Privacy Policy for Merseytel.com
1. Introduction
MerseyTel (“we,” “our,” or “us”) is committed to upholding the highest standards of privacy and data protection. We recognize the fundamental importance of safeguarding your personal data and ensuring transparency in how such data is collected, used, and shared. Whether you are a visitor or a user of our services through merseytel.com (the “Website”), we are dedicated to protecting your privacy rights and ensuring compliance with all applicable data protection regulations, including the General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and the California Consumer Privacy Act (“CCPA”).
2. Scope of This Policy and Data Controller Responsibility
This Privacy Policy applies to all personal data collected through the Website or in connection with our services. MerseyTel is the data controller responsible for determining the purposes and means of processing your personal data. Our obligations under this Policy extend to all users globally and are designed to reflect regional privacy expectations, particularly those under GDPR and CCPA.
If you have any questions about this Policy or the data practices described herein, please contact us at [email protected].
3. Categories of Data We Process
We process the following categories of personal data:
a. Usage Data
Includes details about how you access and use the Website, such as browser type, IP address, device identifiers, access times, pages visited, referring URLs, session information, and interaction metrics.
b. Account Data
Includes contact information voluntarily submitted during registration or inquiry, such as your name, email address, phone number, and physical address.
c. Profile Data
Includes your interests, preferences, behavior on the Website, and your history of purchases or service subscriptions.
d. Communication Data
Includes the content of any communications you send to us, whether via contact forms, support requests, emails, or any other method. This includes your messages and the resulting interaction history.
e. Technical Data
Includes device hardware details, operating systems, system settings, application logs, browser configuration, and network information.
f. Transaction Data
Includes information related to your payments and purchases, such as transaction details, delivery information, payment methods (excluding fully masked credit card numbers), and order references.
g. Preference Data
Includes your expressed marketing preferences, newsletter subscriptions, and indication of interest in particular products or services.
4. Legal Bases for Processing
We process your personal data only when we have a lawful basis for doing so under applicable law. These include:
– Consent: where you have provided express consent to the processing.
– Contractual Necessity: where processing is required to fulfill our obligations under a contract with you (e.g., delivering a purchased service).
– Legitimate Interest: where processing is necessary for our legitimate interests, provided such interests are not overridden by your rights.
– Legal Obligation: where we are required to collect or disclose data under applicable law or regulation.
5. Your Rights
Under applicable data protection laws, including the GDPR and CCPA, you have the following rights:
– Right of Access: To request a copy of the personal data we hold about you.
– Right to Rectification: To ask for correction of inaccurate or incomplete data.
– Right to Erasure: To request deletion of your personal data where no valid legal basis exists for its continued processing.
– Right to Restrict Processing: To restrict our use of your data under certain circumstances.
– Right to Data Portability: To receive your data in a structured, commonly used, and machine-readable format and to ask for it to be transferred to another controller where technically feasible.
Under the CCPA, you also have the right to:
– Know which categories of personal information we have collected and how it has been used.
– Opt-out of the sale of your personal information (note: MerseyTel does not sell your data).
– Non-discrimination for exercising CCPA rights.
You can exercise any of your rights by contacting us at [email protected].
6. Security Measures
We implement a range of appropriate technical and organizational measures to ensure the security and confidentiality of your personal data, including:
– Encryption of sensitive data in transit and at rest
– Secure access protocols and user authentication layers
– Systematic data backups and disaster recovery frameworks
– Ongoing staff training regarding data protection and privacy best practices
7. International Transfers
If we transfer personal data outside of the European Economic Area (“EEA”), we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the European Commission or reliance on adequacy decisions where applicable. For CCPA-covered individuals, cross-border data activity complies with relevant U.S. frameworks and security obligations.
8. Data Retention
We retain personal data only for as long as it is necessary for the purposes for which it was collected, in accordance with legal, regulatory, and operational requirements:
– Usage and Technical Data: up to 12 months
– Account and Profile Data: retained while the account is active and up to 6 years thereafter
– Transaction Data: 7 years for compliance with tax and contractual obligations
– Communication Data: up to 3 years from the date of last communication
– Preference Data: retained until withdrawal of consent
9. Cookie Policy
We use cookies and similar tracking technologies on merseytel.com to enhance your experience and analyze Website performance. Types of cookies we use include:
– Essential Cookies: Required for operation and account authentication.
– Functional Cookies: Enable personalization features and service preferences.
– Performance & Analytics Cookies: Collect usage metrics for analysis and improvement (e.g., Google Analytics).
– Advertising Cookies: May be used to deliver relevant ads based on your browsing behavior (only with consent where required).
10. Cookie Management & Compliance
You are in control of your cookie preferences. Upon your first visit to merseytel.com, we present a clear cookie banner enabling you to accept or refuse non-essential cookies. You can modify your consent settings at any time via the “Cookie Settings” link in the footer of the Website.
We comply with GDPR’s opt-in requirements for EEA users and provide prominent “Do Not Sell My Personal Information” links in compliance with CCPA for California residents.
11. Protection of Children
MerseyTel does not knowingly collect, use, or disclose personal data from children under the age of 13. If we are made aware that such data has been collected inadvertently, we will take steps to delete it promptly. Parents or legal guardians who believe that their child has provided us with personal data should contact us at [email protected].
12. Updates to This Policy
We reserve the right to modify this Privacy Policy at any time to reflect changes in our practices, technological advancements, regulatory requirements, or other purposes. Substantial changes will be communicated to users via prominent notice on merseytel.com or through direct communication channels.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or our data processing practices, please contact us at:
Email: [email protected]
We are committed to ensuring full compliance with all applicable privacy laws and welcome your inquiries regarding our data handling practices.