It is important for us to process and use your data only in accordance with the General Data Protection Regulation (“GDPR”, from the GDPR implementation date) or, until GDPR implementation date, the Data Protection Act 1998, (collectively the “Data Protection Laws”) and your expectations, and to be transparent with you in how we process and use your data.
- Who we are
We are a European supplier providing services, as set out on our company website RAS, to the retail industries for the management of stock and business processes owned by our clients.
With over fifty years’ experience and a Europe-wide capability, we are an industry- partner committed to building the sort of long-term relationships and deep understanding required to deliver an end-to-end solution.
Innovative and proactive in our approach to product development and service delivery, we engage, listen and work with our customers in a way they appreciate and can rely on, often operating as an extension of their own teams to deliver tangible business benefit and value add in what are often highly competitive and KPI-driven environments.
This means we have strong relationships with our clients and longevity in the services we provide to them. We are all about supporting our clients’ long-term vision and objectives. We work at the heart of our clients’ businesses, and our sector expertise means we can design sustainable service solutions that align with their business strategies.
- What data we collect
In connection with the different ways we may interact with you and the various services that we provide, we collect the following categories of data:
- C1: Minimal contact information, including name, company, e-mail address, and depot/region worked in. This is supplied by your company on request from us to provide you with login credentials.
- C2: Digital information data collected when you visit our website including IP-addresses, and user patterns, which are logged to establish basic information such as pages visited, and last logged in date/time.
- Where we collect your data from
Most of the data that we have about you are provided by you. We collect C2 information from you when you login to the website.
- Use of your information
To provide you with access to the information you need to see as part of your job. We check at intervals to see when the last time you logged in, and if this is longer than 30 days we will query this with our client contact to see whether your details need to be removed from our website database.
Legal basis: We use such data as part of our business relationship. Further, we use such data to provide you with other information necessary to fulfil our legitimate interests, including to ensure that we process audit data and to contact you, where necessary, concerning any issues raised with Retail & Asset Solutions Limited.
Disclosure: We may disclose C1 and C2 data to our corporate partners, as they may need this information to communicate with you and to provide support and assistance.
- How long we store your data for
We will only store your data for as long as it is necessary for you to retain login credentials for this website.
We will store your C1 and C2 data from the point for the duration of our contractual relationship and up to a period of three years after our contractual relationship has ended, if we believe this is necessary to handle potential complaints or claims. We may store your data longer if you wish for us to keep your data and you have consented to this.
- International transfer of data
RAS provides services across Europe.
We have affiliates, branch offices, agents and corporate partners that are established throughout Europe to which we may transfer data, as described in section 5 above. We will ensure that your data is adequately protected by the receiving parties in such countries. Adequate protection may typically be to impose on the receiving party contractual obligations that ensure that it maintains the same level of privacy and data security as practised by us. You may ask for further information or a copy of the safeguards that we have in place to ensure lawful transfer of your data.
- Disclosure of your information
If we pass your information to non-EEA/International organisations for processing on our behalf, we will ensure the appropriate level of protection is offered to your information, to ensure its protection as per the Data Protection Laws, while taking into account that the non-EEA country may not have equivalent data protection and privacy laws to the EEA.
Finally, if our business or part of it enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
We take appropriate measures to ensure that any personal data is kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
- How you can access, rectify or erase your data and file complaints
Under the General Data Protection Regulation, you have a number of important rights. In summary, those include rights to:
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal data concerning you in certain situations;
- receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit the data to third parties in certain situations;
- object at any time to processing of personal data concerning you for direct marketing;
- object in certain other situations to our continued processing of your personal data;
- otherwise restrict our processing of your personal data in certain circumstances;
- claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact us via the details below.
If you wish to make a complaint about how your personal data is being processed by Retail & Asset Solutions Limited (or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and our group’s data protection representatives. Please see the relevant contact details below.
- Retail & Asset Solutions Limited contact details
Retail & Asset Solutions, 1 Elmfield Park, Bromley, BR1 1LU, United Kingdom. Tel +44 (0) 1689 879 444
Supervisory authority contact details: The Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF, United Kingdom. Tel: +44 (0) 303 123 1113