We are committed to protecting and respecting your privacy.
The purpose of this policy is to explain to you how we control, process, handle and protect your personal information through the business and while you browse or use this website. If you do not agree to the following policy you may wish to cease viewing/using this website, and or refrain from submitting your personal data to us.
Key principles of GDPR:
Information we may collect from you
We may collect and process the following data about you:
- Information that you provide by filling in forms on our site. This includes information provided at the time of registration or at the time of posting material
- If you contact us, we may keep a record of that correspondence
- We may ask you to complete surveys that we use for research purposes although you do not have to respond to them
- Details of transactions you carry out through our site and of the fulfilment of any contract between us
- Details of your visits to our website and the resources that you access
- We may process data about your use of our website and services (“usage data“). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is Google Analytics. This usage data may be processed for the purposes of analysing the use of the website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.
Where we store your personal data
All information you provide to us is stored on our secure servers. Where we have provided you (or where you have chosen) a password, user ID or PIN which enables you to access certain parts of our site, you are responsible for keeping this password, user ID or PIN confidential. We ask you not to share a password, user ID or PIN with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. So, whilst we will do our best to protect your personal data, we cannot ensure the security of your data transmitted to our site. Any transmission is at your own risk. Once we have received your information we will use strict procedures and security features to prevent unauthorised access.
Uses made of the information
We use information held about you in the following ways:
- To ensure that content from our web site is presented in the most effective manner for you and for your computer
- To provide you with information, products or services that you request from us or which we feel may interest you
- To allow you to participate in interactive features of our service where you choose to do so
- To notify you about changes to our service
- To analyse information about our users to identify their potential preferences
Your individual rights
Under the GDPR your rights are as follows:
- the right to be informed
- the right of access
- the right to rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [https://ico.org.uk/] if you feel there is a problem with the way we are handling your data. We handle subject access requests in accordance with the GDPR.
Cookies are small, encrypted text files that are sent to your browser from the websites you visit, and are stored on your device.
We use the following types of cookies on the website:
These are temporary cookies that remain until you leave our web site or close the browser window. We use these to
carry information across pages of our web site and in some cases, to prevent data from needing to be re-entered into
We additionally make use of analytical cookies through Google Analytics. These cookies help us compile anonymous statistics that allow us to understand how visitors are using our web site, which pages are being visited, and help us improve it and its content. These cookies do not identify visitors personally.
Our use of Google Analytics will set the following cookies on your device (information taken from here.)
This cookie is typically written to the browser upon the first visit to your site from that web browser, and is used to
determine unique visitors to a site and is updated with each page view
This cookie is used to establish and continue a user session with your site. When viewing a page, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals.
Historically, this cookie operated in conjunction with the __utmb cookie to determine whether or not to establish a new session for the user.
This cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation and is updated with each page view.
Google offers an opt-out tool available at https://tools.google.com/dlpage/gaoptout which allows you to opt out of all their Analytics tracking for all web sites as an add-on to most popular browsers.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our marketing mailing list. We only collect certain data about you, as detailed in the “ Information we may collect from you” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
GDPR Compliance Statement
All of our staff and contractors are familiar with GDPR and their personal responsibilities. You are welcome to see our policy. Please request via email to your account manager.
- All staff are trained on induction and every two years (or sooner if there is a major change in legislation)
- We have a right to erasure process. If you wish to be erased, please contact us via email to your account manager
When processing data, we undertake the following:
- The processing is lawful, fair and transparent
- Transparent about what the data is being used for
- Data is collected for a specific purpose
- The data is necessary for the purpose
- The data must be accurate and kept up to date
- Data is not kept for longer than necessary
- The data is kept safe and secure
- Mem-Star do not process sensitive information directly. Mem-Star may process information on behalf of a client if they ask. This would be subject to strict privacy controls. For Mem-Stars policy on this, please contact your account manager
- All storage is secure and our suppliers have GDPR procedures in place
- We have a notification process in place for any breach
Right to be forgotten process
When a right to be forgotten request is received and identified
• The request is logged in to our ticket system
• The stored Data will be evaluated on the basis of justification for keeping
• All data is removed in any cases where it is no longer required or incorrect
• The request ticket will be marked as complete in the ticket system and archived for historical reference