MAJIsign Limited holds personal information about our clients, employees and suppliers, so we are legally obliged to protect that information under the Data Protection Act.
The Act aims to promote high standards in the handling of personal information and so protect the individual’s right to privacy. The Act applies to MAJIsign Limited since we hold information about living individuals in electronic format and, in some cases, on paper.
INFORMATION WE COLLECT FROM YOU
We will collect and process the following information about you:
Information you give us
This is information about you that you give us when you browse or use the site, correspond with us by phone, SMS, email, social media or otherwise. It includes information you provide when:
- You register to use our site
- Search for a product
- Place an order on our site
- Participate in discussion boards or other social media functions on our site
- Enter a competition
- When you report a problem with our site
The information you give us includes your name, address, e-mail address and phone number, financial and credit card information, photographs, videos, images or comments.
Information we collect about you
With regards to each of your visits to our site we will automatically collect the following information:
- Technical information, including the IP address used to connect your computer or device to the Internet, your login information, browser type and version, time zone setting, anonymised location data, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full URL, clickstream to, through and from our site (including date and time), pages or products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.
We follow the eight data protection principles of good information handling.
These say that personal information must be:
- fairly and lawfully processed;
- processed for specified purposes;
- adequate, relevant and not excessive;
- accurate and, where necessary, kept up to date;
- not kept for longer than is necessary;
- processed in line with the rights of the individual;
- kept secure; and
- not transferred to countries outside the European Economic Area unless the information is adequately protected.
What sort of personal information is covered by the Act?
Broadly, the Act covers any information that relates to living individuals which is held on computer. For example, this may include information such as name, address, date of birth and opinions about the individual or any other information from which the individual can be identified.
What sort of processing is covered by the Act?
Broadly, the processing of personal information includes obtaining, disclosing, recording, holding, using, erasing or destroying personal information. The definition is very wide and will cover virtually any action which is carried out on computer.
Why does MAJIsign Limited comply with the Act?
First, because it’s a legal requirement. However, it also makes good business sense.
- Keeping the information we have about you secure will help protect our information.
- We want to contact you using the most appropriate method using the most accurate information.
- Good information handling is at the core of our business practices
The 1998 Act will be superseded by the new Data Protection Act 2018 (as supplemented by the GDPR) on 25 May 2018.
MAJISign’s direct marketing involves the processing of personal data and therefore we must comply with the principles set out in the DPA.
The first principle
We must process personal data fairly and lawfully. In particular, we will usually need to tell you that we plan to use your details for our marketing purposes. We will also need to tell you if we plan to pass your details on to anyone else (we will likely need your consent to do so) and our policy in to not pass on any information held. We will not do anything that you would not reasonably expect or which would cause them unjustified harm.
The second principle
We must only collect personal data for specified purposes and cannot later decide to use it for other ‘incompatible’ purposes. So, we cannot use your details for marketing purposes we they originally collected them for an entirely different purpose.
The third principle
The data we collect and process must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
- We do not hold any more data than it is required
- We don’t collect additional data if we don’t need it for processing
- We know how the data is used in order to ensure data minimisation
The fourth principle
We must ensure that personal data is accurate and, where necessary, kept up to date. So, a marketing list which is out of date, or which does not accurately record people’s marketing preferences, could breach the DPA.
Section 11 of the DPA also gives you the right to prevent your personal data being processed for direct marketing. You can, at any time, give written notice to stop (or not to begin) us using your details for direct marketing.
By using this site, you may supply us with personal data.
The fifth principle
Personal data should be kept only for as long as necessary. Aligned to our data retention schedule, we regularly delete data that we no longer require. Generally, due to the financial nature of the majority of our records, our retention period is 7 years from the cease of the contract; which could be from the last purchase or closure of a contractual business relationship.
The sixth principle
The last principle requires data to be processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. We secure your data through effective paper management and by using secure platforms for our digital data. We utilise services from Microsoft to provide compliance and governance reports based upon our communications data and artefact storage.
Your Personal Data
Majisign Ltd takes the protection of your online privacy seriously and this Policy sets out how we use and protect any personal information we obtain from dealings which arise from you using this website. Majisign Ltd is not responsible for the privacy practices of any websites which may be linked from the Majisign website, so please check these separately.
What personal information do we collect?
We ask for your personal information when you make a purchase, register, sign up for promotions, offers or competitions, or to receive news. Depending on which of these services you use, we may collect:
- your name and contact information including postal address, e-mail address and telephone number, even if you do not complete your purchase;
- details of any purchase orders that you place through the website, and any details we need for delivery;
- card payment details if making a purchase;
- details you provide when you contact us or make enquiries either generally or about any purchases you make with us;
- details of your visits to the website and the resources that you access;
- and information you provide if you report a problem with our website;
Even if you do not use these services, or for example, do not proceed with a purchase, we will still gather any personal details entered and information about your activity on the website to understand what parts of the website and what products you are interested in, so that we can improve our website and tailor our services to you. Further details can be found in the Cookies section of this Policy.
What do we do with the personal information we collect?
Depending on how you engage with us, we may use your information:
- to facilitate your use of this website and the services available through it;
- when you purchase from us, to process your order, collect payment, enable you to track your order online, arrange delivery and for other purchase related services (this may include contacting you by telephone, email or SMS to arrange, confirm or upgrade your delivery) and for ongoing customer service dealings including any faults or refunds;
- for internal accounting and regulatory purposes;
- for statistical analysis to assess our business performance and to improve our products and services;
- to improve and personalise your experience when you visit the website (See the cookies section), and to keep you informed about other products and services you might be interested in (See Keeping You Informed); and
- to ask you from time to time if you would like to provide feedback on or participate in market research on our products and services. You do not have to participate in these if you do not wish.
Who do we share it with?
We do not share your data with any third parties except as provided in this policy or as required by law. We will not share personal data with third parties for direct marketing by those parties without your consent.
To ensure that your payment details are not being used without your consent, we will validate your name, address and other personal information supplied by you during the order process against appropriate third party databases.
By providing your payment details to us, you consent to such checks being made. In performing these checks, personal information provided by you may be disclosed to a registered credit reference agency which may keep a record of that information. All information provided by you will be treated securely and strictly in accordance with the Data Protection Act 1998. During the security checks we may ask for additional information or documentation to help support the data which you have supplied.
How long we keep it
We are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years + current after which time it will be destroyed. Any information that you consented to being used for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
Majisign Ltd may also disclose your personal information:
We may provide aggregated statistics (including information derived from your data) about our sales, traffic patterns, and related website information to trustworthy third parties. We will do this for the purpose of carrying out assessments, analysis and research in relation to our business, products, services and customers. This is to assist in the provision of services and products to you, and to facilitate reviews, developments and improvements to our web site and the services and products offered to you. The statistics we disclose to those third parties will not include personally identifying information.
We may provide information to the police, regulators, law enforcement or other government agency where the law requires this, where appropriate to prevent or detect criminal activity.
What we would also like to do with it
We would like to use your name and email address to inform you of our future offers and similar products. This may include delivery, reviews, or other products. We may contact you about these by telephone, mail, email and SMS, using the contact details you provide and update us with, which we obtain or update with you in our dealings.
This information is not shared with third parties and you can unsubscribe at any time via phone, email or our website. If this is something you would like to sign up to, you can do so through our site; entering your email address in the subscription box at the end of the page or through the ordering process
If you no longer want to be contacted by post or telephone you can email us at firstname.lastname@example.org, call us on 0800 7835887 or write to us at: 66 Eastern Way, Bury St Edmunds, Suffolk IP32 7AB. If you do so, please bear with us for a short time whilst we adjust our records. This may take up to 10 days.
Please remember to use the international dialling code (+44) when calling from outside the UK
If you don't want to be contacted by email, please unsubscribe from any incoming mail or via contact us on our website.
Please note that Majisign Ltd would not necessarily remove all your details from its records but would note and respect your changed marketing preferences.
What are your rights?
If at any point you believe the information we process on you is incorrect you can request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact us and our Data Protection Officer will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
Security and Storage
Due to the transient nature of the internet, Majisign Ltd cannot guarantee the security of any information you provide online. We have policies, rules and measures in place and try to take all reasonable steps to safeguard your personal information.
Our secure server software encrypts all your payment card details. The process scrambles all the information, allowing no unauthorised third party to intercept the data. Your browser will confirm that you are shopping in a secure environment by showing either a locked padlock icon or an image of a padlock next to the payment details in the relevant area of our website. For your security, when ordering from us we only use TLS 3 technology.