Privacy & Cookies Policy

We understand that we have a morale and legal responsibility in respecting your privacy and taking care of any personal data we may hold about you. If you would like to contact us regarding your personal data, you can do this by phone, email or writing to us. Our contact details are at the bottom of this policy and on the Company / Contact Page of our website and any enquiries regarding your personal data should be addressed for the attention of our Data Protection Officer.

The following policy explains how we collect, store and use personal data when you visit the website When you enter into dialogue or a transaction with us and when we are processing personal data in accordance with the services we provide. It also describes the types of data we collect, how we use this data to ensure we provide relevant and timely services to you, and your rights to control our use of that data. This policy lays out our specific commitments, in compliance with and beyond the General Data Protection Regulation (commonly known as the GDPR) and the associated Data Protection Act.

This policy only covers your personal identifiable information on this and other Roma Software Systems Limited websites and personal data that we process. There are many links on our website to third party sites beyond our control, and we suggest that you always check the privacy policies of these sites before using them. Also this policy does not cover the personal data processing activities of anyone for whom we process personal data as a data processor, i.e. in accordance with their instructions.

By visiting this or our other websites, and in providing any personal data about yourself to us, you are confirming that you have read, understood and accept our policies and practices. If you are at all uncertain about any aspect of our policies and practices, please contact us and refrain from using this website and our other websites.

Your personal information

Collecting very specific, relevant personal data is a necessary part of us being able to provide you with any services you may request from us or in providing services to our customers.

We will only use your personal data for the legitimate purpose for which it was collected, and we will do this in a fair and in a secure and transparent manner. We will never use your personal data for any other purpose unless you have clearly agreed to it, or it is necessary for legitimate interests. When we hold or use your personal data as a data controller we provide to you a privacy notice which sets out in detail how your personal data may be used and the reasons for these uses, together with details of your rights. Where we collect personal data from you directly, we will provide this privacy notice at the time we collect the personal data from you. Where we receive your personal data indirectly, we will provide this privacy notice when we first contact you or within a month, whichever is earlier.

We will only provide this privacy notice to you once, generally at the start of our relationship with you as a data controller. However if the applicable privacy notice is updated, then we will provide you with details of the updated version. Copies of our current privacy notices for customers and suppliers can be found at

Data Controllers/Data Processors

Please note that where we are processing your data on behalf of a third party in many cases we will only process your data as a data processor, i.e. someone only processing data in accordance with the instructions of another person. This is usually as a data processor of one of our customers. In these cases we will not process your personal data as a data controller, i.e. someone is able to control and decide how personal data is used.

This distinction is important. You have certain rights in relation to your personal data, for example the right to be provided with the personal data held about you and details of its use and the right to have certain of your personal data either erased or anonymised, commonly referred to as the right to be forgotten. These rights can generally only be exercised against a data controller of your data. In some cases this means that you cannot exercise these rights against us directly (i.e. where we only act as a data processor), but you can do so against the data controller (i.e. the person who controls how we process the personal data). In these cases we will endeavour to inform you who is the data controller of your personal data so that you can direct any such requests to them.

Also it is only a data controller that will provide you with a privacy notice about your personal data, so where we process your personal data as a data processor for a third party, that third party should provide you with a privacy notice which will set out details regarding the processing of your personal data, which should also include the processing to be carried out by us on their behalf.


Roma Software Systems Limited respects your privacy and safeguards your personal data. We always aim to treat personal data with respect, and to treat it as we would wish our own personal data to be treated and to keep it secure. We do not sell personal data to third parties.

What personal data do we collect?

You will be asked for personal data such as your name, address and email address when you register, make an enquiry or order products and services from us.

How do we use your personal data?

Where appropriate, we use your personal data to: enter into, or perform, a contract or arrangement; comply with a legal duty; remember your preferences e.g. if you ask not to receive marketing material, we will keep a record of this, or for our own legitimate interests (such as marketing, internal record keeping, market research or to improve our products or services), provided your rights don’t override these.

This may include:

– providing you with industry related news / research reports – letting you know about our new products and services in which you may be interested – informing you about changes and improvements to our products and services and to this website – for profiling and internal research purposes.

More details will be included in the privacy notice provided to you about the processing of your personal data.

If you register to receive email communications from us alerting you to news and offers, you can opt-in or out of receiving these at any time. You can do this by completing the contact us form on the Website or by sending an email to:

Transfer of data

If we transfer personal data about you outside the European Economic Area (EEA), we will ensure that all reasonable security measures are taken and that any 3rd party processers will be required to process the data in accordance with data protection laws and we will notify you in your privacy notice if we are the data controller. However we only currently store personal data within the European Economic Area (EEA). If one of our subcontractors (such as a payment processor) needs to transfer it outside of the EEA, then we will take steps to make sure there are adequate levels of privacy protection and to notify you if this is the case in your privacy notice.

Who we will disclose your personal data to

Roma Software Systems Limited. does not sell, trade or rent your personal information to others. Where we collect your personal data directly, your details will be added to our database to process your request, and so that you can be kept up to date with relevant details relating to our products and services. From time-to-time, Roma Software Systems Limited. holds joint events with selected partners. If you book to attend one of these events, your details will be made available to the partner. You will be advised of this at the time of booking. You can opt-out of receiving any marketing communications from Roma Software Systems Limited. or our event partner at any time.

Your personal data may be required to be passed to a third party if they need it to fulfill your order(s) for our products and services, or to execute the communications we send to you.

Where we process your personal data as a data processor for a third party, then your personal data will be accessible to and may be transferred to the third party who is the data controller.

Except as set out above, we shall not disclose your personal data unless obliged to, or allowed to do so by law, or where we need to do so in order to run our business (e.g. where other people process data for us). In such circumstances, we will normally put in place confidentiality or non-disclosure undertakings and other arrangements to protect your personal data.

Marketing messages

You can opt-out of any marketing messages we send you at any time using the ‘unsubscribe’ link in our emails, or by emailing


This website contains links to other websites. We are not responsible for the privacy practices of these other websites, and if you provide them with any of your personal data they will be a data controller of your personal data and you should read their own privacy policies before you provide them with your personal data. The policy described here applies only to personal data collected or processed by Roma Software Systems Limited..


We employ a variety of technical and organisational measures to keep your personal data safe and to prevent unauthorised access to, or use, or disclosure of it. Unfortunately, no data transmission over the Internet is guaranteed 100% secure nor is any storage of data always 100% secure, but we do take all appropriate steps to protect the security of your personal data. As a market leading IT service provider, Roma Software Systems Limited takes data and system security very seriously indeed and servers are certified to both ISO/IEC 27001:2013 Information Security.

Rights regarding your personal data

You have a qualified right to access the data we hold about you. If you wish to do this please submit a request to The Data Protection Officer, or


The Roma Systems logos and contents of this website (including text, design and graphics) are unregistered trademarks and copyrighted materials of Roma Software Systems Limited. All rights are reserved.

Contact with Roma Systems

All communications regarding Information Security and Data Protection should be directed to our Data Protection Officer, at or via mail to Data Protection Officer, Roma Software Systems Limited, 69 Gaer Park Avenue, Newport, NP20 3NW. Subject Access Requests or requests to invoke other rights can also be sent to this address or sent direct to