Risk Consultancy Global

Free Onsite or Virtual Security Consultation

Risk Consultancy Global - Privacy Policy

Privacy Policy

Summary

RCG is the Data Controller for personal data about our client's.

We may amend this privacy notice from time to time. If we do so, we will supply you with and/or otherwise make available to you a copy of the amended privacy notice.

We keep to a minimum the Information we hold about you.

We use your data to arrange your security, risk management and enforcement services, respond to your enquiries and manage our relationship with you to meet our legal obligations.

We delete your data when it is no longer needed for these reasons.

We do not trade your data.

We do not give your Information to third parties without your consent.

You have lots of privacy rights.

We may use your data for contacting you about our services in a marketing email.

We do not process your data outside of the European Economic Area (EEA) unless necessary for the performance of a contract.

We do not use cookies on this website.

If you call our Africa office telephone number, you will be speaking to somebody internationally outside of the EEA.

To see more about how RCG uses your personal data, read the notice or notices, which apply best to your relationship with us:

I am a client

I am a prospective client

I am a website visitor

I am applying for a job

Your privacy rights

To contact RCG with a data protection query regarding the processing of your personal data, please use contact us at info@falcatarisk.com.

This page was last updated on 26/01/2022

Privacy Notice – Client

We keep to a minimum the Information we hold about you.

We use your data to arrange your security, risk management, enforcement services and to respond to your enquiries in managing our relationship.

We delete your data when it is no longer needed for these reasons.

We do not trade your data.

We do not give your information to third parties without your consent, albeit a few exceptions.

You have lots of privacy rights.

We do not process your data outside of the European Economic Area (EEA) unless necessary for the performance of a contract.

We do not use cookies on this website.

If you call our Africa office telephone number, you will speak to somebody internationally and outside the EEA.

Information we hold about you:

As our client, we will hold the following information about you:

Your name, identity and contact information.

Information about your business activities.

Information and documents about your matter or enquiries, including communications with you.

Billing and payment information.

Using your data:

References to the basis of processing are a reference to the article of the General Data Protection Regulation under which we undertake the processing in question.

We will collect personal data from you in relation to the provision of our services to you that are necessary, adequate, and relevant to the relationship.

Providing you a Service.

We use the Information we hold about you and your business — both personal and otherwise, to give you the best service that we can.

We also use your information to bill you and keep track of payments that you make.

To notify you about changes to our service.

If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you.

Our collection methods are:

Through engagement (or potential engagement) of our services.

Enquiries via our office, website or employees'

By communications, including email, telephone, post or social media.

Networking.

Through engagement of service providers.

Via third parties and/or publicly available resources.

(Processing is necessary for the performance of a contract - Basis: Article. 6(b): this is necessary to deliver the service to you.)

Data Security

Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis.

Unfortunately, the transmission of data on the Internet is not completely secure.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site via third party networks; any transmission is at your own risk.

Once we have received your Information, we will use strict procedures and security features to try to prevent unauthorised access.

Day to day phone calls are not encrypted.

We have put in place commercially reasonable and appropriate security measures to

prevent your personal data from being accidentally lost, used or accessed in an

unauthorised way, altered or disclosed.

In addition, we limit access to your personal data to those employees who have a business

need to know.

Those employees will only process your personal data on our instructions and they are

subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

If you have particular security requirements, please contact us to discuss how we can support you.

Your data and the EEA

We do not transfer or process data outside the European Economic Area unless we have your specific consent or where the nature of the processing requires it (for example, it is necessary to carry out a service you have instructed us to complete or where we are emailing a party to your matter who is based outside the EEA, or because you have chosen to use an email or other communications service which routes data outside the EEA).

Your privacy rights

You have lots of privacy rights in respect of our processing of your personal data.

You also have the right to lodge a complaint about our processing with a supervisory authority — you probably want the UK's Information Commissioner's Office

Third parties

We do not trade your personal information and as a general principle, we will not transfer your personal data to third parties without your permission.

There are three exceptions to this:

It is possible, though unlikely, that we might be forced to disclose your Information in response to a court order or other binding mandate.

We also have a small number of companies providing services to us. Telephony services, which would get to see your phone number if we call you, and a broadband supplier which could see your email address (but not the content of what you send us, if you encrypt it). We also use an external accountancy service but, unless you are a sole trader or a partnership, they are unlikely to see any personal data relating to you.

· Due to the nature and complexity of services we offer, we may need to share your personal data from time to time with a specialist sub processor to assist us. (Please contact us if you wish to discuss this)

All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data.

We only permit our third party service providers to process your personal data for specified purposes and in accordance with our instructions.

Deletion and retention periods:

Data about clients: duration of your relationship with us, then seven years

Data about specific matters: duration of the matter, then seven years

Enquiry data: duration of enquiry, then 7 days

When assessing what retention period is appropriate for your personal data, we take into consideration:

The requirements of our business and the services provided;

Any statutory or legal obligations;

The purposes for which we originally collected the personal data;

The lawful grounds on which we based our processing;

The types of personal data we have collected;

The amount and categories of your personal data; and

Whether the purpose of the processing could reasonably be fulfilled by other means.

Subject Access Requests

We strive to be as open as we can be in terms of giving people access to their personal data. A Subject Access Request under the GDPR is your right to request a copy of the Information that we hold about you. Such requests must be in writing to the contact usdetails provided in this policy. If we do hold your personal data we will respond in writing without undue delay and within one calendar month of your request (where that request was submitted in accordance with this policy).

The Information we supply will:

Confirm that your data is being processed;

Verify the lawfulness and the purpose of the processing;

Confirm the categories of personal data being processed;

Confirm the type of recipient to whom the personal data have been or will be disclosed, and

Let you have a copy of the data in an intelligible form.

Please note that you may need to provide identification in order to prove who you are to access your data.

If you agree, we will try to deal with your request informally by providing you with the specific information you need over the telephone.

Privacy Notice - Prospective Client

We keep to a minimum the information we hold about you.

We use your data to arrange your security services, luxury travel, global tracking, respond to your enquiries, manage our relationship with you and meet our legal obligations.

We delete your data when it is no longer needed for these reasons

We do not trade your data.

We do not give your information to third parties without your consent, but there are three exceptions.

You have lots of privacy rights

We do not process your data outside of the European Economic Area (EEA) unless necessary for the performance of a contract.

We do not use cookies on this website

If you call our Africa office telephone number, you will be speaking to somebody internationally and outside of the EEA

Information we hold about you

If you contact us we will hold the following information about you

Your name, identity and contact information

Information about your business activities

Information and documents about your enquiries, including communications with you

We also generate log files from various servers, including an IP address assigned to you or, more likely, to someone who provides you with Internet access.

All our client-facing platforms are accessible via Tor, and you can access this site on Tor (v2or v3). If you do not want us to see your actual IP address, feel free to visit us via Tor.

Using your data

References to the basis of processing are a reference to the article of the General Data Protection Regulation under which we undertake the processing in question.

We will collect personal data from you in relation to the provision of our services to you that are necessary, adequate and relevant to the relationship.

Dealing with your enquiry

If you give call us or make contact via our website or by email, we will follow up on your enquiry and see if there is a way in which we can help you.

We keep a record of enquiries received, to help us plan our business strategy and check that we are offering what potential clients want.

If you call our Africa office or the United Arab Emirates, your enquiry will be dealt with outside the EAA.

If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you

Our collection methods are:

Through engagement (or potential engagement) of our services

Enquiries via our office, website or employees'

By communications, including email, telephone, post or social media

Networking

Through engagement of service providers

Via third parties and/or publicly available resources

(Processing is necessary for the performance of a contract - Basis: Article. 6(b): this is necessary to deliver the service to you.)

Data Security

Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis.

Unfortunately, the transmission of information via the Internet is not completely secure.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site via third party networks; any transmission is at your own risk.

Once we have received your Information, we will use strict procedures and security features to try to prevent unauthorised access.

Day to day phone calls are not encrypted.

We have put in place commercially reasonable and appropriate security measures to

prevent your personal data from being accidentally lost, used or accessed in an

unauthorised way, altered or disclosed.

In addition, we limit access to your personal data to those employees who have a business

need to know.

Those employees will only process your personal data on our instructions and they are

subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

If you have particular security requirements, please contact us to discuss how we can support you.

Your personal data and the EEA

Your privacy rights

You have lots of privacy rights in respect of our processing of your personal data.

Click on privacy rightsfor more detailed Information

You also have the right to lodge a complaint about our processing with a supervisory authority — you probably want the UK's Information Commissioner's Office

Third parties

We do not trade your personal Information and as a general principle, we will not transfer your personal data to third parties without your permission.

There are three exceptions to this:

It is possible, though unlikely, that we might be forced to disclose your Information in response to a court order or other binding mandate.

Due to the nature and complexity of services we offer, we may need to share your personal data from time to time with a specialist sub-processor to assist us. (Please contact us if you wish to discuss this).

All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data.

We only permit our third party service providers to process your personal data for specified purposes and in accordance with our instructions.

Deletion and retention periods

Data about clients: duration of your relationship with us, then seven years

Enquiry data: duration of enquiry, then 7 days

Data about specific matters: duration of the matter, then seven years

When assessing what retention period is appropriate for your personal data, we take into consideration:

The requirements of our business and the services provided;

Any statutory or legal obligations;

The purposes for which we originally collected the personal data;

The lawful grounds on which we based our processing;

The types of personal data we have collected;

The amount and categories of your personal data; and

Whether the purpose of the processing could reasonably be fulfilled by other means.

Subject Access Requests

The information we supply will:

Confirm that your data is being processed;

Verify the lawfulness and the purpose of the processing;

Confirm the categories of personal data being processed;

Confirm the type of recipient to whom the personal data have been or will be disclosed, and

Let you have a copy of the data in an intelligible form.

Please note that you may need to provide identification in order to prove who you are to access your data.

If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

Website Visitor

We do not conduct any tracking or profiling on our website

Your IP address will be logged by our web server, it is not used to identify you and unlikely to unless you use the contact us enquiry form

We delete the contact usform data (enquiry/quote) after 7 days

We do not trade your data.

We do not use cookies on our website

Data Security

Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis.

Unfortunately, the transmission of information via the Internet is not completely secure.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site via third party networks; any transmission is at your own risk.

Once we have received your Information, we will use strict procedures and security features to try to prevent unauthorised access.

Day to day phone calls are not encrypted.

We have put in place commercially reasonable and appropriate security measures to

prevent your personal data from being accidentally lost, used or accessed in an

unauthorised way, altered or disclosed.

In addition, we limit access to your personal data to those employees who have a business

need to know.

Those employees will only process your personal data on our instructions and they are

subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

If you have particular security requirements, please contact us to discuss how we can support you

Privacy Notice – Applying for a job

Recruitment – Consent

To the extent that we are processing your Curriculum Vitae (CV) based on your consent, you have the right to withdraw your consent at any time.

Curriculum Vitae

We give you the option of submitting your CV via email. You can do this either to apply for a specific advertised job or for consideration for positions as they come up.

Your CV will be stored in our database, and will be accessible by management.

We keep to a minimum the information we hold about you.

We use your CV to assess your suitability for job vacancies, respond to your enquiries and meet our legal obligations.

We delete your CV when it is no longer needed for these reasons

We do not trade your data or share with other companies.

You have lots of privacy rights

Your CV does not leave the European Economic Area (EEA) when emailed to our company unless supplied for a specific position outside of the EEA then it may be to the relevant departments within our company,

We will not process your personal data outside of the EAA without your explicit consent. From time to time this may be necessary for overseas deployments.

You can update your CV at any time, simply by following the same procedure to submit a new CV. Your old CV will automatically be archived providing the submission details remain the same (for example you submit both CVs using the same email address or you advise the relevant contact of your new submission).

Equal Opportunities

RCG is an equal opportunities employer and a company committed to diversity. This means that all job applicants and members of staff will receive equal treatment and that we will not discriminate on grounds of gender, marital status, race, ethnic origin, colour, nationality, national origin, disability, sexual orientation, religion, or age.

Information we hold about you

If you contact us we will hold the following Information about you:

Your name, identity and contact information

Information about your business activities

Information and documents about your enquiries, including communications with you

The Information supplied in your CV

We also generate log files from various servers: this will include an IP address assigned to you or, more likely, to someone who provides you with Internet access.

All our client-facing platforms are accessible via Tor, and you can access this site on Tor (v2or v3). If you do not want us to see your actual IP address, feel free to visit us via Tor.

Using your data

References to the basis of processing are a reference to the article of the General Data Protection Regulation under which we undertake the processing in question.

Dealing with your CV submission

If you send us your CV via our website or by email, we will follow up your submission and let you know if we have any suitable vacancies. We will only keep successful applicants data.

(You the data subject have given us consent to process your personal data for one or more specific purposes ie Apply for a job – Basis Article. 6.(a): this is necessary to assess your application and suitability)

Data Security

Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis.

Unfortunately, the transmission of information via the Internet is not completely secure.

Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site via third party networks; any transmission is at your own risk.

Once we have received your Information, we will use strict procedures and security features to try to prevent unauthorised access.

Day to day phone calls are not encrypted.

We have put in place commercially reasonable and appropriate security measures to

prevent your personal data from being accidentally lost, used or accessed in an

unauthorised way, altered or disclosed.

In addition, we limit access to your personal data to those employees who have a business

need to know.

Those employees will only process your personal data on our instructions and they are

subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

If you have particular security requirements, please contact us to discuss how we can support you.

Your personal data and the EEA

We do not transfer or process data outside the European Economic Area unless we have your specific consent or where the nature of the processing requires it (for example, it is necessary for the role you are performing, to carry out a service you have instructed us to complete or where we are emailing a party to your matter who is based outside the EEA, or because you have chosen to use an email or other communications service which routes data outside the EEA).

Your privacy rights

You have lots of privacy rights in respect of our processing of your personal data.

The relevant rights are:

Get access to your personal data and Information about our processing of it

Right to erasure

Right to rectify

Right to restriction

Object to our processing for strategy planning purposes

If you want to exercise any of these rights, please just contact us

For more detailed Information click privacy rights

You also have the right to lodge a complaint about our processing with a supervisory authority — you probably want the UK's Information Commissioner's Office

Third parties

We do not trade your personal Information and as a general principle, we will not transfer your personal data to third parties without your permission.

There are three exceptions to this:

It is possible, though unlikely, that we might be forced to disclose your Information in response to a court order or other binding mandate.

Due to the nature and confidentiality of our services, clients under contract may ask to see CV's of staff that have been chosen to work for them. (Please contact us if you wish to discuss this)

Deletion and retention periods

Data about successful applicants: duration of your relationship with us, then seven

Years.

Enquiry data: duration of enquiry, then 7 days

Data about unsuccessful applicants: duration of application, then 7 days

Data about specific matters: duration of the matter, then seven years

When assessing what retention period is appropriate for your personal data, we take into consideration:

The requirements of our business and the services provided;

Any statutory or legal obligations;

The purposes for which we originally collected the personal data;

The lawful grounds on which we based our processing;

The types of personal data we have collected;

The amount and categories of your personal data; and

Whether the purpose of the processing could reasonably be fulfilled by other means.

Subject Access Requests

The Information we supply will:

Confirm that your data is being processed;Verify the lawfulness and the purpose of the processing;

Confirm the categories of personal data being processed;

Confirm the type of recipient to whom the personal data have been or will be disclosed, and

Let you have a copy of the data in an intelligible form.

Please note that you may need to provide identification in order to prove who you are to access your data.

If you agree, we will try to deal with your request informally by providing you with the specific information you need over the telephone.

Your privacy rights

The right to be informed – which is what this privacy notice is about

The right to access the data we hold about you

The right to object to direct marketing (We do not carry out direct marketing)

The right to object to processing carried out on the legal basis of Legitimate Interest

The right to erasure (exceptions may apply)

The right to data portability

The right to have your data rectified if it is inaccurate

The right to have your data restricted from processing

To exercise any of these rights, please contact us

Subject Access Requests

The Information we supply will:

Confirm that your data is being processed;

Verify the lawfulness and the purpose of the processing;

Confirm the categories of personal data being processed;

Confirm the type of recipient to whom the personal data have been or will be disclosed, and

Let you have a copy of the data in an intelligible form.

Please note that you may need to provide identification in order to prove who you are to access your data.

If you agree, we will try to deal with your request informally by providing you with the specific information you need over the telephone.