- You visit our website
- You contact us by email telephone, or any other means of correspondence, or use the enquiry form on our website
- You receive our newsletters.
We have a separate notice that details how we manage client information during projects. This will be explained in detail if you are looking to engage our services.
We do not sell, distribute or lease personal information, and will only share it with organisations we work with to deliver the services we provide, or as required by law. The organisations that we share your information with are detailed below.
Changes to this policy
Who we are
Our company is Mackenzie Hughes Ltd and for the purposes of data protection laws (GDPR and the Data Protection Act 2018) we are Controller for the personal information referred to in this notice. Our registration number with the Information Commissioner’s Office is ZA435428. In this document we will be referred to by either our company name or ‘us’ or ‘we.’
What personal information do we collect?
The information we collect will depend upon which of our services you are using. We will collect only the minimum needed to deliver our services and continuously improve the way in which those services are provided.
Visitors to Our Website
- Technical information about your visit to our site including browser type and version, time-zone settings, operating systems and version and platform used to access the website. If you continue to use our website, we will assume you have given consent for our website to gather the technical information stated.
The technical and analytical information that we collect will be used for the purposes of monitoring the way in which our website is used and help us to continuously improve the services we offer. It is in our legitimate interests to offer the best possible products and services and processing information in this way allows us to monitor and meet client demand and expectation.
Correspondence and enquiries
We may collect a contact telephone number if you call the office and use your email address to reply to an enquiry, keep you updated on a project we undertake on your behalf or to ask your permission to email you our electronic newsletter.
We use Mailchimp to send out a regular tailored newsletter to those working in the industry. To add you to the newsletter distribution list, we will collect only the following two pieces of information:
- E-mail address. This will usually be a company e-mail address.
Marketing and promotional materials that are distributed using any form of electronic communication, including email, must comply with the Privacy and Electronic Communication Regulations as well as data protection laws. This means that when we send our electronic newsletters, we must have consent for using an e-mail address for this purpose unless those receiving the information fall within the definition of a “corporate subscriber”. This is where people are receiving information on behalf of their organisation or company.
Most people who receive our newsletters are corporate subscribers and do not use what may be considered their own personal e-mail address (an e-mail address that is distinct from the organisation they work for). You may still object to receiving this type of information and further details are provided in the document Your Rights Under the GDPR.
We may also add a person to the distribution list who has an email address that may be considered personal, for example a sole trader, or private individual who has expressed an interest in our services. In these cases, we must have your explicit consent to process your information for this purpose. You may withdraw your consent at any time. To withdraw your consent, simply click the unsubscribe button on the email you have received or email email@example.com.
How we use your personal information
The way in which we use your personal information will depend upon why we have collected it in the first instance.
Contacts and enquiries
The information provided will be used to answer any queries you have and, for clients, will be processed with for the purposes of entering into a contract for your proposed project. If you wish to find out more about our systems on processing client information please contact Kate Stuart on firstname.lastname@example.org.
Where we receive enquiries from people who are not clients or potential clients, we will process this information either using your consent (where it is explicitly provided) or based on our legitimate interests.
How long do we keep your information?
We will only retain your information for as long as it is required for the purpose for which it is collected, or there is another lawful purpose for retaining it. From the point of collecting or creating personal information until the point it is destroyed, we will take appropriate organisational and technical measures to ensure your personal information is processed securely with adequate safeguards in place. The retention periods for personal information covered in this policy are stated below.
- Website analytical and technical information is kept in a personally identifiable form for no longer than , after which it is used only in an anonymous reporting format.
- The retention period for information collected for the purposes of managing enquiries will and will depend upon the nature of the enquiry:
- General enquiries that are not related to a specific project will be retained for 3 months from the date of last action;
- Enquiries from potential clients will be retained for a year from the date of the last piece of correspondence where a project is not progressed. Where a project is commissioned, the enquiry will be held on the project file;
- General enquiries that are not from clients although are related to a specific project will be retained on the project file.
Who will we pass your information to?
All initial enquiries will be dealt with by the appropriate team member at Mackenzie Hughes. Where your enquiry relates to a project, we may pass some details to other organisations who we will work with to deliver certain aspects of the project, for example, to be able to provide a quote. We will pass only the minimum details required. Further details about this processing are on our .
We have companies that process personal information on our behalf including:
- IT service providers
- Web hosting and newsletter distribution company (with emails sent via Mailchimp)
Data processing agreements are in place with any organisation that processes personal information on behalf of Mackenzie Hughes, which require processing to be carried out within the EEA, or for appropriate safeguards to be in place where it is carried out by an international organisation. As far as we are able to establish
We will not pass your information to any other recipient unless there is a statutory requirement to do so, or the processing is otherwise lawful.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Your rights under the GDPR
Under the GDPR, you have a number of rights in relation to your personal information. You have the right to:
- request access to your personal information;
- request rectification of your personal information which means you are able to have inaccurate personal information corrected without undue delay;
- request erasure of your personal information when certain conditions apply;
iii. restrict processing under certain circumstances;
- object to processing;
- data portability in some circumstances.
Requests relating to rectification, the erasure of personal information or the restricting of processing will be passed to any recipients of your information, who are detailed above.
There may be occasions when we are unable to comply with requests to exercise your rights. For example, a request to erase your information when we are legally obliged to continue to hold it. Should this apply to a request you make, it will be explained to you why we are unable to comply with the request, how long we will continue to hold your information (where relevant), and any options available to you.
Where your personal information is being processed based on your consent, one further right is the right to withdraw that consent at any time. If we are using consent, it is explained above under How we are use your personal information.
We You also have the right to lodge a complaint with the Information Commissioners Office (ICO) if you are unhappy with the way in which we have processed your personal information, and you can find further information here.
The person responsible for data protection matters at Mackenzie Hughes is Kate Stuart. You can contact Kate by emailing her at email@example.com.
Version 1: Apr 2019
What are cookies?
Are there different types of cookies?
Yes, there are two types of cookies – ‘session’ cookies and ‘persistent’ cookies. Our website, like many websites, uses both. Session cookies are temporary cookies that expire when you close your browser. Persistent cookies have a longer expiration date and stay on your computer hard-drive until you manually delete them.
What do persistent cookies do?
One example of a persistent cookie is the ‘remember me on this computer functionality’ which means you can access the private area of a website again from your own PC or mobile, without logging-in again. The session cookies and persistent cookies placed on our website by us are known for this reason are ‘first party cookies.’
What about third-party cookies?
‘Third-party cookies’ are used by companies such as analytics firms like Google who will use them to gather ‘non-personal’ information about you. The information relates to the habits you display when browsing and the websites you browse. An example of this is when you have viewed a travel website then leave it to visit another website with a different subject matter, yet you still see advertisements relating to travel. This is called advertising ‘behavioural targeting’ and is down to third-party cookies.
Can I choose not to have cookies on my computer?
More information on cookies
You can read more about cookies in the Microsoft Cookies Guide or All About Cookies. The Internet Advertising Bureau (IAB) has a very stringent code of ethics on internet advertising and you can read more about it by clicking here.