1. What is ReaDI-Watch?

ReaDI-Watch is a structured RD&I platform backed by an expert team. We help organisations define, capture and manage their R&D and Innovation (RD&I) activity in a consistent way. So it is organised, measurable and ready for funding, reporting and decision-making.

2. What problem does ReaDI-Watch solve?

Most companies innovate continuously, but the development journey is scattered, across project management tools, meetings, emails, spreadsheets and memory. When it comes time to submit an R&D Tax Credit claim, this issue becomes a huge burden. ReaDI-Watch brings that activity into one structured system. Projects are clearly defined. Progress is captured properly. Time and cost are aligned. Leadership has visibility. Nothing needs to be rebuilt at year-end.

3. Is ReaDI-Watch software or a service?

It is both. Our platform provides the structured environment. Our team runs the process, defining projects, maintaining cadence, structuring updates and supporting reporting. You don’t just get access to a tool. You get a managed system.

4. What changes after working with ReaDI-Watch?

RD&I stops being informal and reactive. Projects are framed clearly from the outset. Documentation is captured as work happens. Financial alignment is cleaner. Leadership has clarity. Instead of scrambling to explain RD&I later, you are building a structured innovation record in real time.

Data Management | Readi Watch 1

Data Management

ReaDI-Watch Ltd. operates www.readi-watch.com (the "site") and app.readi-watch.com (the “platform”). This page informs you of our policies regarding the collection, use and disclosure of data we obtain through operating the Site and Platform.
For our policy specifically related to Personal Information (which is subject to particular regulatory requirements), see our Privacy and Cookie policy. This Data Management policy relates to all types of data collected through usage of the Site and Platform.

As the primary users of ReaDI-Watch’s Site and Platform are businesses, this policy refers to a Company or a User as a “Client”.

Types of Data Collected

In addition to the Personal Information described in the Privacy Policy, the Site and Platform collect “Company Data” to provide you with RD&I automation and management services on our site and platform. This can specifically include:

R&D and Innovation project data
R&D and Innovation staff time-logs, activities, email addresses & work experience data
Company R&D and Innovation strategy data

Who Owns This Data

User Accounts
Logical segmentation is used to ensure customers can only access their own data or data they are specifically authorised to access. A “standard” user account is assigned to one and only one Client account, and is granted access to that Client’s data. A “partner” user account has access to data for their assigned Client, as well as any Clients they are identified as being the “parent” of. ReaDI-Watch staff have access to all Clients and their data.

Data Classification & Obfuscation
By default, ReaDI-Watch classifies all data provided by our customers as secure by default. ReaDI-Watch refers to clients using code names to add obfuscation.

Vendor & Staff Management
All ReaDI-Watch staff (employees and service providers) have signed confidentiality agreements with ReaDI-Watch Ltd. Where necessary, signed Non-Disclosure Agreements are in place.

All data subprocessors (see the list on the ReaDi-Watch website) have agreements in place that are commercially standard, and offer at least as strong or better data protection than ReaDI-Watch’s own policy.

Software Development Lifecycle
In the software development lifecycle, ReaDI-Watch has implemented a peer review process for all changes prior to release. A checklist is completed prior to every release to catch vulnerabilities in real time.

Strong Authentication
ReaDI-Watch has implemented a strong Password policy. The policy includes two-factor authentication linked to the email address of the User account. Credentials should not be shared between users. Internally, ReaDI-Watch employees are mandated to use two-factor authentication when available, and password management tools.

Training
All ReaDI-Watch employees receive training around their job duties and the security obligations inherent in those roles.

Audit Logs
ReaDI-Watch have implemented basic auditing features for usage which retains a log of the User login & latest usage time. Also, we have implemented an activity logging functionality where all project data and activity are recorded for each user; namely creation, update and deletion of project artefacts & documents – this is accessible by each user within each R&D project on ReaDI-Watch©.

Encryption
All data sent across public networks uses standard HTTPS/TLS encryption.

Data Backups & Availability
ReaDI-Watch relies on service providers to provide data backup and availability, and believes their services to be commercially reasonable.

Internal Process Audits
ReaDI-Watch conducts an audit at least annually that includes identifying and prioritising security, privacy, legal, and business continuity risks, as well as a review of our business processes and governance, conducted by company executives representing legal, IT security, IT operations and business continuity planning concerns.

Data Transfer & Deletion upon Termination of Client Agreement
Clients can download their data using self-service features of the platform. When a Client deletes their account, all data is immediately and irrecoverably deleted from the ReaDI-Watch systems, except data which is necessary to support legal or compliance requirements.

Subprocessors

ReaDI-Watch uses certain Subprocessors to assist it in providing the Site and Platform as described in the Terms of Service. ReaDI-Watch may share your Personal Data and Company Data with Subprocessors to provide you with the Site and Platform, to conduct quality assurance testing, to facilitate creation of accounts, to provide technical support, to conduct data analysis, to process payments, to provide information technology and related infrastructure provision, customer service, email delivery, to conduct A/B testing, usage analytics, and reporting, and/or to provide other services. These Subprocessors are only permitted to use your Personal Data and Company Data to the extent necessary to enable them to provide their services to us. They are required to follow our express instructions and to comply with appropriate security measures to protect your Personal Data and Company Data.

Bubble.io (software framework & hosting; United States)
Calendly (meeting scheduling; United States)
Hubspot (customer support; Global)
Discord (operational monitoring; United States & Globally)
MailerSend (transactional email; United States & Globally)
Matomo (analytics service; EU & New Zealand)
Thinkific (training service; Canada & Globally)
Stripe (payment services; Globally)

How We Share Your Information

With Third Parties designated by you. We may share your personal data with third parties where you have provided your consent to do so.

With Third Parties. We may share your personal data with third party service providers (“Subprocessors”) to provide you with the Platform, to conduct quality assurance testing, to facilitate creation of accounts, to provide technical support, to conduct data analysis, to process payments, to provide information technology and related infrastructure provision, customer service, email delivery, and/or to provide other services. These Subprocessors are only permitted to use your personal data to the extent necessary to enable them to provide their services to us. They are required to follow our express instructions and to comply with appropriate security measures to protect your personal data. A full list of our subprocessors is available on our website.

As Required by Law. We may access, preserve, and disclose your personal data, other account information, and content if we believe doing so is required by law or if those actions are reasonably necessary to:
• comply with legal process, such as a court order or subpoena;
• enforce this Policy or our Terms of Service;
• respond to claims that any content violates the rights of third parties;
• respond to law enforcement;
• investigate and prevent unauthorised transactions or other illegal activities; or
• protect our or others’ rights, property, or personal safety.

Security of Your Information
We seek to use reasonable organisational, technical and administrative measures to protect personal data within our organisation, which are further detailed in our Data Management Policy. Unfortunately, no transmission or storage system can be guaranteed to be completely secure, and transmission of information via the internet is not completely secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us using the details in the Section entitled “CONTACT.”

Retention
We will only retain your personal data as long as reasonably required for you to use the Platform unless a longer retention period is required or permitted by law (for example, for regulatory purposes).

International Data Transfer
Your information, including personal data that we collect from you, may be transferred to, stored at and processed by us and other third parties outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By using the Platform, you agree to this transfer, storing or processing.

Your Rights

The following rights may be available to you:

Opt-out. You may contact us anytime to request to opt-out of: (i) direct marketing communications; (ii) automated decision-making and/or profiling; (iii) our collection of Sensitive Personal Data; (iv) any new processing of your personal data that we may carry out beyond the original purpose, where we have requested your consent prior to such processing; or (v) the transfer of your personal data outside the EEA, where we rely on your consent for such transfer. Please note that your use of some of the Platform may be ineffective or unavailable upon opt-out.
Access. You may request to access the information we hold about you at any time via your account page or by contacting us directly.
Amend. You can also contact us to request to update or correct any inaccuracies in your personal data.
Move. You may contact us to request that we move your data to other service providers as you wish.
Erase and forget. In certain situations, for example when the information we hold about you is no longer relevant or is incorrect, you can request that we erase your data.

If you wish to exercise any of these rights, please contact us using the details in Section entitled “Contact” below. In your request, please make clear: (i) what personal data is concerned; and (ii) which of the above rights you would like to request to enforce. We may deny your request where permitted by applicable law. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable and in any event, within one month of your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting such change or deletion.

Complaints
We are committed to resolve any complaints about our collection or use of your personal data. If you would like to make a complaint regarding this Policy or our practices in relation to your personal data, please contact us using the information in the section entitled “Contact”. We will reply to your complaint as soon as we can and in any event, within 45 days. We hope to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority.

Changes To This Privacy Policy
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us when signing up for the Platform, or by placing a prominent notice on our website.