General Data Protection Regulations (GDPR)
We are legally obliged to inform you that we currently hold data of your company
details securely and confidentially in our database.
The information about you that we hold are:
We will not share or sell your contact data to any 3rd parties.
Introduction
Welcome to the M.A.C Sash Weights privacy notice.
M.A.C Sash Weights respects your privacy and is committed to keeping your personal data secure. This
notice will inform you as to how we look after your collected data when you visit our
site and tell you about your privacy rights and how the law protects you.
This privacy notice ahas been created to give you information on how M.A.C Sash Weights collects and
uses your personal information through your use of our website, including any data you may
provide on the website when a purchase, service or any subscription is undertaken.
This website is intended forpeople of 18 years plus.
It is imperitive that you read this privacy notice together with any other notice or fair
processing notice we may provide on any occasion as and when we are collecting or processing data about you to ensure you are fully aware of how and why your data is being used.
If you have any questions about this privacy notice, including any requests to exercise
your legal rights, please contact us via email: info@macsashweights.co.uk
You can make a complaint at any time to the Information Commissioner’s Office
(ICO), (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before any complaint is filed.
The U.K data protection law was updated on 25 May 2018 and It is important that the personal data
we hold about you is current and correct so it would be appriciated if we are kept informed of any personal data
changes.
Our website may display links to other websites, bolt ons and applications. While we do vet these, we would like to make you fully aware that when using those connections the third parties privacy policy will come into effect and ours will be superceded by that.
As we have no control these other websites we cannot hold any responsibility for their policys
We would therefore advise you to read the privacy notice of every website you visit.
Personal data means any information from which
that individual can be identified. But does not include data where the identity has been removed
(anonymous data).
We may collect, store and use different kinds of personal data about you which consists of:
Identity Data; first name, maiden name, last name, username or similar identifier, marital
status, title, date of birth and gender.
Contact Data; billing, delivery and email addresses and phone numbers.
Transaction Data; details of items and services you have purchased from us
Technical Data; IP address, login data, browser specification, time zone and location, browser bolt on types and versions, platform and other technology on any device you use to conect to this site.
Profile Data; username and password, orders made by you, your
interests, preferences and responses to surveys.
Usage Data; Information about how you use our website.
Marketing and Communications Data; Your preferences for marketing from us
and your communication preferences.
We also collect and share Aggregated Data such as statistical data.
Aggregated Data may be derived from your personal data but is not legally
personal data as it does not reveal your identity. An example is
aggretation of your Usage Data to assess the amount of users utilizing a particular
website option. Although, when aggregated data is combined or connected to your personal data, which maybnlead tom identification we treat the combined data as personal data which in accordance with this privacy notice.
We do not collect any Special Categories of Personal Data about you (this includes details about
your race or ethnicity, religious or philosophical beliefs, sexual orientation, political
opinions, information about your health and genetic and biometric
data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal data
If we need to collect personal data by law, or under the terms of contract we have with
you and you fail to provide that data when requested, we may have to cancel the contract
In these circumstances you will be notified as soon as possible.
The methods to collect data about you include:
Personal interactions:
You may give us your Identity, Contact and Financial Data by filling in forms
or by corresponding with us by post, phone, email or otherwise. This includes personal data you
provide when you:
Apply for our products or services;
Create an account;
Subscribe to our publications;
Request marketing to be sent to you;
Enter a competition, survey or promotion;
When giving us feedback.
Automated interactions:
Interaction with our website may automatically
collect Technical Data about your equipment and browsing patterns. We collect this
by using cookies and may use other similar technologies.
Third parties sources. We also receive data about you from
third parties/ public sources such as:
Analytics providers such as Google based outside the EU;
Identity Data from Companies House and the
Electoral Register based inside the EU.
Use of your personal data:
Rest assured that we only use your personal data whithin the law. Usually we only use your data in circumstances such as:
If we need to execise a contract with you; Where it is one or both parties appropriate interest and have the right to do so;
In compliance with a legal or regulatory obligation.
(We do not usually ask for consent as a legal basis for processing your personal data other
than if we wanted to share any with a third party for direct marketing communications. You have the right to opt out of marketing at any time).
Purposes for which we will use your personal data are listed below.
New customer registration: Identity and Contact information
Order processing:
(a) Manage payments and fees
(b) Collect money owed to us
(a) Identity
(b) Contact
(c) Financial
(d) Transaction
(e) Marketing and Communications
(a) Contract performance
(b) Necessity for legitimate interests
Customer relationship maintainence:
(a) Notification of changes to our t and cs/ privacy policy
(b) Requesting a review or survey
(a) Identity info
(b) Contact info
(c) Profile
(er) Marketing and Communications
(f) Contract performance
(g) Compliance with legal obligations
(h) Legitimately nessecary interests to both parties
To ensure relevant website content reaches you and to identify how
effectively we serve to you:
(a) Identity
(b) Contact
(c) Profile
(d) Usage
(e) Marketing and Communications
(f) Technically assess customer needs to mutally grow our businesses.
To use data analytics to improve our website services:
(a) Technical
(b) Usage
To make suggestions and recommendations to you about goods or services that may be of
interest to you
(a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Profile
Third-party marketing:
We will never share or sell any of your information to any third parties.
Opting out:
You can request to not recieve marketing at any time by contacting us via email, alternatively
hit the unsubscribe button at the bottom. Opting out of marketing will not apply to personal data collected by us when an order is processed.
Cookies
Your browser can be set to reject or refuse all or some browser cookies. If you do choose to refuse cookies, please note that some of the website content could be restricted or not work optimally.
Change of purpose:
We use your personal data for the purposes for which we collected it only, unless it is considered that the use of it for another reason is in allignment with its original necessity. More information regarding how this consideration is made is available on request.
If we need to use your personal data for any other purpose, you will be notified.
Please note that we may process your personal data without your knowledge or consent, in
compliance with the above rules, where this is required or permitted by law.
Disclosures of personal data:
We may have to share your personal data with the parties set out below for the purposes set out above.
Third parties to who we sell, transfer, or merge parts of our business or assets. Or in the event we seek to buy or merge with another company.
If ownership of the business changes then the new proprietor may use your data in accordance to this privacy notice.
We will only allow third-party service providers to use your data for their own specified purposes and allow them to process your personal data for purposes as instructed.
International transfers:
We will only ever use your personal data inside th U.K or the European Economic Area (EEA).
Data security
Security measures have are being utilized to prevent your personal data from being accessed, lost, or used without authorization, changed or disclosed to anybody. We also only allow access to your information to employees or third parties who need to know to perform the job and are subject to a duty confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify
you and any applicable regulator of a breach where we are legally required to do so.
Data retention:
We retain your personal data only for as long as we necessary need it for, including satisfying any legal requirements.
In accordance with U.K law we will keep basic information about our customers including Contact, Identity,
Financial and Transaction Data for six years after the last order for tax reasons.
There are some instances where you can ask us to delete your data: (Refer to Request erasure below for
more info).
To aid our statisical analysis of our business we may anonymise your personal data (this makes the info unassociated with you) in which case we may use this information indefinitely without further notice to you.
Legal rights:
You have rights under data protection laws in some cicumstances in relation to your
personal data to:
Request access to your personal data.
Request correction of your personal data.
Request erasure of your personal data.
Object to processing of your personal data.
Request restriction of processing your personal data.
Request transfer of your personal data.
Right to withdraw consent.
Please contact us If you wish to exercise any of the rights set out above.
You will be charged a fee to access your personal data or excerise any of the rights you have in this regard. However we may charge a reasonable fee if your request is unjustifie or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What we may need from you:
We may need to askyou to provide us with specific information about you in order to confirm your identity and
your rights to access your personal data or to exercise any of your other rights. This security measure ensures that personal data is not disclosed to anybody unauthorised.
Response Time:L
We try to respond to requests within 30 business days. It can take longer if your request is complex. but we will
notify you and keep you updated in these cases.
LAWFUL BASIS
Legitimate Interest means the interest of our business in conducting and managing our business
to give you the best service experience. We make sure we consider and balance any potential impact on you (both positive and negative) and
your rights before we process your personal data for our legitimate interests. We do not use your
personal data for activities where our interests are overridden by the impact on you (unless we
have your consent or are otherwise required or permitted to by law). You can obtain further
information about how we assess our legitimate interests against any potential impact on you in
respect of specific activities by contacting us
Performance of Contract means processing your data where it is necessary for the performance
of a contract to which you are a party or to take steps at your request before entering into such a
contract.
Comply with a legal or regulatory obligation means processing your personal data where it is
necessary for compliance with a legal or regulatory obligation that we are subject to.
THIRD PARTIES
External Third Parties
Service providers acting as processors] based who provide IT and system administration
services].
Professional advisers acting as processors or joint controllers including lawyers, bankers,
auditors and insurers] who provide consultancy, banking, legal, insurance and accounting
services.
HM Revenue & Customs, regulators and other authorities [acting as processors or joint
controllers] based [in the United Kingdom] [who require reporting of processing activities in
certain circumstances].
Credit reference agencies who may process information to enable us to deal with you
contractually.
YOUR LEGAL RIGHTS
You have the right to:
Request access to your personal data (commonly known as a “data subject access request”).
This enables you to receive a copy of the personal data we hold about you and to check that we
are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any
incomplete or inaccurate data we hold about you corrected, though we may need to verify the
accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal
data where there is no good reason for us continuing to process it. You also have the right to ask
us to delete or remove your personal data where you have successfully exercised your right to
object to processing (see below), where we may have processed your information unlawfully or
where we are required to erase your personal data to comply with local law. Note, however, that
we may not always be able to comply with your request of erasure for specific legal reasons
which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those
of a third party) and there is something about your particular situation which makes you want to
object to processing on this ground as you feel it impacts on your fundamental rights and
freedoms. You also have the right to object where we are processing your personal data for
direct marketing purposes. In some cases, we may demonstrate that we have compelling
legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend
the processing of your personal data in the following scenarios: (a) if you want us to establish the
data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c)
where you need us to hold the data even if we no longer require it as you need it to establish,
exercise or defend legal claims; or (d) you have objected to our use of your data but we need to
verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a
third party you have chosen, your personal data in a structured, commonly used, machine-
readable format. Note that this right only applies to automated information which you initially
provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data.
However, this will not affect the lawfulness of any processing carried out before you withdraw
your consent. If you withdraw your consent, we may not be able to provide certain products or
services to you. We will advise you if this is the case at the time you withdraw your consent.
