Risk Warden Limited (company number 09590964) takes your privacy very seriously and is committed to protecting and respecting your privacy.
If you wish to contact us regarding this privacy and cookies policy, please see the contact details here. Risk Warden is the data controller and our registered office is Communication House, Victoria Avenue, Camberley, Surrey, England GU15 3HX.
This privacy and cookies policy does not apply to websites that you may be able to access via links on the Website or Risk Warden Tool and/or activities offered by third parties. Please ensure you review any relevant policies on any third party websites before proceeding. Risk Warden is not responsible for the collection or use of your personal data from these third party websites.
- SUBSCRIPTION AGREEMENT
- DATA WE COLLECT FROM YOU OR ABOUT YOU AND OUR SOURCES OF THAT DATA
- PURPOSE AND LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
- DISCLOSURE OF YOUR PERSONAL DATA
- WHERE WE STORE YOUR PERSONAL DATA
- RETAINING PERSONAL DATA
- YOUR RIGHTS
- CHANGES TO OUR PRIVACY AND COOKIES POLICY
- HOW TO CONTACT US
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
DATA WE COLLECT FROM YOU OR ABOUT YOU AND OUR SOURCES OF THAT DATA
We will collect the following data about you:
- Data you give us. You may give us data about you:
- by filing in forms on the Risk Warden Tool or the Website. For instance, if the Organisation or we create a user profile for you in order to enable you to access the Risk Warden Tool and any services provided by us under the Subscription Agreement (whether on a trial or full basis);
- when you complete the sign up form through the Website;
- when you register to use the Risk Warden Tool;
- if you sign up to receive marketing communications from us about products and services we offer;
- if you ask us to receive personalised online content such as targeted advertising;
- when you report a problem with the Website or Risk Warden Tool;
- if you complete a survey or provide feedback, for example, about the Risk Warden Tool or the Website;
- if you contact or correspond with us (for example, by phone, e-mail or otherwise) for any other reason, for example, to find out more about a productor any support services we offer;
- any comments, opinions and/or feedback you provide to us regarding the Risk Warden Tool, for example during any trial period that you may participate in or thereafter;
- when you transmit or upload content or reports including, but not limited to: photographs, opinions, comments, communications, data relating to health and safety compliance to the Risk Warden Tool; or
- when you apply for a job with us.
- Data we collect about you. With regard to each of your visits to the Website or the Risk Warden Tool we will automatically collect the following:
- technical information, including the type of device (and its unique device identifier) you use to access the Website or the Risk Warden Tool, the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, mobile network information and platform;
- information about your visit to the Website including the full Uniform Resource Locators (URL), clickstream to, through and from the Website or Risk Warden Tool (including date and time), pages you viewed, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page; and
- information about your use of the Risk Warden Tool and Website including the services that you have viewed, the duration spent using those services and data files uploaded to the Risk Warden Tool.
- Data provided by the Organisation. The Organisation will give us information when:
- signing up to the Risk Warden Tool to enable us to create a user profile for you in order to give you access the Risk Warden Tool under the Subscription Agreement (whether on a trial or full basis). This information may include your name, company email address, job title, team, seat and qualification; and
- uploading data to the Risk Warden Tool as part of the risk assessment. This may include details or any independent assessors or in house competent person, or your details in a report.
- Data we collect from or provided by Third Parties
- We may collect your data from or are provided with your data by third parties including certification bodies, regulatory bodies, risk assessors, online providers or industry journals.
PURPOSE AND LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
We will use the personal dataheld about you for the purposes stated below:
|Purpose of Processing||Type of personal data||Legal basis for processing|
|To enable us to provide you with access to the Risk Warden Tool and for you to use the Risk Warden Tool||Your name, job title, qualification, Organisation, team, business address, work phone number and work email address||Legitimate interest – to allow us to perform our contract with the Organisation|
|To enable your risk assessor to use the Risk Warden Tool||Your name, job title, qualification, Organisation, team, business address, work phone number and work email address||Legitimate interest – to allow us to perform our contract with the risk assessor|
|To process the payment for the Subscription Agreement||Bank, credit or debit card details||Legitimate interest – to allow us to perform our contract with the Organisation|
|To help us identify you and any subscriptions you hold with us||Your name, Organisation, job title, team, Organisation address, Organisationphone number and Organisationemail address||Legitimate interest – to allow us to perform our contract with the Organisation|
|To deal with any enquiries, correspondence, concerns or complaints you have raised about the Risk Warden Tool||Your Organisation contact details and information about the issue raised||Legitimate interest – to allow us to perform our contract with the Organisation|
|To notify you about changes to any element of the Risk Warden Tool, for example, an update or upgrade, or the Website||Your name and Organisation email address||Legitimate interest – to allow us to perform our contract with the Organisation|
|To tell you if your subscription to the Risk Warden Tool is due to expire||Your name, Organisation email address and Organisation details||Legitimate interest – to allow us to continue providing the Risk Warden Tool to you|
|To ensure that content on the Website and the Risk Warden Tool is presented in the most effective manner for you and for your device||Technical information as mentioned above.||Legitimate interest – to allow us to present the Website and Risk Warden Tool better|
|To carry out surveys and market research||Your Organisation contact details and opinions on our products and services||Legitimate Interest – to better understand our clients and their preferences|
|For our internal operations, including data analysis, testing, research, statistical purposes and troubleshooting||Technical information as mentioned above||Legitimate Interest – to better understand our clients and continuously improve the Website and Risk Warden Tool|
|As part of our efforts to keep the Website and the Risk Warden Tool safe and secure||Your name and contact details, Organisation details, the administrator’s details and technical information mentionedabove||Legitimate Interest – to improve an ensure the safety of the Website and Risk Warden Tool|
|To compile reports (which do not personally identity you) of usage of the Website and Risk Warden Tool||Technical information as mentioned above||Legitimate Interest – to improve the Website and Risk Warden Tool|
|To allow us to process your data as part of the recruitment process||Recruitment information (including copies of right to work documentation, references and other information included in a CV or cover letter or as part of the application process), date of birth, gender, national insurance number; and location of current and previous employment or workplace||Legitimate interest to make a decision about your recruitment or appointment, and to prevent fraud.|
|To provide you with information about risk assessors you may be interested in working with or to share your information such risk assessors||Your name, Organisation email address and Organisation details||Consent|
|To provide you with information, products and services about us||Your name, Organisation name and Organisationemail address||Consent|
|To provide you with personalised content||Technical information mentioned above, your name, Organisationand Organisationemail address||Consent|
|To check you are legally entitled to work for us||Copy of passport and any other documents that show that you have a right to work in the UK||Comply with our legal obligation to conduct such checks|
|To carry out equal opportunities monitoring||Your race or ethnicity, religious beliefs, sexual orientation and political opinions||Public interest|
Please note that we may use and share non-personal data we receive or collect from you in connection with the Website or Risk Warden Tool.
Where we need to collect personal data by law or as part of a contract we have with you and you fail to provide that data when requested, we may not be able to provide you with access to the Risk Warden Tool or offer you a job.
Where we have a legal basis to use your personal data without consent (as we have described above), this policy fulfils our duty to process personal data fairly and lawfully and in a manner that you would expect given the nature of our relationship with you, by giving you appropriate notice and explanation of the way in which your personal data will be used.
Where consent is required for our use of your personal data, by ticking the appropriate consent box or otherwise communicating your consent, you consent to our use of that personal data for the purposes covered by the specific consent that you have given. For example, we will only process your personal data for marketing purposes if we have your consent to do so.
As mentioned above, we would like to provide you with information about products, services and opportunities which may be of interest to you if you consent. We may provide such information to you by email or through personalised online content and advertising through the Website, social media platforms or our online partners. Even if you consent, you can change your mind about this at any time (click here for more information on how to contact us).
We will not provide your personal data to other businesses so they can use your personal data for marketing purposes.
We will only send you marketing messages if you would like us to. You can tell us that you wish to receive such marketing messages by ticking the relevant boxes when submitting a form to us, signing up to the Risk Warden Tool for the first time or by updating the privacy settings of your account. You will have the opportunity to clearly set out whether you wish to receive marketing messages from us by ticking the relevant boxes.
DISCLOSURE OF YOUR PERSONAL DATA
We may share your personal data with selected third parties in accordance with this policy, including:
- service providers (for example, IT services or payment service providers), business partners, suppliers and sub-contractors;
- analytics and search engine providers that assist us in the improvement and optimisation of the Website or the Risk Warden Tool;
- government or other law enforcement agencies, in connection with the investigation of unlawful activities or for other legal reasons (this may include your location information);
- in the event that we sell any business or assets or receive investment into our business, in which case we may disclose your personal data to the prospective buyer or investor;
- if Risk Warden or substantially all of its assets are acquired by a third party, in which case personal data held by us, including your personal data, will be one of the transferred assets; and
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply Subscription Agreement or any other contract between you and us or between the Organisation or us; or to protect the rights, property or safety of Risk Warden, our users, and others.
WHERE WE STORE YOUR PERSONAL DATA
The personal data that we hold about you will only be processed and stored by us within the United Kingdom.
However, the Risk Warden Tool can also be accessed and used worldwide, which means your data may be processed outside the EEA if the Organisation using the Risk Warden Tool is based outside the EEA or if the Risk Warden Tool is accessed by a user not based within the EEA whilst accessing the Risk Warden Tool.
All information you provide to us is stored on secure servers. We will use technical and organisational measures to safeguard your personal data.
Where we have given you (or where you have chosen) access details and a password which enable you to access theRisk WardenTool, you are responsible for keeping these access details and password confidential. We ask you not to share your access details and password with anyone.
We maintain (and ensure that anyone we share your personal data with maintains)appropriate technical and organisational measures to ensure that an appropriate level of security in respect of all personal data we process. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to theWebsite or Risk Warden Tooland you acknowledge that any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features which are appropriate to the type of personal data you have provided to try to prevent unauthorised access or inadvertent disclosure.
RETAINING PERSONAL DATA
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Even if you request that we erase your data, we may still need to keep it (please see below) or may keep it in a form that doesn’t identify you. If we are processing your persona data as part of a Subscription Agreement and you have not agreed that we may use your data for marketing purposes, we will retain your personal data on record for no more than the duration of the Subscription Agreement and 6 years thereafter. Please contact us or the Organisation directly for details of the duration of the Subscription Agreement.
You have the following rights with regard to your personal data:
- Access. You have the right to access data we hold about you. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it;
- Rectification or erasure. You have the right to request that we rectify or delete any personal data that we hold about you (unless we have the legal right to retain it). If you request that we erase any personal data that we require in order to provide the Risk Warden Tool to you, you may no longer be able to use it. This right does not extend to non-personal data. It is likely to be necessary for us to retain your personal data to enable us to carry out a contract with your Organisation, and your rights under applicable law to request erasure may be limited accordingly. This means your rights under applicable law to request erasure may be limited accordingly
- Restriction. You also have the right to restrict us from processing your personal data if the data is inaccurate, the processing is unlawful or we no longer need to your personal data for the purposes for which we hold it.
- Data portability. You have the rightto obtain personal data we hold about you, in a structured, electronic format, and to transmit such data to another data controller if the legal basis for processing such personal data is consent.
- Object /change of preferences. You have a right to request that we stop processing your personal data where we are relying on a legitimate interest (or those of a third party). You also have the right to object where we are processing your personal information for direct marketing purposes. For example, if you have given your consent to receive updates from us about new job opportunities, but have changed your mind, you have the ability to opt out from receiving such communications going forward by contacting us using the details provided below or clicking the relevant link in any communications you receive. Please note, if you submit a request for us to stop processing your personal data in a certain way and this type of processing is required in order to facilitate your use of the Risk Warden Tool, you will no longer be able to use the Risk Warden Tool following your request for us to stop the relevant processing.
- Complaints. If for any reason you are not happy with the way that we have handled your personal data, please contact us. If you are still not happy, you have the right to make a complaint to the Information Commissioner’s Office.
Please note that if you ask us to stop processing your personal data in a certain way or erase your personal data, and this type of processing or data is needed to facilitate your use of the Websiteor theRisk Warden Tool you may not be able to use the Websiteor the Risk Warden Tool as you did before. This does not include your right to object to direct marketing, which can be exercised at any time without restriction. Please allow at least 3 working days for your request to be actioned.
Please note that the rights mentioned above do not extend to non-personal data.
If you would like to exercise any of the rights mentioned above, please contact us at Management Suite 219, 1210 Parkview, Arlington Business Park, Theale, Reading RG7 4TY or by emailing us at email@example.com
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of the Website and Risk Warden Tool. They include, for example, cookies that enable you to log into secure areas of the Website and Risk Warden Tool, make use of e-billing services.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and users and to see how visitors and users move around the Website and Risk Warden Tool when they are using it. This helps us to improve the way the Website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to the Website and Risk Warden Tool. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to the Website and Risk Warden Tool, the pages you have visited and the links you have followed. We will use this information to make the Website and Risk Warden Tool and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
|_utma||A Google Analytics cookie which tracks the number of times a user has visited the Website, as well as the time of their first visit and last visit.|
|_utmb||A Google Analytics cookie which stores details of the moment when a user visits the Website.|
|_utmc||A Google Analytics cookie which stores details of the moment when a user leaves the Website.|
|_utmz||A Google Analytics cookie which records where the user came from, including what part of the world and details of the search engine, keywords and links used.|
By clicking “agree” in the cookie consent box when you first access the Website or the Risk Warden Tool and by continuing to access and use the Website or the Risk Warden Tool (as applicable) you accept our use of the cookies.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of the Websiteor the Risk Warden Tool.
For more detailed information about cookies and how they can be managed and deleted, please visit www.allaboutcookies.org.
CHANGES TO OUR PRIVACY AND COOKIES POLICY
Any changes we make to our privacy and cookies policy in the future will be posted on this pageand, where appropriate or notified to you by e-mail.
Please check back frequently to see any updates or changes to our privacy and cookies policy. Continued use of the Website or the Risk WardenTool (as appropriate) will signify that you agree to such changes.
HOW TO CONTACT US
Questions, comments and requests regarding our privacy and cookies policy are welcomed and should be addressed to Risk Warden Limited at Management Suite 219, 1210 Parkview, Arlington Business Park, Theale, Reading RG7 4TY, by email to firstname.lastname@example.org by phone on 0118 965 4136.
Please also contact us if you would like to know more about our data processing activities, to update or amend any of your personal data which you have provided to us or if you believe our records relating to your personal data are incorrect.
Our privacy and cookies policy was last updated on 29 November 2018.