The Ruler Company adheres to the General Data Protection
Regulations 2018 (GDPR). Information about our customers remains confidential
and is not provided to any third party, except for legitimate business reasons,
which will be advised to you before any information is released. We do not have
access to or retain any payment card details placed via our website or other
purchase system, which are dealt with exclusively by our card processor using a
fully secure encrypted web server. We are confirmed as compliant with the
Payment Card Industry Data Security Standards (PCS DSS) through our payment
When placing an order, you will have the opportunity to
advise and confirm if you wish to receive any future marketing or other
information from us. Under the GDPR above, without this confirmation we will
not send any such information to you, unless we have a pre-existing business
relationship with you. In that case please advise if you do not want to
continue to receive information from us.
We will retain your contact, order and our invoicing details
on our system. However, you have the
‘right to be forgotten’ and should you wish to be removed from our records, we
will delete your contact information from our records within 30 days of
receiving your request unless we need to retain them for legitimate reasons.
However, details of any transactions will be retained for the statutory time to
comply with VAT and Taxation regulation.
All our internet and distance selling activities are full
protected behind a firewall configuration to keep customer
personnel data secure.
All activities are protected by internally created passwords
which are regularly monitored and changed.
We do not hold any customer
cardholder details in our system. All activities relating to payment are
undertaken through our payments processor.
We have virus, malware and phishing protection software in
place and these are updated automatically as soon as new editions or updates to
existing are released.
Each operator has an individual username and password to
allow them to access the card date entry system and only authorised personnel,
including those from third party
supplies are able to access sensitive parts of the system, including date
records and physical access to Servers, PC’s and Card terminals.
Our systems are regularly scanned to ensure we are not
holding any unauthorised or card payment details.
All our staff are aware of the above policy and are actively
engaged in ensuring implementation