This notice contains important information about your rights to data privacy and about Moar Partnerships’ commitment to protecting those rights.
The ‘main establishment’ for Moar Partnerships is located in the United Kingdom (address below). Therefore, the lead regulator (or ‘supervisory authority’) for Moar Partnerships is the UK Information Commissioner’s Office (the ICO).
2 Our Commitment to you
We will endeavour to process your personal data lawfully at all times and in accordance with international best practice.
Furthermore, if you satisfy one of the following three criteria, your privacy will be protected by the EU’s GDPR:
- You are a citizen of the European Union, or
- You are a resident of the European Union, or
- Regardless of your citizenship or residency, you are a customer, supplier, partner (or any other type of stakeholder) of Moar Partnerships operating within the borders of the European Union.
If you satisfy the above criteria, Article 13 of the GDPR confers to you the following rights:
- Right to be informed about your data
- Right to access your data
- Right to rectify your data
- Right to erase your data
- Right to restrict the processing of your data
- Right to object to the processing of your data
- Right to data portability
- Right to complain to a supervisory authority within the European Union
- Rights related to automated decision making, including personal profiling.
In relation to the last of these rights, please note that Moar Partnerships does not use any personal data for automated decision making or profiling.
These rights under GDPR are explained in greater detail by the relevant supervisory authority, the UK Information Commissioner’s Office (details below). Another useful source of information is the European Union.
3 Legality of processing
Within the context of GDPR, Moar Partnerships’ lawful bases for processing personal data include the following:
- Performance of a contract between parties
- The performance of a legal obligation
- The protection of vital interests (e.g. in a health emergency)
- The exercise of legitimate interests (described below).
These four lawful bases for processing personal data lie at the heart of our relationship with you and your data.
Moar Partnerships’ legitimate interests in the processing of personal data are concerned with the long-term sustainability and integrity of its commercial operations, involving:
- The need to deliver specialist consulting, advisory and teaching services to customers worldwide, across a diverse range of business and industrial sectors;
- The need to build and maintain permanent and productive relationships with clients, suppliers, partners, employees and all other stakeholders;
- The need to improve services, manage risks, maintain accurate records and operate the business efficiently.
4 Purposes and legal bases
Moar Partnerships use personal data in many internal, external and commercial processes. These are listed in the following table, along with each activity’s purpose and the applicable legal bases.
5 Categories of data recipients
One or more of the following recipients may need to view or hold your personal data during the course of our lawful data processing activities:
Our associates; our clients; our partners; our suppliers; our legal advisors; our external auditors; our insurance providers; our pension providers; our banks; your bank(s); our tax authorities; your tax authority; our archivers; your nominated referee(s); embassies or consulates (in relation to travel visas); government regulators for data protection and health/safety monitoring.
To comply with the law, and to protect your privacy, access to personal data is granted only on a ‘need to know’ basis.
6 Data safeguards
In order to protect the security of your data against loss, misuse, unauthorised access, disclosure or alteration, a range of technical and organisational security measures are maintained. These measures are regularly evaluated and improved.
Our digital infrastructure is protected using advanced security measures. Where appropriate and feasible we may adopt techniques of anonymisation in order to hide or remove any information capable of identifying individual people.
7 Transfers outside the EU
As a supplier of specialist goods and services worldwide, Moar Partnerships may occasionally need to share personal data with non-European stakeholders, including professional colleagues, but only where a lawful basis for these actions can be demonstrated.
8 Data retention
Personal data will be retained for no less than the minimum timescales specified in law. Retention periods beyond these legal minimums will be influenced by the lawful bases for processing data (as described above).
The standard minimum retention period for data is 7 years, except where a shorter period has been mandated in law or by contractual terms agreed between Moar Partnerships and individual clients. All personal data is subject to periodic (typically annual) reviews. It will then be maintained or erased in accordance with obligations and legitimate interests.
9 Your supervisory authority
The relevant supervisory authority for data privacy is the UK Information Commissioner’s Office (ICO). You have the right to complain to the ICO, who may be contacted here:
Information Governance Department
Information Commissioner’s Office
Wycliffe House, Water Lane, Wilmslow
Cheshire SK9 5AF
10 Further information
For further information, or to exercise your rights as a data subject, your Data Protection Representative may be contacted here:
The Data Protection Representative
St James Business Centre
Cheshire WA4 6PS