Privacy Policy
1. What we need
Our GDPR Privacy Policy governs the use and storage of your data.
Mentzendorff is a Controller of the personal data that our data subjects (customers, suppliers, third parties and employees provide us). We collect the following types of personal data from customers, suppliers & third parties:
- For Customers:
- first name
- surname
- full address
- business address details
- phone numbers
- email addresses
- date of birth if company director (companies house information)
- occasionally credit card details, if used in business
- Suppliers and Third Parties:
- name
- address
- bank details
- Contact Number
2. Why we need it
We need your personal data in order to provide you with the following services:
- Sales & delivery of our products
- Marketing of Products & provision of marketing news
- Invoicing
3. What we do with it
Your personal data is processed in Mentzendorff, 52 Bermondsey St, London, SE1 3UD. Hosting and storing your data takes place within our central business systems now maintained by our Third-Party IT provider in France (as part of the Group IT policy).
Whenever Mentzendorff uses a third-party supplier or business partner to process personal data on its behalf (for example, our Third-Party Warehouse), the Data Protection Officer will ensure that this processor will provide security measures to safeguard personal data that are appropriate to the associated risks. For this purpose, the Processor GDPR Compliance Questionnaire will be used. We will establish a data-sharing agreement with the supplier or contractor to ensure the fair and lawful processing of any personal data we share.
4. Legal basis
Mentzendorff may process your Personal Data because:
- We need to perform a contract with you
- You have permitted us to do so
- The processing is in our legitimate interests
- To comply with the law
5.How long we keep it
In terms of GDPR and the Data Protection Act, we are required to keep your documents for the appropriate period according to our Data Retention Policy which complies with the appropriate legal requirements. After this period, your personal data will be irreversibly destroyed. Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information. Please see Data Retention Policy for more information on our personal data retention schedule.
6. Website use and use of cookies
7.What are your rights?
Should you believe that any personal data we hold on to about you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted. Please contact us via GDPR@Mentzendorff.co.uk whereupon you will be sent a Data Subject Access Request Form.
If you wish to complain about how we have handled your personal data, please contact the Data Protection Officer at GDPR@Mentzendorff.co.uk or in writing at The Woolyard, 52 Bermondsey Street, London SE1 3UD. Our Data Protection Officer will then look into your complaint and work with you to resolve the matter.
If you still feel that your personal data has not been handled appropriately according to the law, you can contact the ICO and file a complaint with them.
- Data Breach
We will report any serious, unlawful data breach to all relevant authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen or lost.