Privacy Policy

1. Background

This Notice is issued to comply with the General Data Protection Regulation (GDPR). There is a lot of jargon used within the GDPR but basically this is about how personal information about individuals is collected, used and looked after. The nature of our business is such that we predominantly deal with other businesses. However, in doing so we inevitably collect personal information about individuals, for example their email addresses and potentially their phone numbers. As such the GDPR applies. This document sets out the detail about how the personal information provided will be used and looked after and explains the rights of those who are the subject of it.

2. Our commitment to you

Our commitment is to:-

• Keep personal information provided by you safe and private;
• Not use personal information for any purposes other than in connection with undertaking work for you, for the effective running of our business, for account management purposes, keeping you informed of information about our business and our offerings, as required by our Regulators and the law and otherwise in accordance with the provisions of this Privacy Notice;
• Make it easy for you to approach us if you have any concerns or questions relating to the holding of personal information.

3. Who we are and how we operate

Retail Hardware Solutions Ltd (RHS) is a UK based retailer of EPOS solutions. We are a software development company to provide a hardware and software solution to you in the field of retail, hospitality and generic EPOS systems. Responsibility for data protection at RHS is with Mr Ratna Shiva who can be contacted at info@iposg.com.

4. How information is collected from you

We will collect personal information directly from you. This will often be when we are dealing with your questions about the products and services which we provide, when providing them or when discussing with you other products and services which may be relevant to you. Information may be collected by telephone, but also via our websites, electronic communications or face to face meetings. Please ensure that all personal information is accurately provided as the information which is held is only as accurate as the information provided in the first place.

It is possible that we may obtain information about you as a contact point from other sources, for example if we are informed by someone else that they have recommended your business to us or we are otherwise informed that your business or the business for whom you work may have a need for our products and services and you are the contact point.

5. What personal information will we collect about individuals?

Most of the information which we collect relates to the business itself as opposed to individuals. We are only likely to seek information necessary for the supply of products and services to your business or the businesses for which you work. As such the information likely to be required relates to contact details such as name, telephone number (which may be your own mobile number) and email address.

in addition We use your email address as your login username. This helps us authenticate users securely and provide a personalized experience within the app.

Details relating to the business itself are likely to include business name and address, contact and bank details.


When you contact us via our website other information may automatically be collected from you. This may include:-
• Technical information including your IP address, log in details, browser type and version, operating system and platform; and
• For faster session management and data recovery, we utilise the device ID to store session data linked with your device. This allows for a quicker login experience and session continuity across uses. The device ID is used solely for these purposes and is stored in a way that maintains your data’s security and integrity
• Information about your visit including the full URL clickstream to, through and from our website, products viewed and searched for, page response times, download errors, length of visit to certain pages, page interaction, information and methods used to browse away from the page

6. What about information about our customers?

Our software means that details of transactions between your business and your customers are automatically uploaded to our server. For those customers with a maintenance contract that information is kept for the duration of the maintenance contract and thereafter for one year. To the extent that the transactional information records details of an individual as opposed to a company that information is regarded as personal data for the purposes of GDPR. We will keep it securely in accordance with the terms of this Privacy Notice, but in your dealings with such customers you should make it clear that you outsource the retention of information concerning the detail of the transaction

7. Who will personal information be provided to?

We will not provide personal information to anyone else save in the circumstances set out at 8 and 9 below.

8. What about outsourcing?

We will pass personal information to other organisations from time to time, not for them to use for their own benefit but rather to assist us. This might include holding personal information to assist in the efficient administration and running of our business and to assist with customer relationship management, accounting and regulatory purposes and the holding and processing of information in electronic form including its storage and maintenance. Telephone contact might on occasion be made on our behalf by I3 Solutions Private Ltd which is based in Sri Lanka. The information which the company uses to contact you is stored on secure servers in the UK.

9. What will the personal information be used for?

• To fulfil our contractual obligations towards the business which you represent:-
• To liaise with the suppliers of software for our POS (Till) hardware
• To ensure you have an effective operating product;
• We may from time to time provide information in relation to individuals outside of RHS in circumstances where others are involved in the supply of a product to you.
• When it is our legal obligation
We may be required to provide information to Regulators, auditors, accountants and in very rare circumstances to local or public authorities.
• When legitimate interests apply
It is possible that from time to time we may wish to communicate with you concerning matters which may be of interest to you or the company which you represent. The nature of such contact will be:-

• To inform you of our products and services including new services and products;
• To communicate about any offers or promotions which we may be undertaking;
• To communicate about other developments within RHS.
We will not communicate to you under this heading where there is any perceived detriment to you in receiving the communication. The communication is likely to be by telephone but may also be by email, social media, post, verbally or by other means. If you do not wish to receive communications under this heading please contact Mr Ratna Shiva at info@iposg.com. In making contact please confirm the type of communications listed which you do not wish to receive. In almost all circumstances we will then cease to send communications to you of this nature. However, if for some reason we propose to continue to provide communications to you of a particular nature we will explain to you why we propose to do so and enter into a dialogue with you about this.
• When you consent
There are certain uses to which we will not put personal information without your specific consent. For example, we will not provide any information about you in publicity material without your consent. If we wish to use your personal information for any purpose other than those listed under the other heads we will seek your specific consent.
• Other
We may also use personal information for management and statistical purposes to enable the efficient running of RHS.

10. What about access through our websites?

If you access us via our websites we will use the information collected about you to:-

• Administer our website and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes;
• Improve our website to ensure that content is presented in the most effective manner for you and for your computer
• Allow you to participate in any interactive features of our services when you choose to do so;
• Measure or understand the effectiveness of marketing we send to you and to deliver relevant marketing to you;
• Make suggestions and recommendations to you about goods or services that may interest you;

11. What happens if I don’t wish to provide personal information to RHS?

We seek personal information from you to be able to provide the products required by you. Without such information we are not likely to be in a position to trade with you. If, of course, we have personal information relating to you and you have no wish to deal with us, or if the information is not strictly necessary to enable us to trade with you, please let us know as we would not wish to contact you or retain personal information about you unnecessarily.

12. How long will we keep personal information for?

We will only retain personal information:-

• For as long as necessary to fulfil the purposes it was collected for as set out in this Privacy Notice;
• In relation to those that enquire about the products and services which we are able to provide but don’t then contract with us we would not normally keep personal information relating to the enquiry for no longer than one year after the last communication
• If we supply products or services to you we will keep personal information for the lifetime of the product or length of the service and for 7 years thereafter
• In some circumstances there is a right to request erasure of personal information held. This is addressed below.

13. Rights in relation to personal information held

• Access - the right to make what is known as a Subject Access Request to obtain a copy of the personal information which we hold about you. If you make such a request we are required, in most circumstances, to provide a copy of the personal information without charge and within 30 days. You may also seek confirmation of the nature of personal information which we hold about you without seeking a copy of the information itself.
• Correction – it is important that you keep us up to date with any changes to the personal information provided. Subject to that you have the right to ask us to correct or complete any inaccurate or incomplete data held about you. It is possible that evidence will be required of the new information provided.
• Erasure – you are entitled to ask us to delete or remove personal information held where there is no good reason for us to continue to hold it. It may not always be possible to comply with your request due to ongoing obligations in relation to the personal information. Where this is the case you will be informed and be told of the reasons why it is not possible to comply with the request.
• Object to processing – you may object to us processing personal information. There are some circumstances in which it will not be possible to comply with your request, for example if it is necessary to process the information in connection with obligations which we have and which have been explained to you in this document. If you object to us processing information which has been processed under the legitimate interest head, we will stop processing it.
• Restriction of processing – you may ask us to suspend processing of personal information in the following situations:-
  • If you want the data accuracy to be established;
  • Where the use of the personal information is unlawful but you do not want it to be erased;
  • You need the data to be held even though we no longer require it as you need it to establish, exercise, or defend legal claims; or
  • You have objected to the use of the data by us but we need time to determine whether we have overriding legitimate grounds to process it.
• Request the transfer of information – sometimes rights apply to request a transfer of personal information held to other organisations, such as a newly appointed contractor. This right only applies to personal information that is processed by automated means and is held because it was necessary for the performance of the contract with your company or personal information which is processed on the basis of your consent.

14. Keeping personal information safe

We have put in place appropriate security measures to prevent the personal information provided from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Access to personal information is limited to those employees and contractors who have a business need to know the personal information. Personal information will only be processed upon instructions from ourselves. Procedures have been put in place to deal with any suspected breach of the requirements under the GDPRs. You and/or the Regulator referred to below will be notified of any potentially significant breach. We have put in place systems to ensure the security of the limited amount of personal information which may be accessed by I3 Solutions Private Ltd in order to make phone calls on our behalf.

15. What happens if you want to complain?

It is hoped that you will not have cause to complain. If you do complaints should be referred to Mr Ratna Shiva at info@iposg.com in first place where possible. In the event that it is not possible or appropriate to refer a complaint to Mr Ratna Shiva it may be referred to the Regulator, the Information Commissioner’s Office (ICO) whose address is:-

16. Miscellaneous

• It is not anticipated that any personal information will be transferred outside of the European Union save that I3 Solutions Private Ltd will be able to access information as explained in paragraph 8. We will notify you if this position changes.
• We don’t anticipate using automated decision making in relation to the personal information provided.

17. If I have any questions who do I ask?

Please ask the individual with responsibility for dealing with your matter. If this person cannot help, or if it is inappropriate to contact him, then please contact Mr Ratna Shiva at info@iposg.com

Dated 30th October 2024