Privacy Policy
I. General information
This privacy policy specifies the purposes of the processing for which your personal data are intended as well as the legal basis for its processing; where applicable, our legitimate interests pursued by the processing; as well as recipients or categories of recipients of your personal data.
In addition, we inform you about:
- How long your personal data will be stored
- Your rights as the data subject and how to exercise them (see also section VI.)
- In case that you have given us your explicit consent to process your personal data, the existence of the right to withdraw that consent at any time
- The right to lodge a complaint with a supervisory authority
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data and of the possible consequences of failure to provide such data
Changes to our privacy policy
Our Company keeps its privacy policy under regular review and places any updates on this web page.
II. Controller of your personal data
We assume the role of controller as per the EU General Data Protection Regulation (EU GDPR). We are the legal entity that shall determine the purposes and means of the processing of personal data. Our contact details are as follows:
Name: Red Sky Foods Ltd
Address: 3 Fairview Court 119-127 Fairview Road, Cheltenham, GL52 2EX, United Kingdom
Email: hi@redsky.io
Data Protection Officer
You can directly contact our Data Protection Officer for confirmation as to whether we process personal data of yours and also exercise your other rights: privacy@redsky.io.
III. Personal data automatically processed by visiting our website or when using our service(s)
Usage and traffic data
When you visit our website and login area, personal data transmitted by your browser will be automatically processed in order to render our website. Some personal data will are stored in the server logfiles.
Categories of personal data:
- Browser type and version
- Operating system
- Referrer URL
- Hostname
- Timestamp
- IP-address
Period saved for: Usually 6 months at the most.
Legal basis: Article 6 (1) f) of the EU GDPR. We have a legitimate interest in the security and performance of rendering our website.
Cookies
Cookies are small blocks of data which are stored on your device when browsing our website. The cookies we use are strictly necessary for the security and functionality of our website. You can instruct your browser to refuse all cookies. In that case, our service will no longer be accessible to you.
Name | Domain | Type | Purpose | Period saved for |
---|---|---|---|---|
red-sky-session | https://redsky.io/ | Session cookie | To recognize same session. | Session |
Legal basis: Article 5 (3) ePrivacy Directive in conjunction with Article 6 (1) f) of the EU GDPR. We have a legitimate interest in the security and performance of rendering our website.
IV. Personal data you provide to us, and we use for our services
Contact form
When you submit a request to us via the contact form on our website, we record your personal data in order to process your request.
Categories of personal data processed:
- Name
- Phone (optional)
- Company name (optional)
- Any personal data you enter and submit in the message field
Period saved for: When you delete your user account.
Legal basis: Article 6 (1) b) of the EU GDPR.
Registration form and login
When you register for our online service, we have to record and process certain personal data as your login data.
Categories of personal data processed:
- Name
- Email address to log in
- Password
Period saved for: When you delete your user account.
Legal basis: Article 6 (1) b) of the EU GDPR.
Sending emails
In case you contact us directly via email, we need to process your personal data to address your inquiry.
Categories of personal data processed:
- Email address
- Any personal data you submit within your email
Period saved for: We delete this data when your inquiry has been answered or the communication has stopped.
Legal basis: Article 6 (1) b) of the EU GDPR.
Billing and payment
If you use our seller and buyer platform, we will collect and use your billing details to process payments and invoices in accordance with the method of payment you choose. Your billing details are saved for payment and invoice processing when your user term is automatically renewed.
Categories of personal data processed:
- Name
Period saved for: Until your user account is deleted or beyond this point, until a time when the data is no longer subject to any tax-related, commercial, or other statutory storage obligations.
Legal basis: Article 6 (1) b) of the EU GDPR.
V. Who else may receive your personal data?
We only pass your personal data on to third parties when this is required to fulfil our business purposes, when you have given your consent to this, or when we are obliged to on legal grounds, by court order, or at the request of another official authority.
Service providers
In cases where we use the services of external service providers to render our service, transmitting your personal data for processing by the service provider is usually carried out on the basis of a data processing agreement, whereby we remain the controller of the data processing. We review each of these service providers beforehand and during the contractual arrangement as stipulated by Article 28 (1) EU GDPR.
Categories of service providers that may receive your personal data:
- Public authorities and courts
- Technical service providers
- Hosting providers
- Email sending providers
- Email marketing providers
- Payment service providers, receivables management providers, debt collection providers
- CRM providers
- Postal providers (letter shops)
- Sales service providers and call centres
Other users
Other users of the platform can see your personal data that you entered into the system and which are needed in order to offer the service.
Third countries
Your personal data may be transferred to (non-EU) third countries. This however shall always take place in compliance with the admissibility requirements as regulated by EU GDPR and other applicable laws and regulations.
In cases where the transfer of your personal data to a third country
- does not serve the fulfilment of contractual obligations,
- we have not received consent from you,
- the transfer is not necessary for the establishment, exercise or defence of legal claims, and no other exemption clause applies,
we shall only transfer your personal data when an adequacy decision pursuant to Article 45 of the EU GDPR or appropriate safeguards pursuant to Article 46 of the EU GDPR are in place.
In general, we provide for appropriate safeguards by standard contractual clauses as decreed by the European Commission with the recipient body pursuant to Article 46 of the EU GDPR, as well as an adequate level of data protection.
VI. Your rights
With regards to our processing of your personal data, you can (informally) exercise the following rights:
- Right to object: You have the right to file an objection at any time to any processing of your personal data pursuant to Article 6 (1) f) EU GDPR (to our legitimate interest in the processing).
- Right of access: You can request to receive clear and transparent access to information regarding the processing of your personal data.
- Right to rectification: You have the right to demand that we correct any of your personal data that is incorrect and complete any personal data that is incomplete.
- Right to erasure: In certain cases we are obliged to delete your personal data once you have requested this.
- Right to restriction of processing: In certain cases you can demand that restrictions be placed on the processing of your personal data.
- Right to data portability: Any data disclosure report you’ve requested can also be sent to third parties.
- Right to withdraw consent: You can withdraw any consent you have given to data processing at any time.
- Right to lodge a complaint: You have the option of submitting an official complaint to the supervisory authority. The supervisory authority responsible for our company is: The Information Commissioner’s Office
If you feel that the processing of your personal data infringes upon the EU GDPR, you have the right to lodge a complaint with the supervisory authority in your regular place of residence, your place of work, or alleged place of infringement. Further information about the complaints procedure is available in Article 77 of the EU GDPR.