2. Who we are
2.1 Here are the details that we as ‘data controller’ are required to give to you in accordance with Data Protection Legislation, including the retained EU law version of the EU’s General Data Protection Regulation ((EU) 2016/679) (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003 (as amended), and any other applicable or updated law which relates to the protection of individuals rights with regard to the processing of personal data:
2.1.1 Our Website address is: mnabooks.com
2.1.2 Our company name is: Never Again Publishing Ltd, registered in England & Wales No.13217962
2.1.3 Our registered address and also our trading address is:
Never Again Publishing Ltd,
Unit A1-A6 Vulcan House,
Oxford Street Industrial Estate,
3. What we collect
3.1 We collect, use, transfer and process the following data about you:
3.1.1 personal data you put into forms, when ordering goods from us.
3.1.2 requests that marketing material be sent to you;
3.1.3 personal data you provide to us when you contact us by email, phone or otherwise.
3.2 We also ask for your personal data when you report a problem with our Platform or provide other feedback and we will collect the following personal and non-personal data to enable us to provide our Services to you:
3.2.1 a record of any correspondence between us;
3.2.2 details of transactions you carry out through our Platform;
3.2.4 any personal data that you upload to our Platform and any other form of interaction data you provide.
3.3 We do not store credit card or bank account details. (Our use of PayPal for on-line purchases means that we do not have access to these details).
3.4 Depending on your circumstances and the products and services selected the personal data we gather about you includes: your name; address; email address; phone number; purchase details; and any further personal data as required as part of the service or product provided or which you share through our Platform.
5. How we use what we collect
5.1 We use personal and non personal data about you to:
5.1.1 present Platform content effectively to you;
5.1.2 provide information on and allow you to use, products and services that you request, or those services which we feel will be of interest to you to personalise your experience;
5.1.3 allow us to improve our service to you by responding to your customer service requests;
5.1.4 tell you about changes to our service;
5.1.5 contact you electronically about similar products and services to those previously sold to you unless you tell us that you do not wish to receive such information by contacting us at any time via email@example.com
5.3 If you do want to be contacted for marketing purposes you can unsubscribe or change your preferences at any time by contacting us via firstname.lastname@example.org
5.4 We don’t identify individuals to our advertisers (if any)
5.5 In addition to 5.1 we will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
5.5.1 Where we need to perform the contract we are about to enter into or have entered into with you.
5.5.2 Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
5.5.3 Where we need to comply with a legal or regulatory obligation.
6. Where we store your data
6.1 We store your data on our own computer systems within UK, and we do not transfer any data for storage to third parties or to anywhere outside UK.
6.2 Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Platform. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our written instructions and they are subject to a duty of confidentiality.
6.3 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
6.4 We have implemented security measures such as a firewall and other cyber security to protect any data and maintain a high level of security.
6.5 Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet is not completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet and you take the risk that any sending of that data turns out to be not secure despite our efforts.
7. Retention of Data
7.1 We will not collect more personal data than we need for the purposes set out in Paragraph 5. We will retain such personal data for the life of your contractual arrangement with us and for a period of up to seven years after your relationship with us has ended. We regularly review our data retention obligations to ensure we do not keep personal data for longer than required to carry out the purposes set out in Paragraph 5.
7.2 We do not store credit card details or bank details.
8. Disclosing your personal data
8.1 We are allowed to disclose your personal data in the following cases:
8.1.1 if we want to sell our business, or our company, we can disclose it to the potential buyer;
8.1.2 if we want to sell or buy any business, or assets, we can disclose your personal data to the potential buyer or seller of such business or assets;
8.1.3 we can disclose it to other businesses in our group.
8.1.4 we can disclose it if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights;
8.1.5 in connection with legal proceedings (including prospective proceedings);
8.1.6 in order to establish or defend our legal rights; and
8.1.7 we can exchange personal data with others to protect against fraud or credit risks.
8.3 We engage third parties to assist us in carrying out certain functions on our behalf. These include companies to assist with payment processing, search engine facilities, advertising and technology services, and delivery of goods. We only share the appropriate level of personal and non personal data to enable the supplier to provide their services. Where your personal data is required to be shared we will take all reasonable steps to ensure your data is handled safely and securely and in accordance with our and the suppliers’ obligations under Data Protection Legislation.
8.4 Companies who have access to personal and non personal data include:
Web design: Digital Jellyfish
Web hosting: TsoHost
Payment processing: PayPal
Storage: Wolverhampton Self Storage
We may change these companies from time to time.
9. Your rights
9.1 You have a number of rights under the Data Protection Legislation;
9.1.1 The right to request a copy of the personal data we hold on you. When you request this personal data, this is known as a Subject Access Request (SAR). In most cases, this will be free of charge however in limited circumstances we apply an administration charge. For example, where repeated requests are made;
9.1.2 The right to have personal data we hold about you transferred securely to another service provider in an electronic form;
9.1.3 The right to have inaccurate personal data corrected and additional personal data added to your record;
9.1.4 The right to request any out of date personal data erased once there’s no business need or legal requirement for us to hold it;
9.1.5 The right to object to or restrict your personal data being processed, in limited circumstances and only when we don’t have legitimate grounds for processing your personal data;
9.1.6 The right to object to personal data being used to send you marketing material. As mentioned above, we will only send you marketing material where you have given your consent to do so. You can remove your consent at any time at email@example.com
9.1.7 You can ask us not to use your data for marketing. You can do this by contacting us at any time at firstname.lastname@example.org
9.1.8 To exercise any of these rights please contact email@example.com
10.1 We are committed to ensuring your personal data is protected and held securely. However, the internet is not a secure medium and we cannot accept responsibility for the security of an email during transmission or non-delivery of that email.
11. Making a complaint
11.1 If you believe we have not processed any of your personal data in accordance with Data Protection Legislation or you have been affected by non-compliance you can make a complaint to us at firstname.lastname@example.org, or by post to:
Never Again Publishing Ltd Unit
A1-A6 Vulcan House,
Oxford Street Industrial Estate,
11.2 If you are not satisfied with our response you can raise a complaint with the UK’s Information Commissioner’s Office, the UK’s independent authority set up to enforce Data Protection Legislation. For further information on exercising your rights on organisations processing your personal data, please click here. https://ico.org.uk/your-data-matters/your- right-of-access/
12. Links to other websites
14. Terms and Conditions
14.1 Please also visit our Terms & Conditions page via our website, establishing the use, disclaimers, and limitations of liability governing the use of our Platform.
16. Your consent
17. Dispute Resolution
17.2 If any such dispute cannot be settled amicably through ordinary negotiations between the parties, or either or both is or are unwilling to engage in this process, either party may propose to the other in writing that structured negotiations be entered into with the assistance of a fully accredited mediator before resorting to litigation.