Person Analyzing Data

Data Protection & GDPR

Data Protection 

When the UK left the EU at the end of 2020 a ‘frozen’ version of the EU GDPR became part of UK law on 1st January 2021. RouteMagic will continue to have appropriate safeguards in place to ensure data is held and used in accordance with this notice and be compliant with the European Union’s General Data Protection Regulation.

Information we hold in relation to the Data Protection Act 2018

 

Information that falls under the Data Protection Act 2018 is “any information relating to an identified or identifiable natural person”. This precludes most information we process, but given the broad definition could include the following data items which we hold:

  • Client software usage

  • Email addresses which through we operate in a B2B environment may include personal accounts

  • Individuals names

  • Individuals regional location (Country – no full addresses)

  • Business store locations / delivery addresses which, through we operate in a B2B environment, could include personal addresses

This information comes from our sign-up process, where the user is explained the information we will hold and its usage. Secondary data sources (e.g. Business store locations), are provided by our clients to whom we clearly indicate how we process any data provided.

Sales & Marketing

We process individual details for the purposes of securing corporate information and restricting access to materials provided by our clients. We make an individual's details available to a client where the individual has requested information specifically belonging to that client. We do not make names and emails generally available to our clients or any other 3rd party. Where information is supplied directly by one of our clients it is used solely for the purposes of order capture and fulfilment and other directly related activities. 

We may process your personal information for carefully considered and specific purposes which are in our interest and enable us to enhance the services we provide, but believe also benefit our clients. Click here to review our privacy policy. We process personal information for certain legitimate business purposes, which include some or all the following:

• Where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our customers

• To identify and prevent fraud

• To enhance the security of our network and information systems

• To better understand how people interact with our websites

• To provide postal and electronic communications which we think will be of interest to you

• To determine the effectiveness of promotional campaigns and advertising

Whenever we process data for these purposes we will ensure that we always keep your Personal Data rights in high regard and take account of these rights. You have the right to object to this processing if you wish, and if you wish to do so please contact info@routemagic.co.uk. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.

Your personal data will not be retained for longer than is necessary for the purpose it was obtained for. We regularly review the data we hold and if it is no longer necessary it will be securely deleted.

In addition to the above, information can also include:

  • Individuals job titles

  • Individuals phone number which, through we operate in a B2B environment, could include personal phone numbers

This additional information can come from sign-up forms on our website or from data freely available on the internet, for example from websites like LinkedIn. Given the very limited scope of the data we process outlined above in relation to the Data Protection Act 2018 we consider the information we carry to be low risk whether you are a client or potential client.

 

Communicating privacy information

We communicate our privacy information, the data we hold and how we process it in this full document which is made available to clients, is published on our website and via summary to our direct users at point of software registration. For all Sales & Marketing emails we also provide a link to our Data Protection, Privacy & Cookie policies.

Individuals rights

 

Every individual has a right to know what information we hold on them. We can provide a plain text formatted electronic document identifying information held on an individual subject to a proper request by the individual concerned or authoritative body with sufficient legal authority. We will remove an individual’s information from our systems within 30 days subject to a proper request by the individual concerned or authoritative body with sufficient legal authority.

We do not profile individuals. We will also comply with any other request covered by an individual’s rights as identified by the Data Protection Act 2018 systems within 30 days subject to a proper request by the individual concerned or authoritative body with sufficient legal authority.

Subject access requests

Any request for information, or deletion of data held on an individual should be made in writing to RouteMagic, Mobile Enterprise Systems Ltd, 27 Rosewell Court Bath, BA1 2AQ, U.K. It should state clearly your request, who you are and how we can contact you. We will process requests within 30 days of receipt. Lawful basis for processing personal data

 

Client Software usage

We process individual details for the purposes of securing corporate information and restricting access to materials provided by our clients. We make an individual's details available to a client where the individual has requested information specifically belonging to that client. We do not make names and emails generally available to our clients or any other 3rd party. Where information is supplied directly by one of our clients it is used solely for the purposes of order capture and fulfilment and other directly related activities. 

Children

We do not specifically deal in any age restricted materials. Our client data is restricted and access is limited to individuals authorised by our clients. We do not operate social media or forum based activity targeted at children.

Data Breaches

 

We log inbound requests to our systems and have processes in place to react to suspicious activity. In the unlikely event that we discover a data breach, we will take steps to notify relevant clients and individuals as soon as practical. The data we hold we consider low risk, as it does not represent a risk to the rights and freedoms of individuals and as such we are not duty bound to report any such breaches to the ICO (Information Commissionaires Office).

Data Protection by Design

We take the security of our systems for both our client business data and the limited amount of individual data we hold seriously. Our systems are designed from the ground up with security and privacy in mind.

 

Data Protection Officers

The company does not have a dedicated DPO due its size and small amount of low risk information held by its systems. Please send any enquiries regarding Data Protection Act 2018 compliance in writing to the registered company address: RouteMagic, Mobile Enterprise Systems Ltd, 27 Rosewell Court Bath, BA1 2AQ, U.K. 

Website Accessibility

At RouteMagic we understand the importance of internet accessibility. Because of this, we have endeavoured to make our website meet all the requirements necessary to make the information it contains readable by all.

Suggestions

In the event that we inadvertently break any of the standards through the upload of new material, or should you have suggestions on how we might make our content more accessible we would be happy to listen. Simply contact us and we will do our best to accommodate your needs.