Mumfidential Ltd is committed to protecting and respecting your privacy
For the purpose of the General Data Protection Regulation, a European privacy law approved by the European Commission in 2016, the data controller is Central Office, Cobweb Buildings, The Lane, Lyford, Nr Wantage, OX12 0EE.
GDPR stands for the General Data Protection Regulation, a European privacy law approved by the European Commission in 2016. The GDPR will replace a prior European Union privacy directive known as Directive 95/46/EC (the “Directive”), which has been the basis of European data protection law since 1995.
The GDPR is an attempt to strengthen, harmonise, and modernise EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organisations may obtain, use, store, and eliminate personal data. It applies to any organisation processing personal data of EU citizens.
Personal data will now include not only data that is commonly considered to be personal in nature (e.g. names, physical addresses, email addresses), but also data such as IP addresses, behavioral data, location data, financial information, and more.
The GDPR was adopted in April 2016, but will officially be enforceable on 25th May 2018.
The GDPR provides the following rights for individuals:
1. Right to be informed
2. Right of access
You have the right to access your personal data and supplementary information. You can request this by emailing email@example.com We will respond to a request within one month. We may ask you to verify your identity.
3. Right to rectification
You have the right to ask us to have inaccurate personal data rectified, or completed if it is incomplete by emailing firstname.lastname@example.org We will respond to a request within one month. We may ask you to verify your identity.
4. Right to erasure
You have a right to have your personal data erased. This is also known as the “right to be forgotten”. You can ask us to delete your data by emailing us at email@example.com We will respond to a request for erasure within one month. We may ask you to verify your identity.
5. Right to restrict processing
In certain circumstances, you have a right to restrict the way we may process your personal data, as an alternative to erasing it, if you have a particular reason for wanting it restricted
6. Right to data portability
Your right to data portability entitles you to obtain personal data you have provided to us – in a commonly used, structured format – and request that we send it to another another service provider (if technically feasible).
7. Right to object or withdraw consent
You have the right to object to our processing of your personal data where the use is based on our legitimate interests (including profiling), or where it is used for direct marketing. You may at any time ask us to stop processing of your information for direct marketing purposes, by emailing us at firstname.lastname@example.org or by following the link on our emails.
INFORMATION WE COLLECT
There are three categories of information we collect:
1. Information you give to us
a) Information necessary for use of the site.
We ask for this information when you use the site as it is required for proper performance of our contract with you.
i) Email information – when you submit your email address to us to join our mailing list
ii) Competition information – When you enter a competition with us such as first name, last name and email address.
b) Information you choose to give us.
You can choose to give us additional information that is not essential for use of the site but will enhance your experience and help us provide a better service to you. This information is processed based on your consent.
i) If you contact us via email or other method
2. Information we automatically collect from your use of the website
When you use the website we automatically collect information, including personal data. This information is necessary for the performance of the contract between you and us, as well a given our legitimate interest to improve the functionality of the site and provide you with a good service.
i) Site Usage Information – We collect information about pages you visit and your searches
ii) Geolocation information – We collect information that includes your IP address and this can be used to determine your approximate location.
iii) Log data and device information – We collect log data and device information for when you use the site, even if you are not logged in or registered for an account with us. This information is vital to us for to prevent fraudulent or malicious use of the site.
HOW WE USE THIS INFORMATION
We may use and disclose personal data only for the following purposes:
1. To communicate with site visitors,.
2. To send you information and promotional material to you by email. You will only receive this information if you have positively opted in and you can stop receiving this content at any time.
3. To send you alerts and notifications by email based on transactions you make on the site – such as entering a competition.
6. To protect the rights and safety of our customers, site visitors and third parties.
7. To meet legal requirements, comply with the law, court orders, respond to legal requests or an official investigation.
8. To provide information to our advisors or agents, such as lawyers and accountants.
9. We may share your data with a third party if we choose to sell, transfer or merge part or all of our business – or we we seek to acquire another business or merge with them. We will only share your data with a third party in this case if they agree to keep your data safe and private and have the appropriate safeguards in place. In any such event we will notify you of the change either by sending you an email or posting a notice on our Website.
THIRD PARTY LINKS
RECIPIENTS OF THE YOUR DATA (WHO WE MAY SHARE IT WITH)
1. Other Site Users:
Entering a competition – If you interact with the site to enter a competition, we will share data with the competition partner only if you allow us to share that information. This information is therefore provided with your consent.
2. Our Employees and Contractors:
3. Service Providers:
4. Other Third Parties:
We may share your data with a third party if we choose to sell, transfer or merge part or all of our business – or we we seek to acquire another business or merge with them. We will only share your data with a third party in this case if they agree to keep your data safe and private and have the appropriate safeguards in place.
6. Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in SW1). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.
7. Analytics and search engine providers that assist us in the improvement and optimisation of our site.
TRANSFERS TO THIRD PARTY PROCESSORS AND OUTSIDE THE EU
Examples of TTPs we use include (but are not limited to):
Hosting – SiteGround
Email – MailPoet
Safeguards – EU-US Privacy Shield
The EU-US Privacy Shield is a framework that protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. Our TTPs are certified and comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. They comply with the Privacy Shield Principles for all transfers of personal data from the EU and Switzerland. Where appropriate we have signed Data Processing Addendums with TTPs to be confident that any data from the EEA that is being transfered outside of the the EEA will be subjected to the same high levels of security, privacy control, and data protection that it would receive in the EU.
HOW LONG WE MAY KEEP YOUR DATA
We generally retain your information for as long as your account is active or as long as necessary to provide you with our service. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our Agreements.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
Third Party Services
- MailPoet: This is our email and newsletter provider. It’s licensed under the GNU general public license.
You have the right to ask us not to process your personal data for marketing purposes. We will always inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.
If you have opted to receive one of our regular emails we may from time to time:
- send you information by email about existing and new services, products and special offers from us; and/or
- send you information by email about related products or services of selected third parties that may be of interest to you.
These emails will only ever come from us, even when they refer to third party products or services. You will be able to opt out of receiving these emails but if you opt out we will have to stop sending you any sort of email.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
You have the right to access information held about you. Your right of access can be exercised in accordance with the Act.
This policy was updated on 23 May 2018