As part of running our business, MH Web Design sometimes needs to collect, maintain and use personal data about you. That will normally be if you are current, past or prospective customer, a supplier, an employee , or an individual that’s contacted us and needs a response.
Just so you know, the legal basis that we have to process your data falls into one or more of the following areas: Firstly, if you have a contract with us – for example if you are an existing customer or supplier. Secondly, if you’ve provided consent – for example, if you’ve consented to receive a newsletter from us. And finally, if we have a legitimate reason – for example, you have contacted us for a quote
Any personal information you give us, either on this website (for example, via a contact form), via email or direct mail, phone contact or direct contact with the company in person will never be sold, rented or made public without your consent.
We take your privacy seriously. We’ll only use your information for the legal basis with which we hold it. Sometimes, to do that we might need to pass information on to a third party (for example your email into a newsletter sending system). When we do, we’ll use safe, reliable, GDPR compliant services who won’t pass your personal details anywhere else.
Information we collect
1. Contact information
We hold contact information on the individuals and companies that we do business with, employ, and/or market to. Whenever we hold such information we only hold that which is necessary for purposes we need.
2. Site visits tracking
We collect visitor behaviour on our website. This tells us which pages are visited, the sorts of searches that are used to find us, what people do on the site when they are there. It doesn’t tell us anything personal about the people visiting the site, just what they do.
We use the data to make changes on our website based on what we see visitors are doing.
3. Contact by form, email link and telephone
If you email us, either using a website contact form or by sending a direct email, we’ll get that information in an email. That data isn’t stored on our website.
If you phone us, your information will be stored so that we are able to process your enquiry at a later date.
On occasion, we might send marketing and information emails. We’ll only send these emails if you fall into one of the two following categories:
1. You’re an existing customer or supplier who we do current business with.
2. You’ve asked to get emails via a newsletter signup form / documented social media request.
If you’ve asked to get our marketing, you may opt out any time. There’ll be an unsubscribe link in each newsletter or you can contact us.
Under 16? Legally you must obtain parental consent before joining email newsletters.
What we do with that information
Where appropriate, we’ll use the information we keep about you:
1. To send you information on products and services that may be of interest.
2. To carry out our obligations arising from any contracts entered into between you and us.
3. To notify you about changes to our products or services.
4. To send you email newsletters that you have opted in to receive.
Access to your information and correction
You have a number of rights including the right to request a copy of the information that is held about you. If you’d like to know what information is held, please contact us, we’ll reply to you by email. Legally that’s within one working month, but we’ll aim to reply as soon as we can. We want to make sure that your personal information is accurate and up to date. So, once you have any information, you can ask us to correct or remove anything you think is wrong. For a full list of your rights, have a look at the ICO Website.
We’ll normally be happy to help at no charge, however where requests are manifestly unfounded, excessive, or repetitive after an initial, responded to, request, we’ll potentially charge an admin fee to cover the time taken to fulfil the request. This fee will be charged at our standard hourly rate.
Designated Data Controller
As a small company processing small amounts of data we are not obliged to appoint a DPO. If you have a data query, contact us and we will be delighted to help.
We will report any unlawful data breaches of data held by us to the ICO as required (https://ico.org.uk/for-organisations/report-a-breach/personal-data-breach/) within 72 hours of becoming aware of a breach taking place if it is apparent that personal data stored in an identifiable manner has been stolen.