PRIVACY POLICY

At Mitigo Limited we collect and use the data you provide to us responsibly, and in compliance with all applicable data protection laws including the EU General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Please read this privacy policy carefully.

2. Who are we

We are Mitigo Limited, registered in England & Wales under number 15672839, registered office at, Southgate 2, 321 Wilmslow Road, Cheadle, Cheshire, SK8 3PW (“Mitigo”, “we” “our” or “us”). We are registered with the UK Information Commissioner’s Office, registration number ZA353710.

3. Contact

If you have any questions about this policy, how we are handling personal data, or to exercise any of your rights as described in this privacy policy, you may contact us:

by post:

Privacy Manager, Mitigo Limited, Southgate 2, 321 Wilmslow Road, Cheadle, Cheshire, SK8 3PW

by email:

privacymanager@mitigogroup.com

You may contact the UK Information Commissioner’s Office @ https://ico.org.uk/concerns/handling/  to report concerns you may have about the way we are handling data.

4. How we collect personal data

Information from you:

You may provide us with personal data when you enter information onto our website, when we are in contact by phone or email, when you are introduced to us, when you provide your business cards, when you register your interest in a current or potential job or role with us, or otherwise. We may also collect personal data by recording phone calls which may be used for monitoring and training purposes. We may also obtain personal data when we are establishing, or providing services under, a contractual relationship, including through our visits, the use of our Helpdesk, our hosted software platforms, or otherwise. Our services to clients will also include processing personal data under our clients’ control which will be governed by different privacy terms.

Information from third parties:

We may obtain personal data indirectly from a variety of sources such as:

  • Our business clients – our clients may share personal data with us during the course of our providing services to them. This may include details relating to their directors, employees, agents, suppliers, contractors, and associates. If you are a client, you confirm that you are authorised to provide this personal data to us, and have provided any required privacy notices to the relevant data subjects. Our services to clients will also include processing personal data under our clients’ control (such as on our hosted software platforms) which will be governed by different privacy terms.
  • Publicly accessible sources – such as Companies House, news articles, internet searches.
  • Professional, social media and networking sites – e.g. LinkedIn, Twitter, Facebook.
  • From third party data suppliers.
  • From another third party – e.g. someone who has introduced you to us such as your trade or professional body, your IT provider, or other party with whom you may have a relationship (such as a recruitment agency acting on your behalf).
 

Information we collect online

We may obtain information about your visits to our website and about your computer and other devices.  This includes the following:

  • technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
  • information about your visits and use of the Site, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and website navigation and search terms used;
  • information collected by using cookies and other tracking technologies. Please see paragraph 13 below.
 

5. Personal data we collect

The types of personal data we collect may include the following:

  • Contact details (e.g. full name, job title, phone numbers, email address, postal address).
  • Financial information (e.g. bank details).
  • Professional information (e.g. career history, professional relationships, training history).
  • Technical and other information about the devices and systems you may use and about your visits and use of our website (e.g. relating to your IP address, operating systems, login information, length of visit to our site, clickstream, geographical information).
 

Sensitive personal data:

We do not usually collect sensitive or special categories of personal data. If we do process sensitive data, it is with the consent of the individual unless it is obtained from another source for legitimate purposes.

Children’s data:

We do not knowingly collect data relating to children under the age of 16 years.

6. How do we use your personal data

We may use your personal data in any of the following ways:

  • To respond to any requests for information about us or our services which you may make via our website or otherwise.
  • Generally to promote our services, products and capabilities to prospective and existing clients.
  • To send you alerts, announcements, invitations or other communications about us or our services or other service providers which we think may be of interest to you.
  • To let you know about changes to our policies or other terms and general administration information.
  • To administer and improve the security and functionality of our website, including personalised landing pages and communications with you.
  • To comply with any legal or regulatory obligations we may be subject to.
  • To provide our services to our clients, including any related administration, accounting or other processes.
  • To assess your suitability for a current or potential job or role with us.
  • To comply with our own internal operational requirements and policies, external audits and quality checks.
  • To carry out any credit reference checks.
  • Where necessary to enforce any of our contractual or other rights.
 

7. What legal basis we have for processing personal data

We may rely on the following lawful reasons when we collect and use personal data as outlined above.

Legitimate interests:

We may rely on our legitimate interests or the legitimate interests of a third party. Where we do so, this is based on our evaluation that the processing is necessary and proportionate.

Contract:

For the performance of a contract with you or to take steps before entering into a contract.

Legal obligation:

Where this is necessary so that we may comply with the law.

Consent:

For certain email marketing, we may rely on freely given consent.

8. Do we share personal data with third parties?

We may share personal data with third parties as follows:

  • With Mitigo partners, staff and other third party data processors and service providers, who help us deliver our services, or who help us to run our website, our offices, our IT and our other services and functions.
  • Our professional advisors.
  • Marketing service providers.
  • Recruitment service providers.
  • A potential or actual transferee, partner or seller and their advisors in connection with a potential or actual transfer of business or assets or similar transaction.
  • Any law enforcement agencies or government or regulatory organisations, as may be required by law.

Our third-party processors and service providers are subject to confidentiality and security obligations.

9. Do we transfer your personal data outside the European Economic Area (“EEA”)?

It is sometimes necessary for us to transfer and store personal data outside the EEA, for example where our service providers are located outside EEA, or where we have some other business reason to engage with an organisation outside EEA. Where this occurs, each such organisation is required to safeguard personal data in accordance with contractual obligations and in compliance with all applicable data protection legislation.

10. Your data protection rights

Your data protection rights include the following:

  • You have the right to access the information we hold about you.
  • You can ask us to correct our information if you believe it is incorrect or incomplete.
  • You can ask us to erase your personal data in some circumstances.
  • You can ask us to restrict our processing of your personal data in certain circumstances.
  • You can ask us to transmit personal data in a structured and commonly used format, in certain circumstances.
  • You have the right to object to our processing of your personal data which is based on our legitimate interests, in certain circumstances.
  • You have the right to object at any time to our processing of your personal data for direct marketing purposes.
  • You have the right to withdraw your consent that you may have previously given for specified purposes to process your personal data.

You can read more about these rights at https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/

If you wish to exercise any of your rights, please contact our Privacy Manager (as provided in paragraph 3 above).

11. Security of personal data

We take appropriate technical and organisational security measures to protect the security of personal data in accordance with all applicable data protection legislation.

Where data processing is undertaken by a third party on our behalf, we take steps to ensure that appropriate technical and organisational security measures are in place to protect personal data.

Please be aware that transmitting information via the internet is not fully secure, and we cannot guarantee the security of your data transmitted to our website.

12. How long do we keep personal data?

We keep your data in order to provide our services, to remain in contact with you and to comply with any legal requirements. We shall not keep your data for more than 7 years after we cease to provide services to you or after our last contact with you.

13. Do we use cookies?

We use cookies and other similar tracking technologies (e.g. web beacons and pixels). These are small text files or code placed on your device (e.g. computer, smartphone or other electronic device) when you use our website or app or view a message.

These help us recognise you and your device and store some information about your preferences or past actions.

For example, we may monitor how many times you visit our website, which pages you go to, traffic data, location data and the originating domain name of your internet service provider. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.

We may use the following cookies:

Strictly necessary cookies.

These are required to navigate our websites and operate basic website functions.

Performance cookies

These collect information on your use of our website.  They identify (for example) your browser, operating system, website visits and duration.

Functional cookies

These enable us to store information and options you have entered in order to offer your personalised functions or a service you have requested.

Targeting cookies

These are used to offer you more relevant and specific adverts, content, and communications, and to measure the efficiency of our marketing campaigns.  They register (for example) if you have responded to a promotion, visited a promoted link or website, and which content you have used.

You can set your browser not to accept cookies and remove cookies from your browser. However, some of our website features may not function as a result.  To find out more about cookies you can visit www.allaboutcookies.org.

We will ask your consent to place cookies or other tracking technologies on your device except where these are necessary for us to provide you with a service you have requested.

Social media pixels may be used for targeting, remarketing, conversion tracking, custom audiences and behavioural tracking.

We also use pixels or web beacons in marketing emails that we send to you. These pixels track whether our email was delivered and opened and whether links within the email were clicked. They also allow us to collect information such as your IP address, browser, email client type and other similar details. We use this information to measure the performance of our email campaigns, and for analytics.

You can always opt-out of our marketing communications by using any unsubscribe link located at the bottom of email communications or you can email us at privacymanger@mitigogroup.com.

14. Links to other websites

Our website may from time to time contain links to and from other sites which are not governed by this privacy policy. Please review their privacy policies carefully before inputting personal data onto their sites.

15. Changes to this Privacy Policy

This policy may change from time to time. Any changes will be posted on this website. This policy was last updated in November 2020.