Privacy Policy

Effective Date: 01-Jan-2025

At Rehman & Grandsons Limited, we understand that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of our Customers and everyone else who visits this website, https://rehmanandgrandsons.com/ (“our Site”), and will only collect and use personal data in ways that are described here, consistent with our obligations and your rights under the law.

The procedures and principles set out in this Notice will be followed at all times by us as a company, as well as our employees, sub-contractors, or other parties working on our behalf.

Please read this Privacy Notice carefully and ensure that you understand it. You are deemed to have accepted our Privacy Notice when you first use our Site. If you do not accept and agree with this Privacy Notice, you must stop using our Site immediately.

1. Definitions and Interpretation

In this Notice, the following terms have the following meanings:

• “Customer”: Any individual, firm, or corporate body to which we provide our services.
• “Cookie”: A small text file placed on your computer or device by our Site when you visit certain parts of our Site and/or when you use certain features of our Site. Details of the Cookies used by our Site are set out in Section 12 below.
• “Data Protection Laws”: The General Data Protection Regulation 2016/679 (“GDPR”) and the Data Protection Act 2018.
• “Personal data”: Any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to us by becoming a Customer of ours or by visiting our Site. This definition shall, where applicable, incorporate the definitions provided in the applicable Data Protection Laws.
• “We/Us/Our”: Rehman & Grandsons Limited, a company registered in England and Wales under number 14512635, whose registered office address is Unit 1 Derwent Business Centre, Clarke Street, Derby, England, DE1 2BU.

2. Information About Us

We are Rehman & Grandsons Limited, a company specialising in Infor LN and associated applications. For the purposes of Data Protection Laws, we are the data controller responsible for your personal data.

3. What Does This Notice Cover?

3.1 This Privacy Notice applies to our use of personal data collected when you become a Customer of ours, when you enquire about our services, or when you visit our Site.

3.2 Our Site may contain links to other websites, including social media links. Please note that we have no control over how your data is collected, stored, or used by other websites, and we advise you to check the privacy policies of any such websites before providing any data to them.

4. Your Rights

4.1 As a data subject, you have the following rights under the applicable Data Protection Laws, which this Notice and our use of personal data have been designed to uphold:

4.1.1 The right to be informed about our collection and use of personal data;
4.1.2 The right of access to the personal data we hold about you (see Section 11);
4.1.3 The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details in Section 13);
4.1.4 The right to be forgotten – i.e., the right to ask us to delete any personal data we hold about you (we only hold your personal data for a limited time, as explained in Section 6, but if you would like us to delete it sooner, please contact us using the details in Section 13);
4.1.5 The right to restrict (i.e., prevent) the processing of your personal data;
4.1.6 The right to data portability (obtaining a copy of your personal data to re-use with another service or organization);
4.1.7 The right to object to us using your personal data for particular purposes; and
4.1.8 Rights with respect to automated decision-making and profiling.

4.2 If you have any cause for complaint about our use of your personal data, please contact us using the details provided in Section 13, and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office (ICO).

4.3 For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens’ Advice Bureau.

Here’s the expanded “What Data Do We Collect and How Do We Use Your Data?” section, formatted to integrate seamlessly with the rest of the Privacy Policy:

5. What Data Do We Collect and How Do We Use Your Data?

5.1 We may collect, use, store, and transfer different kinds of personal data about you, grouped as follows:

5.1.1 Identity Data: Includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, and gender.
5.1.2 Contact Data: Includes billing address, delivery address, email address, and telephone numbers.
5.1.3 Financial Data: Includes bank account and payment card details.
5.1.4 Transaction Data: Includes details about payments to and from you, and other details of products and services you have purchased from us.
5.1.5 Technical Data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
5.1.6 Profile Data: Includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
5.1.7 Usage Data: Includes information about how you use our website, products, and services.
5.1.8 Marketing and Communications Data: Includes your preferences in receiving marketing from us and our third parties, and your communication preferences.

5.2 All personal data is processed and stored securely, for no longer than is necessary or statutorily required, considering the reason(s) for which it was first collected. We will comply with our obligations and always safeguard your rights under the applicable Data Protection laws. For more details on security, see Section 6 below.

5.3 Our use of your personal data will always have a lawful basis, either:

• Because it is necessary for our performance of a contract with you;
• Because you have consented to our use of your personal data (e.g., by subscribing to emails); or
• Because it is in our legitimate interests.

Specifically, we may use your data for the following purposes:

Purpose	Type of Data	Lawful Basis for Processing	Retention Period
Partner	Contact, Profile	Performance of a contract with you	6 years from the date our contract terminates/expires
Prospective Partner	Marketing and Communications	Necessary for legitimate interests (to develop and grow our business)	2 years from the date we received your personal data
Supplier	Identity, Contact	Performance of a contract with you	6 years from the date our contract terminates/expires
Payee	Identity, Contact, Financial, Transaction	Performance of a contract with you, necessary for legitimate interests (to recover debts)	6 years from the date our contract terminates/expires
Completed Communication Webform	Identity, Contact, Marketing and Communications, Usage	Necessary for legitimate interests (to study and improve services, inform marketing)	2 years from the date we received your personal data

5.4 With your permission and/or where permitted by law, we may also use your data for marketing purposes, including contacting you by email with information, news, and offers on our services. We will not send unsolicited marketing or spam and will take all reasonable steps to protect your rights and comply with applicable laws, including the Privacy and Electronic Communications (EC Directive) Regulations 2003.

5.5 Third parties whose content appears on our Site may use third-party Cookies, as detailed in Section 12. Please note that we do not control the activities of such third parties or the data they collect and use. We recommend reviewing their privacy policies before providing them with any data.

5.6 You have the right to withdraw your consent to our use of your personal data at any time and to request its deletion. Unless we have a lawful basis or statutory reason to retain it, we will delete your personal data without delay and no later than one month after receiving your request.

5.7 We do not keep your personal data for longer than is necessary in light of the reason(s) for which it was first collected.

Here’s a refined version of the section with added clarity and detail:

6. How and Where Do We Store Your Data?

6.1 Retention of Personal Data
We retain your Personal Data only for as long as it is necessary to fulfill the purposes outlined in section 5 or as required by law. This includes compliance with legal, accounting, or reporting obligations. Specific retention periods for various types of data are detailed in section 5.3.

6.2 Data Storage Locations
Your data is primarily stored in the UK. However, we may utilize third-party processors such as Xero and Microsoft 365, which may process or store data in locations outside the UK. These third-party providers are carefully selected to ensure they meet applicable data protection standards.

6.3 Data Security Measures
We prioritize the security of your data and have implemented robust measures to safeguard it. These measures include, but are not limited to:

• Encryption of sensitive data during storage and transmission.
• Regular security audits and system monitoring to detect and prevent unauthorized access.
• Role-based access controls to limit data access to authorized personnel only.
• Secure physical and digital storage facilities to prevent data breaches.

If you would like additional details about our data security protocols, please contact us at the email provided in section 13.

7. Do We Share Your Data?

7.1 Third-Party Service Providers
We may engage third parties, such as sub-contractors, to provide services on our behalf. In such cases, these third parties may require access to certain data. We ensure that:

• Access is limited to the data strictly necessary for the service being provided.
• The third parties comply with all applicable data protection laws and our data handling requirements.
• Your data is handled safely, securely, and in accordance with your rights and our legal obligations.

7.2 Anonymised Data Sharing
We may generate statistical data about the use of our Site, such as information on traffic, user behaviour, sales, and usage patterns. This data is anonymised to ensure that it cannot identify any individual.

• Such data may be shared with third parties, including investors, affiliates, partners, and advertisers.
• Anonymised data will only be shared in compliance with applicable laws and for legitimate purposes.

7.3 International Data Transfers
In certain cases, we may use third-party data processors located outside the European Economic Area (EEA). Examples include cloud-based services or platforms that store or process data in other regions. When transferring data outside the EEA, we will:

• Ensure the third party adheres to equivalent data protection standards as required in the UK.
• Use legal mechanisms, such as standard contractual clauses, to safeguard the transfer and processing of your data.

7.4 Legal Obligations
In some circumstances, we may be required to share your data to comply with legal obligations, such as:

• Responding to court orders or governmental requests.
• Participating in legal proceedings or regulatory investigations.
  Where possible and lawful, we will notify you of such disclosures.

8. What Happens If Our Business Changes Hands?

8.1 Transfer of Ownership or Control
As part of our business growth and development, there may be circumstances where we expand, restructure, or transfer control of all or part of our business. If such changes occur:

• Any personal data you have provided that is relevant to the transferred part of our business will also be transferred to the new owner or controlling party.
• The new owner or controlling party will be obligated to handle your personal data in accordance with this Privacy Notice and use it solely for the purposes for which it was originally collected.

8.2 Notification of Changes
In the event of such a transfer, we may not notify you individually of the change. However, any changes to how your data is handled will continue to adhere to the terms set out in this Privacy Notice.

9. How Can You Control Your Data?

9.1 Control Over Direct Marketing
In addition to the rights provided under applicable Data Protection laws (outlined in Section 4), you have the ability to control how we use your personal data. Specifically:

• We aim to give you strong control over our use of your data for marketing purposes. You can opt-out of receiving marketing communications, including emails, by unsubscribing through the links provided in our emails or at the point of providing your details.

9.2 Opting for Preference Services
To further manage unsolicited marketing, you may also choose to register with one or more of the UK’s preference services:

• The Telephone Preference Service (TPS)
• The Corporate Telephone Preference Service (CTPS)
• The Mailing Preference Service (MPS)
  These services help prevent you from receiving unsolicited marketing. However, please note that these services will not stop you from receiving communications that you have previously consented to.

10. Your Right to Withhold Information

10.1 Accessing Our Site
You can access certain areas of our Site without providing any personal data. However, to use all the features and functions available, you may need to submit or allow the collection of certain data.

10.2 Restricting Cookies
You have control over the use of Cookies on our Site:

• You can enable or disable Cookies in your internet browser.
• Most browsers allow you to disable either all cookies or just third-party cookies.
• By default, browsers accept cookies, but you can change this setting. For more information, consult the help menu in your browser or the device documentation.

11. How Can You Access Your Data?

You have the right to request a copy of any personal data we hold about you. If you’d like to make such a request, please contact us using the details in Section 13.

12. Our Use of Cookies

12.1 Cookie Compliance
All cookies used on our Site comply with current cookie law.

12.2 Types of Cookies
We may place and access both first-party and third-party cookies on your device to enhance your experience:

• First-party cookies are set by us and used exclusively by us.
• Third-party cookies are set by external parties (such as service providers) and help improve our Site, but are not necessary for its basic functioning.

12.3 Consent for Cookies
Before placing cookies on your device, you will be shown a pop-up requesting your consent. By consenting, you help us provide a better service. If you prefer not to accept cookies, you can deny consent, but please note that some features of our Site may not function as intended.

12.4 Strictly Necessary Cookies
Certain cookies are essential for the basic functionality of our Site. These cookies are considered “strictly necessary” under Cookie Law and will be used even without your consent. You can block these cookies by adjusting your browser settings, but doing so may impact your experience on our Site.

12.5 Google Analytics
We use Google Analytics to collect anonymous usage data, which helps us understand how visitors use our Site. This information allows us to improve the Site and services. You can read more about Google’s privacy practices at Google’s Privacy Policy.

12.6 Deleting Cookies
You can delete cookies from your device at any time, but please be aware that doing so may affect your ability to access certain features of our Site.

12.7 Keeping Your Browser Updated
We recommend keeping your internet browser and operating system up to date. If you’re unsure about how to adjust your privacy settings, consult the help resources provided by your browser or device manufacturer.

13. Contacting Us

If you have any questions about our Site or this Privacy Notice, please contact us. Please make sure your query is clear, especially if you are requesting information about the data we hold on you (as detailed in section 11).

14. Changes to Our Privacy Notice

We may update this Privacy Notice from time to time, for example, in response to changes in the law. Any changes will be posted on this page immediately. By continuing to use our Site after these changes, you accept the updated Privacy Notice. We recommend checking this page regularly for updates.

Copyright © 2025 Rehman & Grandsons Limited – All Rights Reserved.