top of page

PRIVACY POLICY

Last Modified: September 25, 2025

 

RBH Security Group Ltd incorporated 1st October 2001 , Evesham UK. Further to our terms of use (https://rbh-access.com/terms) and any applicable end-user term and enterprise license agreement (collectively, the “Terms”), which apply to your use of our enterprise access management platform (“RBH Platform”), this Privacy Policy sets out how we collect, store and use personal information in connection with both our website at https://rbh-access.com/  and any implementation of our RBH Platform.  Unless otherwise indicated, any capitalized terms in this Privacy Policy have the same meaning attributed to them in our Terms.

 

By agreeing to our Terms or by using our Website or RBH Platform, you consent to the collection and use of personal information in accordance with this Privacy Policy, which we may update from time to time.

If you believe that we have not adhered to this Privacy Policy or would like to request an amendment to personal information being held by us, please contact our Data Protection Officer by email at caine.jenkins@rbh-access,com or by post to RBH Security Group, F3 Enterprise Way, Vales Business Park. Evesham. Worcestershire. WR11 1GS You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

 PART I: COLLECTION OF PERSONAL INFORMATION

We process personal information under these lawful bases:

  • Contract performance: to provide our access control services

  • Legitimate interests: for service improvement, security monitoring, fraud prevention

  • Legal obligation: regulatory compliance and law enforcement cooperation;

  • Consent - where specifically requested for marketing or special category data;

You can object to legitimate interest processing and withdraw consent at any time

The Personal Information of Other Individuals

To the extent you (or your End-Users) provide us with, or upload data that includes the personal information of another individual, you represent and warrant that you have that individual’s consent to provide us with their information to use in accordance with this Privacy Policy and our Terms. If you do not have their consent, you agree not to upload or provide us with any such personal information.

To establish an account on the RBH Platform or use our Website, we may collect the following personal information:

  • Full name;

  • Business or organization name(s);

  • Mailing address;

  • Billing Address;

  • Email address;

  • Phone number;

  • Banking and/or credit card information;

  • Comments, feedback, reviews and other information you upload or provide to us;

  • IP address and location data, including geo-location data;

  • Website statistics and analytics data regarding your use of the Website and RBH Platform;

  • Other types of raw data relating to how you interact with the Website and RBH Platform, for example, your browser information and session duration;

  • Profile photos (where you elect to upload them); and

  • All other information you provide on our Website, RBH Platform, or otherwise

We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

 

In some cases it may be necessary to collect Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).  This information will only be processed with your explicit consent or as otherwise permitted by data protection law.

 

We do not collect any information or personal data about your criminal convictions and offences.

 

Payment Processing

We may also collect credit card and payment information from you, or an organization you are associated with, via a third-party payment processor.  Although we may display their forms on or in connection with our Website and RBH Platform, when you provide your payment details via the Website or RBH Platform, you are providing them to the applicable payment processor.  You acknowledge that our third-party payment processors may have their own agreements which apply to you. While we will not have access to your entire credit card number, we will be able to bill your credit card and may have access to certain card and payment details such as the name on your card, billing address and card expiration date.  If you have questions regarding our payment processors, please contact us.

PART II: THE USE OF PERSONAL INFORMATION

We do not sell personal information to third-parties. However, we may use personal information to:

  • Facilitate the operation of the Website and RBH Platform, including sharing or providing access to personal information to Third-Party Providers, see below for details;

  • Bill and collect money owed to us;

  • Verify your contact information;

  • Provide user support or to support and improve our Website and RBH Platform;

  • Communicate with you about your account or services we offer;

  • Provide to Resellers associated with your account on the RBH Platform;

  • Send or display informational and promotional materials, including advertisments, from us, our partners, advertisers or third parties to you. You may unsubscribe from such communications at any time;

  • Pursue available legal remedies to us and to prosecute or defend a court, arbitration or similar proceeding;

  • To meet legal requirements or seek legal advice from a lawyer in connection with your use of our Website or RBH Platform; and

  • To enforce compliance with our Terms and applicable laws, rules and regulations.

Use of Personal Information with AI and LLM Technologies

We may use your personal information in de-identified or aggregate form, or where reasonably necessary, in identifiable form, with large language models (LLMs), artificial intelligence systems, and similar technologies to support and improve the functionality, accuracy, and security of the RBH Platform and our related services. Any such use will be consistent with this Privacy Policy and the Terms, and we will not use personal information in a way that conflicts with our commitments to in the Terms or any corresponding Enterprise License Agreement. We will take reasonable steps to ensure that the use of such technologies is subject to appropriate technical and organizational safeguards, and any such processing shall at all times be in accordance with applicable law in the UK.

Resellers and Others

RBH will not be responsible for the data handling or privacy practices of Resellers or other third parties who are independently responsible for complying with applicable privacy laws in their own dealings with users.

Furthermore, the RBH Platform may include links to third-party websites, plug-ins, applications and/or other materials which are not provided by us. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. These are not under our control and we are not responsible for their privacy notices/policies. Please note that they and any services that may be accessible through them should have their own privacy notices/policies and that we do not accept any responsibility or liability for the activities, privacy policies/notices or levels of privacy compliance of any third-party websites, plug-ins, applications and/or other materials operated by any third party or for any content which is not under our control. We recommend  that you check their privacy policies/notices before you submit any personal data to any of them.

 

PART III: THE DISCLOSURE OF PERSONAL INFORMATION

Sharing Personal Information and Content if Required by Law

We may share personal information, which for the purpose of this policy includes personally identifiable information, and any content collected, uploaded or provided to us if required by law, such as in response to a subpoena, court order or other legal process in any jurisdiction.  If we are required by law to make any disclosure of your personal information or content, we may, but are not obligated to, provide you with written notice of such disclosure, if permitted by law.

Sharing Personal Information to Cooperate with Investigations and Law Enforcement

Absent a court order, subpoena or other legal requirement to disclose personal information or content in our possession or control, you agree that we may also share personal information and content you upload or which is associated with your account on the RBH Platform to cooperate with law enforcement authorities in the investigation of any criminal matter if we reasonably believe doing so is necessary or beneficial in protecting your safety, the safety of any third-party or the administration of justice.

Sharing Personal Information

 

Third- Party Providers: Our suppliers, partners, independent contractors (collectively “Third-Party Providers”) and/or employees, may have access to, or be shared personal information to use in connection with one or more of the purposes for which the information was collected. Our Third-Party Providers may have access to personal information in providing services to us, or providing you with access to the Website or RBH Platform.   We may use a variety of Third-Party Providers in order to host our Website and RBH Platform and facilitate their ordinary use, including for example, hosting servers which store personal information. As of the date of this Privacy Policy, our main data hosting provider is Microsoft, utilizing Microsoft Azure.  Please contact us if you wish to obtain a complete list of the Third-Party Providers we currently use where your personal information may be stored or processed.

 

Affiliates: We may share your personal data as reasonably required with our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.

​

 

Your Personal Information May Not Be Stored in UK

We may transfer personal information to countries outside the UK, primarily Canada and the United States. We ensure appropriate safeguards through:

  • UK adequacy decisions where available

  • Standard Contractual Clauses approved by UK authorities

  • Your explicit consent where required You may request details of safeguards used for specific transfers.

 

European General Data Protection Regulation

 

Our privacy practices intend to meet the requirements of the General Data Protection Regulation of the European Union (“GDPR”). As a company that may process the personal information of persons who reside in or who are citizens of the European Union (a “European person”), we have implemented technical and organizational measures to meet the GDPR’s requirements and protect the personal information of European persons. Our technical measures to protect personal information take into account current technology available and the costs of implementing that technology in addition to the nature, scope, context and purposes of the personal information collected and processed. If you have any questions about our technical and organizational measures to meet the GDPR requirements, please contact us.

 

If you provide us with personal information from European persons, you represent and warrant to us that your personal information collection and storage procedures comply, at all times, with the GDPR. To the extent you provide us with, or, have our Website or RBH Platform process any personal information of a European person, you further represent that you have obtained informed consent to transfer their information, internationally, to us. If such consent is subsequently revoked, you agree to inform us immediately. Provided we are a company registered and operating in Canada, you agree and acknowledge that your personal information will be accessed by us in Canada, although it may be stored with Third Party Providers in locations both in and outside of Canada.

 

European Union residents may contact our Data Protection Officer regarding data subject access requests at: caine.jenkins@rbh-access.com

 

Sharing Personal Information if Our Business, Website or Service is Acquired

 

We may share personal information with our successors (if our business, the Website or  RBH Platform are acquired by another legal entity) or any assignee of our assets relating to the Website and RBH Platform. Disclosure in such circumstances is governed by UK GDPR and Data Protection Act 2018 (“UK DP Laws”).

 

 

Disclaimer and Warning About Sharing Personal Information Online

 

YOU ACKNOWLEDGE THAT WHEN SHARING PERSONAL INFORMATION ONLINE, THERE IS ALWAYS A RISK OF DATA BREACHES, INCLUDING DATA BREACHES IN WHICH THIRD PARTIES UNLAWFULLY ACCESS OUR SYSTEMS, OR THE SYSTEMS OF OUR THIRD-PARTY PROVIDERS, WHICH STORE PERSONAL INFORMATION.

 

WHILE WE TAKE MEASURES TO PROTECT PERSONAL INFORMATION, YOU AGREE AND ACKNOWLEDGE THAT OUR TERMS HAVE LIMITATION OF LIABILITY PROVISIONS RESTRICTING YOUR ABILITY TO SEEK DAMAGES OR COMPENSATION FROM US IN THE EVENT OF A DATA BREACH OR LOSS,  TO THE FULLEST EXTENT PERMITTED BY LAW.

 

Retention of Your Personal Information.

 

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. By law we have to keep basic information about our customers for six years after they cease being customers for tax purposes. In some circumstances you can ask us to delete your data. Furthermore, in some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

You have certain rights under UK DP Laws and may exercise them by contacting our Data Protection Officer. These rights include the following:

 

-  access

- rectification

- erasure

- restrict processing

- data portability

- object

- withdraw consent

- not to be subject to automated decision-making

 

If you are a resident of the UK, you have the right to make a complaint at any time, including where you believe we are unlawful processing your data,  to the Information Commissioner's Office (ICO), the UK regulator for data protection issues (www.ico.org.uk).

 

If you are a resident in the EEA and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection authority. You can find their contact details here:

https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm .

 

PART IV: Our Use of Cookies

 

By using our Website or RBH Platform, you consent to our use of cookies. Our cookie policy is available on our website at https://rbh-access.com/cookie-policy/.

bottom of page