Rimilia is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals or by others. We may use personal data provided to us for any of the purposes listed in this privacy statement.
Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Rimilia processes personal data for several reasons, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.
When collecting and using personal data, our policy is to be transparent about why and how we process it. The types of personal data we process are shown below:
• Employee information
• Recruitment Applicants
• Supplier Contacts
• Business Contacts
• Visitors to our website
• Visitors to our offices
• Visitors to us at trade shows and events
• Individuals whose personal data we obtain whilst providing services to our customers
• Others who contact us
For further information on these processes please contact firstname.lastname@example.org
The security of this data is taken very seriously, our information security management system is independently certified as complying with the requirements of ISO/IEC 27001: 2013. We have a framework of policies, procedures and training in place covering data protection, confidentiality and security and regularly review the controls we have in place to ensure the data we hold is secure. We are also externally audited against the requirements of SOC 2.
We will only share personal data with others when we are legally permitted to do so. When sharing data, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards.
To operate our business we use hosting providers, some of these are located outside the EEA, these will only be used for our companies based in the EEA if requested, if they are requested the GDPR requirements are covered in the Data Protection section of the SaaS agreement
We will ensure that all personal data transferred to these countries is provided with adequate protection and that all transfers of personal data outside the EU are done lawfully. These third parties include:
• Third party data processors that provide for example HR services and IT services to us.
• Professional advisers - for example auditors.
• Law enforcement or other government and regulatory agencies as required by, and in accordance with, applicable law or regulation
If you have any questions about this privacy notice or how and why we process personal data, please contact us at:
Data Protection Officer,
Head Office, Corbett House, Westonhall Road, Stoke Prior, Bromsgrove, Worcestershire, B60 4AL +44(0) 1527 8721