MCC Computers Ltd (MCC) fully understand the need to and the responsibility we have to protect and respect your privacy and look after your data; both personal and otherwise.
For clarity, MCC may be both data controller and data processor for your personal data; this can vary between scenarios, however can be either, or both.
Please be advised that this policy is subject to change, so please do return regularly to ensure you are aware of the latest details.

The Data Protection Law will change

On the 25th of May 2018, the new data protection law will come into force and this privacy notice explains clearly your rights under the new law as well as how your information is used.
Data protection law states that we are only able to process personal data if we have a valid reason to do so. The reasons for processing your data include, but are not limited to, performance of a contract, contacting you for customer service purposes, to enable billing and remittance and your consent.

Who we are

When we talk about “MCC”, or “us” or “we” in this notice, we are talking about MCC Computers Ltd.
We share your information within MCC to help us provide our services, comply with regulatory and legal requirements, and improve our products and services.

Data Protection Officer

Our Data Protection Officer oversees how we collect, use, share and protect your information to ensure your rights are fulfilled. In case of any queries or questions you can contact our Data Protection Officer (Gordon Montgomery) at info@mcc.ac or by writing to him at: Data Protection Officer, MCC Computers Ltd, Ballymena Business Centre, 62 Fenaghy Road, Galgorm, Ballymena, Co Antrim BT42 1FL

How do we collect personal data from you and what type of data do we collect?

We receive information about you when you contact us by phone, email, remote support or otherwise in respect of our products and services; likewise, during the purchase of any product or service when you use your credit or debit card or complete transactions. We do not record phone conversations. We also collect information from you when you register a client account with us. Upon registering with us, we will ask you to provide contact information such as your name, address, telephone numbers, e-mail addresses, and payment information such as account number and sort code to setup a Standing Order profile.

If you contact us for customer support, we may also ask you for information about your operating system, software and other technical matters.

If you provide us with personal data about a third party, it is with the understanding that you have the authority and have obtained the express consent from the third party for the disclosure and use of their personal data.

Your personal data may be automatically collected when using our services, including but not limited to, device specific information, connection details within server logs, device event information, your IP address and location information. Upon visiting our website, we will capture your IP address, time of and duration of visit and time and duration of the pages on our website which you choose to view.

Our website uses ‘cookie’ technology. A cookie is a little piece of text that our server places on your device when you visit any of our websites or apps. They help us make the sites work better for you.

How we keep your information safe and where do we store your personal data?

We protect your information with security measures under the laws that apply and we keep our computers, files and buildings secure. All information you provide to us is stored on our secured servers within the UK. For backup purposes, this data may then be transferred and stored by a third party contracted to MCC, however kept strictly within the UK.

Transmission of information via the internet is not completely secure by its nature. On this basis, we cannot guarantee the security of any data transmitted to us and this transmission of data is done so at your own risk. Once MCC have received the information, we have strict policies and procedures to mitigate unauthorised access as far as possible.

When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information

Meeting our legal and regulatory obligations

To use your information lawfully, we rely on one or more of the following legal bases:
• performance of a contract;
• legal obligation;
• protecting the vital interests of you or others;
• public interest;
• our legitimate interests; and
• your consent

To meet our regulatory and legal obligations, we collect some of your personal information, verify it, keep it up to date through regular checks, and delete it once we no longer have to keep it. We may also gather information about you from third parties to help us meet our obligations. If you do not provide the information we need, or help us keep it up to date, we may not be able to provide you with our products and services.

Consent

Sometimes we need your consent to use your personal information. We currently do not do direct marketing but may do in the future, using this as an example, we would need your consent to make you aware of products and services which may be of interest to you. We may do this by phone, post, email, text or through other digital media.

You could also decide how much direct marketing you want to accept when you apply for new products and services.

If we ever contact you to get your feedback on ways to improve our products and services, you have the choice to opt out.

How do we use your data?

We will use your personally identifiable information only as follows to:
• process orders you have submitted to us;
• process payment for orders you have submitted to us;
• administer accounts and keep track of billing and payments;
• help us identify you and any accounts you hold with us;
• provide customer support;
• maintain and monitor your products and services;
• provide relevant products and services;
• identify ways we can improve our products and services;
• notify you about changes to our services and website;
• notify you about problems with your services;
• carry out our obligations arising from any contracts entered into between us;
• protect both our interests and meet our legal and regulatory obligations;
• provide you with information regarding products or services you have purchased from us or requested information about; and
• inform you of product/service or pricing changes

To provide our products and services under the terms and conditions we agree between us, we need to collect and use personal information about you. If you do not provide this personal information, we may not be able to provide you with our products and services.

Data Retention

Your personal data will be kept as long as you are an MCC client; we shall retain your data only for as long as necessary.

Once you are no longer an active client of MCC, your account will be marked as inactive and then kept for up to 7 years after you have cancelled services with us. If you purchase new or reactivate services with MCC within this timeframe, the clock is reset.

The reason personal information may be kept this long is due to our legal, regulatory and/or accountancy requirements. We may also keep it for research or statistical purposes. Please be assured that your personal data will only ever be kept for necessary reasons and specific purposes as informed to you.

Who has access to your personal data?

The access to your personal data varies depending on the services you hold with MCC. To ensure all is clear and easy to understand, we have grouped the information into products and services which we offer:
Domains
Your data is used internally by MCC staff and systems for the purpose of billing, admin, support and service provisions. Some of your data will also be sent to the registrar which may be outside the EEA; this is limited to the contact details set on the domain on registration or update.

SSL Certificates; including Digital ID’s
Your data is used internally by MCC staff and systems for the purpose of billing, admin, support and service provisions. Your data, as the certificate owner, is also sent to the certificate authority for their authentication and use; this may be outside of the EEA.

Web Hosting; including Shared Hosting, Dedicated server, Custom Architecture
Your data is used internally by MCC staff and systems for the purpose of billing, admin, support and service provisions.

Mail Hosting; including Mailing Lists
Your data is used internally by MCC staff and systems for the purpose of billing, admin, support and service provisions.

Productivity Software; including Office 365
Your data is used internally by MCC staff and systems for the purpose of billing, admin, support and service provisions.

Security Services; including Antivirus, Anti-Spam, Content Filtering, Anti-Malware, Encryption & Cloud Backup
Your data is used internally by MCC staff and systems for the purpose of billing, admin, support and service provisions.

Third Parties

MCC will never sell your personal data to third parties for any advertising or marketing activity.

MCC may pass your personal information to third parties for service provisioning on our behalf; this could be such aspects as, but not limited to; payment processing, returning a defective product for repair under warranty to the manufacturer, trace information and to protect both our interests. If this does happen, personal data will only be used as necessary to complete required processes such as service provisioning or payment transaction; MCC will always ensure your personal data is securely transmitted to strict MCC policy and not used for marketing or advertising services.

MCC work closely with a small number of third parties (including service providers, fraud prevention services and business parties) and we may receive information from them about you. Any personal data we receive may be linked to existing personal data we have and will be governed by this policy as if we have collected it.

MCC may share your data should it be acquired by a third party; in this scenario, your data would be classified as an asset of the business. If this situation were to arise, both parties would be sure to enter into appropriate confidentiality agreements prior to any exchange of data.

MCC may also share your data if under duty to do so to comply with any legal obligation or to protect the safety, rights or property of MCC, our clients, or others; MCC will always ensure your personal data is securely transmitted to strict MCC policy and your rights regarding personal data privacy protected.

International transfers of data

We do not transfer your personal information outside of the European Economic Area (EEA).

Your Rights

You have full control and decision on what, if any, personal data you provide to MCC; in choosing not to provide certain information, this may limit or restrict the services we are able to provide and also the level of support we are able to provide.

You have the right to be forgotten. You have the right to object to our usage or processing of your personal information as well as delete, remove or stop using it if there is no need for us to do so. Any request submitted will be taken seriously and reviewed; there are accounting and legal reasons why we would need to retain your personal data, however, if you believe your personal data to be retained on an incorrect basis, please do inform us.

You can change your marketing preference at any point in time; we will not use your personal data for marketing unless you have expressly given us your full consent to do so.

Accessing and updating your data

Data kept with MCC is fully accessible and you have the right to access all the information we hold about you; to request this at any point, please email us at info@mcc.ac requesting this and we will ensure the information is presented to you.

When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information.

Data Breaches

In the event of a data breach, we will ensure that our obligations are met within required timeframes in accordance with the applicable data protection laws.

Children’s privacy

Our service is not available to anyone under the age of 18 years; we will not intentionally retain any information of anyone under the age of 18 years.

Links to other sites

MCC may, from time to time, provide links to third party websites; due to the fact that we do not control these sites or have any impact on them, we strongly recommend reading their own privacy policy. Any information provided to these sites is not within our control and cannot be covered by MCC privacy policies.

Contact Us

If you have any comments of further questions about data privacy or your personal data, please email info@mcc.ac

Your right to make a complaint

If you have any concerns about the way we handle or process your personal data, please do ensure you contact us in the first instance; we’re always on-hand to listen to your concerns and address and review our data processing procedures.

If you wish to make a complaint you may do so in person, by telephone, in writing and by email. Please be assured that all complaints received will be fully investigated. You can register a complaint through our office, our website, by phone, by email or in person at our office.

We ask that you supply as much information as possible to help our staff resolve your complaint quickly.

You also have the right to make a complaint about how we process your personal data to the Information Commissioners Office https://ico.org.uk/concerns/:

HEAD OFFICE
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113

REGIONAL OFFICE
Northern Ireland
Information Commissioner’s Office
3rd Floor
14 Cromac Place
Belfast
BT7 2JB
Tel: 028 9027 8757 or 0303 123 1114
Email: ni@ico.org.uk