MSH Partnership (MSH) is committed to ensuring that your privacy is protected. Our services such workplace health and wellbeing are predominately aimed at businesses and therefore this policy is aimed at businesses. However, it also covers any personal data that might be held by us for public clients.
General Data Protection Regulations (GDPR)
The information you need to know about us:
We are MSH Partnership and we are a Wirral based business registered at 1 Abbots Quay, Monks Ferry, Birkenhead, Wirral, CH41 5LH.
The information we collect and how we use it:
What information is being collected?
MSH will be what’s known as the ‘Data Controller’ of the personal data you provide to us. If we do collect any data, we only collect basic personal data about you which does not include any special types of information. This does, however, include information which can identify you as an individual in the terms of the GDPR including your name, address and your email. You may contact the Data Controller by emailing email@example.com.
How is it collected?
We collect data electronically from our websites through the Contact Us page which also incorporates a newsletter sign-up option. If you have given us your business card we will only use the information to contact you to fulfil a request you made or set up a meeting/pass
How long we keep your information
If we have undertaken business-to-business engagement, we are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed. Any information we use for emailing you details about updates, invoicing and general business information in the running of MSH and your business isn’t covered by GDPR. However, any marketing emails you receive will be kept by us until you notify us that you no longer wish to receive this information. You may do this at any time by unsubscribing.
What we do with your information
Any personal data we process is processed by us and wholly in the UK. No 3rd parties have access to your personal data unless the law allows them to do so. Your first name and email address may be stored in our MailChimp database if you have actively consented to us sending you information via email. Your information is also securely held within the website database, which is securely held.
Who we share your data with
We do not share or sell your data to any other company other than those data processors we use for our business operations who process your data under our control:
- Google who provide cloud storage for files and folders, analytic data and online applications
- Microsoft OneDrive who provide storage backup and online services
- Fasthosts who provide our hosting and emailing services
- MailChimp to use for bulk emailing for informing clients of updates etc
- Our secure invoicing database to enable us to invoice clients
In all cases, the servers where your personal data is stored and processed are located in the UK, European Economic Area and the USA and are all GDPR compliant.
Sharing your data with other 3rd parties
We will only share your details under special circumstances such as when we believe in good faith that it is required by law.
How you can find out about the information we hold about you
You have the right to request a copy of the information that we hold about you.
If you would like a copy of some or all of your personal information, please email us at firstname.lastname@example.org or write to us using the contact details in this policy.
We will get in contact with you to verify your identity and If we do hold information about you we will:
- give you a description of it
- tell you why we are holding it
- tell you who it could be shared with
- let you have a concise and clear copy of the information
Our legal basis for processing your information
Much of our processing will be under the basis of “contractual obligation” in other words we need and use your information for providing the services you have requested or have contracted with us.
However, when we are communicating with you regarding products and services you may be interested in receiving from us in the future, our basis for processing is in your legitimate interest (as we are communicating with you in the context of your corporate activity and identity and not in relation to your private life) we believe this to be reasonable and fair behaviour in the context of our audience. Of course, you will always have the opportunity to object as detailed below.
Asking us to suppress or remove your personal information
Should you wish to not receive information from us in future then you can quickly action this by clicking the unsubscribe link you will find in any marketing emails or by sending your details to email@example.com and we will quickly suppress your data.
Should you further wish for us to remove your information entirely (and assuming we have no other obligation to keep it) then please let us know and we will do this – but we would encourage you to let us use it for suppression purposes only.
What to do if you have a complaint
If you have a complaint please contact the Data Protection Officer at firstname.lastname@example.org which will deal with your request as reasonably practicable. If you are still not satisfied with the way your complaint was handled, you can refer your complaint to UK Information Commissioner’s Office. https://ico.org.uk/concerns/
Sale of business
In the event that this business is sold or integrated with another business, your details may be disclosed to our advisers and any prospective purchasers’ advisers and will be passed on to the new owners of the business. It is therefore intended that any consents
Your use of our services
Please be sure you are aware of these policy terms while you use our site. should our terms change these will be shown on this page, and we may place notices on other pages of the website, so that you may be aware of the information we collect and how we use it at all times.