General Data Protection Regulations & PECR Privacy Notice
Who are we?
MBUZZ Europe is a company registered in Ireland and is a ‘controller’ under the General Data Protection Regulations and the Data Protection Act 2018.
This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
What data do we collect?
We will only collect information from you that is relevant to the contract or service that we are dealing with for legitimate business purposes.
For MBUZZ Europe as a provider of technologies and services we may collect details of the following information which is defined as ‘personal data’:
- business activities of the person whose details we are processing
- identity data, eg. your name; contact data, eg your email address, financial details (eg. for invoicing purposes)
- usage data, eg how you use our website and services;
- preference data, eg how you prefer to receive marketing from us.
For example as an employer we may collect the following information from you which is defined as ‘personal data’:
- personal details
- family, lifestyle and social circumstances
- financial details.
We may also collect information that is referred to as being in a ‘special category’. This will apply if you are an employee or contractor and could include:
- physical or mental health details
- racial or ethnic origin
- religious beliefs or other beliefs of a similar nature
- criminal convictions
- sexual orientation.
Basis for processing
The basis on which we process your personal data is one or more of the following:
- it is necessary for the performance of our contract with you
- it is necessary for us to comply with a legal obligation
- it is in our legitimate interests to do so
- you have given us your consent (this can be withdrawn at any time by advising our data protection officer).
How will we use your data?
We may use your information for the following purposes:
- provision of goods and services from MBUZZ Europe and our Partners
- promotion of goods and services from MBUZZ Europe and our Partners
- provision of education and training to customers and clients
- maintaining accounts and records
- supporting and managing staff.
Who will we share your information with?
As a reseller providing you with goods and services we will follow the terms of our contract with you and with our Partners for the provision of these goods and services.
As a business providing education and training we will only share your information where you authorise us to do so. This may include with your employer or associates. We may also disclose your information to debt collection agencies if you do not pay our bills.
As an employer we will only share your information with our accountants, payroll processors and bookkeepers; Tax and pension providers to maintain appropriate support for you in your employment and to comply with legal obligations.
How long will we keep your information for?
We will normally keep your information throughout the period of time that we do work for you or you do work for us and afterwards for a period of six years if we are required to do so by law and also by regulations that apply to us.
In some cases, eg. consultancy cases, we may retain your information for a longer period and we will advise you of this at the time.
More information is set out in our data retention policy which is available on request from the data protection officer.
Website access and management and Marketing
If you choose to access our website – www.mbuzzeurope.com – or opt to receive information from us your use of the website will mean that we will collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
Any or all of the data which we collect from time to time is to enable us to provide you with the best possible service and experience when using our website and to improve products and services from us and our Partners.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website we encourage you to read the privacy notice of every website you visit subsequently.
Before the website places Cookies on your computer you will be presented with a message bar requesting your consent to set those cookies. By giving your consent to the placing of Cookies you are enabling MBUZZ Europe to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies however, certain features of the Website may not function fully or as intended.
Cookies are placed for the purpose of analytics, performance and functionality.
It is recommended that you ensure your internet browser is up to date and that you consult the help and guidance provided by the internet browser provider if you wish to adjust your privacy settings or delete cookies.
Transfers to other countries
We may from time to time transfer your personal data to a country outside of the European Economic Area. Normally this will be necessary for the performance of your contract with us; for the performance of our contract with you; or for the exercise or defence of legal claims.
Sometimes we may transfer for other reasons and we will ensure that appropriate safeguards are in place at all times.
Third party sub processors
We currently use a range of third party sub-processors to assist us in connection with our services, including:
Company Name/Corporate location
Campaign Monitor/New Zealand
Salesforce.com, Inc/United States
Google Inc/United States
We shall ensure that all the information that you provide to us is kept secure using appropriate technical and organisational measures.
In the event of a personal data breach we have in place procedures to ensure that the effects of such a breach are minimised and shall liaise with the ICO and with you as appropriate.
More information is available from the data protection officer.
What rights do you have?
You have the following rights under the GDPR:
- right to be informed
- right of access
- right to rectification
- right to erasure
- right to restriction of processing
- right to data portability
- right to object
- rights concerning automated decision-making and profiling
Right of access
You have a right to see the information we hold about you.
To access this you need to provide a request in writing to our data protection officer, together with proof of identity.
We will usually process your request free of charge and within 30 days, however, we reserve the right to charge a reasonable administration fee and to extend the period of time by a further two months if the request is manifestly unfounded or vexatious and/or is very complex.
Full details are available in our data subject access policy which is available on request from the data protection officer.
Right to erasure
You have a right to ask us to erase your personal data in certain cases (details may be found in Article 17 of the GDPR).
We will deal with your request free of charge and within 30 days but reserve the right to refuse to erase information that we are required to retain by law or regulation, or that is required to exercise or defend legal claims.
To exercise your right to erasure please contact our data protection officer.
Who can you complain to?
If you are unhappy about how we are using your information or how we have responded to your request then initially you should contact the data protection officer: firstname.lastname@example.org
If your complaint remains unresolved then you can contact the Information Commissioner’s Office.