MLL Telecom understands that your privacy is important to you and that you care about how your Personal Data is used. We respect and value the privacy of our Customers and will only collect and use Personal Data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
1. Definitions and Interpretation
“Customers” means Customers either in a current, previous or potential future working relationship with us.
2. Information About Us
MLL Telecom Ltd registered in England under company number 02657917. Our registered address is Jubilee House, Third Avenue, Globe Park, Marlow SL7 1EY.
Our registration number with the Information Commissioner’s Office (ICO) is ZA325115.
3. What Does This Policy Cover?
This Policy applies to all those Customers either in a current, previous or potential future working relationship with us. It provides Customers with details of why and how MLL will collect and process Personal Data.
MLL is a data processor, and we will only process Personal Data on behalf of the data controller, which is you, the Customer. Our duties as the data processor will be specified by the Customer in a contract or appropriate agreement.
4. What Is Personal Data?
Personal Data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal Data is, in simpler terms, any information about you that enables you to be identified. Personal Data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
5. What Are My Rights?
You are entitled to know whether we hold Personal Data about you and, if we do, to have access to that Personal Data and request that it be corrected if it is inaccurate. You can also choose to manage the marketing communications you receive by using opt-out mechanisms in emails we send to you. In such cases, we will retain the minimum Personal Data necessary to record that you opted out, in order to avoid contacting you again.
If you are a Data Subject under applicable data protection law, you will have the following rights in relation to Personal Data that we hold about you:
- Right to Access – to request confirmation of whether we process Personal Data relating to you, and if so, to request a copy of that Personal Data;
- Right to Rectification – to request that we rectify or update any Personal Data that is inaccurate, incomplete or outdated;
- Right to Erasure – to request that we erase your Personal Data in certain circumstances, such as where we collected Personal Data on the basis of your consent and you withdraw your consent;
- Right to Restriction of Processing – to request that we restrict the use of your Personal Data in certain circumstances, such as while we consider another request that you have submitted, for example a request that we update your Personal Data;
- Right to Withdraw Consent – where you have given us consent to process your Personal Data, to withdraw your consent; and
- Right to Data Portability – to request that we provide a copy of your Personal Data to you in a structured, commonly used and machine readable format in certain circumstances.
If you have any cause for complaint about our use of your Personal Data, you have the right to lodge a complaint with the ICO. We would welcome the opportunity to resolve your concerns ourselves.
Further information about your rights can also be obtained from the ICO, your local Citizens Advice Bureau or ourselves. If you wish to exercise any of your rights relating to your data (including requesting a copy of the Personal Data which we hold about you) please contact us in writing.
6. What Data Do You Collect and How?
Depending upon the services we provide to you, we will collect and hold some Personal Data. The information we might collect and process about you includes:
- Your basic identification and contact details. This may include your name, company, address, telephone number, email address and other information that you provide us.
- Information about your device, such as your IP address.
- Information about your Customer relationship with us. This may include information about your previous purchases of our products and services, your billing information, information about events you have attended, and feedback you have given us.
- If you contact us with an enquiry, or for information, we may keep a record of that correspondence. If you contact us by phone, we may keep a recording of calls that you make to us.
- We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- We may collect personal information when we meet you face to face or when you contact us either on the telephone or in writing.
We do not collect any ‘special category’ or ‘sensitive’ Personal Data or Personal Data relating to children or data relating to criminal convictions and/or offences.
7. How Do You Use My Personal Data?
We collect and use your personal information for the legitimate business purposes of communicating with you to deal with your enquiries, fulfilling your requests for services and information, providing various tools which enable you to manage your service, notifying you of changes to our services and processing payment from you.
We may also use your personal information where you give us your express consent, for example when you provide consent to receive marketing materials.
We will only use your Personal Data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your Personal Data for that purpose. If we need to use your Personal Data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.
8. How Long Will You Keep My Personal Data?
MLL has a Data Retention Policy which mandates how long records, including Personal Data, must be retained. Retention periods are determined by legislation and business requirements. In most cases we will hold your data for up to 6 years after the contract end date, unless we have a legitimate business need or regulatory obligation which requires that we hold this data for a superseding period of time.
We will not keep your Personal Data for any longer than is necessary in light of the reason(s) for which it was first collected.
9. How and Where Do You Store or Transfer My Personal Data?
Most of our systems that would store your information are based in the UK. We will in some circumstances transfer your personal information outside the EU. If we do, you can expect a similar degree of protection in respect of your personal information.
The security of your Personal Data is essential to us, and to protect your data, we take a number of important measures, including the following:
- Limiting access to your Personal Data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
- Procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your Personal Data) including notifying you and/or the Information Commissioner’s Office where we legally required to do so;
10. Do You Share My Personal Data?
We will in some circumstances have to share your data with third-party service providers that perform services on our behalf. We will not share any of your Personal Data with any third parties for any purposes, subject to the following exceptions:
- In some limited circumstances, we may be legally required to share certain Personal Data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
11. How Can I Access My Personal Data?
If you want to know what Personal Data we have about you, you can ask us for details and for a copy of it (where any such Personal Data is held). This is known as a “subject access request” and should be made in writing and sent to the email or postal addresses shown below.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your Personal Data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
12. How Do I Contact You?
To contact us about anything to do with your Personal Data and data protection, including to make a subject access request, please use the following details:
- Data Protection Officer: Helen Taylor.
- Email address: firstname.lastname@example.org.
- Telephone number: 01628 495400.
- Postal Address: MLL Telecom, Jubilee House, Third Avenue, Globe Park, Marlow SL7 1EY.
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects Personal Data protection.
Any changes will be immediately posted on our website. We recommend that you check this page regularly to keep up-to-date.