1.2 - This policy also describes your data protection rights, including a right to object to some processing. This Policy does not apply to information collected by any third party, including through any third-party application or content that links to or is accessible from our websites.
What type of information do our Clients ask us to collect?
2 - Our registration sites are flexible and allow our Clients to collect a variety of personal data from and about the Users e.g. email address, name, home or work address, passport number, and other event specific details. In some circumstances, the User may upload images or videos. Normally such details will only be provided by the User in response to an invitation or request from the Client. None of this data is stored by us until the User clicks 'Submit' at the end of the registration form. Users are invited to register for the Client commissioned event but are not compelled to do so.
Information we collect
3 - We do not use any analytical tools e.g. Google Analytics at any stage prior to or during the submission process. However, once the User submits their entry our system will log additional information. This may include the computer network's IP address, time and date stamp, the type of device used to submit the entry i.e. tablet, phone, computer. We may also record the browser type and version. Apart from the date of entry, this additional information is solely used to identify technical issues or fraudulent use. The additional information that we gather will not be passed on to any third party unless we have a technical issue with the booking. For the purposes of this information, Red Rock Media Ltd is both the data controller and the data processor.
Does Red Rock Media Ltd process personal data of children?
4 - Our services are not intended for children under 18 years of age. We do not directly solicit or collect personal data from Users aged under 18. If you are under 18, do not (i) use or provide any information on these registration forms or on or through any of their features, (ii) make any purchases through our websites, (iii) provide any information about yourself to us, including your name, address, telephone number or e-mail address.
How do our Clients ask us to collect data?
5 - They ask us to collect and collate the data of Users when they, following invitation, voluntarily enter their personal data into the websites. Personal data may also be entered by persons on another's behalf when explicit permission has been given and it is appropriate to do so (for example in the case of a Personal Assistant).
How do our Clients use personal data?
6 - If a User chooses to use our websites to conduct business with a Client (for example: to register for an event, respond to an online survey, upload requested information), any information provided in connection with that interaction will be transferred to, and under the control of, the Client i.e. the Clients act as data controllers towards the User. Therefore, Red Rock Media Ltd cannot and does not take responsibility for the privacy practices of Clients. The information practices of our Clients are governed by their privacy policies. We encourage Users to review the Client's privacy policies to understand their practices and procedures.
Does Red Rock Media Ltd use personal data collected by its Clients?
7 - Red Rock Media Ltd does not use the personal data of our Users for any purpose other than to provide services that our Clients have contracted us to provide through our websites, or as required by law. We do not share, sell or trade any information with third parties for promotional purposes.
Under what lawful basis does Red Rock Media Ltd process data?
How long does Red Rock Media Ltd store personal data collected by our Clients?
9 - Where we process personal data for legitimate business interests described in the section above, unless otherwise specified in our contract with our Client, we process the data until 90 days after the termination of the contract, at which time we remove it from our working environment and backup media.
How do you access, correct or delete your information?
10 - Red Rock Media Ltd processes Users data under the direction of our Clients and has no direct control or ownership of the personal data we process. Clients are responsible for complying with any regulations or laws requiring notice, disclosure or obtaining consent prior to referring the User to Red Rock Media Ltd for processing purposes. Any User that seeks to access, correct or delete data, or objects to any part of the processing of their data, should direct their query to the Client at the event email address. If the Client requests that Red Rock Media Ltd remove the personal data of a User to comply with data protection regulations, Red Rock Media Ltd will process this request within 30 days.
10.1 - We will not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. In such instances, we will inform the Client about the legal obligations that prevent us from fulfilling the request.
11 Cookies - We only use one cookie on this website which provides essential security features. The cookie does not store any personal data. We do not use any tracking or third-party cookies. By blocking cookies on the websites the User will not be able to gain access to restricted, password protected pages.
11.1 Web beacons/clear gifs - When commissioned to do so, we may create a private, bespoke email database for use in sending invitations and event specific news. When we send group emails in this way, we may track behaviour such as; whether the emails have been opened and who clicked the links within. This allows us to measure the performance of the service and assist the data processors with their event administration. To do this, we include clear gifs (also called web beacons) in the group emails that we send. We only use web beacons in emails that have an unsubscribe option within the footer of the email. One on one event communication emails sent from the events team do not utilise web beacons. This tracking method can be blocked by the disabling of automatic image download within mail programs.
Where does Red Rock Media Ltd transfer the data it processes?
12 - Whilst our own servers are located within the European Economic Area ('EEA'), the information that we collect from the User may be transferred to, and stored at, a destination outside of the EEA. It may also be processed by agencies based outside the EEA, who have been commission by the Client. We use Google Cloud services to manage data. Google Cloud services are certified by the Privacy Shield framework, which ensures an adequate level of protection for your personal information and respect for your rights when transferring personal data from the European Union and Switzerland to the United States. By submitting their personal information, the User agrees to this transfer, storing or processing of their personal information.
How does Red Rock Media Ltd secure the data it processes?
13 - We take our legal obligations to safely store and protect the User's personal information very seriously. We're constantly reviewing our processes and procedures to protect personal information from unauthorised access and use, loss and/or destruction. Server backup data is stored on our secure servers and is encrypted using industry standard technology. We use encrypted transmission links for any communication which may contain personal information.
13.1 - Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please notify us immediately by contacting us in accordance with the 'Contact us' section below.
Processing online payments
14 - The payment method (e.g. credit card details) provided when a purchase is made from the websites is not recorded or stored by us. That information is processed securely and privately by third party payment processors that we use. Red Rock Media Ltd will not have access to that information at any time.
14.1 - We may share personal data with our payment processors, but only for the purpose of completing the relevant payment transaction. Such payment processors are banned from using that personal data, except to provide these necessary payment services to us, and they are required to maintain the confidentiality of the User's personal data and payment information.
15 - In the unlikely event that any of the assets of Red Rock Media Ltd were sold to a third party, personal data would not be passed on to that third party as a part of the sale of the business. We do not consider a User's personal data to be our asset.
17 - Red Rock Media Ltd try to meet the highest standards when collecting and processing personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. Should you require any additional information or explanation about how we handle personal data, please contact us using the address or email below.
17.1 - If you are not satisfied with our response, or believe we are not processing your personal data in accordance with the law, you can escalate your complaint to the Information Commissioner's Office (ICO) www.ico.org.uk
Details of our registration with the ICO can be found here: www.ico.org.uk/za147359
Registration number: ZA147359
Red Rock Media Ltd
12 Whiteladies Road Business Centre Clifton