Myriad Research Limited understands its obligations in regards to your fundamental right to a private life and has implemented systems and controls to ensure your rights and freedoms are protected.
Myriad Research Limited undertakes to meet its obligations under the Data Protection Act, the Privacy and Electronic Communications Regulations and the EU General Data Protection Regulation (GDPR).
WHO WILL PROCESS YOUR PERSONAL INFORMATION?
Your personal information will be processed and kept by Myriad Research Limited. We will process your personal data in accordance with this privacy notice.
WHY IS YOUR PERSONAL INFORMATION REQUIRED?
Your personal information is required to enable us to take necessary steps at your request prior to entering into a contract and to perform such a contract. We may also use this data to keep in contact and discuss relevant business and projects.
WHAT HAPPENS IF WE WANT TO PROCESS YOUR INFORMATION FOR OTHER REASONS?
Though there are some legal exceptions, if we wish to process your personal data for any other unrelated purpose than those we have informed you about we will notify you.
WHAT MAKES THE PROCESSING LAWFUL?
Because the processing is necessary:
• For the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
• for compliance with a legal obligation to which we are subject;
• for the purposes of the legitimate interests pursued by us.
KEEPING YOUR INFORMATION UP TO DATE
We will record your information exactly as you provide it. You may ask us to update it at any time and we will action your request promptly and where possible notify relevant third parties of any changes.
WHAT ABOUT SENSITIVE PERSONAL DATA?
e do not ask for or store any sensitive personal data on our clients, only data that is relevant to conducting business and contracts we have committed to.
HOW WILL WE FURTHER USE YOUR PERSONAL INFORMATION (OUR LEGITIMATE INTERESTS)?
• To contact you regarding business and projects between our companies.
• To contact you to ensure that our records of your personal information are correct;
• To respond to questions or complaints you have about our services;
• To update you with changes in our terms;
• For statistical or research analysis relating to the performance of our business or that of our principal and understanding the changing needs of our clients;
• To review, improve and develop services we offer or handle complaints;
• To evidence company practices;
• To evidence the standards and processes carried out conform to the company’s ethical standards and expectations;
You have the right to object to processing for these purposes and we shall cease unless we can show we have compelling legitimate grounds to continue.
WHAT INFORMATION IS REQUIRED?
We only collect information that is necessary to carry out the purposes listed above. This is typically basic contact information (name, email and phone).
Where specific data is required for the completion of a contract or project we will ensure that a data processing agreement has been signed by both parties before data is shared so you know how we will manage the data.
HOW SECURE WILL YOUR DATA BE?
We will ensure that your data is only accessible to authorised people in our company and will remain confidential at all times. Appropriate security measures will be in place to prevent unauthorised access, alteration, disclosure, loss, damage or destruction of your information. If we have a contract with another organisation to provide us with services or a service on our behalf to process your personal information, we’ll make sure they give reassurances regarding appropriate security measures in place and only process your information in the way we’ve authorised them to. These organisations won’t be entitled to use your personal information for their own purposes.
WILL WE SHARE YOUR INFORMATION WITH ANYONE ELSE?
We may share your information with:
• Appropriate staff such as those who carry out financial or compliance functions.
• Law enforcement agencies, courts or other public authorities if we have to, or are authorised to by law.
• Where we or our Principal go through a business transaction, such as a merger, being acquired by another company or selling a portion of its assets, your information will, in most instances, be part of the assets transferred.
TRANSFERRING DATA OUTSIDE THE EUROPEAN UNION
We will not be sharing data outside the European Union.
HOW LONG WILL WE KEEP YOUR INFORMATION FOR?
Myriad Research Limited lays down rules relating to how long information should be held for and we will keep your information to meet these requirements. We will not keep your information for longer than is necessary. We aim to keep our records updated annually and securely delete redundant records from our systems.
Data relating to projects are securely deleted after two years unless prior agreement is given.
REQUESTING A COPY OF THE INFORMATION WE HOLD
You may at any time ask for a copy of the information we hold about you – it is your legal right. We will provide you with a copy of any non-exempt personal information within one month unless we ask you for an extension of time. To protect your personal data, we will ask you to verify your identity before we release any information. We may refuse your request if we are unable to confirm your identity.
IMPORTANT RIGHTS
You have the right, on grounds relating to your situation, at any time to object to processing which is carried out as part of our legitimate interests or in the performance of a task carried out in the public interest. We will no longer process your data unless we can demonstrate there are compelling legitimate grounds which override your rights and freedoms or unless processing is necessary for the establishment, exercise or defence of legal claims.
You have the right to object at any time to processing your personal data for marketing activities. In such a case we must stop processing for this purpose.
WHAT ARE YOUR OTHER LEGAL RIGHTS?
In addition to the rights above the additional following rights:
• Where you have given consent, you have the right to withdraw previous consent to processing your personal data at any time;
• You have the right to request from us access to and rectification or erasure of personal data or restriction of processing concerning your data;
• You have the right to receive data you have provided to us in a structured, commonly used and machine readable format;
• You have the right to lodge a complaint with the regulator (see below).
To exercise any of these rights please contact us (details below).
HOW TO CONTACT OUR DATA PRIVACY OFFICER
You can contact our data privacy officer about any data protection or marketing issues by:
• Emailing: info@myriadresearch.co.uk
HOW DO YOU MAKE A COMPLAINT TO THE REGULATOR?
• By writing to:
Information Commissioner’s Office,
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF
• By telephoning: 0303 123 1113
• By emailing: casework@ico.org.uk
• By using their website:
https://ico.org.uk/for-organisations/report-a-breach/