Privacy Policy
TABLE OF CONTENTS
Last modified 26.03.2025
Principles
Rapid X (“we,” “us,” or “our”) is committed to protecting your personal data and privacy. This policy explains how we collect, use, store, and protect your personal information when you interact with us, visit our website, or use our services.
If you have any questions, please use the details provided below to contact us. By using our services, you agree to the terms of this Privacy Policy.
Rapid X Privacy Policy
Who We Are
Rapid X provides independent consulting and advisory services with a focus on digital transformations. We operate in the UK and interact with clients, suppliers, and other business partners worldwide.
We use various technology platforms for marketing, customer relationship management (CRM), financial transactions, and security. These platforms help us manage interactions with clients, process data securely, and improve service delivery.
For more details on how we process and store personal data, see our Data Processing Activities or contact dpo@rapid-x.com.
How We Collect Personal Data
We collect your personal information in the following ways:
Information You Provide Directly
You may give us personal data when you:
- Contact us through our website, email, or phone
- Subscribe to newsletters, events, or updates
- Download resources or reports from our website
- Submit enquiries, feedback, or job applications
- Engage with us via web forms, chat, or surveys
This may include:
- Full name, email address, phone number, job title, company name
- Any other information you choose to share in communications
Information We Collect Automatically
When you visit our website, we automatically collect certain data through website analytics and marketing automation tools, including:
- IP address and device details
- Browser type and operating system
- Pages visited and time spent on our site
- Links clicked and actions taken
We use cookies and tracking technologies to enhance user experience and understand visitor behaviour. More details can be found in our Cookie Policy.
Information from Third Parties
We may receive information from:
- Publicly available sources, such as LinkedIn
- Marketing and lead-generation partners, if you’ve consented
- Integrated business tools, if you interact with our email campaigns or CRM system
How We Use Your Personal Data
We use your data to:
- Provide our consulting services and support
- Improve our website, marketing, and customer experience
- Respond to enquiries, requests, and service needs
- Send newsletters, updates, and marketing communications, where permitted
- Conduct analytics and performance tracking
- Ensure security, fraud prevention, and legal compliance
You can unsubscribe from marketing emails at any time by clicking the link in our emails or contacting us.
Legal Basis for Processing
We process personal data under the following lawful bases:
- Consent - When you sign up for marketing emails or provide voluntary data
- Contractual necessity - When processing is required to deliver our services
- Legal obligations - To comply with applicable laws and regulations
- Legitimate interests - For business operations, marketing (where appropriate), and website analytics
How Long We Keep Your Data
We retain personal data only as long as necessary for:
- Providing our services
- Legal or regulatory compliance
- Security and fraud prevention
The exact retention periods for different categories of data are set out in our Information Retention Policy, which ensures compliance with UK GDPR, ISO 27001, and business best practices. Once data is no longer required, it is securely deleted or anonymised under that policy.
For more details, please see our Information Retention Policy or contact us at dpo@rapid-x.com.
Sharing Your Data
We do not sell your personal data. However, we may share it with:
Service Providers & Business Tools
We use third-party platforms to support business operations, including but not limited to:
- Marketing and customer relationship management (CRM)
- Financial transactions and invoicing
- Cloud storage and security
These providers process data on our behalf and must comply with data protection regulations.
Legal and Compliance Requirements
We may disclose data to authorities when required by law, such as in response to:
- Legal claims or government requests
- Security and fraud investigations
Sensitive Personal Information in Recruitment
Rapid X may share sensitive personal information such as your name, National Insurance (NI) number, date of birth, and email address, with third parties for the purposes of conducting legally required background checks during our recruitment process.
Business Transfers
If Rapid X undergoes a merger, acquisition, or sale of assets, personal data may be transferred as part of the transaction.
For a full list of sub processors, please see our data Processing Activities.
International Data Transfers
As we operate globally, your data may be transferred outside the UK. When doing so, we ensure:
- Adequate safeguards, such as UK Standard Contractual Clauses (SCCs)
- Compliance with UK GDPR and applicable regulations
If you’d like more details about international transfers, contact us.
Your Rights
Under UK GDPR, you have the right to:
- Access your data (request a copy)
- Correct inaccuracies in your data
- Delete your data (in some cases)
- Object to processing for marketing
- Restrict processing under certain conditions
- Withdraw consent for optional processing
To exercise your rights, contact us at dpo@rapid-x.com.
We will respond within one month (or up to three months for complex requests).
Security Measures
We take appropriate technical and organisational measures to protect your data, including:
- Access controls
- Encryption of data in transit and at rest
- Secure data storage
- Regular security audits and compliance checks
These measures align with our ISO27001 and Cyber Essentials Plus certifications, ensuring a high standard of data security. However, no system is 100% secure, and we encourage caution when sharing personal information online.
Incident Management
In the event of a data breach or security incident, we follow a formal Incident Management process designed to:
- Promptly assess and contain the incident
- Notify affected parties and relevant authorities as required by law
- Implement corrective measures to prevent future occurrences
Further details of our incident management procedures can be provided upon request.
Cookies & Tracking Technologies
Our website uses cookies, pixels, and tracking technologies for:
- Website performance & analytics
- Marketing personalisation
- Security & fraud prevention
You can adjust your cookie preferences using your browser settings. See our Cookie Policy for details.
Children’s Data
Our services are not intended for children under 16, and we do not knowingly collect their data.
Updates to This Policy
We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated effective date.
If changes significantly impact your rights, we will notify you by email or a website notice.
Contact Us
For any privacy-related questions or data requests, please contact:
Data Protection Officer
Rapid X
2nd Floor
4 St Paul’s Square
Liverpool
L3 9SJ
If you have concerns about how we handle your data, you can also contact the UK Information Commissioner’s Office (ICO) at Home.