The following policy sets out Redbrick Solutions data privacy policy, covering what data we collect, where we collect it, and how we use it.
Redbrick Solutions collects information about you when you:
1.1. Information you provide us with
We collect data that you provide us directly with, for example when registering for an online tracking account, when you contact Redbrick directly, or when you visit our website and / or use the contact us functionality.
In these instances the type of data Redbrick collects typically would be Names, usernames, password, emails addresses and IP addresses, contact preferences, along with any details pertaining to the reason for your contact (e.g. your question).
Typically there are no contact preferences, retained as Redbrick will only contact you directly if you have a) requested contact, b) are a client, or c) a prospective client. In all circumstances we will provide clear opt out options to any direct correspondence (typically by email) sent to you.
Should you wish to opt out of any correspondence you can request this by selecting the opt out option or emailing us directly for removal from our data sources (see contact us below).
1.2. Information we collect automatically
We collect information automatically when you use our products. Typically, this data is all collected in the performance of a contract between us (Redbrick) and you (the client). In addition to this your own clients who are using services provided by us (e.g. case tracking and new secure document portal) will be providing data that we collect on your behalf in the performance of your contract with your client.
Data is split into two distinct sub categories 1) Data that is contained within your systems we provide / manage, but that is held on site on your own network, or externally in a hosted environment / network of your selection. 2) Data that is held centrally on our own server(s) to facilitate our services.
This data can be broken down as follows:
1.2.1. Data held locally on your network
Data held in RPM, Matter documents, and SDLT will vary from site to site dependent on use. As RPM can be customised, and documents are free format the data held within them will be bespoke by nature.
Typically, we’d expect to see data pertaining to the legal transaction in progress. For example, client details, client correspondence, details about the transaction, progress of the transaction and billing information. You as the client (of Redbrick) control the data contained within your system. You are also responsible for ensuring appropriate security is in place to protect this local data and that appropriate backups of the database are in place. Please contact Redbrick support (contact us below) for any assistance in setting this up.
1.2.2. Data held centrally on our server(s)
Redbrick synchronise (via HTTPS secure webservices) data from your local database / network to central servers hosted by Rackspace and Azure for the purposes of invoicing for transactions and to present this information in the tracking portal. The data held in the tracking portal is only shared securely with your client and parties linked to the case, and only when you the firm choose to share this information.
We also store information relating to the types and numbers of transactions you list for the purposes of invoicing you monthly for the work listed.
Redbrick collects usage data for the purposes of identifying usage patterns on the software and understanding performance and load issues.
Redbrick also collects diagnostic data relating to system crashes. The data relating to system crashes includes screenshots, and diagnostic information relating to the cause of the crash.
This diagnostic information is used solely for supporting clients in the event of any system issues and is not shared outside of our support function.
It is possible to turn diagnostic information sharing off on a firm by firm basis if required. To turn this feature off please use the contact us (below) or speak to your account manager. N.B. this will however impair Redbrick’s ability to support you as effectively as we could with it switched on.
We may collect information about you from other sources, such as through certain features on the Platform you elect to use, but only where these third parties either have your consent or are otherwise legally permitted or required to disclose your information to us. Examples include:
Redbrick uses the information within our systems for the following purposes:
2.1. We may use information about you and your usage related to operating our systems to:
1. Provide, maintain, and improve our systems, including to process transactions, develop new products and services and manage the performance of our systems.
2. Personalise your usage of our systems, for example to suggest systems, content and customisations we think you may be interested in.
3. Monitor and analyse trends and usage within our systems.
4. Perform accounting, support and administrative functions.
Our legal basis for collecting and using the information described above will depend on the type of information and the specific context in which we collect it.
Primarily we will collect data within the software legitimately for the performance of a contract of service, e.g. as our roll as software supplier to you (the client).
Further we will contact you about services and products we deem to be appropriate and that are either in your legitimate interests or our legitimate interests, so long as it’s deemed to not be inappropriate based on any other overriding rights you may have.
Redbrick Solutions shares the data you have provided to us directly and entered in your software in several different ways:
Data shared via the online portal is defined and controlled by you (the client). Redbrick portal is the sharing tool but the data and documents you choose to share with the client or other parties is controlled by the settings and data entered in your case management system (RPM).
For assistance understanding how you control what information is shared please speak with your account manager or contact us.
Redbrick shares data with third party applications via integration and third party API’s, examples of data shared include:
Where appropriate Redbrick may share information about clients with third party partner organisations where there is an expressed interest or legitimate interest in services provided by these third party organisations.
With your permission, we may allow others to use cookies, web beacons, device identifiers, and other technologies to collect information about your use of the software and other websites and online services provided by us and our partner organisations.
In some very limited cases (Business Intelligence clients only) Redbrick may need to transfer data outside of the EU to other countries. These countries may have data protection laws that are different to the UK laws and, in some cases, may not be as protective. We have taken appropriate safeguards contractually to require that your information will remain protected in accordance with this Privacy Policy.
We employ technical and organizational measures designed to appropriately protect your information that is under our control and that we process on your behalf from unauthorised access collection, use, disclosure, copying, modification or disposal. Both during transmission and once we receive it. We store all information that you provide to us on secure servers. We train employees regarding our data privacy policies and procedures and permit only authorised employees to access information on a need to know basis, and as required for their role. We use firewalls designed to protect against intruders. However, no method of transmission over the internet or method of electronic storage is completely secure.
Where you have a password, which enables you to use our services, you are responsible for keeping this password complex, secure, and confidential.
Redbrick retains data relating to transactions for the duration of the transaction and historically for a period of time for reporting and accounting functions. Redbrick will routinely delete data from our servers where it’s deemed appropriate and no longer necessary for any of the purposes set out above.
We may modify this Privacy Policy from time to time. When we do, we will provide notice to you by publishing the most current version and revising the date at the top of this page. If we make any material change to this policy, we will provide additional notice to you, such as by sending you an email or displaying a prominent notice on our Platform.
Under the General Data Protection Regulation (GDPR), you have certain rights regarding your personal data, including:
5. Contact Us
If you have any questions or concerns about our Privacy Policy Notice or our data practices, or if you would like to exercise your data subject rights, please contact us at info@redbricksolutions.co.uk.