RMS Business Services Ltd (“we”, “us”, “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard personal information when you use our website or engage with our services.

We are a company incorporated in Scotland (Company No. SC860125) with our registered office at 1/2, 166 Shawbridge Street, Glasgow, G43 1PG. We trade primarily on the Isle of Bute.

1. Data Controller

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, RMS Business Services Ltd is the data controller.

You can contact us at:
Email: info@rmsbusinessservices.co.uk
Post: RMS Business Services Ltd, 1/2, 166 Shawbridge Street, Glasgow, G43 1PG.

2. Personal Data We Collect

We collect and process only the personal data necessary to deliver our services, including:

Information you provide through our website contact form (name, email address, organisation, message).

Basic business contact details shared in correspondence.

Technical information collected automatically (IP address, browser type, pages visited), for site security and performance monitoring.

We do not actively collect sensitive personal data (special category data) via our website.

3. Children’s Data

Our website and services are directed to organisations and adult professionals. We do not knowingly collect data relating to children under the age of 16. If you believe we have collected such data, please contact us and we will delete it promptly.

4. How We Use Your Data

We use your personal data only where lawful and necessary, including:

To respond to enquiries and provide consultancy services.

To manage our relationship with clients.

To comply with legal obligations (e.g. record keeping, regulatory compliance).

To protect our business from fraud, abuse, or security threats.

With consent, to send occasional updates or marketing communications.

We do not sell, rent, or trade your personal data to third parties.

5. Marketing

We may send limited marketing communications about our services if you have consented or if you are an existing client where the law allows. You can opt out at any time by clicking “unsubscribe” or contacting us directly.

6. Legal Bases for Processing

We process personal data under one or more of the following legal bases:

Contract: where processing is necessary to perform our services.

Legal obligation: to meet our legal and regulatory duties.

Legitimate interests: to operate our business effectively, including responding to enquiries and ensuring IT security.

Consent: where you have explicitly provided consent (e.g. subscribing to optional communications).

7. Data Sharing

We may share limited personal data with trusted third parties where necessary:

IT and hosting providers for secure operation of our website and email.

Professional advisers (lawyers, accountants, insurers) where required.

Regulators or authorities if legally compelled.

We require all third parties to respect the security of your data and only process it in accordance with the law.

8. Third-Party Links

Our website may contain links to third-party websites (including LinkedIn). We are not responsible for the content, security, or privacy practices of these websites. We encourage you to review the privacy policies of any third-party sites you visit.

9. International Transfers

We do not routinely transfer personal data outside the UK. If transfers are required (e.g. IT hosting services), we will ensure appropriate safeguards are in place (such as adequacy regulations or standard contractual clauses).

10. Data Retention

We keep personal data only as long as necessary:

Enquiry records: up to 12 months.

Client records: as required for the duration of engagement plus up to 7 years for legal, tax, and audit purposes.

Website logs: typically retained for up to 12 months for security.

After this, data will be securely deleted or anonymised.

11. Your Rights

Under UK GDPR, you have the following rights:

To access your personal data.

To request correction of inaccuracies.

To request erasure (where lawful to do so).

To restrict or object to processing.

To request data portability.

To withdraw consent (where processing is based on consent).

You may exercise these rights by contacting us at info@rmsbusinessservices.co.uk.

12. Security

We use appropriate technical and organisational measures to protect personal data from loss, misuse, or unauthorised access. However, no system is completely secure and we cannot guarantee absolute security of your data.

13. Liability Limitation

While we take reasonable steps to protect personal data, we shall not be liable for any unauthorised access, loss, or misuse of data that arises from circumstances beyond our reasonable control, including but not limited to cyber-attacks, technical failures, or acts of third parties.

14. Cookies

Our website may use cookies for functionality and analytics. For details, please see our Cookies Policy.

15. Complaints

If you are unhappy with how we handle your personal data, please contact us first so we can resolve the matter.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK regulator for data protection:
www.ico.org.uk | 0303 123 1113

16. Updates

We may update this Privacy Policy from time to time. The most recent version will always be posted on this page with the date of update.