How we use your information
At Rimu Marketing we will only collect the minimum personal information from you. This will be at the point you contact us, ask to be included on a newsletter, ask for further information or become a client. This could include your name, address, telephone numbers, email address, signature and bank account details. We need this information for legitimate, contractual or organisational purposes to provide you with the services that you have requested. We will not use your data for any other purpose unless we have obtained your consent for that specific purpose.
We need this information to process your requests and we do not regard it as excessive. Other relevant details that you provide in relation to the services you receive from us may be added to your data, but anything not required will be deleted immediately. We will not ask for any irrelevant information. We will not hold or process any special category personal data at any time. If your contact details change, please advise us and we will update our records accordingly. We do not carry out automated decision making or any type of automated profiling. We will always process your data in a fair and lawful way in accordance with article 5 and article 6 of the GDPR.
We regularly conduct data flows and a data inventory or data audit which looks at all aspects of the personal data that we process, including the legal basis for processing and any special requirements that the data needs. Any risk assessments (DPIAs) requirements are identified and completed paying particular attention to privacy risks associated with each processing activity: storage, collection, transmission, access and deletion.
We regularly complete Legitimate Interest Assessments to ensure that our marketing activities are considered, appropriate and are in accordance with all relevant legislation.
We will never knowingly collect data from or on children below 13 years old.
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. This is in accordance with our Data Protection Policy. Your data may be used by the Rimu Marketing team who have a legitimate business need or a contractual obligation to know such data. We will only process your personal data in accordance with our business processes where the safety of your data is paramount.
We use third parties in conjunction with routine business requirements, in our case, accountancy services, use of associates and marketing material suppliers. If we do need to share your data to a relevant third party for purposes other than business requirements, we will obtain your consent first. We use social media including LinkedIn, Instagram and YouTube. We use Zoom, PayPal and Survey Monkey. These third parties are subject to change in line with our business requirements. Please see our Cookie section for additional details.
We have procedures in place to deal with any suspected personal data breach and will notify you and any supervisory body of a breach if we are legally required to.
Please note that we do not require your consent to share this information if we suspect criminal or unlawful activity, in these circumstances we will only contact the relevant organisations.
We will not transfer your personal information outside of the EU.
Retaining your data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Our data retention policy considers the amount of data, its nature and sensitivity, the potential risk of harm from unauthorised use or disclosure, the processing purposes and if these can be achieved by other means and legal requirements.
For tax purposes, the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers. If you have had no communication with us for x years, we will delete all your personal information in line with our data retention policy.
In some circumstances, we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you. You will not be recognisable as a natural living person from this anonymised data.
If you contact us via our website, please ensure that you tick the opt-in box on your enquiry form. In order to process your enquiry, we will need your consent to have your contact details. Or in other words, for you to opt-in, it should be as easy to opt-out as to opt-in so if you no longer want us to process your data please contact us at firstname.lastname@example.org . This can be done at any time. There will be occasions where we do not need your consent to contact you and will rely on a legitimate business reason as in to contact you about services you have expressed an interest in or a contractual obligation to fulfil a business commitment eg to pay you or to provide services.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
You have a right to see what information that we hold about you and you can get in contact with our Data Protection Officer Sophie Comas at the following address: email@example.com or by post at 70 St Andrews Crescent, Windsor, SL4 4EN
Under the GDPR you have the right to request a copy of the personal information Rimu Marketing hold about you and to have any inaccuracies corrected or information deleted. You will need to prove your identity with 2 pieces of approved identification which can be a: passport, driving licence, birth certificate, utility bill (from last 3 months), current vehicle registration document, bank statement (from last 3 months) or a rent book (from last 3 months). We will verify your identity, noting how and when we verified it, then we will immediately delete that data. We will send you a form which clarifies what information you are looking for and to verify your identity.
If you can advise of the specific information that you require, we can process your request more quickly. We will respond to your request within one month of you providing information that confirms your identity. You are obviously entitled to all your personal information.
We will respond within one month, giving you a copy of your data, why we have it, who it could be disclosed to, the categories of data it involves, and it will be in a format that you can access easily. You have the right to clarify and correct the information as necessary. It can be deleted providing that it is not required for legal or public interest reasons. If your request is more complex, for example, it involves other data subjects and we need their consent to release the relevant information we can extend our response time to three months, but we will inform you of this. If they do not give their consent, we will anonymise this data or remove the relevant detail before sending this to you. We will not charge for data subject access requests unless they are excessive or manifestly unfounded. Then we will charge for administrative time only.
If you are not satisfied with our response, please get in touch and we will do our best to help you: firstname.lastname@example.org
Server Visitor Data
When you access a page on our website, the server logs and entry containing (1) your IP address, (2) the timestamp of your visit, (3) the URL you followed, (4) the website you came from, if any, and (5) a line of text identifying the type of browser used.
This information is publicly available to every server you connect to (through your browser, an app, a video game, etc.) and cannot be used to personally identify you.
We collect this information for maintenance purposes, such as identifying errors, broken URLs or missing files, and analytics tracking, such as average visitor and view counts, popular pages and frequent referrers.
Regarding IP address collection: In order for the server to know where to send your data, your IP address must be made available. Trying to browse the internet without sharing your IP address would be like asking Amazon to make deliveries without knowing your postal address.
Cookies and Web Beacons
What are cookies and what do they do?
A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit the Rimu Marketing website, a computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies.
For further details on cookies, please visit the website All About Cookies where you can find comprehensive information on Cookies.
What Happens if I Block Cookies?
We use Google’s “analytics” Cookies which, in conjunction with our web server’s log files, allow us to identify unique, but anonymous users. These Cookies can also calculate the aggregate number of people visiting our Rimu Marketing website, the date and time of a user’s visit to the Rimu Marketing website, the pages a user has viewed and the time spent by users at the Rimu Marketing website. This helps us gather feedback so that we can improve the Rimu Marketing website and better serve our users.
Further information on each Cookie is set out in the table below.
Cross-platform advertising and user recognition
Third-party web sites and platforms
Your use of third party web sites and platforms such as Twitter, LinkedIn and Facebook, and the privacy practices of these platforms, are governed by separate terms, conditions and policies for which Rimu Marketing is not responsible. You should review Twitter’s and Facebook’s terms, conditions and policies where you will find more details on how information about you is used on their platforms and how you can set your privacy preferences.
You can find more information about the individual Cookies we use and the purposes for which they are used in the table below:
Cookie Type Purpose
This Cookie is placed by Google. It enables Rimu Marketing to learn information about our users use of the Rimu Marketing website such as the time of visit, the pages viewed, whether the user has visited before and the web site visited prior to visiting the Rimu Marketing Website.
To opt-out please see https://tools.google.com/dlpage/gaoptout
Twitter Conversion Tracker
This Cookie is placed by Twitter. It enables Rimu Marketing to learn how our users have interacted with Rimu Marketing advertising served to them on Twitter. It also enables Rimu Marketing to identify users who have used their mobile device to view Rimu Marketing advertising on Twitter and later came to the Rimu Marketing website on a desktop computer.
To opt-out please see http://optout.aboutads.info/#/
This Cookie is placed by Facebook. It enables Rimu Marketing to measure, optimize and build audiences for advertising campaigns served on Facebook. In particular, it enables Rimu Marketing to see how our users move between devices when accessing the Rimu Marketing website and Facebook, to ensure that Rimu Marketing’s Facebook advertising is seen by our users most likely to be interested in such advertising by analysing which content a user has viewed and interacted with on the Rimu Marketing website.
To opt-out please see https://www.facebook.com/ads/preferences
LinkedIn Insight Tag
This Cookie is placed by LinkedIn. It enables Rimu Marketing to measure, optimize and build audiences for advertising campaigns served on LinkedIn. In particular it enables Rimu Marketing to see how our users move between devices when accessing the Rimu Marketing website and LinkedIn, to ensure that Rimu Marketing’s LinkedIn advertising is seen by our users most likely to be interested in such advertising by analysing which content a user has viewed and interacted with on the Rimu Marketing website.
To opt-out please see https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Cookie Pop Up
This Cookie is placed by Rimu Marketing. It is used to record when a user of the Rimu Marketing website has viewed the Cookie notice to prevent it re-appearing on return visits.
Most of our cookies expire within 30 days, although our analytics cookies may persist for 1 year.
If you have any concerns about your data then please get in touch and we will do our best to help you: email@example.com
If you have any concerns about how your data is being used or processed and we have not been able to help you, then you can contact the ICO. Ways to report concerns are detailed on their website: https://ico.org.uk/concerns/ .
If you have any questions, comments or ways we can improve please get in touch.