Privacy Statement

Recordsure is committed to your privacy and adheres to the General Data Protection Regulations (GDPR). This statement sets out how we use your personal data and your rights.

Your personal information will be held by Recordsure, registered as Record Sure Limited for the purpose of the EU General Data Protection Regulation (GDPR).

Recordsure is the Controller of personal data relating to the professional individuals within its client or prospective client firms, for the purposes of relationship management, marketing and business development. This statement relates to this data only.

Personal Data We Collect

Recordsure collects your personal data, including information provided in various ways. Some of this data is gained directly from you, including:

  • In emails, during telephone calls and conversations, from business cards, when registering for services, when participating in surveys, and when using Recordsure’s websites.
  • Some personal data may also be gained indirectly, such as:
  • Information gained through other organisations (for example LinkedIn) whether or not this is in the course of providing technical and/or regulatory compliance services to you.
  • Information we gather from your use of, and interaction with, our website and the devices you use to access them, using technology such as cookies.

The data that we collect will depend upon our interactions with you, the privacy settings and features that you choose. The personal data we collect normally includes names, job title, company, IP addresses and contact details such as phone numbers and email addresses.

How we use Personal Data

Recordsure will only process your data where it has a legal basis for doing so. Recordsure uses the data collected to communicate with you and to offer you our recording, transcription, analytics and other solutions and/or services related to our associated company The Consulting Consortium Limited which offers consultancy services that may be complementary to the services provided by Recordsure. We will also use your data to improve or maintain the services we offer to you and our website. We will never share your data with any other third party, other than those stated in this policy, nor use your data for any other purpose, unless we firstly gain your consent to do so.

We may use your data for profiling in the context of segmentation and targeting for marketing purposes. We may use personal data such as job title, sector, company and your previous activity on our website or with our marketing communications. This enables us to provide you with information and promotions that are likely to be relevant to you. We may also use data such as your name and job title to personalise communications you receive from Recordsure and our website.

You have the right to access, rectify, erase, object and restrict the processing of your personal data, with the ability to choose which promotional communications you wish to receive and how you would like to receive them. You also have the right to opt-out of receiving our marketing communications at any time. To manage your subscriptions or personal data, please see the Your Rights section.

Your right What this means How you can exercise
The right to access You have the right to request from us:
Whether personal data is being processed
The purpose of the processing
The categories of personal data
To whom the data has been disclosed
How long it will be stored
You can request this information at no charge from Recordsure by emailing support@recordsure.com.
Recordsure will provide you with the information requested within one month of your request.
The right to rectification You have the right to request that we change or update your personal information if it is incorrect You can request an update or change to your information by mailing support@recordsure.com. Recordsure will update your details within one month of your request.
The right to erasure You have the right to have your data erased from our systems when:
It is no longer necessary for the purpose it was processed
Our legal basis for processing is no longer applicable
Data has been unlawfully processed
In compliance with a legal obligation
As set out in ‘retention period’, your data will be erased when it is no longer necessary for the purpose it was originally processed or after 12 months.
You can request erasure of your information by emailing support@recordsure.com.
Recordsure will update your details within one month of your request.
The right to restrict processing You have a right to restrict us processing your data if:
You contest the validity of our data and believe it should be restricted until verified.
You object to processing and we are considering the request
You would prefer your data to be restricted rather than erased when processing has been unlawful
Recordsure no longer needs the data but you require it to exercise or defend a legal claim.
You can request restriction of your personal data by emailing support@recordsure.com
Recordsure will restrict your details within one month of your request.
The right to object We use legitimate interest for direct marketing. You have a right to object to us using your personal information for these purposes. To object to Recordsure using your personal data for direct marketing  please click here.Opting out will take a maximum of 24 hours.
Rights related to automated decision making and profiling We use legitimate interest for profiling. You have a right to:
Request the details of any personal data used for profiling including the categories of data.
Request information on the profile/the profile itself and details of the segments you have been put into.
Request rectification and/or erasure of the personal data used as inputs to the profiling and the output data (the profile itself).
Object to us using your personal information for these purposes.
To request this information or object to Recordsure using your personal data for profiling email support@recordsure.com
Recordsure will cease profiling with your personal data as soon as the request is received and respond to your access request within one month of your request.

Our legal basis for processing personal data

Our legal basis for processing your personal data may rely upon our Legitimate Interest or Legal Obligation.

As a data subject on which we process personal data, you have various rights that you can exercise:

Recordsure relies upon the following legal bases for processing the personal data obtained from the practices outlined in Personal Data we Collect.

Legitimate interest

‘Legitimate Interest’ means the interests of our company in conducting and managing our business to enable us to give you the best services and experience. For example, we have an interest in making sure our services are relevant for you, so we may process your personal data to contact you by telephone with discussions tailored to your interests.

When we process your personal information for our legitimate interests, we make sure to consider the balance and any potential impact on you (both positive and negative) and your rights under the data protection regulation. Our legitimate business interests do not automatically override your interests – we will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

Our legitimate business interests may include some or all of the following:

  • For evidential purposes to effectively manage and maintain records of our relationships/communications with you;
  • For business development related activity such as contacting you by telephone or email to arrange meetings with our experts in relation to work or knowledge sharing;
  • To enhance, modify, personalise or otherwise improve our services and communications for the benefit of you;
  • To better understand how you interact with our website and content in order to enhance your customer experience;
  • To determine the effectiveness of promotional campaigns to inform marketing strategy.

Legal obligation

Recipients of Personal Data

Recordsure shares your data with the following third-party service providers. The data storage and processing systems are protected by access controls, to minimise any risk to the integrity or security of your personal data, and the data is stored in servers in the UK, EU and USA.

  • Salesforce / Pardot
  • Typeform
  • WordPress, hosted by WP-Engine
  • Unbounce
  • Go to Webinar
  • Microsoft Sharepoint
  • Access Dimensions

Recordsure will ensure that any third-party processor has adequate data protection measures in place that align with the requirements of the GDPR by conducting periodic due diligence. Recordsure will not share your data with any third-party processor outside of the UK, EU or USA.

Recordsure does not sell your personal data or other information to any third-party.

Recordsure stores personal information on a secure database which is shared with our associated company TCC.

Although data is stored centrally, all communication is segmented between the separate companies. Signing up to either mailing list will provide content from the relevant company, and subscribers can opt in or out of the respective mailing lists on an individual basis. We may on occasion share content between companies when we believe the information will be relevant and valuable.

You can opt into the Recordsure mailing list here to receive our regular newsletter featuring updates on development, analysis and insights. In addition, we may send ad hoc emails containing valuable information such as white papers and event invitations.

To subscribe to the TCC mailing list, please visit the TCC website here.

Where possible we will tailor the content we send subscribers to keep it relevant, for example, if you work in compliance we will try to share compliance specific material with you. You have the right to opt out of content tailored on your profile information by ticking the relevant box on our Preferences page.

Once Recordsure has received your information Recordsure is committed to ensuring it has all necessary technical and organisational controls in place to keep your information secure. In order to prevent unauthorised access or disclosure Recordsure has put in place suitable physical, electronic and managerial procedures to safeguard and secure the information Recordsure collects.

Retention period

Recordsure will only keep your personal data for as long as necessary for the purposes for which it was gained. Personal data will be retained for the purposes of direct marketing, relationship management and business development, or where we have another legal basis for processing (such as your consent or a contract with you). Recordsure will review the personal data we hold on you every 12 months to check for accuracy and relevancy and to ensure that we continue to have a legal basis for processing. If the personal data is no longer necessary, or where we no longer have the legal basis for processing, we will delete or fully anonymise the data we hold on you, in line with our GDPR Policy. If your data becomes inaccurate, we will update it accordingly.

The exception is information collected from surveys, feedback and questionnaires, which are held only for the duration of its usefulness i.e. the duration of a campaign. The data is then anonymised and retained for internal evidential purposes, or deleted.

Complaints

Recordsure will help you should you have any complaints about the processing of your personal data. Under the GDPR, you have the right to lodge a complaint with the Supervisory Authority, the Information Commissioner’s Office (ICO), who are the national authority responsible for the protection of personal data. A complaint can be made to the ICO via their website: ico.org.uk or through their helpline: 0303 123 1113.

Changes to this Privacy Statement

We reserve the right to change this statement. Changes will be published on our website www.recordsure.com/privacy-policy/ and previous versions will continue to be available here. We will notify you of any material changes to this statement via email (where possible) but recommend that you also check this statement regularly, so that you are informed of any changes.

Version 3.0 | 8th May 2018