Privacy policy

RED is what’s known as a ‘data controller’. This means that we are responsible for deciding how we hold and use personal information.

RED respects and recognises the privacy and personal data of all of our clients – including existing clients, potential clients and past clients – and also those people who visit our website. This privacy document sets out what personal data we may collect from you and how that may be used by us in accordance with the General Data Protection Regulation (GDPR).

This document also sets out the data processing practices carried out by RED through the use of our website, internet and any other electronic communications networks we use.

So that you are aware of how and why we are using your personal information, please take a moment to read this important privacy document, together with any other privacy documents that we may sometimes issue you with when we are collecting or processing personal information.

Protecting your data

RED complies with data protection law. This means that the personal information we hold about you must be:

  • collected only for the purposes indicated and not used in any way that is incompatible with said purposes;
  • relevant and limited only to said purposes;
  • used lawfully, fairly and transparently;
  • accurate and kept up to date;
  • kept securely;
  • kept only as long as is necessary.


Collecting your personal data

We may collect data from you as follows:

  • when you provide your details by taking part in industry research carried out by or on behalf of us, which may be via social media, networking links, or other means of electronic communications;
  • when you provide your contact details via the ‘contact us’ section of our website, so that we can contact you back;
  • when we engage with you to undertake design or editorial services or internal communication consultancy when working with you on a product, service or project;
  • when you provide your details via a product or tool created by RED which requires you to give personal data. This could be social media, networking links, a survey, or other means of electronic communications.


RED must have a legal basis for processing your personal data. The legal basis we rely upon when providing or offering to provide services to you include:

  • for marketing purposes, in relation to our products and services;
  • where we need to comply with a legal obligation;
  • where we need to perform the contract we have entered into with you;
  • where it is necessary for your legitimate interests and our legitimate interests (or those of a third party), and where your fundamental rights do not override those interests.


What information might we collect?

  • name and job title;
  • business addresses and postcodes or other demographic information;
  • contact information such as telephone numbers and email addresses;
  • other information relevant to our products/ services/ surveys.


How is your personal information used?

We require personal information to understand your needs and provide you with a better service, particularly:

  • to undertake works to fulfil a contractual agreement that is in place;
  • for internal record keeping;
  • we may use the information to improve our services;
  • we may send promotional emails about our services or other information which we think you may find interesting using the email addresses or contact information which you have provided;
  • we may also use your information to contact you for market research purposes. We may contact you by email, phone or mail. We may use the information to customise our website according to your interests.


We would never sell or give your information to third parties.

Automated decision making

We do not envisage that any decisions will be made about you using automated means; however, we will notify you in writing if this position changes.

How long will you use my information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements. Different laws require us to keep different data for different periods of time and we will process your personal data and sensitive personal data in line with the relevant legal requirement. In some circumstances we may make your personal information anonymous so that it can no longer be associated with you, in which case we may use such information without further notice to you.

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

  • request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
  • request access to your personal information (commonly known as a ‘data subject access request’). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
  • request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
  • object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on these grounds. You also have the right to object where we are processing your personal information for direct marketing purposes;
  • request the transfer of your personal information to another party;
  • request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind or request that we remove your information from our database at any time, by writing to us at the address below, or emailing andy@comms.red

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

You may request the details of personal information which we hold about you under the Data Protection Act 1998. If you would like a copy of the information held on you, please write to RED, York Eco Business Centre, Amy Johnson Way, York, YO30 4AG. If you believe that any information we are holding on you is incorrect or incomplete, please write to us as soon as possible at the above address or email andy@comms.red. We will promptly correct any information found to be incorrect.

Privacy and our website

This website privacy disclaimer applies to the comms.red website only. Links within this site to other websites are not covered by these guidelines. By accessing and using our website you agree to the terms of this policy.

We do not routinely store or collect any personal information about visitors to the website. We will record your email address and other information only if volunteered to us by you. This information is treated as confidential.

No part of our website stores or collects any identifiable information about site users. To find out more please read our cookie policy.

External websites

We are not responsible for the content or privacy practices of any external websites that we link to. You do not have to request permission to link to our website via hyperlinks. However, you must request permission to use any of our content or publicly display our logo.

Cookie policy

By accessing and using our website you agree to the terms of this policy and our privacy disclaimer. Please read this cookie policy carefully so you know what cookies are used.

How cookies are used

Cookies are small text files placed on your computer by websites. These files are either stored in the memory of your computer or device, or placed on the hard drive. Cookies are used to help or personalise the user’s browsing experience and provide information on how users interact with our site so we can make improvements.

Necessary cookies are necessary for the website to function properly. They enable you to navigate around the site and search for topics. Without these cookies we could not provide you with the experience you would expect from our site.

Performance cookies allow us to understand how visitors use our site, so we can measure and improve how the site works. All the information that these cookies collect is anonymous and not linked to any personal information about you.

How to block/remove cookies

You can find out more about cookies including how to disable/ enable and delete them by visiting aboutcookies.org. You can block most cookies by activating the setting on your browser that allows you to refuse the storing of all or some cookies. However, please note that some features may be unavailable when browsing our website if you block or remove cookies.

Data protection compliance

RED complies with the General Data Protection Regulation (GDPR).

For the purposes of the Act, RED is the data controller and sole owner of the personal data collected by the company by direct means or via comms.red.

We implement technical, organisational, administrative and physical measures to help ensure a level of security appropriate to the risk to the personal information we collect, use, disclose and process. These measures are aimed at ensuring the ongoing integrity and confidentiality of personal information. We evaluate these measures on a regular basis to help ensure the security of the processing. Please be aware that, despite our ongoing efforts, no security measures are perfect or impenetrable.

We restrict the access to your personal information, to those who require access to such information for legitimate and relevant business purposes.

We use up-to-date industry procedures to keep personal data as safe and secure as possible and to protect against loss, unauthorised disclosure or access.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to RED; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent any unauthorised access.

We will delete your personal information when a request is received from you to do so, or, if there is no longer a legitimate reason for us to hold it. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the personal information.

Changes to our policy on privacy

It is important to point out that we may amend this privacy document from time to time, as the internet and data privacy best practice are both constantly evolving.

If you have any questions about this privacy document or how we handle your personal information, please contact andy@comms.red. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.