Privacy and Data Protection Policy to comply with the General Data Protection Regulations (GDPR) 2018
MA Systems Ltd is committed to protecting your privacy and security. This policy explains how and why we use your personal data we collect from you, to ensure you remain duly informed and in full control of your information. full control of your information.
This is in accordance with the General Data Protection Regulation which comes into force on 25th May 2018.
We will never sell your personal data and will only ever share it with third party organisations we work with where necessary.
This policy describes how and why this personal data must be collected, handled and stored to meet the MA Systems Ltd data protection standards and to comply with the law.
Consent will be collected in the form of tick boxes being added to the relevant paperwork, web forms, registration forms, and any other order forms.
Any questions you have in relation to this policy or how we use your personal data should be sent either by email to firstname.lastname@example.org or addressed to:
The Data Protection Manager
MA Systems LTD
Old Coach House
Cloud-Lines is a web-based software product, produced by MA Systems Ltd. Our registered office can be found in section 1 of this document. Our office ours are Monday to Friday, 9am to 5pm. Our contact email address is email@example.com. The cloud-lines website can be found at cloud-lines.co.uk or cloud-lines.com. The MA Systems Ltd website can be found at masys.co.uk. MA Systems Ltd will be the data controller
Information we collect
Personal Data which you have provided:
Personal data includes name, address, postcode, date of birth, telephone, fax, mobile number, e-mail address, signature, customer ID, CPH number/UK holding number/ministry ID, we will also collect some personal information such as photographs and articles.
We obtain personal data about you when you:
make an enquiry to Cloud-Lines or MA Systems Ltd
register on the Cloud-Lines website
purchase a Cloud-Lines account on behalf of someone else or yourself
place an order to purchase goods or services from Cloud-Lines, i.e. merchandise, or technical support services
Information for Parents / Legal Guardians
We take great care to protect the rights of individuals in relation to their personal data, especially in the case of children. If your child is under 18 years of age, we will only use his or her personal data with your consent. Once your child has achieved the age of 18 years, parental/legal guardians will no longer have to give consent as they will be classed as an adult and will have to give their own consent.
Information from Third Parties
We will at times throughout the year receive customer personal data from third parties. This will come in to the Cloud-Lines System in the form of national and regional show results, as well as from partner organisations such as the RBST. This could include photographic material. We may also receive personal information from non-customers, asking us to contact them regarding becoming a customer.
Sensitive Personal Data
We do not normally collect or store sensitive personal data (such as information relating to health, beliefs or political affiliation).
Where we store your personal data
All information you provide on paper will be scanned and then destroyed with the use of a cross-cut paper shredder. Paperwork will only be handled by MA Systems Ltd employees.
The vast majority of customer data is stored electronically. Customers and users of the Cloud-Lines product will have their data stored in a secure database within our chosen cloud-hosting platform. Access to this data will be limited to the administrators of the customer account to which it is linked, as well as MA Systems Ltd employees. All Database access is password protected, with unique username/password combinations for each user. Customers and Users are responsible for keeping their password confidential. We ask you do not to share your password with anyone. Only MA Systems Ltd employees can gain access to the entire database.
Customers’ and Users’ data may be stored in the form of electronic documents held on the MA Systems Server which can only be accessed by Ma Systems Ltd employees using individual logins.
Data is backed up on the same cloud-hosting platform, but across multiple regions or data centres, to prevent data-loss due to any single failure.
Once we have received your information electronically, we will use strict procedures and security features to try to prevent unauthorised access. When using our website or online forms you are agreeing that we may track/record your IP address. We will store this information securely if retained in either electronic or paper format.
MA Systems Ltd will ensure that the data customers and users provide is not held for any longer than necessary and that the data customers and users provide is processed in accordance with the rights of the data subjects and protected and processed in the appropriate ways.
How we process the information you provide
We only ever use your personal data with your consent, or where it is necessary to pursue legitimate interests.
We use personal data for administration purposes to keep records of existing customers as up to date as possible on the Cloud-Lines platform
To create records for new customers or users on the Cloud-Lines platform including the supply of an individual customer ID unique to each customer.
Customers’ and users’ data may be used to help produce the MA Systems Ltd Accounts during the year
Customers’ data may be used for reporting on general breed statistics, for the purpose of updating national records bodies such as DEFRA, RBST, BGS, NSA, etc
To promote the Cloud-Lines application through promotional material including articles, features and photographic material published in emails, as well as promotional leaflets/posters
To promote the Cloud-Lines application through display stands at regional/national shows, sales and events
To promote the Cloud-Lines application through our website in the form of articles, features, results and photographic material, and also on the MA Systems Ltd Website
To promote the Cloud-Lines application through social network sites e.g. Facebook and Twitter including results, articles, and photographic material
To create Cloud-Lines sales materials and produce reports for inclusion on our website and to be submitted to the regional and national press.
To process orders for branded promotional goods.
Uses made of the information
We use information held about you in the following ways:
To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes
To carry out our obligations arising from any contracts between you and us
To ensure that content from our site is presented in the most effective manner
To allow you to use our online features of our service
To notify you about changes to our service
We do not disclose information about identifiable individuals to our advertisers, or other individuals outside the Customer organisation/individual without prior consent from the individual customer
MA Systems Ltd will ensure that Customer and User data is used for legitimate interests of the product, and the animal breeds within
Disclosure of your information through third parties
There are some instances throughout the working year where we need to disclose your personal information to third parties these are:
Customers’ or Users’ data may be published through the Cloud-Lines system, Cloud-Lines website, social network sites, photographic material, promotional leaflets, sale information to further the promotion of Cloud-Lines and the development of the breeds within
Your data may be shared with an MA Systems Ltd approved mailing house to co-ordinate the distribution of relevant information to our customers and users
Customer data may be shared with MA Systems Ltd Auditor and accountants in order to fulfil our accountancy obligations
Cloud-Lines shares animal data from time to time with levy bodies to take part in various studies. This may extend to some limited personal information being shared in the future to provide new trait information for all customers and users.
MA Systems Ltd has access to all data stored within Cloud-Lines in order to provide support to the customers and users of Cloud-Lines
Should a dispute or complaint arise we may share personal information with the MA Systems Ltd approved solicitors/lawyers and Insurance companies
When you make a payment to MA Systems Ltd, the MA Systems Ltd bank or BACS payment, information may be collected, and personal information stored, to complete the transaction and notify MA Systems Ltd of failed transactions.
All Payments for Cloud-Lines are made to MA Systems Ltd by the “Stripe” online payment tool. The Clound-Lines website and application do not store any customer payment information. All payment data is exchanged directly between the customer, and Stripe.
Customer payment information will be visible to MA Systems Ltd employees with access to the MA Systems Ltd bank account
Customer payment information will be visible to the Cloud-Lines support personal, all of who are MA Systems Ltd employees, who have access to Stripe for the Cloud-Lines information
Paper Payment history is kept for 7 years as per financial requirements
9. Data Retention/Destruction
MA Systems Ltd is in the process of reviewing and updating data retention periods for various personal information. This policy will be updated to reflect any changes. In the interim, please contact MA Systems Ltd using the email address firstname.lastname@example.org.
All paper customer or user information is scanned and then destroyed using a cross-cutting paper shredder.
You have the right to ask us not to process your personal data. You can exercise your right to prevent such processing by ticking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting Cloud-Lines or MA Systems Ltd via email.
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right to complain to us in the first instance regarding use of your personal information, if you do not find our response satisfactory then you have the right to complain to the Information Commissioner’s Office (ICO), local contact details can be found at https://ico.org.uk/.
Access to Information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any “subject access request” must be made in writing to the Data Protection Manager at the address given in section 1 of this policy. After receipt of any “subject access request” the process and anticipated time frame to fulfil the request will be specified in the acknowledgement letter but typically within 28 working days from receipt. Excessive or multiple access requests that disrupt the day to day running of the office will be charged.