Who we are
RIN Services comprises of “RIN Services”, “RIN Identity Services”, “RIN Network Services” and “RIN Mail” (herein referred to as “RIN Services” unless specific to a particular service offering). This policy applies to all high-level services within these and particular services called out within. It is important to note that services hosted by RIN Services that are for the benefit of others (tenanted and hosted services) are not covered within this policy and readers should refer to the individual organisation’s policy.
Our primary public-facing website address is: https://rinservices.co.uk. Several stub-domains exist under this with some other domains existing for various service offerings, changing from time to time.
Cookies
We use cookies and other technologies to ensure secure authentication. If you attempt to authenticate with one of our services, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookie retention varies from system to system and is also subject to external suppliers such as Microsoft.
Other specific service offerings place additional cookies to enable the functionality of the application and improve end-user experience along with application security.
We do not use cookies for user profiling with the intent to sell or carry out any kind of targeting such as targeted advertisements.
Embedded content from other websites
Content on this site, other RIN Services sites and applications may include embedded content or applications (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. This is outside the control and scope of the RIN Services privacy policy.
Who we share your data with
We do not sell or share your data with any third-parties for any purposes other than when required to by law. Your data may be held by external organisations on our behalf for the co-provision of services, but the data remains in the sole control of us. If this is not the case, you will be informed. An example of this is the use of Software as a Service (SaaS) platforms.
How long we retain your data
Your data will be retained according to the data retention schedules of the specific systems in use. Some may have short-lived retention periods, whereby data is erased once the technical need for the data has passed – sometimes within seconds.
Other systems may retain your data for longer periods for legislative reasons or as part of the service offering – such as our monitoring technologies and audit logging, or when the service offering’s purpose is data storage such as file and email services. In which case these are also subject to backup retention periods after any user file deletions. Information of these retention periods can be requested from support@rinservices.co.uk by a designated local organisation administrator for the specific RIN Services offering.
Data locality
As a UK-originating organisation, UK GDPR data locality principles are applied to RIN Services systems. Where technically possible, all data, backup copies and processing systems are located within either the UK or a country belonging to the European Economic Area (EEA).
For our Microsoft Online tenants, RIN Mail and RIN Identity Services authentication platform, tenant country is set to “United Kingdom” using EU Model Clause compliant datacentres for data locality.
Some services may operate outside of the UK or EEA by design either for the provision of global services (such as CDN services) or high-availability services. Where this is the case, users of such services will be notified.
Data backups are held within the UK and EU (EEA countries). In many cases these are distributed to provide geo-redundancy. For further information on specific data localities, local organisation administrators may contact support@rinservices.co.uk.
What rights you have over your data
You may contact us at any time to request a data correction or removal of your data for any system. However, it is important to note that the data held in some of our systems cannot be corrected or deleted by design, such as auditing systems. Additionally, some data may need to be retained for either the technical delivery of the services or for regulatory or legal compliance. If these are the case, we will advise you following your request.
To make a data request, please contact support@rinservices.co.uk. Please note that you may be advised that for certain data types, the request will need endorsement by your local administrative contact.
Network monitoring and expectation of privacy
Users of RIN Services corporate networks, VDI services, guest WiFi networks such as “RIN-WiFi_GUEST” and email & file services are all subject to a level of network monitoring and filtering. This is done using systems with restricted systems and respecting local privacy laws (using data anonymisation where possible). However, when using such network resources, there should be no implied expectation of privacy or freedom, with web filtering carried out and enforced at the sole discretion of RIN Services and changed without any prior warning.
Data classification and protection
Data handled within RIN Services is subject to a data classification system with data of certain classifications requiring additional safeguards under specific conditions (such as encryption). RIN Services uses technical and procedural controls to enforce this.