This policy applies to MGLHR (an HR Consultancy Services organisation run by Martin Letherbarrow, as a sole trader),
- Our postal address is: MGLHR Unit 2, Prinbox Works, Saddlers Lane, Cheltenham GL502UW – UK
- Our phone number is: +44 (0)1242 570555.
- Should you have any questions in respect of this policy, or about our use or retention of your personal information, please contact Martin Letherbarrow at the address or phone number shown above, via our website contact form at http://mglhr.com/contact/, or by email at firstname.lastname@example.org Martin is our appointed representative in relation to how MGLHR collects, retains and processes personal information.
At MGLHR we will always do our utmost to protect individuals’ personal information in line with prevailing General Data Protection Regulations (GDPR).
We will only collect, retain and process personal information that is necessary to:
- meet the requirements of our customers in relation to work they have specifically asked us to carry out, or in relation to products and services they have purchased
- ensure we communicate with our customers (and others who may have expressed an interest in MGLHR) through their preferred channels
- share updates about new products and services with our customers (and others who may have expressed an interest in MGLHR).
The basis on which we hold and process your personal data
To be compliant with the new General Data Protection Regulations 2018, we need to have a legal basis under which we may hold and process your data. Having completed the relevant assessments, we are using ‘consent’ as our legal basis for processing your data.
Our commitment to you:
- We will collect, process and use the personal data that you share with us in a way that is fair, transparent, and honest
- We will only ever ask for information that we really need to know
- We will only hold, and use personal data that you have shared with us, in the ways you say we can
- You have the right to amend or withdraw your consent about the ways in which we hold and use your personal data at any time
- We will always respect your choices around the data that you share with us and the communication channels that you ask us to use
- We will always respect your personal data rights as detailed in current data protection legislation
- As a responsible organisation, we will always comply with our responsibilities and obligations as detailed in current data protection legislation
- We will only share the information that you provide to us with third party organisations, when we have you explicit permission to do so or when we are obliged to do so by law enforcement and government agencies
- We will update the data that you have shared with us regularly, and ensure it is accurate
- We will do all that we can to protect the personal data that you share with us through reasonable technical and organisational safeguards and security measures
- We will not retain information for any longer than is necessary.
- We are committed to comply with the current UK Information Commissioner’s Office guidance and General Data Protection Regulations – This includes notification of any data breach we may become aware of.
How we collect information from you
We obtain information about you when you:
- use our website (e.g. when you complete the contact form)
- contact us directly and willingly share your details,
- contact us directly to request information about our products or services
- we engage with you so that we can deliver a specific product or service that you (as an individual) or your organisation has purchased/commissioned
- participate in specific survey exercises that we may undertake
If you use any of our secure website pages to purchase a service or product directly, your payment details will be processed by a third-party payment processor who will use specific software to protect your personal information. E.g. your credit card number, name, and address will be securely encrypted so that it cannot be read over the Internet.
The lock icon on Web browsers such as Firefox and Chrome will denote that you are on a secure site and that Information you send via the page is private. However, even with all these precautions, no data transmission over the internet can be guaranteed to be 100% secure. So, whilst we strive to protect your personal information, we cannot guarantee the security of any information which you disclose to us online and you must understand that you do so at your own risk.
MGLHR will never hold your credit card details on our website or in our own records.
The type of information we use
In most cases we will only use information such as your name and contact details (such as phone number, physical address, email address, role title) however, if it is necessary for the delivery of a specific service commissioned by you or your organisation, we may also collect and process more detailed information about you, including bio data and other sensitive data.
It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our website.
By using our website, you’re agreeing to be bound by this Policy.
Examples of Cookies used on our site
These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. Cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited
These are Google Maps third party cookies, which are unique identifiers which facilitate the analysis of website traffic to specific locations.
How we use your information
We may use your personal information to
- carry out our obligations arising from any contracts entered into by you or your organisation;
- progress an order you have submitted and send you information directly related to this;
- respond to queries you may have raised;
- seek your views or comments on the services we provide;
- notify you of changes and additions to our services;
- send you information which you have chosen to receive and that may be of interest to you
Who has access to your information?
MGLHR do not sell or rent any of your personal information to third parties.
We take steps to ensure that access to personal information is restricted on a need to know basis. All those who handle personal information within MGLHR are reminded about the importance we place on privacy, and what they can do to ensure your information is protected. We also ensure they are kept up-to-date on our data management, security and privacy practices.
In special circumstances we may share your information with third parties if their support is required to help us provide the specific services that you, or your organisation have requested. In all such circumstances, we will only share your information when we have your explicit permission to do so; and rest assured that when we use third parties to work on our behalf, we have agreements in place to hold them to account for the security, use and retention of your information on their systems.
To meet legal obligations we may also be obliged to share your information with law enforcement and government agencies.
Information retention & deletion
We will hold your personal information on our secure systems for as long as is appropriate for the reason you have consented to, or in order for us to meet our legal obligations. We place great importance on the security of your personal information and will always take appropriate precautions to protect it. This applies both to the physical security of the data that we hold, and the high level of digital security features that we use.
We will periodically conduct audits of the personal information that we hold to ensure that it is held securely and for as long as it is required. Data that is no longer required will be anonymised, erased or destroyed to preclude further personal identification.
You may, at any time, request to have your personal data erased from our records and systems by contacting MGLHR using the details shown at the start of this policy. If you ask for your personal information to be deleted we will manage your request in a transparent and open manner. In some instances we may retain a secure anonymised record for research and analytical purposes.
How you can access and update your information
Under the General Data Protection Regulation, you have the right to request and be sent:
- confirmation that your data is being processed;
- the personal data and other supplementary information that we hold about you.
Such requests should be sent to MGLHR using the contact details shown at the start of this policy. We will respond to your request within one calendar month of the request. We will also take steps to confirm your identity before releasing any information to you. We will not charge you for providing the information that you request.
In addition, whilst we will periodically review the information we hold to ensure it is accurate and up to date; you may, at any time, contact us to inform us of information that needs to be corrected, deleted or updated (using the contact details shown at the start of this policy).
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional factual information about you when it is available from reliable external sources to help us do this effectively. We may also use your personal information to detect and reduce fraud and credit risk.
Links to other websites
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third party site.
Internet-based transfers and processing
The Internet works as a global environment. This means that using it to collect and process personal data often involves the international transmission of data, and on occasions processing of personal data by third parties (including social media companies) outside the European Economic Area.
Although this may happen, you can be reassured that the data will always be held securely and in line with the requirements of UK data protection legislation. However, we want you to be aware that by communicating electronically with us, you understand and agree to our processing of personal data in this way.
Whilst we will take all reasonable steps to protect and secure your personal data, we cannot guarantee the confidentiality of any messages transmitted between you and us via email. We will not be liable to you or anyone else for any loss relating to any email message sent by you to us or by us to you.
The protection of minors is very important to us, so we won’t actively seek opportunities to collect personal information from under-18s.
Minors should always ask a parent or guardian for permission before sending personal information to anyone online.
Review of, and amendments to this Policy
This Policy is kept under regular review as it governed by the laws of England, Wales and Northern Ireland; it was last revised on 25th May 2018 when the General Data Protection Regulations 2018 came into force.