Privacy & Cookies Policy
Rush Procurement (“we”, “us,” “our”) are committed to protecting your privacy. There are various ways that you might interact with Rush Procurement and the information you provide when doing so allows us to improve our service.
This Privacy & Cookies Policy (together with our terms and conditions and any other documents referred to in it) describes the type of information that we collect from you (“you/your”) through the use of our services (“Services”), or the use of our website https://www.rush.co.uk (“Website”), how that information may be used or disclosed by us and the safeguards we use to protect it.
This Website, our related websites and any mobile sites or mobile application that link to this Privacy & Cookies Policy (collectively, the “Website”, “Websites”) are owned and operated by Rush Procurement, 25 George Street, Croydon, CR0 1LB.
We have drafted this Privacy & Cookies Policy to be as clear and concise as possible. Please read it carefully to understand our policies regarding your information and how we will treat it. By using or accessing our Website or the Services, you agree to the collection, use and disclosure of information in accordance with this Privacy & Cookies Policy.
Please check back regularly to keep informed of updates to this Privacy & Cookies Policy. Please read this Privacy & Cookies Policy carefully and ensure that you understand it. Your acceptance of our Privacy & Cookies Policy is deemed to occur upon your first use of our Website. If you do not accept and agree with this Privacy & Cookies Policy, you must stop using our Website immediately.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
If you have any comments on this Privacy & Cookies Policy, please email them to [email protected]
Who We Are
Here are our details:
– Our Website address is https://www.rush.co.uk
– Our company name is Rush Procurement Ltd
– Our trading name is Rush Hair & Beauty
– Our registered address and company number are: 25 George Street, Croydon, CR0 1LB,
Company Number: 127 927 29
We respect your right to privacy and will only process personal information about you or provided by you in accordance with the Data Protection Legislation which for the purposes of this Privacy & Cookies Policy shall mean: (i) the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (UK GDPR), the Data Protection Act 2018 and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the UK GDPR or the Data Protection Act 2018 and other applicable privacy laws.
We are the primary data controller for the purpose of the data held.
This Privacy & Cookies Policy explains the following – What information we collect and why we collect it.
- How we use that information
- How we protect that information
- How you control your information, including accessing, updating and deleting what we store
- How we share information collected
- To whom you can make a complaint
This Privacy & Cookies Policy applies to Rush Procurement and its subsidiaries, affiliates and franchisees and covers our processing activities as a data controller.
We may alter the terms in this Privacy & Cookies Policy at any time by posting the amended terms.
All amended terms will automatically take effect 30 days after they are posted.
We will announce any relevant changes and their rationale to this Privacy & Cookies Policy via email. Your continued use of the Website or the Services is deemed to be acceptance of changes made to the Privacy & Cookies Policy, so please check periodically for updates.
The Website is not intended for or directed at children under the age of 13 years. As such, the Website is designed for adult user interaction. We do not intentionally collect personally identifiable information from children under the age of 13.
What information we collect and why we collect it – We collect personal information which you provide through any of the below means:
- When you visit Rush Hair and Beauty Salon and you provide us with your information; we log this information via our automated systems.
- When you use visit our Website and you provide us with your information digitally through the use of online forms, cookies, the online customer portal and through emails.
- When you request marketing to be sent to you and provide us with your email or personal data which enables us to send you such marketing material
- When you verbally provide your personal data over the phone or in person and such information is recorded on our automated systems
- When you provide us with feedback via our automated systems
- When you provide us with personal information via our candidate portal in support of an application for employment with Rush Procurement
Personal information we collect includes any of the following –
- Name and address
- Date of Birth
- Contact details including email and phone number
- Your query
- Details of your order
- Financial Data includes bank account and payment card details (via our third- party platform)
- Transaction Data includes details about payments and other details of our Services you have purchased from us (via our third-party platform)
- Any complaints
- Medical records linked to a service and purchase
In the case of candidates for employment personal information that we usually collect includes, but is not limited to: (i) information you have provided with your CV and covering letter; (ii) information you have provided on our application forms, including name, title, address, contact information, work experience, education, skills, languages, qualifications; (iii) information you have provided during an interview; (iv) information included as part of your application, such as test results; (v) information provided to us by recruitment agencies; (vi) information provided to us by background check agencies (in relation to specific roles (such as those involving the processing of payment information) or roles based in specific locations; (vii) information provided by your named referees; (viii) details of any disabilities and any accommodations we may need to make for you in the workplace; and (ix) in some cases, we will also collect other sensitive data than only details related to disability, when we are permitted to do so by law. You are also informed that, as part of the selection process, the hiring entity may consult details of your public profile on social media (Facebook, Twitter, LinkedIn, etc.), and other public information and records, with the sole purpose of assessing and ascertaining your experience and professional skills, and to know whether your profile is consistent with the Adecco culture and values.Usage Data includes information about how you use our Website and Services
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website.
- We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy & Cookies Policy.
This information will be collected, stored, accessed and processed in a secure manner.
We retain personal data when and if it is necessary and relevant for our operations.
The data is retained for a period of time defined by our legitimate interest.
Once it is no longer necessary for us to hold your data we will dispose of it in a secure manner.
How We Use Information
We will only use your personal information if we have a legal basis for doing so. The purpose for which we use and process your information and the legal basis on which we carry out each type of processing is explained below.
Purposes For Which We Will Process The Information
We use collected data to: provide and improve our services, provide a personalised experience, contact you, provide you with customer service and to provide personalised marketing.
Data is processed for services and payments, customer support and fulfilment, and recruitment in order to enable us to perform our contract with you.
Data is used to provide you with information and materials that you request from us, to personalise our services, plus our Website, to you, the user.
We process data to update you on services and products and benefits we offer and to inform you of changes to our policies, other terms and conditions and other administrative information plus to administer this Website for you and your computer, mobile device or other item of hardware through which you access this Website and to keep this Website safe and secure.
Data is used to measure or understand the effectiveness of any marketing we provide to you and others, and to deliver relevant marketing to you.
Data is used to enforce the terms and conditions and any contracts entered into with you.
If you do not wish to provide us with your personal data and processing such data is necessary for the performance of a contract with you and to fulfil our contractual obligations to you, we may not be able to perform our obligations under the contract between us.
Where you provide consent, you can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal. You can update your details or change your privacy preferences by contacting us as provided in “Contacting us” above.
Data is used on the legal basis of our legitimate interest and to provide you a personalised experience and to provide you with personalised advertising and marketing which includes seasonal campaigns via email and SMS messaging. You have the right to opt out all the marketing at any time.
Where we do collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data) and it is necessary to do so for our business, we will obtain your specific consent, unless we have another lawful basis to do so.
Note that we may process your personal data for more than one lawful ground if the data is used for several purposes. Please Contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been used.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
We use a third-party processor to market and advertise our Services to you.
We will only market our Services to you if:
- you have provided us with prior consent; or
- such marketing is permitted by law
You can opt out of third-party marketing at any point through contacting us or using the customer portal.
As already indicated above, with your permission and/or where permitted by law, we may also use your data for marketing purposes which may lead to us contacting you by email and/or telephone with information, news and offers on our Services.
We agree that we will not do anything that we have not agreed to under this Privacy & Cookies Policy, and we will not send you any unsolicited marketing or spam. We will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the UK GDPR and the Privacy and Electronic Communications (EC Directive) Regulations
Third Parties may include, but are not limited to – Facebook, Twitter, Instagram, Experian, Yahoo, Google and Bing.
You can ask us to stop sending you marketing messages at any time by logging into the online customer portal and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you in a timely manner and we will explain the legal basis which allows us to do so.
Disclosure Of Your Personal Data To Third Parties
We will not sell, rent, lease or otherwise share your personal information other than as outlined in this Privacy & Cookies Policy or without obtaining your consent beforehand.
Internal third parties
We may share your personal information with our group companies, affiliates, subsidiaries, franchisees or contractors as necessary to carry out the purposes for which the information was supplied or collected (i.e. to provide the services and products you have requested from us or to provide employment opportunities to candidates for employment with Rush Procurement).
External third parties
Personal information will also be shared with our third-party service providers and business partners who assist with the running the Website, our business, our services and products including; hosting providers, email service providers and SMS providers. Our third-party service providers and business partners are subject to security and confidentiality obligations and are only permitted to process your personal information for specified purposes and in accordance with our instructions.
We may link to or show content from third party websites as a service to you but will not share personal data without your prior consent. These third-party websites are operated by companies that are outside of our control, and your activities at those third-party websites will be governed by the policies and practices of those third parties. We encourage you to review the privacy policies of these third parties before disclosing any information to them, as we are not responsible for the privacy policies of those websites.
In addition, we may disclose information about you when we believe, in good faith, that such use or disclosure is reasonably necessary to:
- Comply with law
- Enforce or apply the terms of any of our user agreements
- Protect our rights, property or safety, or the rights, property or safety of our users, or others
- In the event that we become involved in a business divestiture, change of control, sale, merger, or acquisition of all or a part of our business, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
- If all or substantially all of our assets are acquired by a third party, in which case personal information held by it about its customers will be one of the transferred assets;
- If we are under a duty to disclose or share your personal information in order to comply with any legal or regulatory obligation;
- If necessary to protect the vital interests of a person; and to enforce or apply our terms and conditions or to establish, exercise or defend the rights of Rush Hair Limited our staff, customers or others.
Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under UK GDPR and the law. Any third party that we share data with will not be permitted to use it for any other purpose than fulfilling their contract with us.
Security of Your Personal Data
The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.
We use appropriate measures to safeguard personally identifiable information, which measures are appropriate to the type of information maintained and follows applicable laws regarding the safeguarding of any such information under our control. In addition, in some areas of this Website, they may use encryption technology to enhance information privacy and help prevent loss, misuse, or alteration of the information under our control. We also employ industry-standard measures and processes for detecting and responding to inappropriate attempts to breach our systems.
No method of transmission over the Internet, or method of electronic storage, can be 100% secure. Therefore, we cannot guarantee the absolute security of your information. You are advised to take suitable precautions when transmitting to us data via the internet and you take the risk that any sending of that data turns out to be not secure despite our efforts.
The Internet by its nature is a public forum, and we encourage you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third party access, and for selecting passwords that are secure.
If you have any questions about security on this Website, you can contact us as provided in “Contacting us” below.
Where we store your data and security
We may transfer your collected data and store it outside the UK. It may be processed outside the UK to fulfil your order and to receive our Services and deal with payment. If we do store or transfer data outside the UK, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the UK GDPR. Such steps may include, but not be limited to, the use of legally binding contractual terms between us and any third parties we engage with and the use of standard contract clauses. Your acceptance of this Privacy & Cookies Policy shall be your consent permitting us to store or transfer data outside the UK if it is necessary for us to do so.
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Website. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.
Any payments made by you, will be encrypted.
We have implemented security measures such as a firewall to protect any data and maintain a high level of security.
Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that
Data Retention: How Long Do We Keep Your Personal Data
When you contact us, we may keep a record of your communication to help solve any issues that you might be facing. Your information may be retained for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirement.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us.
Subject to certain limitations, you have rights under data protection laws in relation to your personal data. These rights include the rights to:
- Request access to your personal data – (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. Note that we may refuse to comply with a request for access if the request is manifestly unfounded or excessive, or repetitive in nature.
- Request correction of your personal data – this enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. Note that we may refuse to comply with a request for correction if the request is manifestly unfounded or excessive, or repetitive in nature.
- Request erasure of your personal data – this enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note that we may refuse a request for erasure, for example, where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims.
- Request restriction of processing your personal data – this enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. Note that we may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive, or repetitive in nature.
- Request transfer of your personal data – we will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies where your personal data is processed by us with your consent or for the performance of a contract and when processing is carried out by automated means.
- Right to withdraw consent (or object) – you can withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent.
Your Right To Object
You have the right to object where we are processing your personal data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes.
Exercising Your Rights
If you wish to exercise any of the rights set out above, including withdrawing consent, please contact us giving us specific details regarding which right you choose to exercise.
No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
- We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Please direct any questions about your information to the following email: [email protected]
In order to improve this Website, we may use small files commonly known as “cookies”. Cookies are a technology that can be used to help personalize your use of a website. A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (your “device”) from this Website and is stored on your device’s browser or hard drive. The cookies we use on this Website will not collect personally identifiable information about you and we won’t disclose information stored in cookies that we place on your device to third parties.
To enable us to assess the effectiveness and usefulness of this Website, and to give you the best user experience, we collect and store information such as pages viewed by you, your domain names and similar information. Our Website makes use of anonymous cookies for the purposes of:
- Completion and support of Website activity;
- Website and system administration;
- Research and development; and
- Anonymous user analysis, user profiling, and decision-making.
You can find more information about how to do manage cookies for all the commonly used internet browsers by visiting www.allaboutcookies.org. This Website will also explain how you can delete cookies which are already stored on your device.
We currently set the following cookies:
· _utma, _utmb, _utmc, _utmt, _utmz – To track the number of times a visitor has been to the Website, when their first visit was, and when their last visit occurred. These are used by Google Analytics.
· wfvt_ – Cookie set by the Wordfence Security WordPress plugin which notes information about your general geographic location
· wordfence_verifiedHuman – Cookie set by the Wordfence Security WordPress plugin to protect the Website against malicious attacks.
· wordpress_test_cookie – Set by WordPress, test cookie
Third Party Cookies
· Google Analytics – _ga, _gid – These are used to identify the Website for Google Analytics – https://policies.google.com/privacy
· Facebook – Login and authentication – http://www.facebook.com/policy.php
· Bing – _uetsid – Stores the identity of the Website for Microsoft Bing Ads Universal Event Tracking (UET). – https://advertise.bingads.microsoft.com/en-gb/resources/policies/privacy-and-data-protection-policies
· Cloudfare – _cfduid – Identify the Website with Cloudfare for performance, security and reliability benefits. – https://www.cloudflare.com/privacypolicy/
Cookies from third parties – We currently use the following third party cookies:
Information we collect from you about your browsing behaviour
We collect, store and use information about your visits to this Websites and about your computer, tablet, mobile or other device through which you access this Website. This includes the following information:
- General non-personal information pertaining to users of this Website technical information, including the Internet protocol (IP) address, source domain names, specific web pages, length of time spent, and pages accessed, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
- Information about your visits and use of this Website, including the full Uniform Resource Locators (URL), clickstream to, through and from this Website, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and Website navigation and search terms used.
We use “Google Analytics” on this Website. This cookie provides us with a visitor count and an understanding of how visitors move around and use this Website. We can then use this information to improve navigability on this Site generally. The cookies we use on this Website will not collect personally identifiable information about you and we will not disclose information stored in cookies that we place on your device to third parties.
We are obliged by Google Analytics to state the following:
IP Addresses and Aggregate Information
An Internet Protocol (“IP”) address is associated with your computer’s connection to the internet. We may use your IP address to help diagnose problems with our server, to administer this Website and to maintain contact with you as you navigate through the Website. Your computer’s IP address also may be used to provide you with information based upon your navigation through this Website. Aggregate information is used to measure the visitors’ interest in, and use of, various areas of this Website and the various programs that we administer. We will rely upon aggregate information, which is information that does not identify you, such as statistical and navigational information. With this aggregate information, we may undertake statistical and other summary analyses of the visitors’ behaviours and characteristics. Although we may share this aggregate information with third parties, none of this information will allow anyone to identify you, or to determine anything else personal about you.
The Website may, from time to time, contain links to and from the websites of our business partners, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Social Media and Online Engagement
We occasionally use a variety of new technologies and social media options to communicate and interact with customers, potential customers, employees and potential employees. These sites and applications include popular social networking and media sites, open source software communities and more. To better engage the public in ongoing dialog, certain of our businesses use certain third-party platforms including, but not limited to, Facebook, Twitter and LinkedIn. Third-Party Websites and Applications (TPWA) are Web-based technologies that are not exclusively operated or controlled by us. When interacting on those websites, you may reveal certain personal information to us or to third parties. Other than when used by our employees for the purpose of responding to a specific message or request, we will not use, share, or retain your personal information.
You have the right to make a complaint at any time with a supervisory authority, in particular in the EU (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner (www.ico.org.uk)
If we receive formal written complaints, we will follow up with the person making the complaint. We work with the appropriate regulatory authorities to resolve any complaints that cannot be resolved directly. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to this Policy
We regularly review our compliance with our Privacy & Cookies Policy. We also adhere to several self-regulatory frameworks in addition to complying with applicable law.
We may change this Privacy & Cookies Policy from time to time. If this Privacy & Cookies Policy changes, the revised Privacy & Cookies Policy will be posted at the “Privacy & Cookies Policy” link on this Website’s home page. In the event that the change is significant or material, we will notify you of such a change by revising the link on the home page to read “Newly Revised Privacy & Cookies Policy.” Please check the Privacy & Cookies Policy frequently. Your continued use of this Website constitutes acceptance of such changes in the Privacy & Cookies Policy, except where further steps are required by applicable law. This Privacy & Cookies Policy was last updated on the date set out at the end of the policy.
Contacting Rush Procurement
If you have any questions about this Privacy & Cookies Policy or your information, or to exercise any of your rights as described in this Privacy & Cookies Policy or under data protection laws, you can contact us at Rush Hair Customer Service:
- By Post; Rush Procurement, 25 George Street, Croydon, Surrey, United Kingdom, CR0 1LB.
- By Email; [email protected]
We will use our best efforts to negotiate in good faith and settle any dispute that may arise out of or relate to this Privacy & Cookies Policy or any breach of it.
Any dispute shall not affect our ongoing obligations under this Privacy & Cookies Policy.
This Privacy & Cookies Policy and any dispute or claim relating to or connected with it (including non-contractual disputes or claims) shall be governed by and construed in accordance with the laws of England and Wales and the courts of England and Wales are the only place where disputes or claims relating to or connected with this Privacy & Cookies Policy (including non-contractual disputes or claims) may be decided.