Privacy Policy

Effective date: 03/11/2025

Who we are

Response24 Connect Limited (“we”, “us”, “our”) is the data controller for personal data collected via this website.
Registered address: 9 Greyfriars Road, Reading, UK, RG1 1NU.
Contact for privacy matters: dpo@response24connect.com.

Scope of this policy

This policy covers personal data collected through our public website and related contact channels. It does not cover the Response24 Connect mobile app, which is provided to Connect by Response24 Ltd. For app privacy information, please see Response24 Ltd’s privacy policy at https://www.response24.com/privacy-policy.

What data we collect

We collect and process the following categories of personal data:

  • Contact forms: name, work email, phone, company, message content and any attachments you provide.
  • Support channels (email, phone, HubSpot): enquiry details, ticket information; call recordings when you call us via Aircall.
  • Marketing: newsletter sign-up details and your marketing preferences.
  • Technical and usage data: IP address, device, browser and cookie identifiers set through our cookie banner; aggregated analytics on site usage.
  • App/operations context (if you contact us about service matters): information needed to provide or support services delivered with our operations partners.

We do not buy personal data from third parties.

Why we use your data and our legal bases

We use your data only where we have a lawful basis under UK GDPR:

  • Responding to enquiries: to read and reply to messages you send (legitimate interests; in some cases, contract or steps prior to contract).
  • Providing services and operational support: to set up or deliver requested services and document operational actions (contract; legitimate interests; legal obligation where applicable).
  • Analytics and site performance: to understand and improve how our website is used (consent via cookie banner for non-essential cookies; legitimate interests for strictly necessary cookies).
  • Marketing: to send newsletters and updates where you opt in (consent; you can withdraw at any time).
  • Compliance, security and fraud prevention: to keep systems secure, investigate misuse and meet our legal obligations (legal obligation; legitimate interests).
Cookies

We use a cookie banner to obtain consent for non-essential cookies. Details of the cookies we use and how to manage them are set out in our Cookie Policy (UK) at https://response24connect.com/cookie-policy-uk/.

Who we share data with (processors)

We use carefully selected service providers who act on our instructions:

  • Hosting: AWS Lightsail (EU-West-2/London) – website hosting and logs.
  • Analytics: Google Analytics – website usage analytics (via consented cookies).
  • CRM & marketing: HubSpot and Mailchimp – enquiry handling, newsletters and preference management.
  • Email: Microsoft 365 – email services and document storage.
  • Telephony: Aircall – inbound/outbound calls and call recordings.
  • Support & operations: HubSpot Service tools and our operations partners at Response24 Ltd for service-related support.
  • Data storage: Microsoft 365 (SharePoint/OneDrive) – storing operations logs and related documents.

We require all processors to protect personal data appropriately and not to use it for their own purposes.

International transfers

Your statement: no transfers outside the UK.
Optional note (retain if any vendor stores/backs up data outside the UK): Some widely used SaaS tools may involve limited processing outside the UK. Where that occurs, we implement appropriate safeguards (such as the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses) and assess the destination’s legal environment to ensure equivalent protection.

Retention
  • General enquiries and basic contact data: kept for one year from last meaningful contact.
  • Operational/response case records: kept longer where needed to establish, exercise or defend legal or insurance claims.
  • Call recordings: retained in line with the above categories or a shorter operational schedule where feasible.
  • Marketing records: retained while you remain opted in and for a short period afterwards to maintain suppression lists.
  • System and security logs/backups: retained for limited periods necessary for security, continuity and auditing.

We regularly review data and securely delete or anonymise when no longer needed.

Security

We use technical and organisational measures appropriate to the risk, including encryption in transit and at rest, access controls and role-based access, logging and monitoring, and staff awareness measures.

Your rights

You have rights under UK data protection law, including to request access, correction, deletion, restriction or portability of your personal data, and to object to processing where we rely on legitimate interests or to withdraw consent where we rely on consent.
To exercise your rights, contact dpo@response24connect.com. We may need to verify your identity. We aim to respond within one month as required by law.

You can opt out of marketing at any time using the unsubscribe link in our emails or by contacting us.

We do not use automated decision-making that produces legal or similarly significant effects.

Children

Our website is not intended for children under 16 and we do not knowingly collect their data.

Complaints

If you have concerns, please contact us first at dpo@response24connect.com. You also have the right to complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk.

Changes to this policy

We may update this policy from time to time. Any material changes will be posted on this page with an updated date.