This content requires cookies, please click 'Allow Cookies' at the bottom of the screen.
RML Group Ltd (RML Group) is the company responsible for your data. Our registered office is at 6-10 Whittle Close, Park Farm Industrial Estate, Wellingborough, Northamptonshire, England, NN8 6TY. We are registered with the Information Commissioner’s Office under registration number Z2965102.
This policy applies to information we collect about you:
visitors to our website
people who make enquiries or contact us
customers and suppliers
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
This policy is effective from 24th May 2018.
Information we collect:
We collect personal data where it is appropriate and lawful for us to do so. The types of information we may collect can be categorised as follows:
a. Contact Data such as your correspondence address, billing address, delivery address, email address and telephone numbers.
b. Financial Data such as your bank account and payment card details.
c. Health Data- in very limited circumstances such as if you visit our premises we may ask about any medical condition that may require special consideration (because of the work we do with high voltage electricity) or in order for you to participate in a high-risk activity.
d. Identity Data –such as your name, last name, username or similar identifier, title, date of birth and gender.
e. Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
f. Recruitment Data such as CVs and job applications which are received via agencies and our third-party recruitment service provider or may be sent to us by potential candidates direct.
h. Third Party Datainformation from third parties such as a credit search to assess credit risk, publicly available information about you on professional social media sites and public registers (such as Companies House).
i. Transaction Data such as details about payments to and from you and other details of products and services you have purchased from us.
How we collect personal data.
We collect personal data in different ways
1. From our website and from using cookies.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your
computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
2. From information you provide to us by phone, email or through other means or media for example by sending a CV, by requesting we contact you, by subscribing to our newsletter
or completing a survey or offer, by asking us for information about our products and services or providing us information about products and services you may wish to sell to us.
3. From face to face meetings- such as by talking to us at a motor show or participating in a hospitality or PR event we run or business meetings.
4. From third parties- such as recruitment agencies and providers, credit agencies, public information registers and professional social media sites.
Legal basis for processing your data
We will only use your personal data in a lawful way. Usually this will be:
- to prepare for or perform a contract with you or your organisation
- to comply with our legal obligations as well as to keep records of our compliance;
- because our legitimate interests, or those of a third-party recipient of your personal data, make the processing necessary, provided that those interests are not overridden by your interests
or fundamental rights and freedoms; or
- because you have expressly given us your consent to process your personal data in that manner.
We will only provide you with marketing related information after you have, where legally required to do so, opted in to receive those communications and having provided you with the opportunity
for you to opt out at any time.
We do not use your personal data to make automated decisions.
Health information is particularly sensitive and providing it is voluntary but you may not participate in an activity where it is required.
The table below is a description of the ways we use your personal data, and which of the legal bases we rely on to do so.
We may process your personal data for more than one lawful ground depending on the specific purpose or activity for which we are using your data. You can contact us if you need more information on which legal basis applies to any specific activity.
Transfer of Personal Data
We may provide information to third parties who will use your information for the purposes of providing services to us or directly to you on our behalf.
When we use third party service providers, we only disclose to them any personal data that is necessary for them to provide their services and we have an agreement in place that requires them to keep your data secure and to only use it in accordance with our specific instructions.
Most of our information is held on servers based in the UK. We use a cloud-based CRM (Customer Relationship Management) system (HubSpot) which means some personal data is transferred outside the European Economic Area, our agreement with the provider includes the European Commission approved standard contractual clauses to safeguard and protect your personal information. We will adhere to any confidentiality obligations entered into with a customer in relation to the transfer of customer information. We may provide information to companies providing services such as company checks, financing checks, credit risk reduction, including financial institutions and credit reference.
We may provide information to professional consultants such as lawyers and accountants in order to advise upon any matter connected to you or your organisation and to law enforcement authorities, regulators, government officials or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal claim, or for the purposes of a confidential alternative dispute resolution process.
We may allow access to personal information where this is necessary for service providers who we engage within RML Group Limited e.g. our IT providers, to process personal data for any of the purposes listed above on our behalf and in accordance with our instructions only.
If we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How long we retain your data
We will only retain your personal data for as long as necessary to fulfil the purposes for which it was collected. This includes the time needed to satisfy any legal, accounting, or
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised
use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. For example, details of your service contracts will be kept for as long as we need to retain that data to comply with our legal and regulatory requirements. This is generally 7 years unless the law prescribes a longer period. However, CVs for unsuccessful applicants will only be retained for 12 months. You can obtain further information if you require it by emailing us at firstname.lastname@example.org.
Where you have given your consent so that we can contact you (for example to receive marketing information), you can always change your mind at any time by writing to or emailing us at email@example.com and we will remove your details from our database.
You have various rights with respect to our use of your personal data:
· Access: You have the right to request a copy of the personal data that we hold about you. There are exceptions to this right, so that access may be denied if, for example making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. You are entitled to see the personal data held about you. If you wish to do this, please contact us at firstname.lastname@example.org.
· Accuracy: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date. You can contact us at email@example.com.
· Objecting: In certain circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data. If you would like us to stop using your personal data, please contact us at firstname.lastname@example.org.
· Erasure: You have the right to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected, or when, among other things, your personal data have been unlawfully processed. If you would like to discuss this with us, please contact us at email@example.com.
Please note we will need to verify your identity before releasing personal information to you or making changes.
If you believe that your data protection rights may have been breached, please contact us. If we are unable to address your concerns, you have the right to lodge a complaint with the Information Commissioner’s Office, or to seek a remedy through the courts.