Redshaw Advisors Limited needs to gather and use certain information about individuals. Individuals can include customers, suppliers, business contacts, employees and other people the organisation has a relationship with or may need to contact.
This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards – and to comply with the law.
Why this policy exists
Redshaw Advisors Limited takes your privacy concerns seriously. This online privacy notice describes what personal information we collect, why we collect this information, how we use the information, with whom it is shared and the choices available to individuals regarding use of their information. This notice also describes measures we take to protect the security of the information and how users can contact us for further details of our privacy practices.
This data protection policy is designed to ensure that Redshaw Advisors Limited:
- Complies with data protection law and follows good practice
- Protects the rights of staff, customers and partners
- Is open about how it stores and processes the data of individuals
- Protects itself from the risks of a data breach
Background to the General Data Protection Regulation (GDPR)
Following Brexit, a 28 June 2021 ruling determined that the EU’s General Data Protection Regulation of 2016 would be kept in UK law. The decision is expected to last until 27 June 2025. The EU’s GDPR replaced the EU Data Protection Directive of 1995 and superseded the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/E. Its purpose is to protect the ‘rights and freedoms’ of natural persons (i.e. living individuals) and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.
Legal basis for holding information
If we have an ongoing contractual relationship with you, we will continue to communicate with you by email and phone in order to fulfil our contractual obligations.
Following GDPR recital 47, in some situations we require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business. This will not materially impact your rights, freedoms or interests.
For example, we may use contact details to let you know of a new service or of market opportunities that could benefit you or your business.
We provide advisory and procurement services to companies that are required to be in compliance with the EU ETS. Our holding of personal data allows us to provide competitive pricing and advisory services that keep companies compliant and provide liquidity to EU ETS markets.
Personal information we collect includes:
- Individual and business contact information (i.e. name, company name, job title, postal address, telephone numbers and email addresses)
- Contact information of others to whom users ask us to send information, as permitted by law
- Cookie data and other browser-related information as further described in the “Information We Collect by Automated Means” section of this Online Privacy Notice
- Other information that may be provided through our website, emails and telephone calls.
Information we collect by automated means
What we do with the information we gather
Redshaw Advisors Limited uses personal information to provide high quality services. This includes but is not limited to:
- Provision of carbon market and renewable energy advisory services.
- Provision carbon market allowance and renewable energy certificate procurement services.
- Promotion of Redshaw Advisors Limited’s risk management services.
- Monitoring of website visitor use and engagement with our services and promotions so we can deliver improvements.
- The sending of promotional emails about additional services, events, carbon market and renewable energy market updates or other information we believe may be of interest.
How we protect your information
Redshaw Advisors Limited ensures that your information is secure with physical and electronic security measures and internal procedures to safeguard and secure the information we collect. Where we use third party software to process your personal information, we ensure that these systems have suitable security protection in place.
Individual’s data we hold is password protected, held on encrypted servers and protected using https protocols.
Who we share your personal data with
Redshaw Advisors Limited offers certain services that are provided by third party suppliers. Any data shared with such suppliers in provision of those services is restricted to the information reasonably required by those suppliers. For example, email addresses to send research reports.
Redshaw Advisors Limited also works with third party data providers (e.g. Microsoft Office 365) and those that offer direct marketing services (e.g. Mailchimp). In such cases this information is held on encrypted servers and specified contractually to be held only for the purposes outlined in the section “What we do with the information we gather”.
In all other cases, Redshaw Advisors Limited will not share personal data with third parties.
Your rights over your personal data
You have the right to request:
- Access to the personal data we hold about you
- Correction of your personal data if held inaccurately
- That we stop any direct marketing activity using your personal information
- That we remove the information we hold on you if you wish to withdraw consent, as per Article 13 of the GDPR.
If you object to our holding of your information, we will remove all information except for first and last name and company name that we will store in a do not contact list, in order to reduce the risk of a member of our team mistakenly contacting and recording your information again.
To contact us regarding your personal data, please email: email@example.com.
If you have concerns about how your data is being treated you have the right to lodge a complaint with the Information Commissioner’s Office at http://ico.org.uk/concerns/handling/
Personal data will be retained securely provided it is relevant to our activities summarised in the section “What it is we do with the information we gather”. Data will be retained for a period of five years after which it will be deleted if it becomes out of date and irrelevant.
Redshaw Advisors Limited may change this policy from time to time by updating this page.
This policy is effective from 25/05/2018.
If you have any questions or concerns that are not covered here or about how we hold and process your data, please email firstname.lastname@example.org.