All information gathered in the general process of purchasing by the Buyer from the Seller shall be treated in the strictest confidence and not passed onto any third party for any purposes. This information will not be used for any marketing activities undertaken by the Seller at any time.
At MLC Technology we are committed to processing personal information about our customers in ways that comply with our legal obligations as well as being clear with our customers about what we do with their personal information. We share your concern about the protection of your personal information and are committed to safeguarding your privacy.
1. Personal information that we collect
We collect a range of personal information relating to you, including your:
credit or debit card information and/or other payment stored by third parties;
and; any other personal information that you choose to provide to us when you complete our online contact forms or otherwise make contact with us.
2. How we use your personal information
We use your personal information as follows:
to maintain our relationship with you whilst you are a customer;
to process orders and provide agreed goods and services to you;
for invoicing, processing payments, account set up and maintenance;
to communicate with you, including to respond to information requests/enquiries submitted and/or to obtain your feedback on our products and services;
for record keeping, statistical analysis and internal reporting and research purposes;
to ensure data security and to provide you with access to secure areas of our Websites;
to notify you about changes to our products and services;
to decide on and notify you about price changes;
to monitor the quality of our products and services;
to investigate any complaint you make;
to provide evidence in any dispute or anticipated dispute between you and us;
as we may otherwise consider necessary to support the operation of our Websites;
to obtain credit references, credit checks and for debt collection, fraud detection and prevention and risk management purposes;
We may send you direct marketing in relation to our own products and services by phone and post, as long as this is in line with any marketing preferences that you have provided to us.
We will only send you direct marketing in relation to our own products and services by email.
where you have consented to this; or
where you have not objected to this, and we are marketing similar products and services to those which were the subject of a previous sale or negotiations of a sale to you.
Your agreement to the use of your personal information for direct marketing purposes is optional and if you choose not to consent, your visit to and use of our Websites will not be affected.
You can choose to opt out of receiving direct marketing information from us at any time, by contacting us:
by mail - MLC Technology, Unit 2, 64 Tregwilym Road, Rogerstone, Newport, South Wales, NP10 9EJ.
by email - firstname.lastname@example.org
by telephone - 01633 895733
If you choose to apply for a job that is listed on our website, we will ask you to attach a C.V. and a covering letter and e-mail to email@example.com and/or call to speak to us. Your information will be stored securely and your personal information will be kept for no longer than is necessary for the purposes for which the personal information is collected.
3. Automated decision making/profiling
We use technology provided by the credit reference agencies Credit Safe that processes personal information that you provide to us, in order to analyse your creditworthiness, which helps us to decide if we are able to offer you an account, through which you can purchase products and services from MlC Technology, by phone, e-mail or online.
If you pass our credit checks, and our other account opening criteria (details of which will be made available to you during the account opening process) you will be entitled to open an account with us and order any of our products and services in accordance with our Terms & Conditions of Sale. If you do not pass our credit checks you will not be able to set up an account but you may still be entitled to order our products or services (in accordance with our Terms & Conditions of Sale) at our discretion, by making payment upfront.
4. Legal basis for processing
In terms of the legal bases we rely on to process your personal information, these are as follows:
where you have provided your consent: for direct marketing communications in respect of our own products and services, including in respect of marketing communications sent by electronic means (e.g. email);
for the performance of a contract with you (such as a contract for the provision of good and services) or to take steps at your request prior to entering into this contract;
to comply with legal obligations, including in relation to health and safety and environmental legislation, performing anti- money laundering, terrorism prevention and sanctions screening checks, complaints and investigations or litigation;
for our legitimate interests in:
management of your account (including processing payments) and our relationship with you, and communicating with you
sending direct marketing in respect of our own products and services where you have not provided your consent and the marketing communication is sent by non-electronic means (e.g. post or telephone); processing orders and supplying our products and services; and
our internal business purposes which may include processing for the purposes of: record keeping, research, reporting and statistics, data security, to ensure the quality of our products and services, investigating and responding to queries and complaints, obtaining credit references and credit checks, changing our pricing, debt collection, fraud detection and prevention, risk management, recruitment and training of our personnel, and protecting our rights, property and safety (and that of others). You can object to processing carried out on the basis of our legitimate interests at any time by emailing Sales@spirafix.com;
See also "Your Rights - The right to object".
5. How we share your personal information
When we use your personal information for the purposes specified above, we may also share it with other companies
• third party providers in order for us to process payments that are due to us, in doing so we provide bank card details to such providers;
• our accountants, auditors, lawyers or similar advisers when we ask them to provide us with professional advice;
• emergency services in the event that we need to report accidents or incidents or request emergency assistance;
• any Government Department, public body or other third party where we believe in good faith that the law requires this; in the interests of public health and safety; or in order to protect the rights, property, or safety of Spirafix, and its employees or others;
We ensure that, where your personal information is transferred to any country outside the European Economic Area this is done using "model clauses" (standard contractual clauses which have been approved by the European Commission as providing adequate safeguards to enable personal data to be transferred outside the European Economic Area) or other specific legally-approved safeguards. You can request further details and/or a copy of the relevant safeguards here: firstname.lastname@example.org; or by calling 01633 895733.
The performance of services by our third party service provider(s) may be subject to a separate privacy statement provided to you by the relevant third party. You should read any such statement carefully.
6. How long we keep your personal information
We retain your personal information for no longer than is necessary for the purposes for which the personal information is collected. When determining the relevant retention periods, we will take into account factors including:
legal obligation(s) under applicable law to retain data for a certain period of time;
statute of limitations under applicable law(s);
(potential) disputes, and;
guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once this is no longer needed.
8. Links to third party websites
Our Websites contain links to other Internet websites. Unless otherwise explicitly stated, we are not responsible for the privacy practices or the content of such websites, including such sites' use of any personal information. Nevertheless, in the event you encounter any third party associated with our Websites (or who claims association with our Websites) who you feel is improperly collecting or using information about you, please contact Sales@spirafix.com; we will be happy to forward your message to the third party.
9. Security - need to check with Louise if she is purchasing Encryption for MLC also?
We use reasonable security methods to protect the personal information that we process, including Internet standard encryption technology ("SSL" or "Secure Socket Layer" technology) to encode personal information that you send to us through our Websites. SSL works by using a private key to encrypt data that's transferred over the SSL connection. To check that you are in a secure area of the Website before sending personal information to us, please look at the top left of your website browser and check that it displays an image of a closed padlock or an unbroken key.
However, please note that whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can be guaranteed to be secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer to us over the Internet.
10. Your rights
The following section explains your rights. The various rights are not absolute and each is subject to certain exceptions or qualifications.
We will grant your request only to the extent that it follows from our assessment of your request that we are allowed and required to do so under data protection laws. Nothing in this Privacy Statement is intended to provide you with rights beyond or in addition to your rights as a data subject under data protection laws.
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal information and your rights. This is why we're providing you with the information in this Privacy Statement.
2. The right of access
You have the right to obtain a copy of your personal information (if we're processing it), and other certain information (similar to that provided in this Privacy Statement) about how it is used.
This is so you're aware and can check that we're using your personal information in accordance with data protection law.
We can refuse to provide information where to do so may reveal personal information about another person or would otherwise negatively impact another person's rights.
3. The right to rectification
You can ask us to take reasonable measures to correct your personal information if it's inaccurate or incomplete. E.g. if we have the wrong date of birth or name for you.
4. The right to erasure
This is also known as 'the right to be forgotten' and, in simple terms, enables you to request the deletion or removal of your personal information where there's no compelling reason for us to keep using it or its use is unlawful. This is not a general right to erasure; there are exceptions, e.g. where we need to use the information in defence of a legal claim.
5. The right to restrict processing
You have rights to 'block' or suppress further use of your personal information when we are assessing a request for rectification or as an alternative to erasure. When processing is restricted, we can still store your personal information, but may not use it further. We keep lists of people who have asked for further use of their personal information to be 'blocked' to make sure the restriction is respected in future.
6. The right to data portability
You have rights to obtain and reuse certain personal information for your own purposes across different organisations. This enables you to move, copy or transfer your personal information easily between our IT systems and theirs (or directly to yourself) safely and securely, without affecting its usability. This only applies to your personal information that you have provided to us that we are processing with your consent or to perform a contract which you are a party to (such as pay and compensation services), which is being processed by automated means.
7. The right to object
You have the right to object to certain types of processing, on grounds relating to your particular situation, at any time insofar as that processing takes place for the purposes of legitimate interests pursued by Spirafix or by a third party. We will be allowed to continue to process the personal information if we can demonstrate "compelling legitimate grounds for the processing which override [your] interests, rights and freedoms" or we need this for the establishment, exercise or defence of legal claims.
8. Rights in relation to automated decision making and profiling
You have the right not to be subject to a decision based solely on automated processing (including profiling), which significantly affects you, subject to some exceptions. Where this is the case, you have the right to obtain human intervention, voice your concerns and to have the decision reviewed.
11. Updating this statement
We review our privacy practices from time to time. We ask that you bookmark and periodically review this page for updates to our Privacy Statement. We reserve the right to modify this policy effective seven (7) days after the posting of the revised Privacy Statement.
12. Contact us
For further information regarding these rights, about this Privacy Statement generally or to make a complaint please contact our Data Protection Officer at email@example.com; or by calling 01633 895733. Please provide as much information as possible to help us identify the information you are requesting, the action you are wanting us to take and why you believe this action should be taken.
Before assessing your request, we may request additional information in order to identify you. If you do not provide the requested information and, as a result we are not in a position to identify you, we may refuse to action your request.
We will generally respond to your request within one month of receipt of your request. We can extend this period by an additional two months if this is necessary taking into account the complexity and number of requests that you have submitted.
We will not charge you for such communications or actions we take, unless:
you request additional copies of your personal data undergoing processing, in which case we may charge for our reasonable administrative costs, or
you submit manifestly unfounded or excessive requests, in particular because of their repetitive character, in which case we may either: (a) charge for our reasonable administrative costs; or (b) refuse to act on the request.
If after contacting MLC Technology Limited you are still unhappy you may also complain to the Information Commissioner, all contact details are available on the Information Commissioner's Website: ico.org.uk