Data Protection (GDPR compliant)
MCL Telecommunications Group (known as MCL Telecom) and all its associated companies are compliant with, and continually monitor and update processes and policies to ensure compliance with, the GDPR and Data Protection Legislation, and is committed to processing your data securely and transparently. As part of the various services and products we offer our customers, including system maintenance, we may hold or have access to data that can identify individuals in order to be able to provide our customers with the services, products and support that is agreed through our contracts. In all instances, access to such data is controlled and limited to specific individuals.
Use of information
This explains how we collect, use and protect your personal information. This policy may be updated from time to time. MCL Telecom Ltd may collect information from you when you:
- Apply for a user log-in and password
- Log-in with user ID and password
- Provide us with contact and other relevant information in the course of
doing, or contemplating, business with us, including but not limited to engaging with our marketing material and/or campaigns.
This notice applies to:
- Prospective customers
- Website users
MCL Telecom uses this information to
- Provide our services and products to you.
- Invoice you for using our services and products.
- Assist us in responding to any queries you may have about our services and products.
- Understand how you use our site, services and products so that we can develop and improve them.
Data Controller details:
MCL Telecommunications Group (MCL Telecom Ltd) is a data controller, meaning that determines the processes to be used when using your personal data. Our contact details are:
MCL Telecom Ltd
43 Victoria Road
Storage of information
Unless legally required to do so, or as part of the provision of a product or a service, we will only share your information with companies within the MCL Telecommunications Group and the following:
- Other companies involved in delivering the services and products to you;
- Credit scoring agencies; or
- In the event of default, debt recovery specialists, including but not limited to lawyers and debt collection agencies.
Types of data
MCL Telecom Ltd processes data without consent in order to fulfil contractual obligations, such as (but not exclusive to):
- Bank details to process salaries
- Postal addresses in order to supply products and services
- Contact details including name, job title, business and home addresses, business email address and contact phone numbers.
- Personal details including your name, job title, business address, business email, and contact phone number.
- Personal details including your name, job title, business address, business email, and contact phone number.
- Name and email address, contact details as completed.
How we collect your data
We collect data about you usually;
- when you express an interest in MCL Telecom Ltd, we ask you for your contact details
- when you become a customer of MCL Telecom Ltd we collect your information for the purposes of contracts and initial set up/implementation from you directly
- when we engage you as a supplier to carry out services for MCL Telecom Ltd
- when you sign up for our newsletter via our website www.mcltelecom.co.uk
Personal data is kept securely within;
- Outlook email contacts
- within our in-house billing platform know as Cascade
- Mailchimp for distribution
- Accounting software – Sage Accounts
- In-house CRM program
Why we process your data
Under GDPR, where we are the Data Controller we must have a lawful basis for processing all personal data. GDPR sets out the where processing of personal data can be undertaken legally;
As a current customer or supplier, the law on data protection allows us to process your data in order to perform the contract that we are party, in that;
- we can communicate with you with regard the services
- we can issue invoicing
- we can send you information relating to our services, changes in our organisation and events as part of the contract services
- Communicate with you as a Vendor in your supply and performance of services to us
As a prospective customer or website user, the law on data protection allows us to process your data for legitimate interests, in that;
- We can communicate with you regard future contracts
- We can issue the newsletter you registered for on our website
Sharing your data
Your data is not shared outside MCL Telecom Ltd. Nine Group Telecom wholesale providers have access to our data, under our authority. Nine Group Telecom are GDPR compliant (see resources).
We do not share your data with bodies outside of the European Economic Area.
Protecting your data
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such.
- Data is predominantly secured by password and access control.
How long we keep your data for
In line with data protection principles, we only keep your data for as long as we need it for, which will be at least for the duration of your contract with us though in most cases we will keep your data for a period after the contract has ended to enable transition to be managed smoothly.
MCL Telecom Ltd will retain your personal data where we have an ongoing legitimate need to do so, for example to engage in long term relationships with our customers and prospective customers.
Where there is no legitimate basis or there has been no engagement with you for a period of seven years, we will either delete or anonymise your personal data.
Your rights in relation to your data
The law on data protection gives you certain rights in relation to the data we hold on you. These are:
- the right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice.
- the right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request.
- the right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it.
- the right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it.
- the right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct.
- the right to portability. You may transfer the data that we hold on you for your own purposes.
- the right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests.
- the right to regulate any automated decision-making and profiling of personal data. You have a right not to be subject to automated decision making in way that adversely affects your legal rights.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.
If you wish to exercise any of the rights explained above, please contact the Data Controller as detailed above.
Making a complaint
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.
Appendix – website privacy notice
The DPA & GDPR May 2018
We and this website comply to the DPA (Data Protection Act 1998) and already comply to the GDPR (General Data Protection Regulation) which came into effect from May 2018. We will update this policy accordingly after the completion of the UK's exit from the European Union.
What are cookies?
Cookies are small files saved to the user's computer’s hard drive that track, save and store information about the user's interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Website visitor tracking
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Downloads & media files
Any downloadable documents, files or media made available on this website are provided to users at their own risk.
While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third-party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.
Contact & communication with us
Users contacting us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.
Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in 'The policy' above.
Email mailing list & marketing messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in 'The policy' above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all our Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
External website links & third parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; LinkedIn, LinkedIn or www.LinkedIn.com.)
Shortened URL's; URL shortening is a technique used on the web to shorten URL's (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social media policy & usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
Resources and further information
- Overview of the GDPR – General Data Protection Regulation
- Data Protection Act 1998
- Privacy and Electronic Communications Regulations 2003
- The Guide to the PECR 2003