Privacy Policy for Redrose Software Ltd

Effective Date: 15 November 2025

1. Introduction

This is the privacy policy of Redrose Software Ltd. We are committed to protecting and respecting your privacy. This policy explains how we collect, process, store, use, share, and dispose of your personal data when you visit our website, redrosesoftware.co.uk, and interact with our services.

We are the controller of the personal data processed for the purposes set out below and we are responsible for looking after it. You can exercise your rights in respect of that information and the procedures that we have in place to safeguard your privacy. This policy supplements any other fair processing or privacy notice that may be provided to you from time to time.

There are also some circumstances where we operate a service provided to you by someone else. In these circumstances, you should submit any queries or exercise any of your rights directly with them and we’ll keep your personal data for as long as the provider requires us to.

2. Data We Collect and how it is collected

  • Contact Information: When you use our email contact form, we collect your name, email address, and any other information you provide for the purpose of responding to your inquiries.
  • Personal Data: Personal data means any information that relates to an identified or identifiable individual, and we process a variety of personal data. This includes contact information as described above, your name and address if provided and any additional information you provide us directly.
  • User Interactions: We use Google Analytics to track user interactions on our website. This includes data such as IP addresses, geographical locations, browser types, referral sources, length of visits, page views, and website navigation paths.
  • Cookies and Local Storage: We use cookies for website functionality and local storage for our instant chat feature. These are used solely to enhance user experience and assist with inquiries.
  • Support Tickets: Our website includes an authorization system for managing support tickets. The auth server is located at auth.redrosesoftware.co.uk.

3. How We Use and Process Your Data

We will process your personal data for a variety of purposes, relying on different lawful bases. These will include providing you with the service you requested, communicating with you, undertaking research and undertaking our statutory obligations.

We will always ensure that our processing activities are fair and proportionate.

The following information sets out why we process your personal data and also our lawful basis for processing your personal data. We may rely on more than one lawful basis for processing your personal data depending on the context of the processing activity.

Performance of a contract

  • To provide you with a service that you have requested, including creation of a user account where necessary. This may include contacting you about the service for contract management purposes
  • To contact you about products, services or events which may be of interest to you or your organisation
  • To respond to your requests for information, complaints or feedback.
  • To deliver services for our clients
  • To consider your application for a job

Legitimate interests

  • To monitor usage and identify problems or ways to improve our service.
  • To contact you about products, services or events which may be of interest to you or your organisation. This may include processing your personal data to understand what may be of interest to you, or to provide you with marketing materials
  • To respond to your requests for information, complaints or feedback
  • To undertake internal analysis, planning and reporting
  • To maintain the security of our systems, services and physical premises
  • To provide evidence where this is required to exercise or defend legal claims
  • To consider your application for a job

Legal obligation

  • To comply with laws and to respond to and comply with requests from the government, regulators and other third parties with legal authority
  • To investigate, detect and prevent fraud or crime and carry out related risk assessments
  • To consider your application for a job
  • Monitoring for service improvement involving the use of cookies or similar technologies on our website(s) and application(s).

In certain circumstances, we will process your personal data based on our legitimate interests. We have decided this by carrying out a balancing exercise to make sure our legitimate interest does not override your privacy rights as an individual. We document the balancing exercises that we carry out when relying upon this lawful basis for processing your personal data.

4. Security and Data Sharing

We use SSL encryption to protect your data during transmission.

We have in place appropriate policies, rules, technical and organisational measures to protect your personal data from unauthorised or unlawful processing, and against accidental loss, destruction or damage. We also have procedures in place to deal with any data security breach. We will notify you and any applicable regulator of a data security breach where we are legally required to do so.

Even though we take these steps to keep your personal data secure, you should be aware that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the internet. If you have a username or password to access any services that we provide to you, you are responsible for protecting your username and password and must not share it with, or disclose it, to anyone.

If you want you to learn more about how to protect your data and your devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org.

We do not share your personal data with third parties outside of our organization unless required to do so to comply with our legal and regulatory obligations.

5. Disposal of information and your Rights

You have certain rights in relation to your personal data, such as the right to access and the right erasure. Please be aware that these rights do not apply in all circumstances, but we will always look to fulfil your request where possible.

  • We will only store personal information you have provided to us for a maximum of 30 days unless required by law to do so or for legitimate reasons described above.
  • We will destroy paper documents permanently via securely Shredding to destroy personal information held on those documents.
  • When we delete digital information any back-ups of that information are also destroyed.

If you would like to contact us with any queries or comments, request further information or exercise any of your available rights under GDPR, please email us at: info@redrosesoftware.co.uk. If you would like this notice in another format please contact us using the details below.

6. Changes to This Policy

Any changes to this policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this policy.

Please note: this policy does not cover third party websites that we may link to from our website and we are not responsible for the privacy policies and practices (including use of cookies) of such third parties. We recommend that you check the policy of each website you visit and contact the owner or operator of such website if you have concerns or questions.

7. Contact Information

  • Company Number: 06475818
  • Phone: 01953 851 225
  • Address: Unit1i Snetterton Business Park, Snetterton, Norfolk, NR16 2JU
  • Email: info@redrosesoftware.co.uk

Our Managing Director, Kevin Meers, is responsible for GDPR compliance.

8. Complaints

If you believe that we have not complied with this policy or your data protection rights, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK.