City View

Privacy Policy

This is the Privacy Policy for MEMA. This notice provides general information on the way in which the personal information you provide is managed and processed by MEMA.

Last revised: January 2022

You have certain rights in relation to your data. At any time, you can exercise your rights by emailing us at contact@memaconsultants.com. For further details about our processing and your rights, please see below.


 

ABOUT OUR SITE

Our site enables people to request our services or information regarding consulting services.

ABOUT US

MEMA Consultants Ltd (“MEMA”, “we”, “us”, “our”) is a company registered in England and Wales (company number:11869187), whose registered office address is at Hammond Court, London, N18 1FA

For the purposes of the General Data Protection Regulation (the “GDPR”), MEMA Consultants Ltd is the controller in relation to your data. We are registered as a controller with the UK Information Commissioner’s Office (ICO) under registration number  ZA735209. You can confirm our registration here: www.ico.org.uk

 

PURPOSES FOR PROCESSING YOUR DATA 

We have detailed each of our purposes for processing personal data, including the relevant lawful basis for processing. We rely on the following lawful bases for processing:

  1. Contract (i.e. where We need to process personal data to deliver a contractual service to a customer or because a customer has asked that We do something before entering into a contract.

  2. Consent (i.e. where We have asked whether you wish to permit us to process data in a certain way and you have told us through affirmative action or a clear statement that you allow us to do so)

  3. Explicit Consent (i.e. where We have asked whether you wish to permit us to process data in a certain way and you have told us through a clear statement that you allow us to do so)

  4. Legal obligation (i.e. where We need to process the personal data to comply with a common law or statutory obligation).
     

LEGAL GROUNDS

This notice sets out (above) how we use your data. Under the GDPR, controllers must have a valid lawful basis for each processing activity that they undertake. This section sets out our lawful basis for each activity.

 

Activity/ Lawful Basis & Your Rights

  • To contact you in relation to an online enquiry

    • Lawful Basis under the GDPR= Consent​​​

    • Your Rights​: To withdraw your consent, as explained below

  • To provide you with our services, including support, updates and communications regarding the provision of our services

    • Lawful Basis under the GDPR= Consent​​​

    • Your Rights​: To withdraw your consent, as explained below
       

  • To process and store criminal offence data in relation to the provision of our service

    • Lawful Basis under the GDPR= Consent​​​

    • Your Rights​: To withdraw your consent, as explained below
       

  • To contact you in relation to any complaint you may bring

    • Lawful Basis under the GDPR= Legitimate interests*​​​

    • Your Rights: You have the right to object to processing based on legitimate interests
       

  • To put you in contact with third-party providers relevant to the provision of our services

    • Lawful Basis under the GDPR= Consent​​​

    • Your Rights​: To withdraw your consent, as explained below
       

  • To publish any testimonials, you have completed following the provision of our service

    • Lawful Basis under the GDPR= Consent​​​

    • Your Rights​: To withdraw your consent, as explained below
       

  • To tailor our services to your needs and requirements where this concerns health data

    • Lawful Basis under the GDPR= Explicit consent​​​

    • Your Rights​: To withdraw your consent, as explained below
       

  • To comply with any laws or regulations

    • Lawful Basis under the GDPR= Legal Obligation​​​
       

  • To email or SMS message you with more information about the products or services that you have shown an interest in

    • Lawful Basis under the GDPR= Consent​​​

    • Your Rights​: To withdraw your consent, as explained below

*Under the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), we send such emails on the basis of the existing customer (soft opt-in) exemption.

 

In each case where we have identified legitimate interests as the legal basis for our processing, we have conducted a legitimate interests assessment.

 

WHAT DATA DO WE COLLECT, AND HOW

We collect personal data about you when you provide personal data to our firm so that we may provide our services to you and use or view our website via your browser’s cookies.

We also collect personal data about you from third party sources. The data collected from third party sources are as follows 

 

Collected

  • First name,

  • Middle name,

  • Surname

  • Regulatory Identifiers e.g. Individual Reference Number (IRN)

Publicly Available?

  • Yes – Companies House Shareholding

  • Yes – Companies House Directorships

  • Yes – Companies House

  • Yes – E.g. Financial Services Register

 

COOKIES

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.

To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

 

STORING YOUR DATA

We have a data retention policy, which clearly sets out how long we keep data for, and for what reasons.

We will keep your data only for as long as is necessary to fulfil the purpose/s for which it was collected in the first place, i.e. as set out in this notice.

Following the periods set out above, we will not use the data, save that we will hash/anonymise the same, and retain it for a further 3 years for compliance purposes.

YOUR RIGHTS

If you are located in certain countries, including the European Economic Area and the United Kingdom, you have certain rights under GDPR in relation to your personal data. In relation to our site, and the service that we provide, those rights are set out above. We further explain these rights, and your other rights, below.

Right of access – You have the right at any time to ask us for a copy of the personal information that we hold about you, and to check that we are lawfully processing it.

Right of rectification – If personal information that we hold about you is not accurate or is out of date and requires amendment or correction you have a right to have the data rectified or completed.

Right of erasure – In certain circumstances, you have the right to request that personal information we hold about you be erased (e.g. if the information is no longer necessary for the purposes for which it was collected or processed).

Right to object to or restrict processing – In certain circumstances, you have the right to object to our processing of your personal information. For example, if we are processing your information on the basis of our legitimate interests, and there are no compelling legitimate grounds for our processing that override your rights and interests.

Right of data portability – In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format.

Right to withdraw consent – In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You can exercise this right by emailing contact@memaconsultants.com

Exercising your rights

As explained above, you can exercise your right to withdraw consent by emailing contact@memaconsultants.com

 

If you wish to exercise any of your other rights under the GDPR or if you wish to discuss our use of your data, please email us at contact@memaconsultants.com

 

Alternatively, you can write to us at the address set out above, or inform us if you speak with us on the phone.

Our lead supervisory authority for the processing set out in this notice is the UK Information Commissioner’s Office (ICO). If you are unhappy with how we have processed your data, you have the right to make a complaint to the ICO.

If you are based outside of the UK, or you have a complaint concerning our activities outside of the UK, you may prefer to lodge a complaint with a different Supervisory Authority. A list of relevant authorities can be accessed here.

CONTACTING US

If you have any questions regarding this notice, or any questions relating to data protection or privacy, you can contact us at contact@memaconsultants.com

CHANGES TO THIS NOTICE

From time to time, we may update this notice.