Privacy Policy | Rezatec

Privacy Policy

HEXCUITY PRIVACY AND COOKIES POLICY

Hexcuity Ltd (trading as Rezatec) (company number: 14885370) (“Hexcuity” / “Rezatec” / “we”/ “our”/ “us”) takes your privacy very seriously and is committed to protecting and respecting your personal data. This policy describes the processing of personal data by Hexcuity including how it is collected, protected, how long it is retained, with whom it is shared and the privacy options available concerning that personal data.

If you wish to contact us regarding this policy, please contact us using the details set out here. Hexcuity Limited is the data controller, our registered office is at Bee House, 140 Eastern  Avenue, Milton Park, Abingdon, Oxfordshire, OX14 4SB.

This policy sets out the basis on which we will process any personal data that we collect from you when you interact with us, that we are provided with by a third party or that you provide to us through your use of https://www.rezatec.com (the “Website”).

This policy does not apply to your use of the Rezatec Platform (the “Rezatec Platform”), which is subject to the Rezatec Platform Privacy and Cookies Policy) or to any websites that you may be able to access via links on the Website and/or activities offered by third parties. Please ensure you review any relevant policies on any third party websites before proceeding. We are not responsible for the collection or use of your personal data from third party websites.

TOPICS COVERED:

Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it.

PERSONAL DATA COLLECTED FROM YOU OR ABOUT YOU AND OUR SOURCES OF THAT DATA

We may collect and process the following information about you:

  • Data you give us. You may give us data about you:
    • by filling in forms on our Website. For instance, to book a demonstration;
    • if you sign up to receive marketing communications from us such as news or updates about Rezatec;
    • if you contact or correspond with us (for example, by email at support@rezatec.com or phone) for any reason (for example, to request further products or services from us);
    • if you enquire about our services or products (for example, the Rezatec Platform) or how we could work together;
    • if you report a problem with the Website; and
    • if you provide us with feedback, opinions and/or comments. For example, regarding the Website.
  • Data we collect about you. Each time you use the Website we may automatically collect the following data:
    • when you use the Website, we will keep a record of the details of that usage, including the date, time, location, frequency and duration of the usage;
    • technical information about your computer or mobile device for system administration and analysis, including your internet protocol (IP) address used to connect your device to the internet, Uniform Resource Locators (URL), your login information, time zone settings, browser plug-in types and versions, clickstreams, unique device identifiers, operating system, wireless network interface, device telephone number and network and browser type and version; and
    • other information about your use of the Website, including the date and time of visits to the Website, pages you viewed, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
  • Data we collect or are provided with by third parties. We may be given or collect personal data about you by / from third parties such as:
    • our channel partners, who you may contract with to have access to the Rezatec Platform; or
    • data available from publicly available sources (for example, LinkedIn or your corporate website).

PURPOSE AND THE LEGAL BASIS FOR PROCESSING

We may use the personal data we hold about you in the following ways:

Purpose of processingType of personal dataLegal basis for processing
To process any forms you may fill out on our WebsiteYour name, email address, phone number, your organisation, region and sectorLegitimate interests – to enable us to respond to your request
To book a demo of the Rezatec ProductYour name, your email address, phone number, your organisation, the region where you are based and your sector and your reasons for the demoLegitimate interest – to enable us to demo the Rezatec Product
To receive services or products from youYour name, your email address, phone number and your organisationLegitimate interest – performance of a contract by your organisation
To provide the Rezatec Product to your organisation and tell you if the subscription is about to expireYour name, email address, phone number, your organisation and payment detailsLegitimate interest – to allow us to perform our contract with your organisation
To ensure that the Website is presented in the most effective manner for you and for your deviceThe technical information as mentioned aboveLegitimate Interest – to allow us to present the Website better
For our internal operations, including data analysis, testing, research, statistical purposes and troubleshootingThe technical information as mentioned aboveLegitimate Interest – to better understand our visitors and continuously improve the Website
As part of our efforts to keep the Website safe and secureThe technical information as mentioned aboveLegitimate Interest – to improve and ensure the safety of the Website
To deal with any enquiries, correspondence, concerns or complaints you have raisedYour name, information about the issue raised, your organisation (if applicable), phone number and email addressLegitimate Interest – to deal with your enquiry or correspondence and allow us to improve our services and the Website (if relevant)
To compile reports (which do not personally identify you) about the use of the WebsiteThe technical information mentioned aboveLegitimate interest – to improve the Website
To notify you about changes to any element of the Rezatec Products, our services, the Website for example, an update or upgrade, or this  policyYour name, your organisation and email addressLegitimate interest – to allow us to perform our contract with your organisation
To send you direct marketing by email, such as our email newsletterYour name, your organisation and email addressConsent for data collected going forward or our legitimate interest to conduct marketing for data we already hold
To contact you for feedback on our services or productsYour name, your organisation and email addressLegitimate interests – to better understand our users

Where we have a legal basis to use your personal data without consent (as we have described above), this policy fulfils our duty to process personal data fairly and lawfully and in a manner that you would expect given the nature of our relationship with you, by giving you appropriate notice and explanation of the way in which your personal data will be used.

Where consent is required for our use of your personal data as described above, we will request your consent. Typically, we would collect your consent by you performing an action such as ticking the appropriate consent box or otherwise communicating your consent to us (for example, by email), you consent to our use of that personal data as set out in this policy.

MARKETING

We would like to provide you with information by email about us, as well as our products and services, which may be of interest to you. If we have asked for your consent to provide you with marketing communications, we will only send you with marketing communications if you would like us to.  Otherwise, we will provide you with marketing communications unless you ask us not to.

If you no longer wish to receive marketing communications from us, please contact us by emailing dataprotection@rezatec.com or using the unsubscribe link at the bottom of our marketing messages.

DISCLOSURE OF PERSONAL DATA

We may disclose or share your personal data with selected third parties in accordance with this policy, including:

  • service providers, for example of IT services, business partners, suppliers and/or sub-contractors, for the performance of any contract that we enter into with you, but also when providing you with marketing communications;
  • any member of our group of companies;
  • analytics and search engine providers that assist us in the improvement and optimisation of the Website;
  • professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services; or
  • government or other law enforcement agencies, in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information);
  • if we sell or buy any business assets or receive investment into our business, we may disclose your personal data to the prospective or actual buyer, seller or investee of such business or assets;
  • if Hexcuity Limited or substantially all of its assets are acquired by a third party, in which case personal data held by us, including your data and data about our customers, suppliers and correspondents will be one of the transferred assets; and
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any  contract between us and you or your organisation or to protect the rights, property or safety of us, our customers or others.

Except as explained above, we will not disclose your personal data to any third parties for any other purpose unless we legally have the right or obligation to do so.

We require our service providers to comply with data protection laws whenever they process your personal data.

WHERE PERSONAL DATA IS PROCESSED

The majority of the personal data we collect is processed in the UK and European Economic Area (the “EEA”). Where information is acquired and processed outside of the EEA, we ensure at least one of the following safeguards is implemented:

  • We transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. To find out which countries are covered by this, please see here.
  • Where there is no adequacy decision by the European Commission in respect of these countries (to the extent that they are outside the EEA), which means they are not deemed to provide an adequate level of protection to your personal data, we ensure that your personal data receives an adequate level of protection. We have therefore put in place the following measures to ensure that your personal data is treated by those third parties in a way that is consistent with EU and UK laws on data protection:
    • EU-US Privacy Shield; and/or
    • EU standard contractual clauses.

If you would like to find out more about these safeguards in respect of processing of your personal data, please contact us at dataprotection@rezatec.com

We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.

SECURITY AND THE PROTECTION OF PERSONAL DATA

The security of our information and systems is extremely important. All personal data collected, whether electronically, on paper, or by other means, is protected appropriately in line with our data protection obligations.

All information you provide to us is stored on secure severs. We will use appropriate technical and organisational measures to safeguard your personal data. Our security controls are under regular evaluation to manage risks to the confidentiality, integrity and availability of your personal data.

We maintain, and ensure that anyone we share your personal data with maintains, appropriate technical and organisational measures to ensure an appropriate level of security in respect of all personal data we process.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website and you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features which are appropriate to the type of personal data you have provided to try to prevent unauthorised access or inadvertent disclosure.

RETAINING PERSONAL DATA

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.  If you would like to find out more about the details of applicable retention periods, please contact us.

COOKIES

We use cookies, which are small files of letters and numbers that we store on your browser or the hard drive of your computer or mobile device if you agree.  Examples of the type of information collected include the category of internet browser used, the type of operating system used and the domain name of the website which linked through to the Website.

Most browsers allow cookie settings to be changed. These settings will typically be found in the “options” or “preferences” menu of a browser.

We use the following cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of the Website.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the Website when they are using it. They also enable us to see how users use the Website. This helps us to improve the way the Website works.
  • Functionality cookies. These are used to recognise you when you return to the Website. This enables us to personalise our content for you.
  • Targeting cookies. These cookies record your visit to the Website, the pages you have visited and the links you have followed. We will use this information to make the Website displayed on it more relevant to your interests.

By clicking ‘ok’ on the cookie consent box when you first access the Website and by continuing to access and use the Website you accept our use of the cookies.

You may control and block the cookies used by websites generally by modifying the settings on your browser or device. However, if you use your browser or device settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Website.

For more detailed information about cookies and how they can be managed and deleted please visit www.allaboutcookies.org.

YOUR RIGHTS AND HOW TO EXERCISE THEM

You have specific rights over your personal data gathered and processed by Hexcuity as described below:

  • Access. You have the right to request access your personal data held by Hexcuity via a Subject Access Request. You may be asked to provide documentation to verify your identity.
  • Rectification. You have the right to request that we rectify your personal data.
  • Right to be ‘forgotten’ or to request erasure. You have the right to request that your personal data is removed or deleted. Please note, if you request that we erase any personal data that we require in order to provide the Website to you, you may no longer be able to use the Website. It is likely to be necessary for us to retain your personal data to enable us to carry out a contract with your organisation, and your rights under applicable law to request erasure may be limited accordingly. Please also note that this right does not extend to non-personal data.
  • Data portability. You have the right to request a copy of your personal data in a format that would allow it to be transferred to another company in a safe and secure way if the legal basis for processing such personal data is consent or performance of a contract.
  • Restrict data processing. You have the right to request that the processing of your personal data is restricted if the data is inaccurate, the processing is unlawful or we no longer need to process your personal data for the purposes for which we hold it.
  • Object / withdraw consent. You have the right to request that we stop processing your personal data where we are relying on a legitimate interest (or those of a third party). You can also change your data processing preferences at any time. For example, if you have given your consent to direct marketing, but have changed your mind, you have the ability to opt out of receiving marketing communications by contacting us using the details provided below or clicking the relevant link in any communication you receive.
  • Automated decision making. We do not currently carry out decisions based solely on automated processing, including profiling. If we change our practices to do this in a way which has legal or similarly significant effects on you, you may have the right to object. If this becomes relevant in the future, we will update this privacy and cookies policy to provide further information.
  • Complaints. We take great care to comply with the laws governing the protection of personal data. If, however, you do want to complain about our use of personal data, please send an email with the details of your complaint to the Data Protection Compliance Officer at dataprotection@rezatec.com and we will look into your concerns. If for any reason you are not happy with the way that we have handled your personal data, please contact us.  If you are still not happy, you have the right to make a complaint to the Information Commissioner’s Office.

Please note that if you ask us to stop processing your personal data in a certain way or erase your personal data, and this type of processing or data is needed to facilitate your use of any of the Website, services or products you may not be able to use them as you did before, or at all.  This does not include your right to object to direct marketing, which can be exercised at any time without restriction. Please allow at least 3 working days for any request to be actioned.

If you would like to exercise any of the rights mentioned above, please contact us at by email at dataprotection@rezatec.com or by post using the details set out here.

CHANGES TO THIS POLICY

Any changes we make to this policy in the future will be posted on here. Please check back frequently to see any updates or changes to this policy.

KEEPING US UPDATED / HOW TO CONTACT US

Questions, comments and requests regarding this policy are welcomed and should be addressed to the Data Protection Compliance Officer at Hexcuity Limited, Bee House, 140 Eastern  Avenue, Milton Park, Abingdon, Oxfordshire, OX14 4SB. You may also email us at dataprotection@rezatec.com or call us on +44 1235 632467

This policy was last updated on 1 April 2024.