Your privacy is important to us, and we are committed to safeguarding your personal data. This Privacy Policy outlines our practices regarding the collection, use, disclosure, transfer, and storage of the information you provide while using this website. We encourage you to carefully read and understand this Privacy Policy before using our website. If you have any questions or concerns about this Privacy Policy, please do not hesitate to contact us through our online form.
Who Are We?
We are SUPER RADICAL LTD, a company limited by shares registered in England under 08672828, whose address is 15 Alma Grove, York, North Yorkshire, YO10 4DH. We provide architecture and masterplanning services. We also own, operate and manage the website super-radical.com.
When Was Your Privacy Policy Created?
Our Privacy Policy was created on the 1st May 2017. Since its creation, there have been two amendments which have been logged below.
22/05/2018 – Amendments to comply with GDPR.
01/09/2023 – Web host changed, software providers changed and data protection enhancements added.
From time to time, we may need to make further amendments to Our Privacy Policy due to a change in the website’s functionality or the applicable laws. When we do so, we will log the changes above. You are therefore advised to check Our Privacy Policy page from time to time. Any such changes will go into effect 30 days after the new terms have been posted.
What Data Do You Collect?
When you visit our website, our web host will collect your IP address, the date and time you accessed our website, the device, operating system and browser you used, the URLs you accessed, the URL you arrived from and the duration of your visit. This is to protect their systems and our website from online threats. Your data is stored on our web server for a maximum of 30 days. Some of the data collected by our web host is also compiled by them into some basic analytics data. This data is stored indefinitely and anonymously on our web server.
When you visit our website, we collect anonymous data to gain insights into its usage and identify areas for improvement. We do not create profiles or track any personally identifiable information, nor do we utilise cookies. The anonymous data we gather includes a record of your visit, the URLs you accessed, the URL you arrived from, as well as the country and city you accessed our website from. To anonymise your data, we use your IP address to get an approximate location, then encrypt your IP address and save the resulting ID to the database. This anonymised ID is subsequently used to identify any future visits you make to our website. Analytics data is stored indefinitely on our web server.
We have also registered our website with various search engines. This is to improve our search ranking in search results. The search engines we have registered with will count query entries that lead to a visit or impression. Some search engines will also count page visits, page visits by device and page visits by country. All data collected is maintained in an anonymous format and stored indefinitely on the search engines' servers.
To protect our website from malicious activity, we will also we will collect your IP address, the date and time you accessed our website and the URLs you accessed. Additionally, if you are a registered user of our website, we will track the time you log in and log out of our website, any modifications that you make to the website and the IP address associated with these actions. This data is stored on our web server and is held for a maximum of 12 days.
When you add a comment to our website, we will collect a copy of your name, email address and comment. Furthermore, we will collect your IP address, the device that you used, the operating system that you used and the browser that you used. This is to help identify and prevent malicious activities like spamming, hacking attempts, and other forms of abuse. We will store your comment data on our web server for as long as it remains accessible to the public. Your comment, including your name, email address and IP address may also be collated into an email and sent to us via Simple Mail Transfer Protocol (SMTP). We do this to ensure the prompt moderation of our website, ensuring a safe and engaging environment for all users. Your comment data is stored indefinitely on our email server. We will also send an anonymised string created from your email address to Gravatar to check if you have an associated profile image. If a profile image is available, your profile image will be downloaded to our web server and displayed alongside your comment.
When you send us a message using a contact form, we will collect your name, email address, message and any other information you include about yourself or others within the message. This is so that we can respond to the message and undertake any related actions.Your message, including your name, and email address will be collated into an email and sent to us via Simple Mail Transfer Protocol (SMTP). Your message will then be stored indefinitely on our email server and our web server. Additionally, your contact details may be added and stored indefinitely on our contact server and our project management server.
To reduce spam, when you add a comment to our website or send us a message using a contact form, we will send your IP address, device name, operating system, browser name, the URLs you visited and the URL that you visited from to our spam protector. Your name, email address and message may also be sent. Your data will be stored on our spam protector's servers and deleted within ninety days. If you would like to opt your email address out of long-term tracking by our spam protector, please click here and complete the form.
Any media you upload to our website will be stored on our web server, including any embedded EXIF metadata. Your media will be kept for as long as it remains accessible to the public.
When you send us an email, we collect the complete email, including your name, company name, email address, message and any other information you include about yourself or others within the message. This is so that we can respond to the email and undertake any related actions. Your email will be stored indefinitely on our email server. Additionally, we may add and store your contact details indefinitely on our contact server and project management server.
When you phone or text us, or we phone or text you, your phone number and the timestamp of your communication will be collected on the device used for the communication, as well as any linked devices. Your data will be stored indefinitely. In order to act on the phone or text message, we may also collect your name, company name, phone number and postal address. Your contact data will be added and stored indefinitely on our contact server. Additionally, our mobile phone provider will store a record of all calls and messages that we exchange. Incoming call, text and voicemail records will be stored for twelve months and outgoing call and text records will be stored indefinitely.
Any voicemail messages you leave, including the date, time, and any personal details you provide in the message, will be stored on the device you called and any linked devices. The data will be stored indefinitely. In order to act on the voicemail, we may also collect your name, company name, phone number and postal address. Any contact details collected will be added and stored indefinitely on our contact server. Finally, a copy of your voicemail will be stored indefinitely on our mobile phone provider's server.
When we communicate using an app such as Viber or WhatsApp, personal information related to our communication will be collected. This may include your name, telephone number, the timestamp of your communication, the content of your communication, your profile picture, your status and any media files you send, including any embedded EXIF metadata. Your data will be stored on the mobile device we used for the communication and any linked devices. Furthermore, the app provider generally stores a copy of your personal information used in the communication on their servers. Storage practices vary between apps, and we recommend reviewing the privacy policies of the apps you use for details. Additionally, we may add and store your contact details indefinitely on our contact server and project management server.
When you do business with us, we will store personal data related to the business we do together. This is necessary for delivering the service we have agreed upon. We will hold this data on a combination of our file server, our email server, our contact server and our project management server. In order to provide you with quotes and invoices, and maintain proper accounting, we will also collect certain personal details. This data will be stored indefinitely on our accounts server.
If we organise a meeting together, we will collect and store personal information, including the contact details of the meeting's participants. This is so that we can coordinate the meeting, make any necessary arrangements and provide follow-up communication. Meeting data may be stored indefinitely on our contact server, our email server and our project management server.
When you register or are registered as a user on our website, we collect your name, email address and password, as well as any additional details you choose to provide in your user profile. This information allows you to modify the content of our website and personalise your user experience. For support purposes, website administrators will have access to view and edit the data stored in your user profile. Your profile data will be stored on our web server and will be deleted when your profile is deleted. As part of the registration process, we may send an email that provides your username and contains a link so that you can set your password. We will also receive a confirmation email that will include your username and email address. For our records, all emails related to your registration will be stored on our email server indefinitely.
When you attempt to log in to our website, your IP address and the number of logins you attempted will be added to our access log. This is to protect our site from unauthorised logins. Our access log is held on our web server, and data is held for a maximum of seven days.
If you visit suspicious URLs or register too many login attempts on our website, your IP address will be recorded on our web server, and your access to our website will be blocked. This website is also part of a network of websites managed by our web host and, if you visit suspicious URLs or register too many login attempts on any site within the network, your IP address, the device that you used, the operating system that you used and the browser that you used will be recorded by our web host, and your access to all sites on the network will be blocked.
All data added to our web server is backed up on our file server and all data added to our file server, our email server and our contact server is backed up on our backup server. All data added to our web server is also backed up on our remote web backup server. All data stored on our mobile devices is backed up to our mobile device server.
All information stored on our file server, email server, contact server and mobile device server may also be stored on select local computers and mobile devices.
Please rest assured, we will never send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the UK Data Protection Act 1988 (DPA), the EU Data Protection Directive 1995 (DPD), the EU General Data Protection Regulation 2018 (GDPR) and the Australian Privacy Act 1988 (APA).
Do You Use Embedded Content?
We avoid using embedded content such as videos, images and articles. This is because embedded content appears like it is part of our website, but is actually from another website, which has its own set of policies in relation to cookies, privacy and tracking. Where we do use embedded content, we will clearly label the content as embedded to avoid confusion.
Does Your Site Use Browser Caching?
Our website utilises browser caching, which involves storing certain website files, such as images, scripts, stylesheets, and static content, on your device's local storage. This allows for faster subsequent visits as the files are retrieved from your device's cache instead of being downloaded again from our servers. Please be aware that cache files are temporary and set to expire after a maximum of one year. Additionally, it's important to note that any content you post on our website may be downloaded and stored on other users' devices. We advise against posting sensitive or personally identifiable information as we cannot control or be held responsible for the actions of other users who store cached data from our website on their devices.
Does Your Site Use a Content Delivery Network?
Our website employs a Content Delivery Network (CDN) service to enhance loading speeds. This service functions by directing your requests to a duplicate of our website stored on a server closer to your location. As part of the optimisation process, our CDN provider may collect and process certain information about your device, including your IP address. Please note that any collected information is anonymised and generally retained for a limited period of time. For more specific details regarding the retention period, we encourage you to consult our CDN provider's privacy policy.
Who Has Access To My Data?
Our directors, web team, and web developers have access to all data stored on our web server. Similarly, all staff members have access to all data stored on our email server, file server, contact server, project management server and accounts server. However, access to the mobile devices you communicate with is limited to the assigned user and the company directors. Additionally, in the event of a security breach, attack, or malfunction, we may need to provide temporary third-party access to our servers. This is done solely to resolve any issues and ensure the security of our systems.
How Do You Secure My Data?
Data security is of great importance to us, and to protect your data, we have put in place a variety of measures to safeguard the data we collect from you. This includes the following:
– Only keeping your data for as long as we need to and for as long as we have your permission to keep it.
– Password protecting all data that we hold about you.
– Passcode protecting all computers, laptops and mobiles devices.
– Using comprehensive security software to protect our computers, laptops and mobile devices.
– Using two-step authentication on all computers, laptops and mobile devices.
– Using two-step authentication to protect our website, web server, file server, email server, contact server and backup server.
– Adding the facility to remotely erase all content of any device connected to the internet.
– Encrypting all data stored on our local devices, file server and contact server.
– Ensuring all data transferred between our web server and your web browser is encrypted.
– Ensuring all emails are encrypted before being sent across the internet.
– Ensuring all emails are protected by SPF, DKIM, and DMARC authentication protocols.
– Securing our website using established and highly reputable security software.
– Undertaking daily scans of our site to ensure no malware is present.
If you would like more information about the measures we take to protect your data, please feel free to ask for a copy of our Data Protection Policy by sending a message to info@super-radical.com.
Where Is My Data Stored?
SiteGround is our web host, and they provide our web server, CDN servers and our web backup servers, all of which are powered by Google. Google also provides our file, email and contact server, Plutio provides our project management server, FreeAgent provides our accounts server, Apple provides our mobile device server and SysCloud provides our backup server. Akismet provides our spam protection service and our site has been registered with Google and Bing. All data collected and processed is stored within the European Economic Area (EEA), with the exception of data stored on Plutio's servers, Akismet's servers and Gravatar's servers. However, we would like to reassure you that all our providers adhere to the General Data Protection Regulation (GDPR) guidelines. We have also entered into Data Processing Agreements with each of these providers to ensure the proper handling and safeguarding of your data.
Why Do You Use Third Parties?
We use some third parties because they can perform some services we require more effectively and securely than ourselves.
Can I Learn More About Your Third-Party Providers?
To obtain more information regarding the storage and processing of your data by the third parties we collaborate with, please click on the links provided below.
Apple's Privacy Policy
Bing's Privacy Policy
Brevo's Privacy Policy
FreeAgent's Privacy Policy
Google's Privacy Policy
Plutio's Privacy Policy
Gravatar’s Privacy Policy
SiteGround's Privacy Policy
SysCloud's Privacy Policy
Vodafone's Privacy Policy
Do You Share My Data?
We may, from time to time, share the anonymised data that we collect with third parties such as prospective investors, affiliates and partners. Furthermore, in certain circumstances, we may be legally required to share some of your data. Examples of this include court orders and government requests. Please be aware, in such circumstances, we will not require any further consent to share your data with the parties involved.
Can I See the Data That You Hold About Me?
If you would like to access or review the data we hold about you, please contact us at <EMAIL ADDRESS>. We will then make reasonable efforts to provide you with access to your data and review it. However, please be aware that we may require identification to process your request. In some cases, we may not be able to fulfil your request as it would interfere with the rights of other individuals or it would require disproportionate effort or expense. If we are unable to fulfil your request, we will provide you with a clear explanation of why we cannot do so.
Can You Remove the Data That You Hold About Me?
If you would like us to remove any data we hold about you, please contact us at info@super-radical.com. We will make reasonable efforts to delete the data from our servers. However, please be aware that certain legal or security obligations may require us to retain some data, and we may require identification to process your request. Additionally, please note that specific information cannot be deleted from our backups due to technical limitations. Nevertheless, we maintain a record of deletion requests, and we will apply them to future backup restorations to ensure the eventual removal of your data.
What If the Data You Hold About Me Is With a Third-Party?
We only use reputable third parties that support requests for access, review, and deletion of personal data. In the event that your data is held by a third party on our behalf, we will collaborate with them to facilitate your request.
Can I Withhold My Data?
You can access our website without providing any personal data. You can do this by choosing not to complete any of the online forms.
Do You Comply with Legislation Outside of the EU?
We take data protection and user privacy laws seriously, and our website is designed to comply with the rigorous standards set out by the EU legislation. This means that our website is likely to be compliant with data protection and user privacy legislation set out by most other countries and territories. However, if you have any questions or concerns about whether our website is compliant with the data protection and user privacy legislation in your country of residence, please do not hesitate to contact us at info@super-radical.com.
What Happens If You Have a Security Breach?
In the event of a security breach where there is a risk to your rights and freedoms, we will notify you and the appropriate regulatory authorities within 72 hours of becoming aware of the breach.
Our notification will include details of the breach, the nature of the data affected, the likely consequences of the breach, and the measures we have taken or will take to address the breach and mitigate any negative impact on your personal data. We will also provide you with any additional information or advice you may need to protect yourself from the consequences of the breach.
Who Is Your Data Protection Officer?
Public authorities and organisations that process personal data on a significant scale must appoint a Data Protection Officer. While we do not process personal data on a significant scale, we have still appointed a Data Protection Officer. Our data protection officer is David James-Arnold, the co-founder and managing director of SUPER RADICAL LTD.
What Happens if I Want to Make a Complaint?
If you believe that we are using your data unlawfully, or not adequately protecting your data, you have the right to file a complaint with the supervisory authority responsible for upholding information rights in your country or region. Please click the link below for a list of the supervisory authorities within the EU.
Furthermore, please click the following link for UK’s supervisory authority.
Before filing a complaint, we recommend that you first try to resolve any issues or concerns you may have with us. We will make every effort to address your concerns and ensure that your data protection rights are upheld.
Do You Have Any Other Terms or Policies?
Use of this website is also governed by our Terms of Use and our Cookie Policy. Please ensure you read our Terms of Use carefully, as by using this website, you are deemed to accept them. You will need to consent to our Cookie Policy before any cookies are downloaded from this website to your computer or device.
What Happens if Your Business Changes Hands?
In the future, we may expand or reduce SUPER RADICAL LTD, and this may involve the sale or transfer of some or all of our assets. If this happens, we will make reasonable efforts to inform you of any changes affecting your personal data. Furthermore, any new owner will be legally bound to continue using your data in accordance with this Privacy Policy.
Where Can I Get Further Information?
If you have any questions about this Privacy Policy or our website in general, please contact us by email at info@super-radical.com, by telephone on +44 (0) 1905 922 965, or by post at SUPER RADICAL LTD, 15 Alma Grove, York, North Yorkshire, YO10 4DH, United Kingdom.