We are MQA Limited, a company registered in England and Wales (company number 09123512), our registered office is at 11 Latham Road, Huntingdon, Cambridgeshire, PE29 6YE (“we/our/us”). We are the data controller in respect of the personal data we hold on you relating to your use of our websites: http://www.mqa.co.uk/ and http://bobtalks.co.uk (“websites”). We respect the privacy of every individual who visits our websites.
General Overview of Personal Data Collected
Personal Data means information from which you can be identified, either directly or indirectly, including your name and other personal details such as your email and postal addresses.
We collect personal information from visitors to the websites through the use of online forms (for example when you register for more information) and from any email that you send to us. This may include your name, title, and e-mail address. If you register more than once using different email addresses, we will store your data each time you register.
For quality control and training purposes, we may also monitor or record your communications with us.
The Lawful Basis for Processing Personal Data
Our lawful bases for processing your Personal Data when using our websites is:
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
- where we need to comply with a legal or regulatory obligation.
Use of Personal Data
We process personal information collected via the websites for the purposes of:
- providing and personalising our services, including customer care, and technical or service support;
- dealing with your inquiries and requests;
- maintaining information as a reference tool or general resource so that we may improve our services for you;
- providing you with information about our company, new partners and services; and
- on occasion, we may ask for feedback from you about the usage or services our websites provide to help us develop and improve it further.
The Retention of Your Data
We will keep your information for as long as is reasonably necessary for the purposes listed in the Use of Personal Data section. If we notice your e-mail address has ceased to function, or you do not open any e-mails we send to you, we shall cease to retain your Personal Data after 12 months. This period may be extended by other legal and mandatory requirements.
For the anonymous tracking of user behaviour, MQA uses Google Analytics, which will retain anonymised data for 26 months.
Storage of Your Data
The data that we collect from you will be transferred to, and stored at, destinations within and outside the European Economic Area (“EEA”). We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy. All Personal Data you provide to us is stored on our secure servers.
If you are a business partner, we store your Personal Data in SalesForce – an industry recognised best-practitioner of data security. SalesForce uses extremely secure connection methods and encryption for all Personal Data. For more information: More on SalesForce security
If you have requested that MQA send you news and marketing information, we store your e-mail data using Mailchimp, whose servers are located in the US. Again, company that takes data security and privacy very seriously. The link below offers some general information on how this data is secured. More on Mailchimp security
Your Rights and Your Personal Data
If you are based in the European Economic Area , you have the following rights with respect to your Personal Data:
When exercising any of the rights listed below, in order to process your request, we may need to verify your identity for your security. In such cases we will need you to respond with proof of your identity before you can exercise these rights.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
- The right to access the Personal Data we hold on you
- At any point you can contact us to request to see the Personal Data we hold on you as well as why we have that Personal Data, who has access to the Personal Data and where we obtained the Personal Data from. Once we have received your request we will respond within one month.
- There are no fees or charges for the first request but additional requests for the same Personal Data, or requests which are manifestly unfounded or excessive, may be subject to an administrative fee.
- The right to correct and update the Personal Data we hold on you
- If the data we hold on you is out of date, incomplete or incorrect, you can inform us and your data will be updated.
- The right to have your Personal Data erased
- If you feel that we should no longer be using your Personal Data, or that we are unlawfully using your Personal Data, you can request that we erase the Personal Data we hold.
- When we receive your request, we will confirm whether the Personal Data has been deleted or the reason why it cannot be deleted (for example because we need it to comply with a legal obligation).
- The right to object to processing of your Personal Data or to restrict it to certain purposes only
- You have the right to request that we stop processing your Personal Data or ask us to restrict processing. Upon receiving the request, we will contact you and let you know if we are able to comply, or if we have a legal obligation to continue to process your data.
- The right to data portability
- You have the right to request that we transfer some of your Personal Data to another controller. We will comply with your request, where it is feasible to do so, within one month of receiving your request.
- The right to withdraw your consent at any time to any processing of data for which consent was obtained
- You can withdraw your consent easily by email, or by post (details at the top of this document).
- The right to lodge a complaint with the Information Commissioner’s Office.
- You can contact the Information Commissioners Office on +44 303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Communications from MQA
You can choose to sign up for our newsletter and to receive other marketing communications from us. By asking to receive this information you consent to receive marketing communications from us using any contact method which you have provided us with, including by post and email.
You may opt out of receiving information about our products and services by selecting the relevant option on our websites or by sending us an email at firstname.lastname@example.org.
We may also use and disclose information in aggregate (so that no individuals are identified) for marketing and strategic development purposes.
A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser. Find out more here www.allaboutcookies.org
The data we collect using cookies helps us understand our customers better so that we can provide a more focused user experience. Using the knowledge of your previous visits to our websites, MQA can enhance subsequent visits by tailoring our content to match your requirements. Our cookies do not store sensitive information, or information which directly identifies you, such as your name, address or credit card details.
We use performance cookies collect information about how visitors use our websites, for instance which pages visitors go to most often. They may also show us which email or web page visitors clicked through from in order to visit our websites, and whether you opened an email we sent you. Some of these are analytics cookies, set using third-party web analytics software, which allow us to monitor our website traffic. We use Google Analytics cookies to help us do this. This information is not linked to any individual.
We will not pass data collected by cookies to third parties in such a way that would allow them to identify visitors personally. However, we may associate this cookie data with other Personal Data submitted by you (for instance when you submit or complete a form) to make sure that our communications are as relevant to you as possible. Sometimes we may use this data to highlight MQA news or partner products which we think will be of interest to you based on your use of our websites.
By using the MQA’s websites you agree we may place these types of cookies on your device.
Disclosures to Third Parties
We will only disclose Personal Data to other companies within our group of companies, business systems partners, government bodies and law enforcement agencies, successors in title to our business, and suppliers we engage to process data on our behalf.
Given that the Internet is a global environment, using the Internet to collect and process Personal Data necessarily involves the transmission of data on an international basis. Therefore, by browsing the websites and communicating electronically with us, you acknowledge our processing of Personal Data in this way. However, we will endeavour to protect all personal information collected through the websites in accordance with strict data protection standards.
Where we transfer your Personal Data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:
- We may use specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe; or
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to Personal Data shared between the Europe and the US; or
- Where countries have been deemed to provide an adequate level of protection for Personal Data by the European Commission, we may transfer your Personal Data to third parties based in those countries.
This Notice was last updated in June 2018 and will be reviewed annually.