Privacy Policy

At MsMissMrs, your privacy is very important to us. We want you to be confident that the personal data you give us at any point is safe and secure.

Personal data relates to a living individual who can be identified from that data.  Identification can be by the information alone or along with any other information in the data controller’s possession. The processing of personal data is governed by the General Data Protection Regulation or GDPR.

In this Privacy Policy we explain how we use your information. We will also tell you how and why we collect your personal info, your rights and choices when it comes to these details, as well as the steps we take to keep your information secure and confidential.

Controller’s contact details

MsMissMrs is the controller for the personal information we process. This means MsMissMrs decides how your personal data is processed and for what purposes.

If you have any queries relating to our use of your personal information or any other related data protection questions, you can contact us in the following ways:

  • By email at hello@msmissmrs.co.uk
  • Through the contact form on our website: http://www.msmissmrs.co.uk/contact
  • By calling us on 0141 945 0244
  • By writing to us at the following address: MsMissMrs, 1 Benview St, Glasgow, G20 7SA

How we collect and use your personal information

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • You have made an enquiry to us.
  • You have requested information or a service from us.
  • You have bought goods or services from us.
  • You have told us we can contact you with information about our work, invitations to participate in our events, or with requests for help from you such as for evaluation and monitoring of our goods and services.
  • You have used our website or other online services.
  • You are representing your organisation.

Data collected

We may collect the following Data, which includes personal Data, from you:

  • name
  • contact Information such as email addresses and telephone numbers
  • financial information such as credit / debit card numbers and invoicing contact details, purchase order numbers and addresses.
  • IP address (automatically collected)
  • web browser type and version (automatically collected)
  • operating system (automatically collected)
  • a list of URLs starting with a referring site, your activity on this Website, and the site you exit to (automatically collected)
  • in each case, in accordance with this privacy policy.

Data that is collected automatically

To the extent that you access the Website, we will collect your Data automatically, for example:

  • We automatically collect some information about your visit to the Website. This information helps us to make improvements to Website content and navigation, and includes your IP address, the date, times and frequency with which you access the Website and the way you use and interact with its content.
  • We will collect your Data automatically via cookies, in line with the cookie settings on your browser. For more information about cookies, and how we use them on the Website, see the section below, headed “Cookies”.

Our use of Data

Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, Data may be used by us for the following reasons:

  • internal record keeping;
  • fulfilment of purchases of services made online

in each case, in accordance with this privacy policy.

We may use your Data for the above purposes if we deem it necessary to do so for our legitimate interests. If you are not satisfied with this, you have the right to object in certain circumstances (see the section headed “Your rights” below).

Keeping Data secure

We will use technical and organisational measures to safeguard your Data, for example:

  • access to your account is controlled by a password and a user name that is unique to you.
  • we store your Data on secure servers.
  • payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.

Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: hello@msmissmrs.co.uk.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

Your data protection rights

Under data protection law, you have important rights. The rights available to you depend on our reason for processing your information.

  • Your right of access

You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.

  • Your right to rectification

You have the right to have your personal information corrected if it is inaccurate or incomplete. This right always applies.

  • Your right to erasure

You have the right in certain circumstances to ask us to delete or remove your personal information from our systems.

  • Your right to restriction of processing

You have the right to ask us to restrict the processing of your information in certain circumstances, i.e. to ‘block’ us from using your personal information or limit the way in which we can use it.

  • Your right to object to processing

You have the right to object to processing when we are able to process your information because the processing is in our legitimate interests. If you raise an objection we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we’re continuing to process your personal information.

  • Your right to data portability

This only applies to information you have given us. You have the right to ask that we transfer

the information you gave us from one organisation to another, or give it to you. The right only applies if we are processing information based on your consent or under contract, or in talks about entering into a contract, and the processing is automated.

Exercising your rights

You are not required to pay any charge for exercising your rights. We have one month to respond to you.

We will use all reasonable efforts consistent with our legal duty to provide you with your rights in accordance with data protection legislation.

To make enquiries, exercise any of your rights set out in this Privacy Policy, and/or make a complaint please contact hello@msmissmrs.co.uk or write to:

The Data Manager,
MsMissMrs,
1 Benview St,
Glasgow,
G20 7SA

If you’re not satisfied with the way any complaint you make in relation to your personal information is handled by us then you may be able to refer your complaint to the relevant data protection regulator. In the UK, this is the Information Commissioner’s Office.

Our processing purposes

This section explains the various tasks we undertake as an organisation and how we process your information to do those tasks.

  1. Make a general enquiry

Purpose and legal basis for processing
When you contact us to make a general enquiry about us or our work, or to request information from us, we collect information, including your personal data, so that we can respond to it in the most appropriate way. The legal basis we rely on to process the personal data you give us in this case is legitimate interest. We always balance our legitimate interests with your interests as the owner of your own information.

What we need and why we need it
We need enough information from you to answer your enquiry. This will usually include your contact details. If you contact us by post, email or through our website, we will need some contact details from you in order to respond to you. If you telephone us, our telephone system will tell us the number you are calling from if that number is available to the system, but we will not record that number unless you tell us we can. If you telephone us and we cannot respond immediately to your enquiry we may need to record some contact details in order to respond to you later. You can choose which contact details to give us and which to ask us to use. We may also, if appropriate, record the name of the organisation you represent. We will record the details of your enquiry in order for us to answer appropriately.

What we do with your information
Unless your enquiry is extremely simple or trivial (such as, for example, a phone call asking us for our address), we will keep a record of your enquiry and your contact details so we can respond to it appropriately and effectively. We may keep a record of our response to you. Depending on the complexity of your enquiry we may open a case file in which to record the details of your enquiry in one place. We will keep the information you provide so that, if you contact us again, we have a record of your enquiry and our response. We may also use it to analyse our own work and how well we carry out our tasks.

How long we keep it
We will keep your information for three years after our last contact with you.

What are your rights
You have the rights of access, rectification, erasure, restriction, objection.

Our data processors
We use SharePoint, provided by Microsoft, to provide our email system and some cloud storage services (such as storing letters we send).

We use WordPress as our website supplier and Learndash as our training platform. If you contact us via our website, WordPress will store the information you supply via the forms on our website.

We have Facebook, Twitter and Instagram accounts, all of which may be used for direct contact purposes. If you contact us through any of our social media, the platforms will hold the information you supply.

  1. Request a service from us

Purpose and legal basis for processing
If you request a service from us we need enough information from you to enable us to provide the service you have requested.

The legal basis we rely on to process the personal data you give us in this case is ‘legitimate interests’ and ‘consent’. We always balance our legitimate interests with your interests as the owner of your own information.

If the information you provide us with in relation to your enquiry contains special category data, such as health, religious, political information, or information related to race or ethnic background, then the legal basis we rely on to process it is Article 9(2)(g) of the GDPR which allow us to process special category information where there is a substantial public interest to do so.

The UK Parliament, in the Data Protection Act 2018 has defined the specific instances where this legal basis can be used in the UK. We rely on the ‘Counselling etc’ provision in Schedule 1, part 2(17) of that Act to allow us to process special category data in this instance. That provision allows us to process the data of a third party where we are unable to get the consent of that third party directly to process their own data. We rely on this if you ask us for advice or support in relation to someone you are supporting, through services such as social work.

What we need and why we need it
We need enough information from you to answer your enquiry. This will include some way of contacting you, such as an email address, your home or business address, or a telephone number.

We will never ask for more information than we need to provide the advice or service you have requested.

What we do with it
We will keep a record of your request and will keep the information you provide so that, if you contact us again, we have a record of your enquiry and our response.

Depending on the nature of your enquiry we may open a case file in which to record the details of your enquiry in one place.

We may also use your information to analyse our own work and how well we carry out our tasks.

How long we keep it
We will keep the information your provide for three years after our last contact with you. After that point we will delete your information unless you request us not to or there is some legal obligation preventing us from deleting it.

What are your rights
You have the rights of access, rectification, erasure, restriction, objection.

Our data processors
We use SharePoint, provided by Microsoft, to provide our email system and some cloud storage services (such as storing letters we send).

We use WordPress as our website supplier and Learndash LMS as our training platform provider. If you contact us via our website, WordPress will store the information you supply via the forms on our website.

We have Facebook, Twitter and Instagram accounts, all of which may be used for direct contact purposes. If you contact us through any of our social media, the platforms will hold the information you supply.

  1. Paid-for goods or services

We provide a range of paid-for goods and services to help us fulfil our organisational purposes.

Those include:

  • Get S.E.T. Girls Training
  • Teacher’s Guides and Girls workbooks

Purpose and legal basis for processing
If you wish to purchase goods or services from us we need enough information from you to enable us to fulfil your order.

The legal basis we rely on to process the personal data you give us in this case is Article 6(1)(b) of the GDPR which allows us to process your personal data where there is a contract in place between us that allows us to do so.

When we collect any information about your access or dietary requirements for events we also need your consent as this type of information is classed as special category data. In that case we rely on Article 9(2)(a) of the GDPR.

What we need and why we need it
Depending on what you are purchasing from us and how you choose to pay we will need some or all of the following information: your name, your contact details, your billing address, your delivery address, the organisation you represent.

Unless you are paying by cash we will also need payment information from you such as your bank / debit card / credit card / invoicing details.

If you are an individual purchasing training from us or attending an event we may need further details from you including your occupation, any previous training, qualifications or experience relevant to the training and any access or dietary requirements you may have.

If you are purchasing training from us on behalf of an organisation we may need further details from you including the names of people who will be attending the training on behalf of your organisation. It is your responsibility to ensure that you have the right to pass on the names of attendees to us.

What we do with it

We use the information you give us in order to provide you with the goods or services you have purchased.

When you purchase goods or services from us we keep a record of the transaction for accounting purposes and so that we can respond to any complaints, queries, or requests for refunds you may have about the transaction or the goods or services you purchased.

Where you have purchased training from us as an individual we store your details to record that you have been trained by us. We do not provide this information to anyone unless you request us to do so.

Where you have purchased training from us on behalf of an organisation we store details of your organisation to record that staff in your organisation have been trained by us. We may make the fact your organisation has been trained by us public on, for example, our social media. We will not share or make public any personal information relating to the training unless we have your specific consent to do so, for example to share photographs of the training.

We also use the information you have provided to help us analyse and improve our goods, services and the means by which we provide them.

How long we keep it

We will keep the information your provide and other information relating to the contract for six years after the contract. After that point we will delete your information unless there is some legal obligation preventing us from deleting it.