Privacy Policy

Compliance. Security. Transparency.

Update Information

Last updated: 20/04/2025
Last revised: 20/04/2025

Owner and Data Controller

RedLibrary Consulting Limited
Registered in England and Wales.

Company number (CRN): 11095094
ICO Registration number: ZA923959
Address: Bartle House, Oxford Court,
Manchester, M2 3WQ - United Kingdom

Data Protection Officer email:
dpo@redlibrary.co.uk

Definitions

We, Us: Refers to RedLibrary Consulting Limited, acting as the Owner, Data Controller, and Data Processor.

User: The individual using the website, considered the Data Subject unless otherwise stated.

Data Subject: The natural person to whom the Personal Data relates.

Data Processor: The entity processing Personal Data on behalf of the Controller.

Data Controller: The entity determining the purposes and methods of processing Personal Data, including security measures.

Website: https://redlibrary.co.uk

Service: Services provided through the Website.

European Union and European Economic Area (EU/EEA): Includes all current EU member states and EEA countries.

Privacy Statement

This Privacy Policy explains how we collect, process, store, and protect your personal data when you:

  • Visit and use our website
  • Show interest in or utilize our services
  • Engage with us through contact, sales, or marketing activities
It is essential to read this policy to understand how we safeguard your data. This policy complies with EU Regulation 2016/679 (GDPR) and the UK Data Protection Act 2018.

We apply strict access controls, encrypted storage, secure system configurations, and regular vulnerability assessments in line with ISO/IEC 27001:2022 standards. Access is limited to authorized personnel only, and all employees receive data handling training.

Personal Data We Collect

Internet/network activity: Includes interactions with our website and systems via cookies and IP-related technologies.

Identity, contact, and payment data: Includes name, email, phone number, IP address, account data, and bank details. We do not store credit/debit card data.

Professional information: Personal and / or business contact details collected for service delivery purposes.

How We Collect Personal Data

Automatically: IP address, device, browser, and geolocation details for analytics and security.

Provided by the Data Subject: Through email, phone, online forms, or in-person interactions.

Third parties: We may receive limited personal data from public sources, partners, or marketing affiliates to offer relevant services.

Lawful Basis of Processing Data

Contractual: To fulfill obligations such as communications, invoicing, and support.

Legitimate Interests: To respond to inquiries, monitor website usage, or communicate relevant offers. You can unsubscribe at any time.

Legal Obligation: We may disclose data to meet financial, accounting, or statutory requirements.

Automated Decision-Making & Profiling

We do not use any form of automated decision-making or profiling that affects users.

Data Retention

We only retain personal data as long as necessary. Data subject to legal requirements is kept for 5 years, reviewed monthly. Other data is reviewed and deleted case-by-case. Deleted records are anonymized except for minimal identifiers required by law.

Sharing Personal Data

We only share your data when legally or contractually required. We never share your personal data for profiling, marketing, or automated decision-making.

Cookies

We only use functional cookies to maintain language preferences, security sessions, and consent tracking:

  • language – stores your language choice (1 year)
  • session_id – identifies your session (1 day)
  • uid – enhances session security (1 day)
  • consent – stores cookie consent via Cookiebot (1 year)
No tracking or marketing cookies are used. Cookies are not used to collect personal data.
In accordance with privacy regulations, our Cookiebot implementation actively prevents non-essential cookies from being set unless you have provided explicit consent. However, as we only use functional cookies, no personal tracking or analytics cookies are placed regardless of your consent settings.

Use of 3rd Party Providers

We use the following providers, fully compliant with GDPR and ISO:27001:

  • Fasthosts Internet Limited (UK): Website hosting, encrypted storage. No unencrypted data access. Privacy Notice
  • Cookiebot (Denmark): Consent validator tool. Privacy Policy
  • Wise Payments Limited (UK): Used for financial transactions (SEPA, cards). Privacy Policy
All personal data is stored and processed within the United Kingdom or European Economic Area (EEA). We do not transfer personal data outside of these regions. In the event that future data transfers are required, we will ensure that appropriate safeguards, such as Standard Contractual Clauses (SCCs), are in place to maintain GDPR compliance.

Minors

Our services are not directed at individuals under 16. If you are under 16, do not submit personal data. Parents may contact us at dpo@redlibrary.co.uk to exercise their rights.

Your Rights

You have the right to:

  • Be informed about how we use your data
  • Access your personal data
  • Rectify inaccurate data
  • Erase data (with limitations)
  • Object to certain uses of your data
  • Withdraw consent at any time
  • Request portability of your data
To exercise your rights, email dpo@redlibrary.co.uk. ID verification may be required. Deleted data cannot be recovered and may include your training history, if applicable.

Supervisory Authority: If you are dissatisfied, you may contact the Information Commissioner's Office (ICO):
Website: https://ico.org.uk
Phone: 0303 123 1113
Address: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Changes to This Policy

We may revise this Privacy Policy at any time to ensure compliance. Please refer to the "Last updated" section at the top for version tracking.

In compliance with:

 
National CyberSecurity Centre Information Commissioner`s Office UK GDPR EU GDPR NIS2 DoD 5220.22-M ISO:27001