Privacy Policy
Last updated:
This Privacy Policy explains how RSTEPOS (“we”, “us”, “our”) collects and uses your personal data when you visit our website, enquire about our products, or become a customer. It also describes your rights under applicable laws including the UK GDPR and EU GDPR (where applicable).
Who we are
RSTEPOS is the data controller for personal data processed via this website and for our sales and marketing activities. If you have questions about this policy or how we handle your data, contact us at [email protected].
Personal data we collect
- Contact details – name, email address, phone number, company, job title.
- Account & customer data – billing details, service usage, device identifiers of POS hardware (if applicable).
- Communications – enquiries, support messages, call notes.
- Website usage – pages viewed, actions, approximate location, device and browser info (via analytics if you consent).
- Marketing preferences – subscriptions and consent records.
We collect data directly from you (forms, emails, demo requests), automatically via our website (cookies/analytics if enabled), and from third parties such as payments, advertising and form providers you interact with (e.g., HubSpot).
How we use your data
| Purpose | Examples | Legal basis |
|---|---|---|
| Provide and improve our products and services | Set up accounts, process orders, deliver features, maintain and secure systems. | Contract; legitimate interests |
| Respond to enquiries and provide support | Contact forms, emails, troubleshooting, onboarding. | Legitimate interests; contract (pre-contract steps) |
| Analytics and site performance | Understand visits, improve content and UX (only if you consent to analytics cookies). | Consent |
| Marketing and remarketing | Send updates, demos, offers; measure campaigns (only if you consent). | Consent; legitimate interests for certain B2B communications where permitted |
| Legal compliance and security | Detect abuse, fraud prevention, record-keeping, regulatory requests. | Legal obligation; legitimate interests |
How we share data
We share personal data with trusted service providers who help us run our business, such as:
- Hosting & security (e.g., web hosting, CDN, DDoS/WAF protection).
- Analytics & advertising (only if you consent): Google Analytics/Ads, similar platforms.
- Forms & CRM (when you submit): HubSpot.
- Payments & invoicing (for customers): payment processors, accounting tools.
We require our processors to protect your data and only process it under our instructions. We do not sell your personal data.
International transfers
Some providers may process data outside the UK/EEA. Where this occurs, we rely on appropriate safeguards such as adequacy decisions or Standard Contractual Clauses, plus additional measures where needed.
How long we keep your data
We keep personal data only as long as necessary for the purposes described above, including to meet legal, accounting or reporting requirements. Typical retention periods include: enquiry records (up to 24 months after last contact), customer/accounting records (up to 7 years), and consent records (as required by law). We delete or anonymise data when it is no longer needed.
Security
We use technical and organisational measures appropriate to the risk, including encryption in transit (HTTPS), access controls, and regular patching. No method of transmission or storage is 100% secure; if we become aware of a breach that affects you, we will notify you as required by law.
Your rights
Subject to applicable law, you may have the right to:
- Access the personal data we hold about you;
- Request correction of inaccurate data;
- Request deletion or restriction of processing;
- Object to certain processing, including direct marketing;
- Withdraw consent at any time (affects future processing only);
- Data portability.
To exercise these rights, email [email protected]. We may need to verify your identity before responding.
If you are in the UK, you can complain to the Information Commissioner’s Office (ICO). If you are in the EEA, you may complain to your local supervisory authority.
Cookies and similar technologies
We use cookies to run our site and—if you consent—to measure usage and show relevant ads. Manage your choices any time using the button below or the link in our footer.
Children’s privacy
Our services and website are not directed to children. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes to our practices or for legal, operational or regulatory reasons. We will post the updated version here with a new “Last updated” date.
Contact us
Email: [email protected]
Postal enquiries: RSTEPOS, McLean Rd, Eglinton, Derry/Londonderry, N.Ireland, BT47 3XX.