Privacy Policy
Privacy Policy Notice
The policy: This privacy policy notice is for this website www.meridianlife.co.uk governs the privacy of those who use it. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, Meridian Life.
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a users computer or device.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
Lawful basis: Contract
Where it is necessary to deliver the goods or service you have requested
We process your information in the following ways: The Company shall process any personal data (defined in the Data Protection Act 1998) only in accordance with the Customer’s instructions from time to time and shall not process the personal data for any purposes, other than those expressly authorised by the Customer.
Each party warrants to the other that it will process the personal data in compliance with all applicable laws, enactments, regulations, orders, standards and other similar instruments.
The Company warrants that it will take reasonable measures against the unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data to ensure a level of security appropriate to the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage.
The Company may authorise a third party to process the personal data provided that the third party’s contract is on substantially similar terms as those set out in the Contract and it terminates automatically on termination of the Contract for any reason.
The Customer and Company acknowledge that for the purposes of the Data Protection Act 1998, the Customer is the data controller and the Company is the data processor in respect of any personal data.
Data retention period: We shall continue to process your information until the contract between us ends or is terminated under any contract terms.
Sharing your information: We do not currently share your information with third parties but we may reserve the right to authorise a third party to process the personal data provided that the third party’s contract is on substantially similar terms as those set out in the Contract and it terminates automatically on termination of the Contract for any reason. We will only share your personal information with third parties where required by law or to provide you with requested products and services, where it is necessary to carry out our working relationship with you or where we have another legitimate interest in doing so.
If you request services from us online, we will retain your name, email address and telephone number in order to deliver their services to you.
Third parties will only process your data on our instructions and where they have agreed to treat the data confidentially and to keep it secure. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Currently none of your data is transferred outside the European Economic Area (EEA). If this changes, we will notify you and you can expect a similar degree of protection in respect of your data.
As we process your personal data, we are registered with the ICO and have been added to the Data Protection Register.
- Lawful basis: Legal obligation
The reason we use this basis: Where we are required to provide information to law enforcement or for regulatory authorities. - We process your information in the following ways: The Company shall process any personal data (defined in the Data Protection Act 1998) only in accordance with the Customer’s instructions from time to time and shall not process the personal data for any purposes, other than those expressly authorised by the Customer.
- Data retention period: Up to 2 years.
Sharing your information: We do not share your information with third parties.
Lawful basis: Legitimate interests
We will use your data in ways that you would reasonably expect and which have a minimal privacy impact. .The use of your data will be proportionate and will be necessary for our legitimate interests (or those of a third party), and where your interests and fundamental rights do not override those interests. These interests include; informing you of product developments and changes, informing you of new products or services, price changes, legislative changes or other reasons that are relevant to you
We process your information in the following ways: Only to service the contract you have agreed to.
Data retention period: Up to 2 years.
Sharing your information: We do not currently share your information with third parties but may reserve the right to authorise a third party to process the personal data provided that the third party’s contract is on substantially similar terms as those set out in the Contract and it terminates automatically on termination of the Contract for any reason. We will only share your personal information with third parties where required by law or to provide you with requested products and services, where it is necessary to carry out our working relationship with you or where we have another legitimate interest in doing so.
If you request services from us online, we will retain your name, email address and telephone number in order to deliver their services to you.
Third parties will only process your data on our instructions and where they have agreed to treat the data confidentially and to keep it secure. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Currently none of your data is transferred outside the European Economic Area (EEA). If this changes, we will notify you and you can expect a similar degree of protection in respect of your data.
Your individual rights
Under the GDPR your rights are as follows. the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
Internet cookies
We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.
Some cookies are required to enjoy and use the full functionality of this website.
We use a cookie control system which allows you to accept the use of cookies, and control which cookies are saved to your device / computer. Some cookies will be saved for specific time periods, where others may last indefinitely. Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.
Cookies that we use are;
- Session Cookies – Session cookies are set when a user logs in to a WordPress site. These cookies contain a user’s authentication details, and the settings for the admin area interface. Login cookies in WordPress expire every 15 days.
- Comments Cookies
- Google Analytics Cookie – Google Analytics is a simple, easy-to-use tool that helps website owners measure how users interact with website content. As a user navigates between web pages, Google Analytics provides website owners JavaScript tags (libraries) to record information about the page a user has seen, for example, the URL of the page. The Google Analytics JavaScript libraries use HTTP Cookies to “remember” what a user has done on previous pages/interactions with the website.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Transparent Privacy Explanations
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.