Melford Laboratory Privacy Statement
This Privacy Statement was last revised on May 23, 2018. We may change this Privacy Statement at any time and for any reason. The current Privacy Statement will always be posted on this webpage. Significant changes to the Privacy Statement are discussed below in the Section called "Changes to this Privacy Statement." We encourage you to review this Privacy Statement each time you visit the Website.
Melford Laboratories is committed to processing personal information about our customers in compliance with the General Data Protection Regulation and Data Protection Act 2018, as being clear with our customers about what we do with their personal information.
Key points of the privacy statement are:
- We have never and will never sell your data to third parties
- We will use your data to enable us to process orders and supply relevant customer service communications.
This document covers information we collect about you, whether via our website or our customer service team. Please read it carefully to understand how your personal information will be treated.
We will be the “controller” of the personal information which you provide to us or which we collect from you.
Legal basis for data collection
To collect information Data Protection requires a proper reason to do so.
Melford Laboratories’ legal basis for collecting personal information are-
- for the performance of a contract with you (such as a contract for the provision of good and services) or to take steps at your request prior to entering into this contract.
- to comply with legal obligations, including in relation to health and safety and environmental legislation, performing anti-money laundering, terrorism prevention and sanctions screening checks, complaints and investigations or litigation.
- to protect your vital interests or the vital interests of another person, e.g. where you or they are seriously injured or ill.
- for our legitimate interests in:
- Management of your account (including processing payments) and our relationship with you, and communicating with you.
- Operating our Website/ERP.
Processing orders and supplying our products and services.
Our internal business purposes which may include processing for the purposes of: record keeping, research, reporting and statistics, data security, to ensure the quality of our products and services, investigating and responding to queries and complaints, obtaining credit references and credit checks, debt collection, fraud detection and prevention, risk management, recruitment and training of our personnel, and protecting our rights, property and safety (and that of others). You can object to processing carried out on the basis of our legitimate interests at any time by emailin email@example.com
See also “Your Rights – The right to object”.
Personal information that we collect
We collect a range of personal information relating to you, which may include your:
- email address;
- telephone number;
- credit or debit card information and/or other payment information;
- any other personal information required to enable to process your orders or business requirements.
How we use your personal information
We use your personal information as follows:
- to maintain our relationship with you whilst you are a customer
- to process orders and provide agreed goods and services to you
- for invoicing, processing payments, account set up and maintenance
- to communicate with you, including to respond to information requests /enquiries submitted and/or to obtain your feedback on our products and services
- for record keeping, statistical analysis and internal reporting and research purposes
- to ensure data security and to provide you with access to secure areas of our Website
- to notify you about changes to our products and services
- to decide on and notify you about price changes
- to monitor the quality of our products and services
- for logistical purposes
- to investigate any complaint you make
- to provide evidence in any dispute or anticipated dispute between you and us
- to customise various aspects of our Website/ERP to improve your experience
- to pre-complete online forms on our Website. For example, if you have provided an address when using one service, the Website computers may automatically fill in that information on an order form for another service
- as we may otherwise consider necessary to support the operation of our Website/ERP
- to obtain credit references, credit checks and for debt collection, fraud detection and prevention and risk management purposes
- to protect the rights, property, and/or safety of Melford Laboratories, its personnel and others.
How we share your personal information
We may share your personal information with:
· third parties who provide delivery and software services to us.
· third parties in order for us to process payments that are due to us, in doing so we provide bank card details.
· licensed credit reference agencies, debt collection agencies and lawyers when we carry out credit checks, to report on your payment performance and/or or seek to recover debts due to us.
· our accountants, auditors, lawyers or similar advisers when we ask them to provide us with professional advice.
· any Government Department, public body or other third party where we believe in good faith that the law requires this; in the interests of public health and safety; or in order to protect the rights, property, or safety of Melford Laboratories Ltd, its employees or others.
Melford Laboratories Ltd does not conduct any direct marketing in relation to our own products and services.
Automated emails are only generated regarding important order information such as order acknowledgements, shipping notifications, payment receipts and invoices.
How long we keep your personal information
We only retain personal information for as long as is necessary for the purposes for which it is collected. When determining the relevant retention periods, we will take into account factors including:
· legal obligation(s) under applicable law to retain data for a certain period of time;
· statute of limitations under applicable law(s);
· (potential) disputes, and;
· guidelines issued by relevant data protection authorities.
We use reasonable security methods to protect the personal information that we process, including Internet standard encryption technology (“SSL“ or “Secure Socket Layer“ technology) on our Website/ERP. SSL uses a private key to encrypt data that’s transferred over the connection.
However, please note that whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can be guaranteed to be secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer to us over the Internet.
This information is used to make websites work more efficiently, as well as to provide business and marketing information to the owners of the site, and to gather such personal data as browser type and operating system, referring page, path through site, domain of ISP, etc. for the purposes of understanding how visitors use a website. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies and web beacons do not personally identify you.
You may stop or restrict cookies and web beacons on your computer or purge cookies from your browser by adjusting your web browser preferences. However, if you “turn off,” purge, or disable cookies or web beacons, although you may still use the websites, you may not be able to use all of the features, functions, or services available on the websites.
Changes to this Privacy Statement
Melford Laboratories reserves the right to amend this Privacy Statement at any time. The applicable version will always be found on our websites. We encourage you to check this Privacy Statement occasionally to ensure that you are happy with any changes.
If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our websites prior to the change taking effect.
The following section explains your rights. The various rights are not absolute and each is subject to certain exceptions or qualifications.
We will grant your request only to the extent that it follows from our assessment of your request that we are allowed and required to do so under Data Protection laws. Nothing in this Privacy Statement is intended to provide you with rights beyond or in addition to your rights as a data subject under data protection laws.
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal information and your rights. This is why we are providing you with the information in this Privacy Statement.
2. The right of access
You have the right to request access to your personal information and how we process it.
3. The right to rectification
You can ask us to take reasonable measures to correct your personal information if it’s inaccurate or incomplete.
4. The right to erasure
Also known as ‘the right to be forgotten’. This enables you to request the deletion or removal of your personal information.
5. The right to restrict processing
You have rights to restrict the processing of your personal information.
6. The right to data portability
You have rights to move, copy or transfer your personal information in a standard form.
7. The right to object
You have the right to object to processing of your personal information.
8. Rights in relation to automated decision making and profiling
You have the right not to be subject to a decision based solely on automated processing where this has a significant effect, subject to exceptions. Where this is the case, you have the right to human intervention and to have such a decision reviewed.
9. Updating this statement
We review our privacy practices from time to time. We reserve the right to modify this policy effective seven (7) days after the posting of the revised Privacy Statement.
10. Contact us
For further information regarding these rights, about this Privacy Statement generally or to make a complaint please contact us at firstname.lastname@example.org
Before assessing your request, we may request additional information in order to identify you. If you do not provide the requested information and we are unable to identify you, we may refuse your request.
We will generally respond to your request within one month. We can extend this period by an additional two months if this is necessary due to the complexity and number of requests that you have submitted.
We will not charge you for such communications or actions we take, unless:
· you request additional copies of your personal data undergoing processing, in which case we may charge for our reasonable administrative costs, or
· you submit manifestly unfounded or excessive requests, in particular because of their repetitive character, in which case we may either charge for our reasonable administrative costs; or refuse to act upon the request.
If after contacting Melford Laboratories Ltd you are still unhappy you may also complain to the Information Commissioner, all contact details are available on the Information Commissioner‘s Website: ico.org.uk