Who are we?
We are Mesla Limited, an IT Services and Consultancy residing in the United Kingdom, serving organisations and private clients. We abide by British and European privacy and General Data Protection Regulation (EU GDPR) regulations.
Our website address is: https://mesla.co.uk
How can we be contacted?
Our registered address is 57 Cecil Crescent, Hatfield, Hertfordshire, AL10 0HG
If you have any questions concerning this policy, personal information that we hold on you, or you would like to change your personal information or make a complaint please contact us directly at enquiries@mesla.uk
What data and information do we hold?
The only information we hold about individuals is the data and information which they have voluntarily provided to us through:
- Enquiries made by potential and actual clients via either phone, email, or the contacts’ form on the website
- The execution and delivery of our services which require client organisational and individuals’ data and information
- Subscribing to our communications, news and updates via email or the contacts’ form on the website.
Can and how is my data and information stored?
Any and all organisational and individual data in securely held by us, with only appointed persons’ access. Data and information are never shared with any other third parties, except when explicit permission is given by clients for the purpose of operational delivery requirements.
Any and all data and information which is kept is managed in full compliance with British and European privacy and General Data Protection Regulation (EU GDPR) regulations.
When data and information is removed, it is permanently deleted from all physical and electronic records.
Terms and Conditions
By using our website, you accept the following terms and conditions:
- Your access to and use of this website is subject to the terms of this policy, our terms and conditions and any other legal notices and statements contained on this website
- By using this website, you agree to be subject to the following terms. If you do not agree to them, please do not use our sites. You should keep a copy of these terms for reference.
Why do we have a Privacy Policy?
We are committed to protecting and respecting your privacy. We are also required to ensure we are compliant with all data protection regulations and requirements. This includes the European General Data Protection Regulation ((EU) 2016/679) (GDPR) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SIC426.2003) as well as any laws implemented, added to, or replacing those pieces of legislation.
This policy with our terms and conditions guide how we use personal information that you give to us. By using this website, you are telling us that you agree to the terms of this policy.
Our privacy policy will be reviewed and may change. By continuing to use our website you agree that you accept any changes that we make. Any information we hold will be governed by our most recent privacy policy.
What personal data and Information do we collect and how do we use it?
We collect organisational and personal information which facilitate us being able to offer, manage and deliver our services. Such data and information come from:
- Email communications, correspondence, and enquiries
- Current and previous client operational administration and management requirements
- Website and online use, enquiries, subscription, and contact
- Public, open source contacts and information from such sites as LinkedIn.
We also source organisational and personal data and information directly from list owners who offer GDPR compliant data on decision-makers in companies we would like to approach in order to promote our products and services.
What type of data and information do you collect?
We collect organisational and personal information and date from and on:
- Potential and actual clients, customers, enquirers, prospects, suppliers, contractors, consultants, agents, partners, associates, employees, and job applicants.
- Information that is given when subscribing to communications, news, and updates
- Information that is given when making general enquiries
- Information when you report a problem with our website.
Specific information and data examples of what information and data are collected include:
- name, address, telephone numbers, email addresses and other contact information
- job titles, roles, responsibilities
- Organisational and personal training, learning, development and consulting preferences, interests
- Webinars, programmes, courses conducted either by us, or where we have worked and delivered training with, through or on behalf of other third party provides.
- Consulting engagements conducted either by us, or where we have worked and delivered training with, through or on behalf of other third party provides.
- Areas of the website used and visited
- Any data and information provided by taking part in surveys for marketing or research purposes.
What financial information do we hold?
We never store nor hold any financial information such as banking and credit cards, accounts, numbers. All payment requirements are conducted without us storing any related information or data after the transaction is completed.
We may need to collect and maintain information from external sources such as credit reference and identity verification agencies. We will tell you when we receive information from them and how we will use it.
What information is automatically collected when I access your website?
Information that is automatically collected when you use our website includes:
- Technical information such as your IP address, browser type and plug-ins, time zone setting, operating system and platform
- Information about your visit, including the full URLs, products, events, courses and services you have viewed and searched for, page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), methods used to browse away from the page and any phone number(s) used to contact us.
How is data collected whilst using your website?
Organisation and personal data and information is collected on the website through the online contact forms:
- The contact and message form, where we request basic level organisational and personal data and information, such as rank or title, first name, family name, organisation, role or responsibility, business email and / or personal email.
Further to the above, potentially technical, and electronic data will be collected through:
- “Session cookies” – see our policy below
- A record of the pages you visit within our website or
How will your information be used?
All organisational and personal data is collected, processed, stored securely, and managed for the minimum required operational and delivery requirements and for the direct purpose for which the data and information.
Our use of your organisational and personal data and information will always be in accordance with British and European laws and regulations as required for the successful and effective delivery and performance of a contract, potential business development, marketing, sales and communications; or other legitimate business and operational requirements.
Such operational and delivery requirements also include potential data and information types applicable across the value chain, related to such as potential clients and customers, enquiries, sales, marketing, public relations, communications and business development; as well as suppliers, contractors, consultants, trainers, agents, strategic and collaborative partners, associates and employees.
Can I opt-in and out of direct communications from you?
If you have subscribed to us through the website contact, subscription, news updates and registrations forms, we will communicate directly with you for marketing, communications, public relations, sales and business development purposes about our general and specific news and updates; services; and such as promotions and offers.
For such purposes, we may contact you on through any medium you have listed, including telephone., email and text.
By registering and subscribing through these website-based forms, you are providing us with explicit consent to contact you directly about news, updates, services and other such items as outlined above which may be of interest to you.
You have the right to withdraw your consent at any time. To do so please contact enquiries@mesla.uk
Additionally, we can be contacted to opt out by general email, phone and through the appropriate forms on the website.
Upon opt-out, all organisational and personal data is securely and permanently deleted, and no further contact and communications made. It is possible to express and submit specific opt-in and communications preferences using the appropriate forms on the website.
We take all appropriate measure to ensure that all personal privacy, data and information and rights are fully protected in compliance with obligations under the GDPR, Privacy and Electronic Communications (EC Directive) Regulations 2003 and other appropriate UK and European legislation and regulations.
How is the legal background defined?
The legal grounds which define ‘legitimate interest’ as laid out in the GDPR, which allows that the processing of personal data for direct marketing purposes ‘may’ be regarded as carried out for a legitimate interest.
It is within this context that we have a legitimate interest in the collection, processing and appropriate and secure retention of organisational and personal data and information for the business and operational purposes and through the sources and mediums as outlined above. These include:
- The administration, management and delivery of services and engagements
- Direct marketing, communications, public relations, sales, and business development
All direct marketing and communications strictly for the sole purposes of business development by, through and for Mesla limited.
Any and all such prospecting and business development data and intelligence is held for a maximum if 12 months before being deleted, unless consent is given to hold such data and information for a further 12-month cycle.
What ethical and moral frameworks bind your use of my data?
We will never:
- Sell, pass on or disclose to a third party your data and information, subject to the provisions on data and information disclosure outlined below
- Use any such organisational or personal data in any way that could be considered inappropriate, harmful, intrusive, damaging, give rise to distress or be used to invade your privacy.
Within this context, our legitimate interest in the collection, processing, management, and security of data is proportionate and appropriate to only those business development, capture and delivery reasons and mediums as outline above.
Can you give me specific example of how my organisational and / or personal data and information may be used?
We may use organisational and personal data and information in the conduct and execution of our business development marketing and communications, and operational delivery of services in the following illustrative ways:
- To directly communicate with you about potential services, products that may be of interest to you
- To directly communicate with you about our news and updates
- To effectively and successfully administer, manage and deliver services, consulting, training, and development
- To confirm your identity
- To process payments
- To facilitate your engagement and enhance your experience with us
- To enable us to perform our professional, ethical, legal, duty of care and other obligations to you, such as during training and / or event delivery
- For training, learning and development webinars, programmes and courses purposes, quality assurance, administration, and management records
- To ensure that website performance and optimisation
- To analyse and audit the usage of our website, including data analysis, testing, research, statistical and survey purposes
- For our internal website administration and maintenance operations, including troubleshooting purposes
- To improve our website performance and effectiveness
- To maintain website security and safety
- To analyse, assess, audit, and measure the effectiveness of advertising, marketing, communications, promotions and offers
- To direct and deliver personalised and relevant content, marketing, and communications to you
Disclosure of data and information
As outlined above, we will never:
- Sell, pass on or disclose to a third party your data and information, subject to the provisions on data and information disclosure outlined below
- Use any such organisational or personal data in any way that could be considered inappropriate, harmful, intrusive, damaging, give rise to distress or be used to invade your privacy.
As required and appropriate for the secure, effective, and successful delivery of services, consulting, training, and development we may disclose limited levels of your organisational and personal data and information on a temporary basis to:
- Appropriate nominated direct employ personnel as required for operational requirements above, as well as such as registration on, joining of, administration and management of services, consulting, training, and development
- Appropriate nominated indirectly employed personnel of our strategic and collaborative partners and subcontractors in the secure, effective, and successful delivery of services, consulting, training, and development
- Appropriate nominated indirectly employed personnel – such as reception or security personnel at a training venue – as required for operational requirements above
- Appropriate nominated direct employ personnel within Mesla limited, subsidiaries and trading names
- Successors in title to our business and services, whereby any new controlling party will only be permitted to use the data for the exact same purposes for which it was originally collected
- Any organisation or person expressly instructed and authored by you, for example an ICE contact whilst on a training course
- Any relevant regulatory, governmental or law enforcement authority as appropriate and required by law
- Any third parties necessary to securely, effectively, and successfully delivery the services, and operations as ‘contracted’ by clients
- Any third parties as required to protect the rights, property, or safety, security, health and welfare of our other stakeholders, participants, clients, employees, agents, consultants, sub-contractors or others following any behaviour or action which may be deemed as illegal, dangerous, criminal or detrimental of life, health and welfare in a serious way
- Any third parties as required for the purposes of fraud protection and credit risk reduction.
How do you use marketing and communications analytical and statistical data?
When sharing any and all marketing, communications, advertising and similar data and information with third party providers and stakeholders, no data or information is disclosed which can identify and organisation or person. Metrics are generic and aggregated.
How is data and information used outside the UK and EU?
When any data and information, for example the running of projects outside of the UK or EU, internally we abide by UK and EU data and information standards.
Additionally, we take all appropriate and applicable steps, including data and information protocols, standing operating procedures and awareness training, to do our best to ensure that all data and information used outside of the UK and EU is securely managed and protected in compliance with UK and EU standards wherever possible; and privacy is respected and safeguarded where-ever possible.
Data and Information Security
We take information security very seriously, and we work in accordance with IS27001 Information Security Management Systems benchmarked and aligned standards.
Our data and information security frameworks encompass physical, logical, and technical and every appropriate effort is made to ensure that organisational and personal data is held securely, and risk of data and information loss, theft or unauthorised access is minimised. Internally, we also follow ISMS protocols and standing operating procedures with respect to data and information security, access, administration, and management; with only authorised and appointed personnel having access to data for the purpose of executing their responsibilities.
All financial and payment protocols are conducted in accordance with our terms and conditions, and no organisational or personal financial data is kept by us.
All third parties who require access or organisational or personal data and information for operational reasons do so on a limited and temporary basis only, and in accordance with our frameworks, protocols and standing orders as outlined above.
All internal and external parties accessing and using organisational or personal data and information are bound by confidentiality.
Any and all organisational or personal data and information security breaches are both managed internally as well as being reported to external parties as appropriate, applicable and / or required by regulatory or legal authorities.
Your Responsibilities, Obligations and Requested Help
It is important that the organisational and personal data and information we hold about you is accurate and up to date. Please keep us informed if your organisational or personal information changes during your relationship with us.
To ensure that your organisational and personal data and information is secure, we may request information to help us confirm your identity and ensure your right to access the data and information held; and to protect the exercise of your other rights.
Data Retention
We are legally required to hold some types of information to fulfil our statutory obligations.
We will only retain organisational and personal for the duration required to fulfil these legal and regulatory requirements. Such data and information retention is also informed by the purposed for retaining such data and information; and the amount, nature and sensitivity of the data and information held, with any and all such data and information not required for such legal and regulatory requirements being destroyed permanently.
All such data and information, along with your privacy and rights, are administered and managed with all our obligations as a data controller, and in accordance with UK and EU regulatory and statutory requirements, such as the GDPR and the Privacy and Electronic Communication (EC Directive) Regulations 2003.
Your Rights
You have the right to access, correct, erase, and restrict the use of your organisational and personal data which we collect, process and manage.
In accordance with our UK and EU statutory obligations, you have the right to:
- Be informed about our collection, use and storage of personal information
- Request access to your personal information (commonly known as a “data subject access request”). This allows you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
- Request correction of the personal information that we hold about you. This allows you to have any incomplete or inaccurate information we hold about you corrected
- Request permanent deletion, destruction, and erasure of your personal information. This allows you to ask us to delete or remove personal information where there is no good reason for us continuing to process it and add you to a suppression file for future direct marketing approaches. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below)
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground. You also have the right to object where we are improperly processing your personal information for direct marketing purposes
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it
- Request the transfer of your personal information to another party.
No fees are charged for the execution of any of the above.
We do not conduct any form of profiling or automated decision making.
We do not collect, process, or store information on children under the age of 18. Children are therefore expressly prohibited from using this website.
We cannot be held accountable for links to other unconnected websites. Data subjects are therefore advised to check the privacy policy of any such website prior to providing any personal information.
Right to withdraw consent
If you have consented to us collecting, processing, and transferring your organisation and personal data and information for a specific purpose, you have the right to withdraw your consent at any time.
To do so please contact enquiries@mesla.uk
You should be aware that the withdrawal of consent may hinder or halt our capability to provide services and solutions.
Questions, Comments and Complaints
If you have any questions concerning this policy, related policies and the organisational and personal information and data that we hold on you, or you would like to change your personal information, or make a general enquiry or complaint then please contact us at enquiries@mesla.uk
If we cannot fully resolve your complaint, you have the right to make a complaint to the Information Commissioner’s Office (ICO), at https://ico.org.uk/. The ICO is the UK supervisory authority for data protection issues.
COOKIE POLICY
PLEASE READ IT CAREFULLY BEFORE USING THE SITE.
By using our site, you accept these terms
Your access to and use of this website is subject to the terms of this policy, our terms and conditions and any other related internal and external policies and legal and statutory documents and references pertaining to the use of this website.
By using and browsing our website, you consent to cookies being used in accordance with this policy.
If you do not consent, you must disable cookies or refrain from using the site.
Where to find terms that may apply to you
This Cookies Policy should be read with the following documents:
- Website Terms of Use
- Privacy Policy
- Cookies Policy
- Terms and Conditions
What is a cookie?
A cookie is a small electronic data and information file stored on your computer that helps the browser to improve your experience of a particular website.
The first time you visit a site which uses cookies, a cookie is downloaded to your device.
Such cookies contain a variety of anonymous information to improve your visit on the site.
The next time you use that website, your browser checks for and uses stored cookies to provide effective and personalised content and experiences.
For more information about cookies please visit: All About Cookies.org.
How we use Cookies
We use a variety of cookies to perform a range of functions to ensure that your end user visit to our website is as smooth, effective, and personalised as possible; as well as to monitor the performance of our website.
All cookies used by and on our website are used in accordance with current UK and EU cookie law.
Before Cookies are placed on your computer or device, an appropriate consent form is shown. You may accept or reject cookies; and even when cookies are accepted, they can be rejected at any time.
As an additional safeguard, users can disable and clear third-party cookies at any time using internet browser settings.
Third-Party Content
When using third-party services who have access to our website, they may in turn deploy on our website third party plugins and cookies. Whilst we endeavour only to use trusted third parties, we no not accept any responsibility for those third-party cookies.
Such third-party plugins and cookies if rejected will not affect the use and experience of our website.