RedKnight Consultancy Ltd Policy RedKnight Consultancy Ltd is committed to respecting your privacy. You can visit our websites without disclosing any personally identifiable information about yourself. However, please note that we may use cookies and collect other non-personally identifiable information about your browsing activity. If you do submit personal information by ordering products, services or completing a web form registration, for example, you can be assured that we will use your personal information only to support your continuing relationship with us. If you are interested in knowing more about our Privacy and Cookie Policy, we provide a Privacy Policy Statement to help you understand how we collect, use and protect your information when you visit our websites and when you generally use our products and services. You can download the full Statement here below. We wish to help you make informed decisions, so please take a few moments to read the sections below and learn how we may use your personal information. Personal Information Collection Whether you order and subsequently use products and services, make customer enquiries, register for information or other services, request product information, submit a job application or you just respond to communications from us, we will always endeavour to collect and use your personal information only with your knowledge and consent. Please be sure that if you choose to provide us with personal information it will be used in support of the intended purposes stated at the time at which it was collected, and subject to any preferences indicated by you. The type of information we might collect form you can be personal and/or non-personal identifying information.

For example, on the basis of the type of your activity on our website, we might collect information on:

• your name and postal address telephone number

• email address

• credit/debit card or other financial information

• and other information collected on registration or through surveys We may also collect non-personally identifying information about your visit to our websites based on your browsing activities.

This information may include the pages you browse and products and services viewed or ordered for example. This helps us to better manage and develop our sites, to provide you with a more enjoyable, customised service and experience in the future, and to help us develop and deliver better products and services tailored to your individual interests and needs.

We may also store and use your information to contact you for market research and marketing purposes. Use of Cookies Our website uses cookies to distinguish you from other users of our website.

This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies. Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. If you are interested in further knowing the type of cookies we provide you with a complete Privacy Policy and Cookie Policy Statement, which can be downloaded below.

Use of Information We may use your information for a number of purposes which includes: processing your orders and managing and administering your account; delivering any services, products or information requested by you; responding to complaints or account enquiries; administering debt recoveries; verifying your identity when required. If you have consented to receive details of products and services, events and training you can contact us at info@redknightconsultancy.co.uk at any time to have your details removed from lists used by us for any or all of those purposes to update your information or to otherwise tell us how you would like to receive information about our and/or third party products and services – the choice is yours.

You are entitled, at anytime, to opt-out or opt-in our services which utilise your information, by simply email info@redknightconsultancy.co.uk: state what your decision is in the subject header of the mail and quote your mobile and/or account number in the body of the email and tell us what you want us to do.

Information Security We recognise that customers are increasingly concerned about how companies protect personal information from misuse and abuse and about privacy in general. Our electronic storage uses DropBox TM which conforms to the most widely-accepted security standards and regulations in the world. Email correspondence uses GoDaddy and emails are protected using GoDaddy Email Encryption Proof Point software. Our website is hosted by GoDaddy with Standard Domain Validation SSL.

It is also MacAfee secure via the SECURE TrustMarkTM. Providing Information We reserve the right to amend or modify this Privacy Policy Statement at any time and in response to changes in applicable data protection and privacy legislation. If we decide to change our Privacy Policy, we will post the changes on our website so you know what information we collect and how we use it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will tell you. You will have a choice as to whether or not we are able to use your information in this different manner.

If you have any enquiry about our privacy policy or practices, please write to: info@redknightconsultancy.co.uk or to Data Protection Officer, RedKnight Consultancy Ltd, Ty Menter, Navigation Park, Abercynon, CF45 4SN, UK.

DATA PROTECTION POLICY

RedKnight Consultancy Ltd Policy RedKnight Consultancy Ltd as part of its business may need to gather and use certain information about companies and individuals. These can include individuals using our services, volunteers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact. This policy describes how this personal data is collected, handled and stored to meet the company’s data protection standards – and to comply with the Data Protection Act 1998 and the General Data Protection Regulation. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully. The Legal Framework The Data Protection Act 1998 and the General Data Protection Regulation (GDPR) describes how organisations must collect, handle and store personal information.

The Data Protection Act and GDPR is underpinned by eight important principles which state that personal data must:

• Be processed fairly and lawfully

• Be obtained only for specific, lawful purposes

• Be adequate, relevant and not excessive

• Be accurate and kept up to date

• Not be held for any longer than necessary

• Processed in accordance with the rights of data subjects

• Be protected in appropriate ways

• Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection Scope and responsibilities

This Data Protection Policy applies to all staff of RedKnight Consultancy Ltd; its Directors and to all of its contractors, suppliers and other people working on behalf of RedKnight Consultancy Ltd.

It also applies to all data that the company holds relating to identifiable individuals, even if that information technically falls outside of the Data Protection Act 1998 and GDPR.

# Everyone who works for or with RedKnight Consultancy Ltd has some responsibility for ensuring data is collected, stored and handled appropriately, and each member of the staff wields particular responsibilities, which are further explained in detail in the full statement. Use of Data Personal data is of no value to RedKnight Consultancy Ltd unless the business can make use of it. However, it is when personal data is accessed and used that it can be at the greatest risk of loss, corruption or theft. Therefore, RedKnight Consultancy Ltd shall provide training to all employees to help them understand their responsibilities when handling data as well as provide them with a solid normative corpus regulating the use and storage of all data produced by RedKnight Consultancy Ltd, be it digital or on paper.

The law requires RedKnight Consultancy Ltd to take reasonable steps to ensure data is kept accurate and up to date. It is the responsibility of all employees who work with data to take reasonable steps to ensure it is kept as accurate and up to date as possible. In certain circumstances, the Data Protection Act and GDPR allow personal data to be disclosed to law enforcement agencies without the consent of the data subject. Under these circumstances, RedKnight Consultancy Ltd will disclose requested data. However, the data controller will ensure the request is legitimate, seeking assistance from the board and from the company’s legal advisers where necessary. Questions about storing data safely can be directed to the responsible Director.

Subjects Access Requests All individuals who are the subject of personal data held by RedKnight Consultancy Ltd are entitled to:

• Ask what information the company holds about them and why.

• Ask how to gain access to it.

• Be informed how to keep it up to date.

• Be informed how the company is meeting its data protection obligations. Providing Information RedKnight Consultancy Ltd aims to ensure that individuals are aware that their data is being processed, and that they understand:

• How the data is being used

• How to exercise their rights To these ends, the company has a privacy statement, setting out how data relating to individuals is used by the company.