Privacy policy

RUBICON UK HOLDINGS LIMITED’S PRIVACY POLICY 

 View all legal documents here.

1.Introduction 

  1. Rubicon Group, comprising Rubicon Holdings Group (Pty) Ltd and its affiliated companies (“Rubicon”, “we”, “us” or “our”) is committed to protecting and respecting your privacy. This Policy (together with our website terms and conditions any other documents referred to therein) describes how we collect and process your personally identifiable data (“Personal Data"). 

  1. Please do not provide us with any Personal Data if you do not agree with this Policy. Except in the circumstances indicated in this Policy relating to our collection of special Personal Data, we encourage you not to provide any special Personal Data to us. 

  1. Your provision of data to us is voluntary, although if you do not provide certain data to us you may not be able to engage effectively with us. By submitting your data to us, you agree and consent to our processing and transfer of your data in accordance with this Policy. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. 

  1. Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing of your Personal Data is: 

  1. Your consent, which you are able to withdraw at any time by contacting us at privacy@rubiconsa.com,  

  1. We have a contractual obligation with you, 

  1. We have a legal obligation in terms of ensuring we comply with the law, 

  1. We have a vital interest necessitating us processing such data, 

  1. We need it to perform a public task, or 

  1. We or a third party have a legitimate interest, which requires us to process such data. 

2. Who are we 

  1. You know us as Rubicon and we form part of the Rubicon Group, which is a group that operates across South Africa and in select African and European markets, employing nearly 500 staff. When you share your data with us you may also be sharing it with the rest of the Rubicon Group and by doing so you are consenting to any affiliate company thereof having access to such data. This notice relates to Rubicon Group and all its affiliate companies listed in Schedule 1*. 

  1. Protecting your data is important to us and we would like to explain why we collect, store and use your data and assure you that we will keep your data confidential. We will only share your Personal Data when legally required to do so, if we need to do so in order to fulfil our agreement with you or you have given us your consent to do so. 

  1. The physical address of our head office is at 1B Hansen Close, Richmond Park, Milnerton, Cape Town, South Africa. Our primary address for correspondence in the UK is at C/O Mazars LLP, The Pinnacle, 160 Midsummer Boulevard, Milton Keynes, Buckinghamshire, UK. 

  1. How We Collect Your Data 

As you interact with us, you will likely provide data directly to us. We may collect data when you purchase product from us as an over-counter sale, apply for a customer account with us, are established on our systems as a customer, use or register to use our website at https://group.rubiconsa.com/ and other group websites, and/or our e-commerce portals, customer portals or design portals located thereon (collectively, the “Website”), use or interact with our social media platforms, apply for employment with us, complete online assessments or surveys or contact us via mail, telephone, email, the Website or electronic forms and otherwise through your dealings with us. We may also collect data about you from personal references that you have identified to us. 

  1. Data We May Collect  

We may collect the following data about you: 

  1. as applicable, your name, ID number, address, contact details, bank details and other billing information, education, qualifications, employment history, references and other data you provide to us; 

  1. certain Personal Data you provide us when applying for employment with us that we process, such as gender and race and other personal characteristics; 

  1. details of your orders and transactions with us (i.e. your payment history); 

  1. data contained in correspondence between us; 

  1. data that you provide when filling in forms on the Website, when responding to surveys or entering a competition or promotion; 

  1. details of your visits to the Website (including but not limited to login credentials, traffic data, IP address, online identifiers, location data, operating system, browser type, “visitor action pixels” from Facebook and other third-party tracking technologies, data collected via cookies and server logs and other information about your general internet usage); and 

  1. your image may be captured on CCTV cameras if you attend at our premises. 

5. Where We Store Your Data and For How Long 

  1. We use a variety of security measures to protect your data. We maintain physical, electronic and procedural safeguards to help prevent unauthorized access to and improper use of personally identifiable data. However, no website or electronic data can ever be completely secure, but we are always working to maintain up-to-date and appropriate security mechanisms. Additionally, some data that we collect from you is stored in locked physical storage or on our secure servers. 

  1. We have reasonable and appropriate security measures in place to protect the data we hold and to prevent unlawful processing, unauthorised access and accidental loss, destruction or damage. The Website uses secure socket layer (SSL) for authentication, encryption and private communications. 

  1. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. 

  1. Unfortunately, the transmission of data via the internet or email is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted via the Website or email; any such transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try to prevent unauthorised access. 

  1. We retain your data for as long as needed or permitted considering the purposes for which it was obtained. The criteria used to determine our retention periods include but are not limited to the length of time we have an ongoing relationship with you and our legal obligations and legitimate business interests. The retention period varies depending on the data we hold. 

6. How We Use Your Data 

  1. We use data held about you in the following ways, where applicable: 

  1. to communicate with you; 

  1. to establish a customer profile on our ERP, CRM and accounting systems and on our online e-commerce platform; 

  1. to process your payment information through our banking partners or on our e-commerce platform; 

  1. to provide you with quotations and invoices in respect of our goods and services; 

  1. to provide you with goods and services and refunds for returned goods; 

  1. to provide you with advice, proposals, analytical consulting services and related reports; 

  1. to arrange for shipping and delivery of products to, or from, your nominated address disclosed to us; 

  1. to fulfil any request made by you or to comply with the terms of any binding agreement between you and Rubicon; 

  1. to screen our orders for potential risk or fraud; 

  1. to consider any application you make to us for employment; 

  1. to process any credit checks to the extent that you have made an application for a credit facility with us; 

  1. to comply with applicable laws and regulations including in relation to employment equity; 

  1. to respond to your queries, manage our relationship with you, inform you about our goods and services and provide technical support; 

  1. to ensure that content on the Website is presented in the most effective manner for you and for your computer and to efficiently administer and improve the Website; 

  1. to measure the effectiveness of our advertising for statistical and market research purposes; 

  1. to conduct research, although participation in surveys is voluntary;  

  1. to notify you about changes to our goods and services or to verify the accuracy of the data we hold about you; and 

  1. to send you data you might be interested in our various newsletters, to which you can subscribe. You can unsubscribe from our newsletters at any time and thereafter we will not send them to you unless you re-subscribe. 

  1. Please also note that we also receive and store standard data from you of a non-identifiable nature, which is data which is received when you interact with the Website regarding your internet connection and online services. We may use such data to track movements on the Website and improve the Website and online services. Such data will include the URL you came from, IP address, domain type, browser type, country your device is located and any search terms you entered on our website. This data will not identify you unless combined with Personal Data and we do not use Personal Data in this process. 

  1. Furthermore, we do not knowingly collect Personal Data of children without the consent of a parent or guardian. 

7. Disclosure / Transfer Of Your Data 

  1. We generally do not disclose your data to third parties, however, it may be necessary from time to time to make your data available to other members of our Rubicon Group /  affiliated companies and to third parties (such as legal and regulatory authorities, accountants, auditors, lawyers and other professional advisers, sub-contractors (for example for the outsourcing of the payroll function) or providers of products and services). 

  1. We may, from time to time, use your data as a trade reference for purposes of completing applications with our suppliers for the supply of product. We will only disclose such data as may be necessary for such purpose. 

  1. If we decide to or are required to transfer your data to third parties, we will do so only once written contracts are in place to ensure the security of your data and we will use strict procedures and security features to try to prevent unauthorised access. 

  1. We may disclose your data to the extent necessary to enforce our Terms and Conditions of Sale or any agreement with you, to enforce our Website Terms, to comply with a legal obligation or to protect the rights, property or safety of us or others. This includes exchanging data with other companies and organisations for the purposes of fraud protection and credit risk reduction. 

  1. We use Google Analytics to collect traffic statistics for the Website and this data is shared with Google. You can opt-out of Google Analytics by installing the Google Analytics opt-out browser add-on. For more data, please visit the Google Privacy Terms. 

  1. In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets. 

8. Your Rights 

  1. You have the following rights in relation to the data we hold about you: 

  1. the right to access the data held about you; 

  1. the right to request the correction of your data; we strive to maintain accurate data so if it is determined that your data is not accurate, we will work quickly to correct it; 

  1. the right to request your data be erased, in which case we will use reasonable efforts to erase your data, and provided such deletion is not in contravention of any law or regulation; 

  1. the right to restrict the types of data we hold or process about you; 

  1. the right to object to our processing any of your Personal Data; 

  1. the right to ask that your data be copied or transferred to a third party.  

  1. You can exercise any of these rights by emailing privacy@rubiconsa.com. You are not required to pay any charge for exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. If you make a request, we have one month to respond to you. 

  1. For your protection, we may only implement requests with respect to the data associated with the details you provide to us and we may need to verify your identity before implementing your request. We will respond to your request as required by applicable laws as soon as reasonably practicable. 

  1. Please note that we retain backup systems, which are essential to the operation of our business. If we are not able to delete residual copies from our systems or from our backup systems, your data will continue to be protected as required under this Policy. 

9.  How do We Protect Your Personal Data? 

  1. We take all reasonable and appropriate measures to ensure that your Personal Data is safeguarded and secure. We have reasonable standards of technology and operational security in place to attempt to prevent loss or misuse of any Personal Data. Any of our authorised employees who are responsible for the maintenance of any Personal Data as submitted by you are requested to maintain the confidentiality of such data, unless you have expressed to us otherwise.  

  1. Whenever we commission other organisations to provide support services to us, we will bind them to our privacy policies as far as they may be required to have access to our customers' Personal Data to perform such services. Our website may contain links to or from other sites. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the security or privacy practices employed by other sites. We recommend that you always read the privacy and security statements on such sites. 

10. When we will disclose Personal Data without consent.  

  1. We will not disclose Personal Data to anyone outside the organisation or organisations who provide services to us without your permission unless: 

  1. we are compelled to do so by law or in terms of a court order; 

  1. it is in the public interest to do so; 

  1. it is necessary to protect our rights. 

  1. However, no system is perfect unfortunately and we cannot guarantee absolute security despite our best efforts. In the event that there is a privacy breach, we will let you know unless we are obligated by law not to do so. 

11. What are Cookies and How We Use Them 

  1. We may use cookies, which are small text files stored in a user’s browser, or web beacons, namely electronic images that allow this Website to count users who have accessed a particular page and to access certain cookies, to ensure that the Website is well managed and to facilitate improvement of the Website. Furthermore, we may use cookies to collect aggregate data and to track data on our systems and identify categories of users by items such as IP addresses, domains, browser types, pages visited from time to time and other information about your general internet usage. 

  1. Cookies are not computer programs and do not run on a computer like programs do. The cookies located on our website cannot gather data or function on their own. They cannot collect any Personal Data about you or your machine and cannot gather data or data about what you do on the Internet. It is statistical, aggregated information and does not identify any specific individual. We may provide reports making use of this information to our advertisers.  

  1. Cookies merely enable us to provide a more valuable online experience to you and to ensure that your experience is fully optimised. While you can set up your Internet browser to disable cookie technology, we do not recommend that you do this since some parts of this Website and our online services may not function properly, or at all. 

  1. Please take note that our advertisers may also use cookies over which we have no control.  

12. The General Data Protection Regulations 

The principles set out in this Policy are also aimed at compliance with the EU General Data Protection Regulations, to the extent applicable.

13. Changes to this Policy 

We will periodically review our privacy practices, which are subject to change. Any changes we may make to this Policy in the future will be posted on: https://ukshop.rubicon.tech/policies/privacy-policy or any other webpage designated by us from time to time for the publication of this Policy . 

14. Contact 

For the purpose of the Data Protection Act (2018) and the General Data Protection Regulation (2016/679) the data controller is Rubicon Group. Please contact us at privacy@rubiconsa.com if you have questions regarding this Policy or our privacy practices, if you would like to review, correct, update or delete the data we hold about you, if you would like to object to or withdraw your consent to our use of your data or if you would like to opt-out of marketing communications. 

If you make a request, we have one month to respond to you.

15. Details of authorities 

If you wish to report a complaint regarding your Personal Data that we hold if you are unhappy that we have not addressed your concerns satisfactorily, you can contact the Information Commissioner's Office at: 

Information Commissioner’s Office 

Wycliffe House 

Water Lane 

Wilmslow 

Cheshire 

SK9 5AF 

Helpline number: 0303 123 1113