GDPR & Data Protection Policy

Recognise Design Ltd trading as RD Digital
Last updated: September 15, 2025

1. Our Commitment to Data Protection

RD Digital is committed to ensuring that all personal data we process is handled in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and related privacy laws.
We take accountability for the personal data we collect, store and use, and we implement measures to protect it.

2. Data Protection Principles

We follow the six principles of data protection as set out in the UK GDPR. Personal data shall be:

• Lawful, fair and transparent — processed lawfully, fairly and in a transparent manner.

• Purpose-limited — collected only for specified, explicit and legitimate purposes.

• Data minimisation — adequate, relevant and limited to what is necessary.

• Accuracy — kept accurate and up to date.

• Storage limitation — kept in a form that permits identification only as long as necessary.

• Integrity and confidentiality — processed in a manner that ensures appropriate security.

3. Lawful Bases for Processing

We only process personal data where a lawful basis applies under Article 6 UK GDPR, such as:

• Consent — e.g., for optional marketing communications and analytics cookies.

• Contract — where processing is necessary to perform a client contract or take steps prior to entering into a contract.

• Legal obligation — to meet regulatory or accounting duties.

• Legitimate interests — e.g., for business communications, site security, and service improvement (balanced against your rights and freedoms).

4. Data Subject Rights

Individuals whose data we process have the following rights:

• Right of access (to know what data we hold).

• Right to rectification (correct inaccurate data).

• Right to erasure (“right to be forgotten”).

• Right to restriction of processing.

• Right to data portability.

• Right to object to certain processing.

• Right to withdraw consent at any time (where consent is relied upon).

📩 To exercise your rights, please contact us at: hello@rddigital.co.uk

5. Accountability & Governance

To demonstrate compliance, RD Digital:

• Maintains records of processing activities.

• Conducts Data Protection Impact Assessments (DPIAs) where high-risk processing is identified.

• Uses written contracts with third-party processors.

• Trains staff and contractors on data protection obligations.

• Reviews policies and procedures regularly.

6. International Data Transfers

Where personal data is transferred outside the UK/EEA (e.g., via Google services), we ensure that appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses.

7. Security Measures

We use technical and organisational measures to protect personal data, including:

• HTTPS encryption

• Access controls and authentication

• Regular system updates and monitoring

• Data backup and recovery processes

8. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected, or as required by law.
Specific retention schedules are outlined in our Privacy Policy.

9. Contact & Complaints

For any questions regarding this policy or to exercise your rights:

Recognise Design Ltd (RD Digital)
Unit 7, Peerglow Business Centre, Marsh Lane,
Ware, Hertfordshire, SG12 9QL
📩 Email: hello@rddigital.co.uk

If you are unsatisfied with how we handle your data, you can lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

10. Updates to this Policy

We may update this GDPR & Data Protection Policy from time to time to reflect changes in law or our practices.
The updated version will always be available on this page with the “last updated” date.