

We may also disclose personal data to third parties when we are required or permitted to do so by law, such as to comply with a court order, a legal obligation, a request from a public authority, or to protect our rights, property or safety, or those of others.

We may transfer personal data to countries outside the European Economic Area (EEA), where we or our third-party service providers operate. We ensure that these transfers are subject to appropriate safeguards, such as the EU-US Privacy Shield framework, the EU standard contractual clauses, or the adequacy decisions of the European Commission.

We may update this policy from time to time to reflect changes in our data protection practices or the applicable laws and regulations. We will notify the data subjects of any material changes by posting the updated policy on our website or by other appropriate means. We encourage the data subjects to review this policy periodically to stay informed about how we protect their personal data.

If you have any questions or comments about this policy or our data protection practices, please contact us at:

Recursive Software
20-22 Wenlock Road
London, UK
N1 7GU
Email: dataprotection@recursivesoftware.com