McAnallen Ltd Privacy Policy
McAnallen Ltd is a modern and innovative business which designs and manufactures mobility products to help people live a more independent life. We operate under the brand name “McAnallen” and use the strapline “right there with you” which signifies the close relationship between McAnallen, its personal product range and all of our valued customers.
We have set out this privacy policy into the following layered tabs or sections
All references to ‘our’, ‘us’ or ‘we’ within this policy are deemed to refer to McAnallen Ltd. McAnallen Ltd is the data controller with responsibility for the proper functioning of the website https://www.mcanallen.com/ (the “Website”).
We have appointed Sarah McAnallen our CEO as our data protection champion for the company who is responsible for overseeing questions in relation to this privacy policy. Sarah has recourse to professional legal counsel with expertise in data protection and privacy law. If you have any questions about this privacy policy, including any requests to exercise your legal rights as explained below please contact us at this email address: info@mcanallen.com
This privacy policy governs your interactions with McAnallen Ltd whether you are a consumer of our mobility products (and related merchandise which we may offer in future) or one of our suppliers, a Website visitor, an account holder with us, or someone who supplies product suggestions to us. In all cases this privacy policy will explain how we interact with you when it comes to your personal data. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. McAnallen operates in accordance with the latest data protection principles enshrined in Article 5 of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) as these are applied in the UK[1] - including the principles of purpose-limitation, storage-limitation, data accuracy, data security and integrity and data minimisation.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
We have no immediate plans but in future we reserve the right to collect, use and share Aggregated Data such as statistical or demographic data for any purpose which assists our business or helpfully informs our supply chain in making products for us. Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature, or determine which colour of Sock-aid is the most popular according to age range or customer location. If we ever combine or connect Aggregated Data with your personal data so that it can in rare circumstances directly or indirectly identify you, we will treat the combined data as personal data which will be afforded the full protection of this privacy policy.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
By finding us through a search engine, cookies, logging in with authorised credentials, registering for an account, contacting us on social media or via email, or otherwise providing your data to us (including when connecting with us via trade shows or events), we inevitably collect your personal data. We collect your data in two main ways:
McAnallen obtains the information you provide when you register an account via the Website or otherwise enquire about our products, or create posts, blogs or reviews about our products, or make a purchase (through Woo Commerce or in future through any reseller partner, such as any pharmacies we may use to sell our products).
Typically, you will provide us with
We or our service providers such as Mailchimp may use the information you provide to contact you from time to time to provide you with important information, required notices and marketing promotions.
Through our technology, the use of Google Analytics, our Website and cookies we are able to receive the automatically collected information referenced above. One good example is the collection of precise information about the location of your IP address.
We will only use your personal data when the law allows us to. We have created a separate policy which set out how we use and collect information via cookies which is available on our Website. We have set out below a visual depiction of all the ways we are allowed to process your personal data under the GDPR, followed by a summary of the key “lawful bases” which apply most to McAnallen.
Most commonly, we will use your personal data in the following circumstances:
With respect to non-personal data, aggregated and anonymized data is periodically transmitted to external service providers to help us improve the McAnallen Website and our service. We value the insights provided by Google Analytics which tells us information about the frequency and duration of Website visits. We reserve the right to work with advertisers and third-party advertising networks, who need to know how you interact with advertising provided in McAnallen which helps us keep advertising targeted appropriately.
With respect to personal data, much of your personal data is held and processed by others such as Woo Commerce, Paypal, Stripe and Mailchimp with whom we contract in order to provide you with the very best service. Internally within McAnallen there will be employees who will have access to all of our data sets, including your personal information (as would be expected).
Accordingly, we do not see or process much of the personal data as you might assume – this is so we can use partners with the requisite systems and expertise which leaves us free to run our business and the product-led service to you smoothly and efficiently. We shall share your information with third parties only in the limited ways that are described in this privacy policy:
(https://tools.google.com/dlpage/gaoptout?hl=en)
We comply with applicable requirements attaching to what are known as “restricted transfers” of personal data (i.e. transfers of data internationally outside of those permitted territories which are part of the European Economic Area (EEA) or are otherwise deemed to benefit from an “adequacy decision” in its favour). We know for example that exchanges between McAnallen and Woo Commerce (which uses Stripe and Paypal) will involve exchanges with businesses which are USA domiciled. McAnallen is assured that the US has in place a “Privacy Shield Framework” which satisfies the EU GDPR standards of data protection as confirmed by the European Commission (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en)
As our business expands and as our customer base and supply chain grow, we will take the necessary precautions such as entering into data sharing agreements as and when required. As a UK domiciled business, we will continue to apply best practice in data protection when the UK is no longer a part of the transitional arrangements with the EU and shall follow all relevant government guidance for business such as that found here: https://www.gov.uk/guidance/using-personal-data-after-brexit
We are extremely vigilant about safeguarding the confidentiality of our product information, our intellectual property rights and your personal data. We deploy provide a range of “technical and organisational” measures (as required by article 32 of the GDPR) including physical, electronic, and procedural safeguards to block various web-bots and viruses and also to protect the information we process and maintain. For example, we shall limit access to this information to only those authorised employees and contractors who need to know certain information in order to operate, develop or improve the McAnallen product range or our Website. Please be aware that, although we endeavour provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches. From time to time our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
When you leave our website, for example when you click on a product and make an order through the Woo Commerce platform we strongly encourage you to read the privacy policy of those additional websites or portals you visit.
MCANALLEN BEARS NO RESPONSIBILITY FOR INFORMATION SHARED OR PAYMENT TRANSACTIONS MADE ON ANOTHER PARTY’S WEBSITE OR DOMAIN – EVEN IF WE HAVE FACILITATED YOUR REFERRAL TO THAT OTHER PARTY.
[In the event there is an occasion in future where there is an unauthorised use or breach with respect to personal data (such as a mis-sent email or a cyber hack), McAnallen is developing a best practice “data breach response protocol” which will kick-in to mitigate the risk to individual’s rights and freedoms arising from the breach. NOTE TO SARAH – consider deleting this paragraph if you don’t think this is worth having at this time]
The protection of children also forms a part of our consideration. We do not use McAnallen to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at info@mcanallen.com. We will delete such information from our files as soon as is reasonably practicable.
We will retain your personal data for as long as necessary and where legally appropriate to do so (for example in the context of a product purchase, for at least six years after purchase in case there is a breach of contract claim relating to the product within the relevant limitation period). We reserve the right to store non-personal data in aggregate for the purpose of analytics and our legitimate business interests. As a corporately responsible business, we are mindful of the data protection principle of storage-limitation and data-minimisation. McAnallen will also endeavour to perform an archiving exercise at least once per year, whereby all data sets held will be reviewed for continuing relevance in adherence to GDPR principles. We reserve the right to create and update a data retention and disposals policy or guidelines in due course.
It is important to remember you have rights when it comes to your personal data. You can opt out of marketing at any time by letting us (or Mailchimp) know. You can stop all collection of information by McAnallen easily by deleting your McAnallen account. You may also contact us directly at info@mcanallen.com and we will remove your user profile from our database.
In a large number of cases, it may be appropriate to contact the relevant McAnallen partner as the first port of call so that any information relating to your product purchase (via Woo Commerce) can be dealt with by the best placed party. McAnallen does not hold transactional or payment data relating to your order. For the limited amounts of personal data we hold, we summarise your enshrined legal rights which we uphold:
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Fax: 01625 524510
Contact us
If you have any questions regarding privacy while using McAnallen, or have questions about our practices, please contact us via email at info@mcanallen.com. The practices described in this privacy policy statement are current and up to date as at 1 July 2020.
Changes
This privacy policy may be updated from time to time for any reason. We will notify you of any changes by posting an updated privacy policy on our Website. We will also endeavour to update anyone registered with us via email or text message.
[1] All references to the GDPR’s application in the UK shall refer to its application through the Data Protection Act 2018 or any other successor instrument or equivalent national rule which applies during and beyond the transitional arrangements governing the UK’s withdrawal from the EU.