Privacy Policy

1. Introduction

RDMS Ltd ("we", "our", "us", or "RDMS") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you:

Visit our website at www.rdms.uk (the "Website")
Use our restaurant compliance management platform (the "Platform")
Engage with us in other related ways, including sales, marketing, or events

By using our Website or Platform, you agree to the collection and use of information in accordance with this policy. This Privacy Policy applies to information we collect:

On our Website
Through our Platform
In email, text, and other electronic messages between you and our Website or Platform
Through mobile and desktop applications you download from our Website, which provide dedicated non-browser-based interaction
When you interact with our advertising and applications on third-party websites and services

Please read this Privacy Policy carefully to understand our policies and practices regarding your information. If you do not agree with our policies and practices, your choice is not to use our Website or Platform. This policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the Website or Platform after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

2. Information We Collect

We collect several types of information from and about users of our Website and Platform, including:

Personal Information

Personal information is data that can be used to identify you directly or indirectly. The personal information we collect may include:

Contact Information: Name, email address, postal address, phone number, job title, company name
Account Information: Username, password, account preferences, and other account-related details
Financial Information: Payment details, billing address, and transaction history
Business Information: Information about your restaurant business, including number of locations, employee data, and compliance documentation
Correspondence: Information you provide when you contact us for support or other inquiries

Non-Personal Information

We also collect non-personal information that does not directly identify you. This may include:

Usage Data: Information about how you use our Website and Platform, including features used, time spent, and pages visited
Device Information: IP address, browser type, operating system, device information, and internet connection
Cookies and Similar Technologies: Information collected through cookies and similar technologies. For more information, please see our Cookie Policy
Aggregated Data: Statistical or demographic data that does not directly identify you

How We Collect Information

We collect information:

Directly from you: When you register for an account, use our Platform, fill out forms, interact with our Website, contact us, or otherwise provide information to us
Automatically: When you use our Website or Platform, we automatically collect certain information using cookies and similar technologies
From third parties: We may receive information about you from third-party partners, service providers, and publicly available sources

3. How We Use Your Information

We use the information we collect for various purposes, including:

Business Purposes

Providing, maintaining, and improving our Website and Platform
Processing and fulfilling your subscriptions, transactions, and payments
Managing your account and providing customer support
Responding to your inquiries, comments, or requests
Sending administrative information, such as updates to our terms, conditions, and policies
Monitoring and analyzing usage patterns, trends, and other activities to improve user experience
Preventing fraudulent transactions, monitoring against theft, and protecting against criminal activity

Marketing Purposes

Sending marketing communications about our products, services, and features
Conducting market research and surveys
Promoting our business and offerings
Delivering targeted advertisements based on your interests and online activities

Legal Purposes

Complying with legal obligations
Enforcing our terms of service and other legal rights
Responding to legal requests and preventing harm
Protecting our rights, property, and safety, and the rights, property, and safety of others

We will process your personal information lawfully, fairly, and in a transparent manner. We will only collect and process information that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

4. Sharing Your Information

We may share your information in the following situations:

Service Providers

We may share your information with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include:

Payment processors
Cloud service providers
IT and system administrators
Customer service providers
Marketing partners
Analytics providers

Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

Legal Requirements

We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena.

Vital Interests and Legal Rights

We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation in which we are involved.

With Your Consent

We may share your information with your consent or at your direction.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

5. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. These measures include:

Encryption of your personal information in transit and at rest
Regular security assessments and penetration testing
Access controls and authentication procedures
Regular backup procedures
Staff training on data protection and security
Physical security measures for our offices and data centers

However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6. Data Retention

We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider:

The amount, nature, and sensitivity of the personal information
The potential risk of harm from unauthorized use or disclosure of your personal information
The purposes for which we process your personal information
Whether we can achieve those purposes through other means
The applicable legal requirements

In some circumstances, we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Upon termination of your account, we will retain certain information to comply with legal obligations, resolve disputes, and enforce our agreements, but will delete or anonymize all other personal information within 90 days unless otherwise required by law.

7. Your Privacy Rights

Depending on your location and applicable laws, you may have the following rights regarding your personal information:

For All Users

Access: You have the right to request access to your personal information.
Correction: You have the right to request that we correct inaccurate or incomplete information about you.
Opt-out of Marketing: You can opt-out of marketing communications at any time by clicking on the "unsubscribe" link in our emails or contacting us directly.
Cookie Preferences: You can manage your cookie preferences as described in our Cookie Policy.

For European Economic Area (EEA), UK, and Similar Jurisdictions

If you are located in the EEA, UK, or other jurisdictions with similar data protection laws, you may have the following additional rights:

Erasure: You have the right to request the deletion of your personal information in certain circumstances.
Restrict Processing: You have the right to request that we restrict the processing of your personal information in certain circumstances.
Data Portability: You have the right to request that we provide you or a third party with a copy of your personal information in a structured, commonly used, machine-readable format.
Object to Processing: You have the right to object to the processing of your personal information in certain circumstances.
Withdraw Consent: If we rely on your consent to process your personal information, you have the right to withdraw that consent at any time.
Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us using the details provided in the "Contact Us" section below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

8. Children's Privacy

Our Website and Platform are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and you believe your child has provided us with personal information, please contact us. If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

9. International Data Transfers

Our Website and Platform are primarily operated and managed on servers located in the United Kingdom. However, we may transfer, store, and process your information in countries other than your own.

If we transfer your personal information outside of the UK, EEA, or other regions with data protection laws that may differ from those in your location, we will take steps to ensure that appropriate safeguards are in place to protect your personal information and to ensure that it is treated in accordance with this Privacy Policy. These safeguards include:

Using specific contracts approved by the European Commission, UK authorities, or other relevant authorities that give personal information the same protection it has in your jurisdiction
Transferring to countries that have been deemed to provide an adequate level of protection for personal information by relevant data protection authorities
Obtaining your explicit consent for the transfer after informing you of the potential risks
Transferring through service providers that are certified under privacy frameworks such as EU-US Privacy Shield (where applicable)

By using our Website or Platform, you consent to the transfer of your information to countries outside your country of residence, which may have data protection rules that are different from those of your country.

10. Changes to This Policy

We may update our Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We will notify you of any material changes by either:

Sending an email to the email address you most recently provided to us
Displaying a prominent notice on our Website
Updating the "Last updated" date at the top of this Privacy Policy

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of our Website or Platform after any changes to this Privacy Policy constitutes your acceptance of the changes.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

RDMS Ltd

Email: hello@rdms.uk

Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact our DPO using the details set out above.

For users in the European Union, you have the right to make a complaint at any time to your local supervisory authority for data protection issues. However, we would appreciate the chance to deal with your concerns before you approach the authority, so please contact us in the first instance.