Welcome to the Robertson Group Limited Privacy Notice (“Notice”).

The company responsible for your personal data on the Robertson website (https://robertson.co.uk/) is Robertson Group Limited (“Robertson”, “us”, “we” or “our”).  Robertson respects the value and privacy of everyone who visits this website. We will only collect and use personal data in ways that are described here and in a manner that is consistent with our obligations and your rights under the Data Protection Act 2018 and UK GDPR.

This Notice describes how we collect, use and share the information you provide to us and the information we collect in the course of our operations and our website.

Please take the time to read this Notice and should you have any queries please see Section 14 ‘Contact us’.

Privacy notice changes

We may change this Notice from time to time, so we encourage visitors to frequently check this page for any changes. Your continued use of this site after any change in this Notice will constitute your acceptance of such change.

What is this Notice for?

This Notice explains:

1. Who we are

2. Key terms

3. How we collect personal information

4. Personal information we collect

5. How we use your personal information

6. How do we keep your personal information up-to-date?

7. Who we share your personal information with

8. How we protect your personal information

9. How long we keep your personal information

10. Cookies

11. Links to other websites

12. International Transfers

13. Your rights

14. Contact us

1. Who we are

Robertson Group Limited is a private limited company registered in Scotland (Company No. SC060077). Our registered address is 10 Perimeter Road, Pinefield Industrial Estate, Elgin, Morayshire, IV30 6AE.

Robertson is the controller (for the purposes of the Data Protection Act 2018 and the UK GDPR) of your personal data that (1) you share with us via our website or otherwise been in contact with us or (2) we collect about you or that third parties share with us including, but not limited to, the methods outlined in Section 3 ‘How we collect your personal data’ below.

If you have any questions about this Notice, including requests to exercise your legal rights, please contact us using the details set out in Section 14 ‘Contact us’ below.

2. Key terms

When we refer to UK GDPR we are referring to the UK General Data Protection Regulation.

Personal information is information that can be used to, or in combination, to identify a specific individual, such as a name, address, telephone number, email address, etc., and also online identifiers and location data such as IP addresses and mobile device IDs.

controller is someone who decides why personal data is to be collected and how it will be used and treated.

processor is someone who processes data on behalf of a data controller.

3. How we collect personal information

We only collect information about you if we have a reason to do so including, but not limited to, the following:

4. Personal information we collect

Depending on your use of our site and the information you provide, we may collect and use the following information about you:

Identity Data includes title, first name, middle name(s), last name, username or similar identifier, the company you work for (where relevant), your job status, your job title or position, sex, and geographic location (including postcode).

Contact Data includes residential and/or business address, email address, telephone numbers (business and/or personal including mobile phone and fax).

Voice Recordings which will include any information that you provide to us when you leave a voicemail message or when you telephone.

Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website. Please see our cookies policy here explaining the cookies we use on our websites.

Usage Data includes information about how you use our website and services.

Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

Other Data includes any other information provided by yourself to us.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Notice.

5. How we use your personal information

We have set out below, in a table format, a description of the personal information we collect, the purpose of collecting it, and the lawful basis for processing.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose

Type of data

Lawful basis for processing including basis of legitimate interest

Services  
To execute the contract we are about to enter into or have entered into with you.

To process and deliver a product or service you require.

To process or respond to your enquiry.  

To comply with any legal and/or regulatory obligations.         

(a) Identity data
(b) Contact data
(c) Voice recordings
(d) Technical data

(e) Legal data

(f) Other data 

We are carrying out the necessary steps in relation to a contract to provide our services to you.

Performance of a contract for you.    

We are carrying out processing on the basis of your consent which you provide to us to process your data.

We are carrying out processing which is necessary for compliance with a legal obligation.

Marketing & Communication
To provide you with information relating to products or services delivered by Robertson.

To monitor use of our website so that we may better understand its use and inform our services.  

(a) Identity data
(b) Contact data
(c) Technical data
(d) Usage data
(e) Marketing & Communications data

(f) Other data

We are carrying out the necessary steps in relation to answering your request for information about the products and/or services Robertson provides.

 

We rely on our legitimate interests in operating and managing our website and online services.    

Cookies and other tracking technologies
To collect internet traffic data and data regarding your browser type and computer.

To look at how our website is used. To monitor use of our website so that we may better understand its use and inform our services.  

See our cookies policies for further information.

We are carrying out processing on the basis of your consent which you provide to us to process your data.

Chatbot Service (Robertson.co.uk  only)

(a) Identity data
(b) Contact data
(c) Technical data
(d) Usage data
(e) Marketing & Communications data

(f) Other data

Our chatbot is powered through cookies that you must accept to gain the functionality on the site. Detail on this can be found in our ‘cookie policy link’.

We also need to process some personal information to facilitate the experience. We ask your permission to do both prior to you being able to use this feature.

‘To give you the content requested, we need to store and process your personal data. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy.

Chat bot users are stored in our database and chat logs are kept in our secure inbox; this gives you the ability to see previous chat history. Data will not be kept for longer than a year, however, should your query relate to a complaint, issue or work winning opportunity we may need to retain this information to properly process your request. We retain the right to do this.

When data is requested to be deleted  it can, if necessary, be restored within 90 days. You can also formally request immediate deletion which immediately removes this data from system. To do so please contact our DPO with the email address: dpo@robertson.co.uk

We will not use this information to send marketing emails, only to ‘as fully as we can’ answer your question(s) when contacting us through this service. Your chat log and details may be passed on internally where necessary to fulfil your chat request.

Please note that we will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the Data Protection Act 2018, UK GDPR, and the Privacy and Electronic Communications (EC Directive) Regulations 2003.

6. How do we keep your personal information up-to-date?

Please contact us using the details set out in Section 14 ‘Contact us’ below as soon as possible after there is any change to your personal details, including your contact details.

7. Who we share your personal information with

We may also have to share your personal information with third parties. Such third parties may include but is not limited to:

Name

Purpose

Organisation

Server location

Robertson

As service provider, to respond to enquiries and attend meetings in pre-contract phase.  

UK

Europe

Rohallion

Developer and hosting partner for robertson.co.uk website

UK

Germany

Wp-Forms  

Form functionality on site.

USA 

Rohallion (Germany)

Hubspot

Chatbot functionality on site

Ireland

North America

Microsoft Office forms

Supply chain registration functionality on site

UK

Europe

8. How we protect your personal information

We use appropriate technical and organisational measures to protect the personal data that we collect and process. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal data.

Our employees only process your personal data on our instructions and they respect the confidentiality of your data as do any companies acting as approved data processors for Robertson. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

If you suspect any misuse, loss, or unauthorised access to your personal data please let us know immediately using the contact details set out in Section 14 ‘Contact us’ below. We will investigate the matter and update you on the next steps as soon as possible.

9. How long we keep your personal information

We will only keep your personal data for as long as reasonably necessary to fulfil the purpose we collected it for, including satisfying any legal requirements, or for as long as we have your permission to keep it. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider:

In some circumstances you can ask us to delete your data: please see Section 13 ‘Your rights’ below.

10. Cookies

In common with many other website operators, we use standard technology called “cookies” on our websites. Please see our cookies policy here explaining the cookies we use on our websites.

11. Links to other websites

Our site may contain links to and from the websites of our partner networks and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy notices or policies and that we do not accept any responsibility or liability for these notices. Please check these notices before you submit any personal data to these websites.

12. International transfers

Your information is secured under UK data protection laws and will not be transferred to organisations beyond this area without your consent or if permitted by law.

The data that we collect from you will usually be stored inside the UK or the EEA.  However, in providing our services it may be necessary for us to share your personal data outside the UK or the EEA.

We will only do so where:

Where we do share your personal information in the above situations we shall ensure that we have put appropriate safeguards are put in place (such as Standard Contractual Clauses) to ensure that the transfer of your personal information complies with the current applicable data protection legislation.

13. Your rights

You can request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

You can request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

You can request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

You can object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

You can request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

You can withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

You can exercise your rights by contacting us at the details listed in our Contact Us Section.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

14. Contact us

Robertson Group is responsible for processing your personal data.

Our full details are:

Full name of legal entity:

Robertson Group Limited If by post, please mark for the attention of the Data Protection Officer.

Email:

dpo@robertson.co.uk

Postal Address:

Robertson House, Castle Business Park, Stirling FK9 4TZ

Telephone Number:

01786 431600