At Mx2 Interiors Ltd, we are committed to respecting your privacy and protecting your personal information. We promise to respect all personal information that you share with us, or we receive from other organisations, and keep it safe. We will be clear when we collect your personal information and we will not do anything you would not reasonably expect us to.
Controller of personal information
We are Mx2 Interiors Ltd (registered company in England and Wales no. 07435855 and we are a provider of Interior design and construction services.
Why we collect your personal information
We do this in the course of our work supporting clients and other agencies with design and construction services. When you use our website or services, you are agreeing for us to store and process your personal data. The ways we do that are explained in this policy – it is a guide for us to follow too, and we take it very seriously.
Where we collect your personal information from
You have the right to be informed about the collection and use of your personal information. When we collect personal information from you, we will provide you with privacy information at the time we obtain your information. When we obtain your personal information from a source other than you, we will provide you with privacy information:
- within a reasonable period of us obtaining the personal information and no later than one month
- if the information is used to communicate with you, at the latest, when the first communication takes place; or
- if disclosure to someone else is envisaged, at the latest, when the data is disclosed.
There are 2 main ways in which we collect personal information about you: directly or indirectly, including the use of third parties. When you give your personal information to us directly:
You may give us your information in order to sign up for our services or when you request a service from us.
When you give your personal information to us indirectly:
When you give permission to other organisations to share or it is available publicly:
We may combine information you provide to us with information available from external sources in order to gain a better understanding of our clients and to improve our service to them. The information we get from other organisations may depend on your privacy settings or the responses you give, so you should regularly check them. This information comes from the following sources:
- Third party organisations – This means other organisations that we may collect data from, but only when you have given them permission to do this. The data we receive depends on your agreement with the organisation.
- We may also collect information from online social media and messaging services you use, such as Facebook, WhatsApp or Twitter for example, where you have given us permission to do so, or if you post on one of our social media pages.
- Information available publicly – When building a profile, we may analyse geographic, demographic and other information relating to you in order to better understand your interests and preferences to contact you with the most relevant communications. In doing this, we may use additional information from third party sources when it is available. Such information is compiled using publicly available data about you, for example: addresses or listed Directorships.
How we use your personal information
Personal information means any information that may be used to identify you, such as your name, title, telephone number, email address, or mailing address. We may process your personal information for our legitimate business needs. Please be assured, our intentions are always good. We collect your personal information because we need it to help us fulfil your requests, keep in touch with you, and offer you communications that are relevant to you. This includes things like:
- where processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our clients
- providing any information or services you have requested
- processing financial transactions.
- keeping a record of any communications between us, for example emails, letters and phone calls
- responding to complaints or queries and looking into any legal claims
You can find out more about what we mean by legitimate interests, and when we process your data for our legitimate interests in the What we mean by “legitimate interests” section
below. Whenever we process data for these purposes we will ensure that we always keep your personal information rights as our top priority. You have the right to object to this processing if you wish, and if you wish to do so please see the section(s) below on updating your preferences or unsubscribing. Please bear in mind that if you object this may affect our ability to carry out the tasks above for your benefit.
Sensitive Personal Information
Sometimes, we may ask you for more sensitive information, such as health condition to ensure we can provide the appropriate support to our clients. We will only collect this information with your permission and we will always ensure it is used responsibly and stored securely.
What we mean by legitimate interests
Legitimate interests means the interest of Mx2 Interiors Ltd in the way we carry out our work to enable us to give you the best service. When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you and your rights under data protection laws. Our promise to you is that we will always ensure that your personal data will not be used where our interests are overridden by the impact on you, unless we have your consent or are required by law.
How we keep your personal information secure and who can access it
We ensure that there are appropriate technical controls in place to keep your personal information safe and prevent unauthorised access to it.
For example, any documents containing personal information are always password protected (this prevents other people from accessing them) and our network is protected and checked often. Electronic data and databases are stored on secure computer systems and we control who has access to them. We have data protection policies and procedures in place which are adhered to. We regularly review who has access to information that we hold to ensure it is only accessible by contractors where appropriate.
Where we use external companies to collect or process personal data on our behalf, we undertake comprehensive checks on these companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they have collected or have access to.
When do we share your personal information?
We will not share your personal information with third parties for the purposes of marketing. We may share your personal information with other companies (e.g. subcontractors) who provide services on our behalf such as delivering products or services.
We will only provide those companies with the information they need to deliver the relevant service, and we will make sure that your data is treated with the same level of care as if we were handling it directly. These activities will be carried out under a contract which imposes strict requirements on our contractors to keep your information confidential and secure. We undertake comprehensive checks on these companies before we work with them and then work closely with them for the duration of our working relationship. We may need to disclose your personal information if required to the police,
regulatory bodies or legal advisors. We will only ever share your data in other circumstances if we have your explicit and informed consent.
How long we keep your personal information for
We will only retain your personal information for as long as it is required in relation to the purposes for which it was originally obtained. How long personal information will be retained for depends on the type of information it is and what it is being used for. We will review our data retention periods for personal information on a regular basis. A copy of our retention policy is available on request. We continually review the information that we hold and delete anything that is no longer required. We never store payment card information.
Your legal rights
We want to ensure that you are always in control of your personal information.
Part of this is making sure that you understand your legal rights. We have outlined these, together with details as to how you can exercise them.
The right to access your personal information
You have a right to obtain confirmation that your personal information is being processed. You also have the right to request a copy of the personal information that we hold about you. When you are requesting a copy of the personal information that we hold about you, we will endeavour to provide you with the information you have requested without delay and in any event within one month of receiving your request. We will not charge a fee for complying with a request unless the request is deemed to be manifestly unfounded or excessive.
The right to edit and update your personal information
The accuracy of your personal information is important to us. You have the right to request that your personal information is rectified if it is inaccurate or incomplete.
We will ensure we comply with your request without delay and in any event, within one month of receiving your request.
The right to request to have your personal information erased (also known as the ‘right to be forgotten’)
You do not have an automatic right to have your personal information deleted. You do, however, have the right to request the deletion or removal of your personal information where there is no compelling reason for its continued processing. We will review each request on a case by case basis. We will ensure we comply with your request without delay and in any event, within one month of receiving your request.
The right to restrict the processing of your personal information
You have the right to ‘block’ or suppress processing of your personal information. However, we will continue to store your personal information but not further process it. We do this by retaining just enough of your personal information so we can ensure that the restriction is respected in the future. We will respond to your request within 21 days of receiving it, stating what we intend to do and, if we do not intend to comply with the objection, the reasons for our decision.
The right to complain to a supervisory authority if you believe we have not handled your personal information in accordance with the data protection laws
You can make a complaint or raise a concern about how we process your personal information by contacting firstname.lastname@example.org. If you are not happy with how we have handled your complaint, or you believe that your data protection or privacy rights have been infringed, you have the right to complain to the Information Commissioner’s Officer (ICO), which oversees the protection of personal data in the UK.
Alternatively, you may choose to contact either the ICO directly about your complaint, regardless of whether you have raised it with us first. If you wish to exercise any of the rights outlined in this section, please email email@example.com . Bear in mind that there are exceptions to the rights outlined above and although we will always try to respond to your satisfaction, there may be situations where we are unable to do so.
Making changes to your personal information
If your personal details change please advise us by emailing firstname.lastname@example.org
Should you at any time post or send us any content that we believe to be inappropriate or in breach of any law in place at the time we may use your personal information to inform relevant third parties such as law enforcement agencies or your internet provider.