How RDS CAL Store handles personal information
This Privacy Policy explains how RDS CAL Store collects, uses, stores, and protects personal information when you visit our website, contact us, create an account, or purchase Microsoft Remote Desktop Services Client Access Licenses from rdscal.com.
Last updated: 11 July 20261. Who we are
RDS CAL Store operates the website rdscal.com and sells Microsoft Remote Desktop Services Client Access Licenses for Windows Server deployments. RDS CAL Store is the data controller responsible for the personal information described in this policy.
Address: 399 High St, London E15 4QZ, United Kingdom
Email: [email protected]
For the purposes of this Privacy Policy, “we”, “us”, and “our” refer to RDS CAL Store. “You” refers to website visitors, customers, account holders, business contacts, and people who contact us for support or pre-sales assistance.
2. Information we collect
We collect only the information needed to operate our website, process orders, deliver license details, provide customer support, and protect our services.
Information you provide directly
- Identity and contact details: name, email address, phone number, billing details, business name, and customer or licensee details.
- Order information: products purchased, order number, invoice details, license type, Windows Server version, quantity, order notes, and support requests.
- Account information: login details, account email, saved order history, downloadable license documents, and customer dashboard activity.
- Support and contact messages: information you send through contact forms, email, chat, or support requests.
- Licensee or client details: if you purchase for a client, MSP customer, or third-party organization, you may provide their business or licensee information for order and license records.
Information collected automatically
- Technical data: IP address, browser type, device type, operating system, referring URL, pages visited, and approximate location based on technical signals.
- Security data: information used to protect forms, block spam, prevent fraud, and keep the website secure.
- Cookie and analytics data: information collected through cookies or similar technologies, where you have allowed them.
3. How we use your information
We use personal information for the purposes below. Depending on where you are located, our lawful bases may include performance of a contract, legal obligations, legitimate interests, consent, and steps taken before entering into a contract.
| Purpose | Information used | Typical lawful basis |
|---|---|---|
| Process and fulfil orders | Name, email, billing details, order details, product selection, licensee details | Contract performance and legitimate interests |
| Deliver license details and order documents | Email address, account details, order number, license documents | Contract performance |
| Provide customer support and setup guidance | Support messages, order details, server version, CAL type, contact details | Contract performance and legitimate interests |
| Maintain business, tax, accounting, and compliance records | Order, invoice, payment, billing, and customer records | Legal obligation and legitimate interests |
| Protect the website and prevent fraud, abuse, or spam | IP address, device data, security logs, form verification data | Legitimate interests |
| Send service messages | Email address, order details, account activity | Contract performance and legitimate interests |
| Provide analytics and measure site performance | Cookie and usage data, device and browser signals | Consent (through the cookie banner) |
| Send marketing messages where permitted | Email address, consent records, preferences | Consent or legitimate interests, depending on the situation |
We do not sell your personal information.
4. Orders, payments and licensee details
When you place an order, we use your details to confirm the purchase, create order records, deliver license information, prepare license-related documents, and provide post-purchase support.
Payment processing
Payments are processed through third-party payment providers. We do not intentionally collect or store full payment card numbers on our website. Payment providers may process payment details, transaction IDs, fraud checks, and payment confirmation data under their own terms and privacy notices.
Licensee and client details
If you purchase for a company, client, MSP customer, or third-party organization, please provide accurate business, customer, or licensee details at checkout. These details may be used for order records, license document preparation, support, and future order verification.
5. Cookies, security tools and contact forms
Cookies and similar technologies
Our website uses cookies and similar technologies in three groups: strictly necessary cookies that keep the shopping cart, checkout, account sessions, and site security working; analytics cookies that help us measure performance and improve the site; and marketing cookies that help us measure campaigns and show more relevant messages.
Strictly necessary cookies are always on because the website and checkout cannot work without them. Analytics and marketing cookies are switched off by default and are only used if you turn them on.
Managing your cookie choices
When you first visit, our cookie banner lets you accept all cookies, reject all non-essential cookies, or open “Manage” to turn analytics and marketing on or off individually and save your choices. Non-essential cookies are not loaded unless you allow them. You can change or withdraw your choices at any time through the cookie settings option on our website, or by clearing cookies in your browser, after which the banner will appear again.
Security and spam protection
We may use security services such as firewalls, bot protection, form verification tools, and content delivery networks to protect the website. These tools may process technical information such as IP address, browser data, device signals, challenge tokens, and security logs.
Contact forms
If you submit a contact form, we use the information provided to respond to your request. Form submissions may be routed through email, spam-protection, form-handling, or security services used by the website.
6. Who we share information with
We share personal information only where needed to operate the website, process purchases, provide support, meet legal obligations, or protect our business.
- Payment providers to process payments, refunds, transaction checks, and fraud prevention.
- Website, hosting, security, and CDN providers to operate and protect the website.
- Email and communication providers to send order confirmations, license delivery emails, account messages, and support replies.
- Analytics providers where you have allowed analytics cookies.
- Accounting, tax, legal, and professional advisers where needed for business records and compliance.
- Delivery, document, or license management tools used to prepare and provide order or license information.
- Authorities or regulators where required by law or to protect legal rights.
International transfers
Some service providers may process data outside the United Kingdom or your country of residence. Where we transfer personal information outside the UK, we rely on a lawful transfer mechanism, such as the UK International Data Transfer Agreement (IDTA), the UK Addendum to the EU Standard Contractual Clauses, or transfers to countries covered by UK adequacy regulations. You can contact us for more information about the safeguards we use.
7. How long we keep information and how we protect it
Retention
We keep personal information only for as long as needed for the purpose it was collected, including order fulfilment, customer support, account access, tax and accounting records, legal compliance, fraud prevention, and dispute resolution. As a general guide:
- Order, invoice, billing, payment, and license records: kept for at least 6 years to meet UK tax and accounting obligations, after which they are deleted or anonymized.
- Account information: kept while your account is active and for a reasonable period after it becomes inactive or you ask us to close it.
- Support messages and contact form submissions: kept for up to 24 months after the matter is resolved, unless they relate to an order record we must keep longer.
- Marketing consent and preference records: kept while you are subscribed and for a reasonable period after you unsubscribe, so we can evidence your choices.
- Security and server logs: kept for a short period, typically up to 12 months, for fraud prevention and website security.
Where information is no longer needed, we delete it or anonymize it so it can no longer identify you.
Security
We use reasonable technical and organizational measures to protect personal information from unauthorized access, loss, misuse, alteration, or disclosure. No website or online transmission is completely secure, but we work to keep customer information protected and limit access to those who need it for business purposes.
8. Your privacy rights
Depending on where you are located, you may have rights over your personal information. These may include the right to:
- request access to your personal information;
- ask us to correct inaccurate or incomplete information;
- request deletion of your information in certain circumstances;
- ask us to restrict or object to certain processing;
- request a copy of information you provided in a portable format, where applicable;
- withdraw consent where we rely on consent; and
- complain to a data protection authority.
To make a privacy request, email us at [email protected]. We may need to verify your identity before processing the request. We aim to respond within one month, in line with UK GDPR.
9. Marketing, children and updates
Marketing communications
If you choose to receive marketing emails, you can unsubscribe using the link in the email or contact us at [email protected]. We may still send service messages related to orders, accounts, license delivery, or support.
Children
Our website and products are intended for business and adult customers. We do not knowingly collect personal information from children.
Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our website, services, legal obligations, or business operations. The updated version will be posted on this page with a new “Last updated” date.
10. Contact and complaints
If you have questions about this Privacy Policy or how we handle personal information, contact us by email.
RDS CAL Store
399 High St, London E15 4QZ, United Kingdom
Email: [email protected]
If you are in the UK and are not satisfied with how we have handled your information, you have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk. If you are in the EU, you may complain to your local data protection authority. We would appreciate the chance to address your concerns directly before you do so.