What We Do Services Why RPS Clients Get in Touch
Legal

Privacy Policy

Last updated: March 2025

1. Who we are

RPS Management ("RPS", "we", "us") is a UK-based outsourced payroll provider. We operate through the website rpsmgmt.co.uk.

For the purposes of UK data protection law, RPS Management is the data controller — meaning we determine how and why personal data is processed.

Data Controller: RPS Management
Email: info@rpsmgmt.co.uk
Phone: 0203 355 6820

This Privacy Policy explains what personal data we collect through rpsmgmt.co.uk, why we collect it, how we use it, and what your rights are under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What data we collect

We only collect personal data that you choose to provide to us. This happens in one way:

Contact form submissions. When you fill in the contact form on our website, we collect:

  • Your name
  • Your email address
  • Your company name
  • The message you've written

We don't collect any payment data, sensitive personal data (such as health information), or personal data from any source other than the contact form. We don't buy or obtain data from third-party sources.

We also collect certain technical data automatically when you visit the website — such as your IP address, browser type, and the pages you visit. This is handled through cookies. See Section 7 for details.

3. How we use your data

We use the information you submit through our contact form to:

  • Respond to your enquiry
  • Provide information about our payroll services
  • Follow up on any conversation we've started with you

We don't use your data for marketing without your explicit consent, and we don't add you to any mailing lists or automated email sequences based on a contact form submission alone.

We don't use your data for profiling, automated decision-making, or any purpose unrelated to responding to your enquiry.

4. Legal basis for processing

Under UK GDPR, we must have a lawful basis for processing personal data. For contact form submissions, we rely on:

Legitimate interests (Article 6(1)(f)). It's in our legitimate business interest — and yours — to be able to respond to enquiries you send us. We've assessed that this interest is not overridden by your rights; you're choosing to contact us voluntarily, and we use the information only to respond.

If we ever wished to use your contact details for marketing purposes beyond responding to your enquiry, we would seek your explicit consent first.

5. How long we keep your data

We keep contact form submissions for as long as is reasonably necessary to manage the enquiry and any resulting business relationship. In practice:

  • If no further business relationship develops, we'll retain your enquiry data for up to 12 months from the date of contact, then delete it.
  • If we enter into a business relationship with you, we'll retain relevant communications for the duration of that relationship and for a reasonable period afterwards (typically up to 7 years) in line with standard business record-keeping obligations.

We periodically review the data we hold and delete anything we no longer need.

6. Who we share your data with

We don't sell your personal data. We don't share it with third parties for marketing purposes.

In limited circumstances, we may share your data with:

  • Service providers who help us operate our website and business — for example, our email hosting provider or website hosting platform. These providers act as data processors and are only permitted to use your data on our instructions.
  • Legal or regulatory bodies if we're required to disclose information by law or to protect our legal rights.

We don't transfer your personal data outside the UK or EEA without appropriate safeguards in place.

7. Cookies

Our website uses cookies. A full explanation of the cookies we use — and how to manage them — is set out in our Cookie Policy.

In summary: we use only essential cookies necessary for the site to function. We don't use third-party analytics, advertising, or tracking cookies.

8. Your rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • Right of access. You can ask us for a copy of the personal data we hold about you.
  • Right to rectification. If any data we hold is inaccurate or incomplete, you can ask us to correct it.
  • Right to erasure. You can ask us to delete your personal data where there's no longer a legitimate reason for us to hold it.
  • Right to data portability. Where we process your data by automated means on the basis of your consent or a contract, you can request a copy in a structured, machine-readable format.
  • Right to object. You can object to our processing of your data where we rely on legitimate interests as our legal basis. We'll stop processing unless we can demonstrate compelling legitimate grounds that override your rights.
  • Right to restrict processing. In certain circumstances, you can ask us to limit how we use your data while we resolve a dispute.

To exercise any of these rights, contact us at info@rpsmgmt.co.uk. We'll respond within one calendar month. We won't charge a fee for reasonable requests, but we may charge for manifestly unfounded or excessive requests.

9. Complaints

If you're not satisfied with how we've handled your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) — the UK's supervisory authority for data protection.

Information Commissioner's Office
Website: ico.org.uk
Helpline: 0303 123 1113

We'd appreciate the opportunity to address your concern before you contact the ICO — please reach out to us first and we'll do our best to resolve it.

10. Contact us

If you have any questions about this Privacy Policy or the way we handle your data, please get in touch:

RPS Management
Email: info@rpsmgmt.co.uk
Phone: 0203 355 6820
Website: rpsmgmt.co.uk

This policy was last updated in March 2025. We'll update it if our practices change and post the revised version here with an updated date.