Free Shipping!
£0.00

McAnallen Ltd Privacy Policy

 

McAnallen Ltd is a modern and innovative business which designs and manufactures mobility products to help people live a more independent life.  We operate under the brand name “McAnallen” and use the strapline “right there with you” which signifies the close relationship between McAnallen, its personal product range and all of our valued customers.

 

We have set out this privacy policy into the following layered tabs or sections

 

  1. IMPORTANT INFORMATION AND WHO WE ARE
  2. THE DATA WE COLLECT ABOUT YOU
  3. HOW IS YOUR PERSONAL DATA COLLECTED
  4. HOW WE USE YOUR PERSONAL DATA
  5. DISCLOSURES OF PERSONAL DATA
  6. INTERNATIONAL TRANSFERS
  7. DATA SECURITY
  8. DATA RETENTION
  9. YOUR LEGAL RIGHTS

 

  1. IMPORTANT INFORMATION AND WHO WE ARE

All references to ‘our’, ‘us’ or ‘we’ within this policy are deemed to refer to McAnallen Ltd.   McAnallen Ltd is the data controller with responsibility for the proper functioning of the website https://www.mcanallen.com/  (the “Website”). 

We have appointed Sarah McAnallen our CEO as our data protection champion for the company who is responsible for overseeing questions in relation to this privacy policy.  Sarah has recourse to professional legal counsel with expertise in data protection and privacy law. If you have any questions about this privacy policy, including any requests to exercise your legal rights as explained below please contact us at this email address: info@mcanallen.com

This privacy policy governs your interactions with McAnallen Ltd whether you are a consumer of our mobility products (and related merchandise which we may offer in future) or one of our suppliers, a Website visitor, an account holder with us, or someone who supplies product suggestions to us.  In all cases this privacy policy will explain how we interact with you when it comes to your personal data.  It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.  McAnallen operates in accordance with the latest data protection principles enshrined in Article 5 of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) as these are applied in the UK[1] - including the principles of purpose-limitation, storage-limitation, data accuracy, data security and integrity and data minimisation.

 

  1. THE DATA WE COLLECT ABOUT YOU

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

 

  • Identity Dataincludes first name, last name, username for account holders or similar identifier and title.

 

  • Contact Dataincludes address, delivery address if different, email address, social media handles we may have for you (e.g. twitter / linkedin / instagram) and telephone numbers.

 

  • Financial Datarefers to bank account, transaction data and payment card information which we do not intend to hold at McAnallen at any point.  To be clear we use Woo Commerce and their partners at Stripe and Paypal (more information in our section on third parties).

 

  • Technical Dataincludes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, which are discernible through various cookies we use.

 

  • Profile Dataincludes log-on credentials, password, your order history, product suggestions, other feedback and survey responses (to the extent we utilise these from time to time).

 

  • Usage Dataincludes information about how you use our website, including the product pages.

 

  • Marketing and Communications Dataincludes your preferences for receiving marketing from us or our partners and your communication preferences (which we capture through our use of Mailchimp).

 

We have no immediate plans but in future we reserve the right to collect, use and share Aggregated Data such as statistical or demographic data for any purpose which assists our business or helpfully informs our supply chain in making products for us.   Aggregated Data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.  For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature, or determine which colour of Sock-aid is the most popular according to age range or customer location.  If we ever combine or connect Aggregated Data with your personal data so that it can in rare circumstances directly or indirectly identify you, we will treat the combined data as personal data which will be afforded the full protection of this privacy policy.

 

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

 

  1. HOW IS YOUR PERSONAL DATA COLLECTED?

By finding us through a search engine, cookies, logging in with authorised credentials, registering for an account, contacting us on social media or via email, or otherwise providing your data to us (including when connecting with us via trade shows or events), we inevitably collect your personal data.  We collect your data in two main ways:

  • User Provided Information

McAnallen obtains the information you provide when you register an account via the Website or otherwise enquire about our products, or create posts, blogs or reviews about our products, or make a purchase (through Woo Commerce or in future through any reseller partner, such as any pharmacies we may use to sell our products).

Typically, you will provide us with

  1. your name
  2. email address
  3. user name
  4. password
  5. other registration information such as your phone number
  6. information you provide us when you use the contact page or the product suggestion page of our Website (or leave commentary or content on a channel or page connected with McAnallen or one of our products on social media)

 

We or our service providers such as Mailchimp may use the information you provide to contact you from time to time to provide you with important information, required notices and marketing promotions.

  • Automatically Collected Information

Through our technology, the use of Google Analytics, our Website and cookies we are able to receive the automatically collected information referenced above.  One good example is the collection of precise information about the location of your IP address.

  1. HOW WE USE YOUR PERSONAL DATA

We will only use your personal data when the law allows us to. We have created a separate policy which set out how we use and collect information via cookies which is available on our Website.  We have set out below a visual depiction of all the ways we are allowed to process your personal data under the GDPR, followed by a summary of the key “lawful bases” which apply most to McAnallen.

 

Most commonly, we will use your personal data in the following circumstances:

 

  1. Where it is a contractual necessity to process personal data - this would cover fulfilling orders for our products with you or when making sure we comply with any terms of use we have for website visitors, for example.
  2. Where it is necessary for our legitimate business interests (or those of a third party) when providing and improving our products or the McAnallen Website (providing your interests and fundamental rights do not override our interests).
  3. Generally, we do not rely on consent as the primary legal basis for processing your personal data. However, we will (i) endeavour to obtain your (opt-in) consent (which you can always withdraw) before sending third party direct marketing communications to you via email or text message and (ii) where you order products from us or browse our products or Website you are consenting to our processing your personal data.

 

 

  1. DISCLOSURES OF YOUR PERSONAL DATA

 

With respect to non-personal data, aggregated and anonymized data is periodically transmitted to external service providers to help us improve the McAnallen Website and our service.  We value the insights provided by Google Analytics which tells us information about the frequency and duration of Website visits.  We reserve the right to work with advertisers and third-party advertising networks, who need to know how you interact with advertising provided in McAnallen which helps us keep advertising targeted appropriately.

With respect to personal data, much of your personal data is held and processed by others such as Woo Commerce, Paypal, Stripe and Mailchimp with whom we contract in order to provide you with the very best service.  Internally within McAnallen there will be employees who will have access to all of our data sets, including your personal information (as would be expected).

Accordingly, we do not see or process much of the personal data as you might assume – this is so we can use partners with the requisite systems and expertise which leaves us free to run our business and the product-led service to you smoothly and efficiently.  We shall share your information with third parties only in the limited ways that are described in this privacy policy:

  1. when we believe in good faith that disclosure is necessary to protect our rights, protect your vital interests, your safety or the vital interests and safety of others;
  2. where we need to share some personal data with our trusted services providers and strategic partners (cloud hosts, website maintenance, IT security experts, software providers or resellers) who may need to do work for us or on our behalf. These parties will not have an independent or different purpose for using the personal data we give them.   One such strategic partner is Woo Commerce.  They are a strategic partner who provide an e-commerce platform to our customers and further details of their operation can be obtained here:  https://woocommerce.com/woocommerce-features/.  In 2015, WooCommerce was purchased as part of a larger transaction by Automattic Inc in the US.  The following privacy terms now apply to Woo Commerce through its owners https://automattic.com/privacy/
  • we reserve the right in exceptional cases—for example, in case of queries on the Sock aid product—to share your personal data with the relevant reseller, distributor or manufacturer (especially if some of these functions are outsourced in future).
  1. where we need to comply with a legal obligation (such as a regulatory request from the Information Commissioner, help investigate a fraud, or respond to a government or judicial request);
  2. when we grow as a business and may need in future to expose certain data sets to potential purchasers or investors of McAnallen - in the event of future corporate activity of different kinds. Such activities will be subject to confidentiality restrictions and other rules which apply to such tightly guarded circumstances.
  3. Where we use advertising or analytics partners such as Google Analytics to analyse Website usage. The data that is acquired in this way is used to optimise our website and advertising efforts. Google Analytics is a web analysis service that is operated and provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google processes the data on website usage for us and contractually undertakes to take measures to ensure the confidentiality of the processed data.  If you should not agree with the collection, you can prevent this with the one-time installation of the browser add-ons for the deactivation of Google Analytics.

(https://tools.google.com/dlpage/gaoptout?hl=en)

 

 

 

  1. INTERNATIONAL TRANSFERS

We comply with applicable requirements attaching to what are known as “restricted transfers” of personal data (i.e. transfers of data internationally outside of those permitted territories which are part of the European Economic Area (EEA) or are otherwise deemed to benefit from an “adequacy decision” in its favour).  We know for example that exchanges between McAnallen and Woo Commerce (which uses Stripe and Paypal) will involve exchanges with businesses which are USA domiciled. McAnallen is assured that the US has in place a “Privacy Shield Framework” which satisfies the EU GDPR standards of data protection as confirmed by the European Commission  (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en)

As our business expands and as our customer base and supply chain grow, we will take the necessary precautions such as entering into data sharing agreements as and when required.  As a UK domiciled business, we will continue to apply best practice in data protection when the UK is no longer a part of the transitional arrangements with the EU and shall follow all relevant government guidance for business such as that found here: https://www.gov.uk/guidance/using-personal-data-after-brexit

 

  1. DATA SECURITY

We are extremely vigilant about safeguarding the confidentiality of our product information, our intellectual property rights and your personal data.  We deploy provide a range of “technical and organisational” measures (as required by article 32 of the GDPR) including physical, electronic, and procedural safeguards to block various web-bots and viruses and also to protect the information we process and maintain. For example, we shall limit access to this information to only those authorised employees and contractors who need to know certain information in order to operate, develop or improve the McAnallen product range or our Website. Please be aware that, although we endeavour provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.  From time to time our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.  

When you leave our website, for example when you click on a product and make an order through the Woo Commerce platform we strongly encourage you to read the privacy policy of those additional websites or portals you visit.

MCANALLEN BEARS NO RESPONSIBILITY FOR INFORMATION SHARED OR PAYMENT TRANSACTIONS MADE ON ANOTHER PARTY’S WEBSITE OR DOMAIN – EVEN IF WE HAVE FACILITATED YOUR REFERRAL TO THAT OTHER PARTY.

[In the event there is an occasion in future where there is an unauthorised use or breach with respect to personal data (such as a mis-sent email or a cyber hack), McAnallen is developing a best practice “data breach response protocol” which will kick-in to mitigate the risk to individual’s rights and freedoms arising from the breach.  NOTE TO SARAH – consider deleting this paragraph if you don’t think this is worth having at this time]

The protection of children also forms a part of our consideration. We do not use McAnallen to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at info@mcanallen.com.  We will delete such information from our files as soon as is reasonably practicable.

  1. DATA RETENTION

We will retain your personal data for as long as necessary and where legally appropriate to do so (for example in the context of a product purchase, for at least six years after purchase in case there is a breach of contract claim relating to the product within the relevant limitation period).  We reserve the right to store non-personal data in aggregate for the purpose of analytics and our legitimate business interests.  As a corporately responsible business, we are mindful of the data protection principle of storage-limitation and data-minimisation.  McAnallen will also endeavour to perform an archiving exercise at least once per year, whereby all data sets held will be reviewed for continuing relevance in adherence to GDPR principles.  We reserve the right to create and update a data retention and disposals policy or guidelines in due course.

 

  1. YOUR LEGAL RIGHTS

It is important to remember you have rights when it comes to your personal data.  You can opt out of marketing at any time by letting us (or Mailchimp) know. You can stop all collection of information by McAnallen easily by deleting your McAnallen account.  You may also contact us directly at info@mcanallen.com and we will remove your user profile from our database.

In a large number of cases, it may be appropriate to contact the relevant McAnallen partner as the first port of call so that any information relating to your product purchase (via Woo Commerce) can be dealt with by the best placed party.  McAnallen does not hold transactional or payment data relating to your order.  For the limited amounts of personal data we hold, we summarise your enshrined legal rights which we uphold:

  • The right to be informed about our use of your data. This right is honoured through the existence of this Policy.
  • The right to access information we hold about you through what is known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. Please note that we may ask you to specify what you wish to see in order to focus our search, and we may have to verify your identity/authority.
  • In some circumstances, the right to withdraw your consent to our processing of your information, which you can do at any time. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • In some circumstances, the right to receive certain information you have provided to us in an electronic format and/or request that we transmit it to a third party;
  • The right to request that we rectify your information if it’s inaccurate or incomplete though we may need to verify the accuracy of the new data you provide to us.
  • In some circumstances, the right to request that we erase your information where there is no good reason for us continuing to process it. Please note that some or all of your personal data may be required in order for McAnallen to properly complete orders, maintain your account and contact you so this will need borne in mind before completing any request for erasure. 
  • Where you have successfully exercised your right to object to processing, or in the extremely unlikely event where we may have processed your information unlawfully, we will delete your personal data as requested.  (Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request).
  • The right to object to, and to request that we restrict, our processing of your information in some circumstances for example where we are relying on our legitimate interests or using it for direct marketing. Again, there may be situations where you object to, or ask us to restrict, our processing of your information but we’re entitled to continue processing it and/or to refuse your request.
  • Individuals have a right to complain to the UK Information Commissioner’s Office by visiting www.ico.org.uk, or to the data protection regulator in the country where they live or work. The UK Information Commissioner's Office is contactable here:

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113
Fax: 01625 524510

Contact us

If you have any questions regarding privacy while using McAnallen, or have questions about our practices, please contact us via email at info@mcanallen.com.   The practices described in this privacy policy statement are current and up to date as at 1 July 2020.

Changes

This privacy policy may be updated from time to time for any reason. We will notify you of any changes by posting an updated privacy policy on our Website.  We will also endeavour to update anyone registered with us via email or text message.

[1] All references to the GDPR’s application in the UK shall refer to its application through the Data Protection Act 2018 or any other successor instrument or equivalent national rule which applies during and beyond the transitional arrangements governing the UK’s withdrawal from the EU.