Redalfa Limited: Privacy Policy

1. INTRODUCTION & DATA SOVEREIGNTY

1.1. Commitment: This policy is owned and operated by REDALFA LIMITED ("Redalfa"). Your privacy is the bedrock of our "Infrastructure Clarity" model. Unlike typical SaaS providers, we prioritise Data Sovereignty, ensuring you maintain full control and ownership of your digital footprint.

2. INFORMATION WE COLLECT

We distinguish between the general data collected from our website and the critical infrastructure data handled during our consultancy services:

Website Visitors: We collect aggregated tracking information (browser type, page views) to optimize site performance. This data is anonymised and never associated with individual users.

Consultancy Clients: To provide our core services, we collect sensitive professional data including:

  • Infrastructure Audits: Details of your network configuration, cyber security footprint, and Disaster Recovery (DR) plans.
  • SaaS/AI Inventory: Subscription management data, license allocation details, and employee offboarding status.
  • Onboarding Data: Employee names and assigned hardware/software assets for our AI-powered onboarding workflows.

3. HOW WE USE ARTIFICIAL INTELLIGENCE

3.1. Processing vs. Training: When we deploy AI agents or conduct audits, your data may be processed through third-party Large Language Models (LLMs) such as OpenAI or Anthropic.

3.2. Enterprise Protection: We utilize Enterprise-grade API tenants. This ensures your data is never used to train the global models of these third parties. Your proprietary data and prompts remain isolated within our secure environment.

3.3. Specialist Services: Data is used specifically for "Data Cleansing," "Model Optimisation," and "IT Disaster Recovery Assessments."

4. DATA SECURITY & ENCRYPTION

4.1. Engineering Standards: We operate secure data networks protected by industry-standard firewalls and password protection.

4.2. Encryption: All personal data is encrypted both at rest and in transit. For highly sensitive projects, we offer Client-Side Encryption (CSE) where Redalfa cannot access the content without your specific keys.

4.3. Audit Logs: Our system maintains a robust audit log for every record changed, providing a transparent trail of data interaction.

5. UK GDPR & YOUR RIGHTS

5.1. Regulatory Compliance: As a UK-based company (Number 16991445), we comply with the UK GDPR, the Data Protection Act 2018, and the Data (Use and Access) Act 2026.

5.2. ICO Registration: Redalfa Limited is registered with the Information Commissioner’s Office (ICO) as a data controller.

5.3. Your Rights: You have the right to access your data, request deletion, or port your data to another provider at any time.

6. COOKIES & TRACKING

6.1. Functional Cookies: We use cookies to enable secure login for our client portals and to manage active sessions.

6.2. Opt-Out: You can refuse non-essential cookies via your browser settings. However, functional cookies are required for active participation in our management dashboards.

7. CONTACT & COMPLIANCE

For all privacy-related inquiries or to exercise your data rights, please contact our Compliance Officer:

Redalfa Limited
Springfield House, Springfield Road,
Horsham, West Sussex, RH12 2RG
Email: messages@redalfa.com