Privacy

Last Updated on Friday 3 July 2020 10:08:24 AM

We are delighted that you have shown interest in our Business. Data protection is of a particularly high priority for MTD Ebusiness Ltd {Us, We, Our}.  We are both a controller and a processor under the definitions of General Data Protection Regulation (GDPR) and for the purposes of Data Protection Act 1998 we are registered with the UK Information Commissioner’s Office (ICO) as a data controller under registration number ZA136790.

This privacy notice explains how we process your personal information when you visit our website – https://www.swarfandchips.tv, as a recipient of our marketing, if you choose to be a customer of ours, or if we have collected, stored or shared your personal data as part of the legitimate interests of our business.  It explains how we will protect data subjects {You, your} information and personal data, and the controls and safeguards we provide for this data. This includes understanding, at all times, precisely what data we are storing for and about you, who (if anyone) can see that data, and whether you give permission for that data to be shared with third-parties.

The processing of personal data, such as the name, address, e-mail address, or telephone number shall always be in line with the General Data Protection Regulation (GDPR), The Data Protection Act 2018 and Privacy and Electronic Communications Regulations (PECR).

By means of this data protection declaration, we would like to inform you of the nature, scope, and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed, by means of this data protection declaration, of the rights to which they are entitled.

Specific data protection declarations will be provided separately for our video media services, this will allow for the nuances of such event data processing to be communicated to you in a transparent manner.

As a controller and processor, we are implementing appropriate ‘GDPR Ready’ technical and organisational measures which are documented and managed by our Information Security Management System (ISMS) and Personal Information Management system (PIMS), there frameworks, acting in tandem, will ensure the most complete protection of personal data processed throughout this website, on our electronic networks and throughout the entirety of our physical estate.

Topics

  1. Who we are?
  2. The information we collect about you, why we need it and who it’s shared with?
  3. Our Legal Basis for processing data and Email Marketing
  4. Our website uses cookies, here’s what they do and how you can stop them if you wish
  5. Access to your personal data and rights to correct, restrict or delete that data
  6. Other websites
  7. Changes to our privacy policy
  8. How long we keep your data
  9. How to contact us or make a complaint

Who we are?

We work on behalf of manufacturing equipment suppliers and engineers providing bespoke marketing solutions, for example crafting websites, creating marketing campaigns and nurturing opportunities. In order to do this, we initiate a blend of targeted conventional marketing activities such as email marketing, telemarketing and direct mail. We also provide video media services and work extensively in the social media market.

We hold a database of sector specific B2B contacts that we have nurtured and managed so as to provide assurance of provenance. These are professionally relevant individuals for business marketing emails, business telemarketing and business direct mail. The scope of our work does not include the consumer sector.

The information we collect about you, why we need it and who it’s shared with

The personal data we may collect from you and process is:

Personal data type: Source
First Name & Last Name Email Subscribe list, Publicly Available Information, Events, Business Cards, Customers, Website Registrants, Surveys
Job Title Email Subscribe list, Publicly Available Information, Events, Business Cards, Customers, Website Registrants, Surveys
Organisation Email Subscribe list, Publicly Available Information, Events, Business Cards, Customers, Website/Email Tracking Tools, Website Registrants, Surveys,
Work Address Email Subscribe list, Publicly Available Information, Events, Business Cards, Customers, Website/Email Tracking Tools, Website Registrants, Surveys
Email Address Email Subscribe list, Publicly Available Information, Events, Business Cards, Customers, Website/Email Tracking Tools, Website Registrants, Surveys
Telephone Number Email Subscribe list, Publicly Available Information, Events, Business Cards, Customers, Website/Email Tracking Tools, Website Registrants, Surveys
Sensitive Data Type: Source
None

 

N/A

You do not have to directly provide us with any personal data in order to browse our website. However, you may provide us with personal data by completing forms on this website, or by contacting us via telephone or email.

When you visit this website, we will automatically collect the internet protocol (IP) address of the device used by you, your physical location, as well as the type of the device, browser version and time zone setting. This will enable us to identify you as a unique user for analytical purposes, discover your browsing habits/interests via the pages/links you visit and resources you access; therefore, allowing us to optimise our website for you, and your device.

This data may be collected and used to ascertain the organisation you work for and whether you are a professionally relevant post-holder for future marketing that we, or our affiliates/customers may wish to send to you.

If you contact us by e-mail, subscribe to a mailing list, or via a contact form, the personal data transmitted by the data subject is automatically stored. Such personal and non-personal data, transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of contacting the data subject.

We hold personal information relating to existing, previous and prospective customers and our employees and suppliers.

Our legal basis for processing personal data and Email Marketing

The legal basis we use under the General Data Protection Regulation for the processing of personal data are:

  • Our legitimate interests
  • Fulfilling out Contractual Obligations
  • Consent
  • Any Legal Requirements we may have such as fraud prevention

Data Processing through use of our Legitimate Interests

Broadly speaking Legitimate Interests means that we can process your personal information if:

  • We have a genuine and legitimate reason and
  • We are not harming any of your rights, freedoms and interests
  • We’ve considered that you would not find such processing unreasonable

For example, via a variety of mechanisms we may collect and store business contact data about you if you are a professionally relevant contact for our services, or that of our customers who use our MTD email marketing campaign tool to send you marketing about their products/services and you are employed in a UK organization which is separate legal entity. Your data will only be used where the product or service might be relevant to you in your professional capacity.

However, we want to respect your wishes about how and if you are contacted. On occasion we will contact you to verify your position, check how you would prefer to receive direct marketing, whether by post, by phone or by email and to remind you of your rights via our any updates to our privacy statement.

You may of course tell us you do not wish to be contacted at all, and we will respect your wishes, add you to a suppression list, and not contact you again.

Further information explaining how we define our Legitimate Interests

We have conducted a Legitimate Interest Test which included the following considerations:

  • The relationship between ourselves and you as the data subject
  • Our Purpose/Necessity to use Legitimate Interests and other alternatives
  • The PECR regulation and it’s relevance to B2B marketing
  • The sensitivity of the personal data that we have collected and processed
  • The reasonable expectations we think you have in your professional role
  • Whether you’d be likely to object to the processing or find it intrusive
  • The safeguards we have in place to minimise any risks to your privacy
  • That a mechanism exists via which you can challenge out assessment
  • We will always ensure there is an opt-out / ability to object

The Purpose Test

We consider that we have a legitimate interest in carrying out a business in favour of the well-being of all our employees and shareholders. This is enshrined in the EU Charter of Human Rights – Article 16 – Freedom to conduct a business.

For prospective customers, identified as working for separate legal entities (“users of an electronic network”) and whom we consider are professionally relevant post holders; we consider we have a legitimate interest to process your data for the purposes of marketing of products and services. This purpose is supported by Recital 47 of the GDPR which states that:

“The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest”

We believe that professionals rely on being kept up to date about new products or services to help them achieve their business objectives and direct marketing is generally seen as an important tool to facilitate this.

However, we will always respect your wishes, if you’re the recipient of our marketing.

The Balancing Test

A balancing test has been undertaken to compare our legitimates interests and the interests or fundamental rights and freedoms of prospective customers who require protection of their personal data,

We will only process personal data if we have determined that our services are ‘professionally relevant’ to you and your organisation.  Material that we send to you may be relevant based on your profile, because of the type, size or location of the organisation that you work in, or because you are the right post-holder for a certain set of decisions based on factors like your role, seniority, and responsibilities.

We believe that the recipients of our marketing have a reasonable expectation that we as a Controller will process their Personal Data.

The data we may hold on recipients originates from primary research by our telephone research team, publically available material held on websites, events we have jointly attended, personal data we have captured via business cards or similar interaction; or referrals from other organisations, data captured via visiting our websites or via subscribing to and opening our B2B emails.

The personal data we hold is strictly limited to the organisational name, contact name, email addresses, telephone numbers, postal addresses, sector/industry classification of companies that are separate legal entities. It is never sensitive data, and in most cases would likely exist in the public domain.

Our assessment has taken into consideration the Information Security Management System we are currently implementing and it also recognises the safeguards we have put in place through the implementation of the British Standard BS10012:2017 – Personal Information Management Framework delivering readiness to GDPR.

Outputs of this framework include, but are not limited to:

  • Data Protection Impact Assessments supporting ‘privacy by design and default’
  • Data Minimisation as a guiding principle
  • Pseudonymization where appropriate
  • Adding extra transparency through regularly updated privacy notices & fair processing notices
  • Regular Internal Audits and Continual Improvement
  • Encryption ‘at rest’ and ‘in transit’ where appropriate
  • Multi-factor authentication and Access Control
  • Strict data retention controls
  • Regular Staff Training and Awareness of Data Privacy Regulation
  • Other technical security methods used to protect data
  • An appointment of an independent Data Protection Officer

Our conclusion is the likelihood of impact and the severity of negative impact or distress of the data processing we undertake is negligible.

Contractual Processing

Where the processing is based on Article 6(1) par. b – necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract; we’ll process your information as customers to enable us to contact you and fulfil the services you have requested.

The information we’re likely to hold is your name, job title, your work postal address, work email address, and telephone number. Your personal information is only disclosed to our employees and sub-contractors who have met out due diligence procedures.

The legal basis for processing your data is ‘fulfilling a contract’ whilst we are your supplier. When you are no longer an active customer, it will be our ‘legitimate interest’ because you may want to order from us again. We benefit from solving communication challenges and we’d like to help you in the future. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services

Processing using Consent

There are certain circumstances, where we may need consent from you in order to process your data and we recognise the above options are not the only lawful grounds for processing data.  If this is the case we will ensure that the consent that you provide is by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of your agreement to the processing of personal data relating to you.

You may withdraw consent at any time by either unsubscribing (via the Unsubscribe link on the footer of all network emails).

Please note that we may still be required to send you transaction or service emails relating to any services of ours that you have purchased or enquired about.

Email Marketing

In relation to any email marketing that you may receive from us, either at your request or in any other circumstances, we may monitor whether you open and/or click on any links in such emails and we uses various tracking techniques such as web beacons to measure the effectiveness of our email campaigns, ascertain your static IP address and tailor our communications to your interests

You may unsubscribe from emails at any time by clicking the relevant link in those emails. We conduct this email marketing in adherence with the Privacy and Electronic Communications Regulation which derive from the European Directive 2002/58/EC.

This allows for B2B marketing on an opt-out basis in so long as a lawful means of processing under GDPR has been established.

Our website uses cookies, here’s what they do and how you can stop them if you wish

You do not have to give us any personal data in order to use this website. However you may provide us with personal data by completing forms on this website or by contacting us by telephone or email.

When you visit this website, we will automatically collect the internet protocol (IP) address of the device used by you to visit this website as well as the type of the device, browser version and time zone setting. This will enable us to identify you as a unique user for analytical purposes and to optimise our website for your device. This data does not directly allow us to, and we will not attempt to use this data to, identify individuals

Cookies

This website uses small text files, called cookies, which are automatically stored on your device when you access and use certain features of this website.

As cookies are unique, we can use them to distinguish you from other users. To find out more about cookies, how to refuse them and how to change your device’s cookie settings, you should visit All About Cookies. Please note that if you refuse to accept cookies or change your device’s cookie settings, you may not be able to use all of this website’s features.

Data collected from the use of cookies does not allow us to, and we will not attempt to use this data to, identify you in a personal capacity or individual subscriber.

The categories of cookies used by this website are as follows:

  • Strictly necessary cookies – cookies that are required for the operation of this website and its features, such as accessing secure areas of this website
  • Performance cookies – cookies that allow us to recognise and new and returning users to this website and to track how they navigate around it to help us improve this website

The cookies used by this website are as follows:

MTD CNC

Source Cookie Description
MTD CNC _mu This is a unique id that identifies a visitor. This allows us to see what pages are most popular and where our visitors are coming from.
Magazine This keeps track of whether the user has closed the magazine pop-up. In order not to interrupt the user’s viewing experience.
Policy This keeps track of whether the user has closed the cookie policy pop-up. In order not to interrupt the user’s viewing experience.
productSelection This stores the previously selected product’s author id. This allows us to remember your last viewed product, in order to make your user experience better.
productSelectionName This stores the previously selected product’s name. This allows us to remember your last viewed product, in order to make your user experience better.
productSelectionText This stores the previously selected product’s description. This allows us to remember your last viewed product, in order to make your user experience better.

 

Google Analytics

Source Cookie Description
Google Analytics __utma This cookie creates a unique ID when a new visitor browses our website. It helps us to assess the number of new visitors to our site, and also identify whether we are receiving repeat visitors, too.
__utmb These two cookies help us measure a visitor’s session, giving us data on what time visitors arrive and how long they spend browsing our website.
__utmc
__utmz This cookie gives us information about how a visitor got to our site (e.g. Google Search, referral site, social media, direct URL, etc.) and also which pages they viewed after they arrived.
Double Click This cookie collects anonymised Ad Views, Analytics, Browser Information, Date/Time, Demographic Data, Hardware/Software Type, Internet Service Provider, Interaction Data, Page Views, Serving Domains)
Audiences This cookie collects anonymous data (Ad Views, Analytics, Browser Information, Cookie Data , Date/Time, Demographic Data, Hardware/Software Type, Internet Service Provider, Interaction Data , Page Views , Serving Domains)
Add This Add This Provides statistics about bookmarking and sharing activity of users

These cookies are used by the Google Analytics service to identify unique visitors to this website, where they came from, which pages they visit and how long they spend on it.

Further information can be found in the Google Privacy Policy.

Most browsers allow you to refuse to accept cookies; for example:

  • In Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking “Tools”, “Internet Options”, “Privacy” and then “Advanced”;
  • In Firefox (version 39) you can block all cookies by clicking “Tools”, “Options”, “Privacy”, selecting “Use custom settings for history” from the drop-down menu, and unticking “Accept cookies from sites”; and
  • In Chrome (version 44), you can block all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Content settings”, and then selecting “Block sites from setting any data” under the “Cookies” heading.Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.You can also delete cookies already stored on your computer; for example:
  • In Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
  • In Firefox (version 39), you can delete cookies by clicking “Tools”, “Options” and “Privacy”, then selecting “Use custom settings for history” from the drop-down menu, clicking “Show Cookies”, and then clicking “Remove All Cookies”; and
  •  In Chrome (version 44), you can delete all cookies by accessing the “Customise and control” menu, and clicking “Settings”, “Show advanced settings” and “Clear browsing data”, and then selecting “Cookies and other site and plug-in data” before clicking “Clear browsing data”.

Access to your personal data and rights to correct, restrict or delete that data

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

  • Right of access – you have the right to request a copy of the information that we hold about you free of charge
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: in the event that MemberWise refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below

All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.

Other websites

On occasion our website will contain links to other websites. This privacy policy only applies to the MTD website – https://www.swarfandchips.tv . When you link to other websites you should read their own privacy policies.

Changes to our privacy policy

We keep our privacy policy under regular review and we will place any updates on this web page. This privacy policy was last updated on 16th May 2018.

How long we keep your data

Any information provided by you will be retained for as long as necessary in connection with the purposes for which it was provided, for example, to respond to your enquiry or in the case of customer data, for three years after your last invoice to us.  After which, we will either delete your personal data, or keep it because you have asked us to.

In respect of any contact information stored within our customer relationship management (CRM) system, we will delete your details upon request and if we have not had any further communication with you within a period of three years.

Any information collected about you or your activity through the use of cookies, will be retained for the time periods set out in the above table.

In any case, once we have processed any information about you in connection with the purposes for which it was provided or collected, we will securely delete or anonymise (to the extent such information was capable of identifying you in the first instance) such information upon expiry of the above time periods.

How to contact us in regards to your rights or to make a complaint

In the event that you wish to make a complaint about how your personal data is being processed by us (or any of our 3rd parties), or how your complaint has been handled, you have the right to lodge a complaint with our Data Protection Officer and with the ICO.

Contact Name: The Data Protection Officer
Address line 1: MTD Ebusiness Ltd
Address line 2: Bedford Heights
Address line 3: Manton Lane
Post Code MK41 7PH
Email: Dataprotection@mtdcnc.com