Mdesign London Limited (“We”), Company no. 5342999, registered office address: 4th Floor 7/10 Chandos Street, Cavendish Square, London, England, W1G 9DQ
We respect your privacy and seek to protect your personal data. The following information describes how we gather and use that data when you access our website, do business with us or apply for a job. The amount of information we hold on you and how we use it depends on your relationship with us and some of the sections below may not be relevant to you.
The General Data Protection Regulation (GDPR) impacts how organisations record, store and use personal data. This legislation is designed to give you, as ‘data subjects’, greater control and new rights over how we, as a ‘data controller’ (an organisation which holds your data which you may supply to us), record, store and use your data.
We keep to a minimum the amount of information we hold about you.
The lawful bases that we rely on to process your data are:
It is in our legitimate interest to process your personal data to enable us to operate our business and that legitimate interest is fairly balanced with your rights and freedoms.
Our processing of your personal data is necessary to allow us to perform contracts for your benefit.
Where our processing of personal data is not because of our legitimate interest or by way of performance of our contract, we may do so with your consent.
We only hold your data for as long as necessary.
We apply appropriate security mechanisms to protect your personal data.
We may collect, use, store and transfer different kinds of personal data about you which you voluntary provide to us, which we have grouped together as follows:
Identity Data – this includes your first name, maiden name, last name or similar identifier, marital status, title, date of birth and gender.
Contact Data – this includes your billing address, delivery address, email address and telephone numbers.
Financial Data – this includes your bank account and payment card details.
Transaction Data – this includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data – this includes your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data – this includes information about how you use our website and services.
Marketing and Communications Data – this includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We will only use your personal data for the purpose for which we collected it which include the following:
To register you as a new customer.
To provide our services including managing payments, fees and charges and collecting and recovering money owed to us.
To manage your relationship with us.
To improve our website, services, marketing or customer relationships.
To recommend services which may be of interest to you.
If you submit an employment application to us, including CVs or resumes, all of the information submitted may be used for any and all purposes ordinarily associated with processing an employment application.
To provide the most effective and relevant site content.
To provide the interactive features of the site, when you choose to use these.
To notify you of site content changes.
We retain personal data for as long as necessary to provide services to you, to fulfil the transactions you have requested, or for other essential purposes (for example, complying with our legal obligations, resolving disputes and fulfilling our agreements).
We are committed to protecting the security of your personal data. We store data in a number of places depending on our requirements to access and use it. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. For example, we store the personal data you provide on cloud based or computer systems that have limited access and are in controlled facilities.
If you have any questions about the use of your personal information, please email us at firstname.lastname@example.org.
When you contact us to make an enquiry, we will use your name and contact information to respond. We will then use this information to communicate with you during the provision of our services to you.
We collect and update information about users of our services. We may obtain this information via direct contact with you, from third parties such as other users who refer you to us or automatically via your use of our services.
This information includes your contact details, registration and payment details, support problems, details around participation in events or surveys and certain relevant details of your communication preferences.
For each visitor to our website, our web server automatically recognises the user’s domain name. We also collect the email addresses of those who communicate with us via email and anonymously aggregate information on which pages users access or visit. Information volunteered by users, such as survey information and/or site registrations, is also collected.
We work with third parties in the provision of some of our services.
On request, and when relevant to a service you use, we will provide details of which third parties we work with. We will also discuss and agree on any specific security questions or requirements you may have during the provision of our services.
The third parties we work with – including those who provide email and storage solutions used in our day to day work – are monitored on how they meet the requirements of current UK data protection legislation and the requirements of GDPR. When we contract with third parties we enter into agreements that encourage GDPR compliance.
Where this includes storage or processing of information outside of the European Economic Area (EEA), we include checks to ensure that compliance with the appropriate frameworks for exchange of personal data (such as the EU-US Privacy Shield) is in place.
Exemptions to the above are where we are asked to provide information as a result of a court order or to recover monies due.
We do not share nor sell your personal data to anyone else.
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the right to receive a copy of the personal data we hold about you, the rights to access, rectify, erase, or restrict the processing of your personal data (subject to applicable exemptions) and the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues. (www.ico.org.uk).
Last updated: 24 May 2018