Issue Date: 25 May 2018
Version Number: 1.00
Applicable Law: The Data Protection (Jersey) Law 2018 and Regulation (EU) 2016/79 of the European Parliament and of the Council of 27 April 2016, together the General Data Protection Regulation (hereinafter “the GDPR”)
At MS Planning Ltd Limited (“MSP”) we regard your privacy as important.
MSP may collect information about you via our website, www.msplanning.co.uk, and directly or indirectly by email, phone or other means.
The information we collect about you, if you agree to provide it, will allow us to contact you in relation to our services.
- In providing us your information you thereby consent to us processing it for this purpose.
- We will not pass your personal information on to any third party without your express permission, except as defined herein for the provision of services that you have requested, other than authorities and the police in the event of any investigation.
- Personal email addresses and phone numbers are not shared with any other user of the site.
For the purposes of the GDPR;
- the data controller is MS Planning Ltd Limited (“MSP”).
- MSP may use third-party processors to deliver specific services that are requested by you from MSP (see Processors below).
INFORMATION THAT WE MAY COLLECT FROM YOU
We may collect and/or process the following data about you:
- Information you provide to us – by filling in forms on our website or by entering into a contract with us, or by correspondence with us by email, letter, phone or other methods, or by placing a request for services, and when reporting a problem with our site, or otherwise contacting us.
- Personal data – the information you give us may include; your name, address, email address, IP address, and phone number which is subject to the GDPR.
- When do we collect your data?
- We collect data when you;
- complete any online contact or services application form,
- make bookings, send emails or otherwise communicate with MSP.
- Data protection – all personal data we hold is protected by us in accordance with the Principles of the GDPR.
- Data security – We endeavour to take all reasonable steps to protect your data. All the data collected by us is stored on a secure platform in a secure hosting facility and we take all reasonable steps to ensure all access is pre-authorised and recorded.
- Other information we collect about you – In accordance with our legal obligation to prevent fraudulent or abusive use of our website or services, some data may be automatically collected and comprises the following:
- Technical information – such as your internet protocol (IP) address, login information, time zone, browser type/version with plug-in types/versions, device information (operating system and platform);
- Information about your visit – such as your Uniform Resource Locators (URL), including the date and time, information viewed/searched, site statistics, interaction (scrolling, clicks, mouse-overs), exit methods away from pages, phone numbers (if used to call our offices), route to/from our site or from search engine links to our site including search engine address and search term used.
- Our website will not store any identifying information of your visit on your computer apart from a small text file called a cookie, which in itself does not contain any identifying information and does not mean that you entered the site. See the cookies policy link at the end of this document for more detail on cookies.
- Depending on the configuration of your browser, pages and images you view on our site may be stored on your computer. This feature, (which you can configure), is called caching.
- All information you exchange with the MSP website is accessible by its administrators and will only be used to improve our website or prevent abuse.
Information we receive from other sources
Information about you may be received by us if you use another website or service that we operate or are connected with in our normal course of business.
- Third-parties may also provide information to us about you, specifically from any of the following; our business partners and/or sub-contractors, or our technical and analytics providers, or our search engine and search information providers.
HOW YOUR INFORMATION IS USED
The information we hold about you is used as follows:
- Information that you provide to us – this information is used to meet our obligations within any contracts between you and us, and/or our legal obligations, and/or;
- to meet your requests for information and services, or
- to notify you of changes to our services, or make suggestions or recommendations that may interest you, or
- to improve content of our site and ensure it is presented effectively for you and your device, or
- to investigate any suspected breach of the MSP Terms and Conditions of the website made by or otherwise relating to any user, which may include monitoring compliance by way of using keyword triggers to investigate usage that may be inappropriate, or
- deal with investigations by the police or other regulatory bodies.
- Information that we collect about you – we use this information:
- to manage our website as well as for our efficient operations, which includes analysis, research, statistical and survey uses, together with testing and troubleshooting;
- to improve our website and content for users and their devices;
- to allow you to interact with our website and take advantage of our online services, whenever you may elect to do so;
- to ensure our site is safe and secure by monitoring activities within the context of continual process improvement, which is a best practice requirement of the GDPR;
- Information we receive from other sources – we may use third-party information, which may be combined with information you provided to us and/or information collected by us, which may be used for the purposes we have defined above.
KNOW YOUR RIGHTS
Under the GDPR all individuals, who are the owners of their personal data, have specific and clear rights, which are;
|Right to Erasure||Every individual has the right to be forgotten upon request. The data controller must remove your personal data from its systems and request the same of any third-party systems of that controller, unless other lawful requirements apply.|
|Right to Access||Every individual has the right to access their personal data held about them upon request.|
|Right to Portability||Every individual has the right to request their personal data and use it for other parties they wish to engage with.|
|Right to be Informed||Every individual has the right to be informed about how their personal data is being used, which may be provided upon request of the individual, or before the controller changes any use of that data, giving the individual the right to consent or object.|
|Right to Objection||Every individual has the right to object to the use of their personal data for any purpose proposed by a controller.|
|Right to Rectification||Every individual has the right to have errors in their personal data to be corrected.|
|Right to Restrict||Every individual has the right to restrict the uses of their personal data for any specific type of processing.|
|Rights on automated decisions & profiling||Every individual has the right to restrict or object to automated decision-making processes or profiling based on their personal data.|
- Revoke your consent – in accordance with the GDPR, to revoke consent for processing of your personal data send an email with the word “Revoke” in the subject field to the email address at the end of this document.
- Data Subject Access Request (DSAR) – in accordance with the GDPR,
- you may request us to send you details about any personal data that we may hold about you, or
- you may request that we correct any errors, or
- you may request us to delete personal data about you.
- DSAR Fee – In accordance with the GDPR, any DSAR is provided free of charge within 30 days, unless a particular DSAR is subject to other regulatory requirements as defined within the GDPR, in which case we will inform you as required by those specific regulations.
DO WE PASS YOUR INFORMATION ON TO THIRD-PARTIES?
We may pass your data to other parties as follows:
- Where relevant, we may pass your data to our employees, suppliers and agents to administer the website and the services provided to you by us or them, now or in the future.
- We may disclose your personal data to the police, regulatory bodies or official public bodies in the process of delivering the services you have requested.
- We may disclose your personal data to legal advisers in connection with delivering the services you have requested or any alleged criminal offence or suspected breach of the MSP Terms and Conditions or otherwise where required by law.
We use the following third-parties to process your data and deliver services for the purposes shown. All of these processors have access to some of your personal data as appropriate for the delivery of the purpose specified.
|Website and document management service providers||Maintenance and support of our Website and document management systems which allows access to and analysis of data.|
|IT service providers||Maintenance and support of our IT systems.|
|PSP’s||Professional Service Providers for planning, legal, official and financial processes required for requested services.|
LINKS TO OTHER SITES
Please be aware that the MSP site may link to other web sites that may be accessed by you through our site. We are not responsible for their data policies, content or the security of these linked web sites. We do not have any control over the use to which third parties may have of your data, where you choose to purchase products or services or otherwise to contact them via our site.
TRANSFER OUTSIDE THE EU/EEA
The MSP website is accessible via the internet and therefore may potentially be accessed by anyone around the world. Other visitors may also access the site from outside the European Economic Area.
DATA RETENTION POLICY
Personal data is retained indefinitely to meet the legal obligations of MSP. However, we reserve the right to delete inactive user data older than 10 years.
- E&OE: If you notice any errors (spelling, grammar or other) in this policy document please feel free to notify us via our contact details below.
For any questions relating to your personal data, or to submit a Data Subject Access Request ‘DSAR’, please contact us:
MS Planning Ltd
14 Britannia Place,
Bath Street, St Helier
Jersey, JE2 4YS
Phone: +44 (0) 1534 869 425