Privacy Policy
- Identity Data – includes first name, last name, any previous names, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data – includes billing address, delivery address, email address and telephone numbers.
- Financial Data – includes bank account and payment card details.
- Technical Data – includes internal protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access this website.
- Marketing and Communications Data – includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Performance of a contract with you: where we need to perform the contract we are about to enter into or have entered into with you.
- Legitimate interests: we may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and enable us to give you the best and most secure customer experience. We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to do so by law).
- Legal obligation: we may use your personal data where it is necessary for compliance with a legal obligation that we are subject to. We will identify the relevant legal obligation when we rely on this legal basis.
- Consent: we rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose, for example if you subscribe to an email newsletter.
- We use specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK, namely the International Data Transfer Agreement.
- We may transfer your personal data to service providers that carry out certain functions on our behalf. This may involve transferring personal data outside the UK to countries which have laws that do not provide the same level of data protection as the UK law. Whenever we transfer your personal data out of the UK to service providers, we ensure a similar degree of protection is afforded to it by ensuring that the following safeguards are in place:
- We will only transfer your personal data to countries that have been deemed by the UK to provide an adequate level of protection for personal data.
- Transfers on the basis of adequacy of data protection.
- Transfers subject to the appropriate data protection safeguards through technical and organisational measures.
- If binding corporate rules apply (agreements governing transfers made between organisations within a corporate group).
- You have the right to request access to your personal data (commonly known as a “subject access request”) and know more specifically, why and how we hold it. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- You have the right to rectification of inaccurate personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. We will ensure that the inaccurate or incomplete data is erased, if required, amended or rectified.
- You have the right to request erasure of your personal data in certain circumstances. This enables you to ask us to delete or remove personal data where the data is no longer needed for its original purpose or there is no good reason for us continuing to process it. You have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law (EU law or specified British law). Please note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. You have the right to request erasure of your personal data if there is no new lawful purpose that exists and on the grounds that you withdraw your consent to us processing your data and no other lawful grounds exists.
- RF Legal LLP. have the right to decline your request for erasure of personal data to the extent that data processing is necessary: i. for exercising the right of freedom of expression and information; ii. for compliance with a legal obligation which requires processing by EU or British law to which RF Legal LLP. are subject, or for the performance of a task carried out in the public interest, like public health, archiving and scientific, historical research or statistical purposes; or iii. for the establishment of, exercise of or defence against legal claims.
- You have the right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in one of the following scenarios:
- - the accuracy of the data is contested (and only for as long as it takes to verify that accuracy);
- - the processing is unlawful, and you request restriction (as opposed to exercising the right to erasure);
- - RF Legal LLP. no longer needs the data for their original purpose, but the data is still required by RF Legal LLP. or you to establish, exercise or defend legal rights; or
- - verification of overriding grounds is pending in the context of an erasure request.
- You have the right to request the transfer of your personal data held by RF Legal LLP, receive your own personal data held by us as well as transferring it to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used and machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. You also have the right to transmit the data to another data controller without hindrance from RF Legal LLP. unless this is technically unfeasible.
- Whenever RF Legal LLP. justify in writing to you via privacy notice that the data processing we carry out of your personal data is on the basis of its legitimate interests (or those of a third party), you have the right to object to such processing of your personal data. As a consequence, RF Legal LLP. would no longer be allowed to process your personal data unless it can demonstrate compelling, legitimate grounds to process your information which override your right to object. These grounds must be sufficiently compelling to override your interests, rights and freedoms, such as to establish, exercise or defend against legal claims.
- You have the right not to be evaluated on the basis of automated processing. The right not to be subject to automated decision-making applies only if such a decision is based solely on automated processing and produces legal effects concerning you or similarly significantly affects you. The underlying processing of personal data is allowed if it is authorised by law, necessary for the preparation and execution of a contract, or done with your explicit consent, provided that RF Legal LLP. has put sufficient safeguards in place. Such safeguards might include the right to obtain human intervention on the part of RF Legal LLP. or another equally effective opportunity to express your point of view to contest the decision.
- You also have the absolute right to object at any time to the processing of your personal data for direct marketing purposes (see the “opting out of marketing” section for details on how to object to receiving direct marketing communications).
- You have the right to withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- Email: info@rocketfin.co
- Postal: RF Legal LLP, 8 New Street, London EC1M 4TP
- Telephone number: 020 7031 5502
-
Complaints
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
Changes to the privacy policy and your duty to inform us of changes
We keep our privacy policy under regular review. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new address or email address.
Third-party links
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
Applicable law
This site is created and controlled by the company and subject to the laws of England & Wales and subject to the jurisdiction of the English court. The company reserves the right to make changes to the site and this privacy statement from time to time. By using the site or supplying information to us, you are agreeing and consenting to the use of information relating to you (including international transfer) as described in this privacy statement.