Consumer Privacy Policy
Business Privacy Policy
Consumer Privacy Policy
This policy sets out how we handle the information we receive from customers and everyone who uses our products and services. We take this seriously and will always treat this information with the utmost respect and care.
Welcome
We are under a legal obligation to let you know what personal information we collect about you, what we use it for and on what basis. We always need a good reason and we also have to explain to you your rights in relation to that information. You have the right to know what information we hold about you and to have a copy of it, and you can ask us to change or sometimes delete it. This has been written in line with our obligations under the General Data Protection Regulation 2016 and the Data Protection Act 2018 as they apply in the UK. There may be local law variations requirements within and outside the EU which apply instead.
Whatever we do with your information, we need a legal basis for doing it. We generally rely on one of three grounds (reasons) for our business processing. Firstly, if you have ordered or take a service from us, we are entitled to process your information so that we can provide that service to you and bill you for it.
Secondly, if we want to collect and use your information for other purposes, we may need to ask for your consent (permission) and, if we do, that permission must always be indicated by a positive action from you (such as ticking a box) and be informed. You are also free to withdraw your permission at any time. We tend to need permission when what is proposed is more intrusive (for example, sharing your contact details with other organisations so they can market their own products and services to you).
But we do not always need permission. In some cases, having assessed whether our use would be fair and not override your right to privacy, we may come to the view that it falls within the third ground – our ‘legitimate interests’ to use the information in a particular way without your permission (for example, to protect our network against cyber-attacks). But when we do this, we must tell you as you may have a right to object. If you object specifically to us sending you marketing material, or to ‘profiling you’ for marketing purposes, we must then stop.
This is all set out in detail in this policy, which focuses more on those items that we think are likely to be of most interest to you. As well as covering processing for business purposes, we give you information on circumstances in which we may have to, or can choose to, share your information.
Our Privacy Policy
Please read this policy carefully as it applies to the products and services we provide to and our websites. It applies to our consumer customers only. If you are a business customer (including sole traders and partnerships) please see our business privacy policy.
It also applies even if you’re not one of our customers and you interact with us as part of running our business, such as by:
• using one of our products or services—paid for by someone else;
• taking part in a survey or trial;
• calling our helpdesk; or 2
• generally enquiring about our services.
If you need to give us personal information about someone else in relation to our products and services, the privacy policy will also apply. If we need the permission of the other person to use that information, we’ll ask you to check they are OK with this.
Technology is a fast-changing area and can be complicated; we’ve included a glossary which explains the meaning of any technical terms we use.
What’s not included?
This policy doesn’t apply to information about our employees or shareholders. It also doesn’t cover other companies or organisations collecting and using your personal information to offer relevant online advertisements to you.
Who are we?
We are Mormaír Ltd, a company registered in Scotland. Our company registration number is SC720176 and our registered office is at The Pentagon Centre, 36 Washington Street, 225e, Glasgow, G3 8AZ.
Accessing and updating how we use your information
As allowed by law, you can access and update the information we hold about you by contacting us at data@mormair.com and we’ll send it to you once we’ve looked at your request. We’ll let you know when you can expect to hear from us.
We’ll always try to help you with your request but we can refuse if we believe doing so would have a negative effect on others or the law prevents us. Even though we have to complete your request free of charge, we are allowed to reject requests if:
• they’re repetitive;
• you don’t have the right to ask for the information; or
• the requests made are excessive.
If that’s the case, we’ll explain why we believe we don’t have to fulfil the request
How do I change my marketing preferences?
You can change your marketing preferences by contacting us at data@mormair.com .
You can use the same contact details to let us know whether you want us to stop using information about how you use our products and services for marketing purposes or profiling you for marketing purposes.
Want a copy of the information we hold about you?
If you want a copy of the information we hold about you contact us at data@mormair.com and we’ll send it to you.
It will normally take us up to one month to get back to you but could take longer (up to a further three months) if it’s a complicated request or you send us a lot of requests at once.
Concerned about what we're doing with your personal information?
You can ask us to correct, complete, delete or stop using any personal information we hold about you by using contacting us at data@mormair.com with your request.
In some cases, we might decide to keep information, even if you ask us not to. This could be for legal or regulatory reasons, so that we can keep providing our products and services, or for another legitimate reason. For example, we keep certain billing information to show we have charged you correctly.
What information we collect and what we use it for
To provide you with products and services
We’ll use your personal information to provide you with products and services. This applies when you register for or buy a product or service from us.
This means we’ll
• record details about the products and services you use or order from us;
• update you on when we’ll deliver, connect or install your products and services;
• charge you and make sure your payment reaches us;
We use the following to provide products and services.
• Your contact details and other information to confirm your identity and your communications with us. This includes your name, address, phone number, date of birth, email address.
• Your payment and financial information.
• Your communications with us, including emails, webchats and phone calls. We’ll also keep records of any settings or communication preferences you choose.
• Information from cookies placed on your connected devices that we need so we can provide a service.
We use this information to carry out our contractual obligations (or to prepare a contract) and provide products or services to you. If you don’t give us the correct information or ask us to delete it, we might not be able to provide you with the product or service you ordered from us.
Because it is in our legitimate interests as a business to use your information
We’ll use your personal information if we consider it is in our legitimate business interests so that we can operate as an efficient and effective business.
We use your information to:
• Identify, and let you know about, products and services that interest you;
• create aggregated and anonymised information for further use;
• secure and protect our network.
To create aggregated and anonymised data
We’ll use your personal information to create aggregated and anonymised information. Nobody can identify you from that information and we’ll use it to:
• make sure our network is working properly and continuously improve and develop our network and products and services for our customers;
• run management and corporate reporting, research and analytics, and to improve the business; and
• provide other organisations with aggregated and anonymous reports
We use the following to generate aggregated and anonymised information.
• Your address and date of birth.
• Information about what you buy from us, how you ordered it and how you pay for it.
• Information from cookies and tags placed on your computer.
We may have a legitimate interest in generating insights that will help us operate our network and business or would be useful to other organisations.
To develop our business and build a better understanding of what our customers want
This means we’ll:
• maintain, develop and test our network (including managing the traffic on our network), products and services, to provide you with a better service;
• train our people and suppliers to provide you with products and services (but we make the information anonymous beforehand wherever possible);
• make and defend claims to protect our business interests.
• run surveys and market research about our products.
We could use the following information to do this.
• Your contact details.
• Your payment and financial information.
• Your communications with us, including emails, webchats and phone calls (and any recordings made).
• Information from cookies placed on your connected devices
If we use this information for market research, training, testing, development purposes, defend or bring claims, or to create a profile about you, we do so because it is in our legitimate business interests of running an efficient and effective business which can adapt to meet our customers’ needs.
We create a profile about you based on what you have ordered from us and how you use our products and services. This helps us tailor the offers we share with you. You can ask us to stop profiling you for marketing purposes at any time, as set out above.
To meet our legal and regulatory obligations
We might have to release personal information about you to meet our legal and regulatory obligations.
To law enforcement agencies
Under investigatory powers legislation, we might have to share personal information about you to government and law-enforcement agencies, such as the police, to help detect and stop crime, prosecute offenders and protect national security. They might ask for the following details
• Your contact details. This includes your name, address, phone number, date of birth, email address to confirm your identity and your communications with us;
• Your communications with us, such as calls, emails and webchats; or
• Your payment and financial information
The balance between privacy and investigatory powers is challenging. We share your personal information when the law says we have to, but we have strong oversight of what we do and get expert advice to make sure we’re doing the right thing to protect your right to privacy. You can read more about our approach to investigatory powers in our report on Privacy and free expression in UK communications. And you can see the terms of reference for our oversight body here.
We’ll also share personal information about you where we have to legally share it with another person. That might be when a law says we have to share that information or because of a court order.
In limited circumstances, we may also share your information with other public authorities, even if we do not have to. However, we would need to be satisfied that a disclosure of information is lawful and proportionate (in other words, appropriate to the request). We would need appropriate assurances about security and how the information is used and how long it is kept.
Protecting your information and how long we keep it
How do we protect your personal information?
We have strict security measures to protect your personal information. We check your identity when you get in touch with us, and we follow our security procedures and apply suitable technical measures, such as encryption, to protect your information.
How long do we keep your personal information?
We’ll keep:
• a summary copy of your receipts;
• your contact details on file while you’re one of our customers, and for six years after; and
• details relating to any dispute for six years after it was closed.
In other cases we’ll store personal information for the periods needed for the purposes for which the information was collected or for which it is to be further processed. Sometimes we’ll keep it for longer if we need to by law. Otherwise we’ll delete it.
How to contact us and further details
Got a question about how we use your information?
You can get in touch with our data-protection officer (DPO) by contacting us at data@mormair.com and marking it for the attention of our DPO.
If you’d like any more details, or you have comments or questions about our privacy policy, write to us at:
DPO
Mormaír
The Pentagon Centre
36 Washington Street
225e
Glasgow
G3 8AZ
If you want to make a complaint on how we have handled your personal information, please contact our DPO who will investigate the matter and report back to you. If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you also have the right to complain to the data-protection regulator in the country where you live or work. For the UK, that’s the Information Commissioner.
How will we tell you about changes to the policy?
Our privacy policy might change from time to time. We’ll post any changes on this page for at least 30 days. If the changes are significant, we’ll tell you by email.
Glossary
We have included a description of how the technical terms we use are generally interpreted.
• Aggregated data means grouped information, for example the total number of calls made in a month or total number of minutes called.
• Anonymised data means data which has had all personally identifiable information removed.
• Apps means an application, such as one you’ve downloaded to your mobile or portable device.
• Binding corporate rules are designed to allow multinational companies to transfer personal information from the European Economic Area (EEA) to their affiliates outside of the EEA and to keep to data-protection legislation.
• Cookies are small text files (up to 4KB) created by a website and stored in the user's connected device – either temporarily for that session only or permanently on the hard disk (called a persistent cookie). Cookies help the website recognise you and keep track of your preferences.
• Encryption means scrambling information into an unreadable form that can only be translated back using a special key.
• Model contracts are standard contractual clauses set by the European Commission. They offer enough protection of people’s privacy, fundamental rights and freedoms when their personal information is moved from within the EEA to outside of it. The contracts keep to data-protection legislation.
• Personal information means information that identifies you as an individual or can do so.
• Power of attorney refers to the option to choose a trusted friend or relative (or more than one if you want) to act on your behalf. The person you appoint, called an 'attorney', can then use your money to pay bills, sell assets on your behalf and make gifts. In the UK an ‘attorney’ must be registered with the Office of the Public Guardian to be valid.
• Regulatory obligations means our obligations to regulators such as Ofcom and the Information Commissioner’s Office.
• Tags are an instruction inserted on a website that specifies how the site, or a part of the site, should be formatted and how it’s performing.
Consumer Privacy Policy
Business Privacy Policy
Consumer
Privacy Policy
This policy sets out how we handle the information we receive from customers and everyone who uses our products and services. We take this seriously and will always treat this information with the utmost respect and care.
Welcome
We are under a legal obligation to let you know what personal information we collect about you, what we use it for and on what basis. We always need a good reason and we also have to explain to you your rights in relation to that information. You have the right to know what information we hold about you and to have a copy of it, and you can ask us to change or sometimes delete it. This has been written in line with our obligations under the General Data Protection Regulation 2016 and the Data Protection Act 2018 as they apply in the UK. There may be local law variations requirements within and outside the EU which apply instead.
Whatever we do with your information, we need a legal basis for doing it. We generally rely on one of three grounds (reasons) for our business processing. Firstly, if you have ordered or take a service from us, we are entitled to process your information so that we can provide that service to you and bill you for it.
Secondly, if we want to collect and use your information for other purposes, we may need to ask for your consent (permission) and, if we do, that permission must always be indicated by a positive action from you (such as ticking a box) and be informed. You are also free to withdraw your permission at any time. We tend to need permission when what is proposed is more intrusive (for example, sharing your contact details with other organisations so they can market their own products and services to you).
But we do not always need permission. In some cases, having assessed whether our use would be fair and not override your right to privacy, we may come to the view that it falls within the third ground – our ‘legitimate interests’ to use the information in a particular way without your permission (for example, to protect our network against cyber-attacks). But when we do this, we must tell you as you may have a right to object. If you object specifically to us sending you marketing material, or to ‘profiling you’ for marketing purposes, we must then stop.
This is all set out in detail in this policy, which focuses more on those items that we think are likely to be of most interest to you. As well as covering processing for business purposes, we give you information on circumstances in which we may have to, or can choose to, share your information.
Our Privacy Policy
Please read this policy carefully as it applies to the products and services we provide to and our websites. It applies to our consumer customers only. If you are a business customer (including sole traders and partnerships) please see our business privacy policy.
It also applies even if you’re not one of our customers and you interact with us as part of running our business, such as by:
• using one of our products or services—paid for by someone else;
• taking part in a survey or trial;
• calling our helpdesk; or 2
• generally enquiring about our services.
If you need to give us personal information about someone else in relation to our products and services, the privacy policy will also apply. If we need the permission of the other person to use that information, we’ll ask you to check they are OK with this.
Technology is a fast-changing area and can be complicated; we’ve included a glossary which explains the meaning of any technical terms we use.
What’s not included?
This policy doesn’t apply to information about our employees or shareholders. It also doesn’t cover other companies or organisations collecting and using your personal information to offer relevant online advertisements to you.
Who are we?
We are Mormaír Ltd, a company registered in Scotland. Our company registration number is SC720176 and our registered office is at The Pentagon Centre, 36 Washington Street, 225e, Glasgow, G3 8AZ.
Accessing and updating how we use your information
As allowed by law, you can access and update the information we hold about you by contacting us at data@mormair.com and we’ll send it to you once we’ve looked at your request. We’ll let you know when you can expect to hear from us.
We’ll always try to help you with your request but we can refuse if we believe doing so would have a negative effect on others or the law prevents us. Even though we have to complete your request free of charge, we are allowed to reject requests if:
• they’re repetitive;
• you don’t have the right to ask for the information; or
• the requests made are excessive.
If that’s the case, we’ll explain why we believe we don’t have to fulfil the request
How do I change my marketing preferences?
You can change your marketing preferences by contacting us at data@mormair.com .
You can use the same contact details to let us know whether you want us to stop using information about how you use our products and services for marketing purposes or profiling you for marketing purposes.
Want a copy of the information we hold about you?
If you want a copy of the information we hold about you contact us at data@mormair.com and we’ll send it to you.
It will normally take us up to one month to get back to you but could take longer (up to a further three months) if it’s a complicated request or you send us a lot of requests at once.
Concerned about what we're doing with your personal information?
You can ask us to correct, complete, delete or stop using any personal information we hold about you by using contacting us at data@mormair.com with your request.
In some cases, we might decide to keep information, even if you ask us not to. This could be for legal or regulatory reasons, so that we can keep providing our products and services, or for another legitimate reason. For example, we keep certain billing information to show we have charged you correctly.
What information we collect and what we use it for
To provide you with products and services
We’ll use your personal information to provide you with products and services. This applies when you register for or buy a product or service from us.
This means we’ll
• record details about the products and services you use or order from us;
• update you on when we’ll deliver, connect or install your products and services;
• charge you and make sure your payment reaches us;
We use the following to provide products and services.
• Your contact details and other information to confirm your identity and your communications with us. This includes your name, address, phone number, date of birth, email address.
• Your payment and financial information.
• Your communications with us, including emails, webchats and phone calls. We’ll also keep records of any settings or communication preferences you choose.
• Information from cookies placed on your connected devices that we need so we can provide a service.
We use this information to carry out our contractual obligations (or to prepare a contract) and provide products or services to you. If you don’t give us the correct information or ask us to delete it, we might not be able to provide you with the product or service you ordered from us.
Because it is in our legitimate interests as a business to use your information
We’ll use your personal information if we consider it is in our legitimate business interests so that we can operate as an efficient and effective business.
We use your information to:
• Identify, and let you know about, products and services that interest you;
• create aggregated and anonymised information for further use;
• secure and protect our network.
To create aggregated and anonymised data
We’ll use your personal information to create aggregated and anonymised information. Nobody can identify you from that information and we’ll use it to:
• make sure our network is working properly and continuously improve and develop our network and products and services for our customers;
• run management and corporate reporting, research and analytics, and to improve the business; and
• provide other organisations with aggregated and anonymous reports
We use the following to generate aggregated and anonymised information.
• Your address and date of birth.
• Information about what you buy from us, how you ordered it and how you pay for it.
• Information from cookies and tags placed on your computer.
We may have a legitimate interest in generating insights that will help us operate our network and business or would be useful to other organisations.
To develop our business and build a better understanding of what our customers want
This means we’ll:
• maintain, develop and test our network (including managing the traffic on our network), products and services, to provide you with a better service;
• train our people and suppliers to provide you with products and services (but we make the information anonymous beforehand wherever possible);
• make and defend claims to protect our business interests.
• run surveys and market research about our products.
We could use the following information to do this.
• Your contact details.
• Your payment and financial information.
• Your communications with us, including emails, webchats and phone calls (and any recordings made).
• Information from cookies placed on your connected devices
If we use this information for market research, training, testing, development purposes, defend or bring claims, or to create a profile about you, we do so because it is in our legitimate business interests of running an efficient and effective business which can adapt to meet our customers’ needs.
We create a profile about you based on what you have ordered from us and how you use our products and services. This helps us tailor the offers we share with you. You can ask us to stop profiling you for marketing purposes at any time, as set out above.
To meet our legal and regulatory obligations
We might have to release personal information about you to meet our legal and regulatory obligations.
To law enforcement agencies
Under investigatory powers legislation, we might have to share personal information about you to government and law-enforcement agencies, such as the police, to help detect and stop crime, prosecute offenders and protect national security. They might ask for the following details
• Your contact details. This includes your name, address, phone number, date of birth, email address to confirm your identity and your communications with us;
• Your communications with us, such as calls, emails and webchats; or
• Your payment and financial information
The balance between privacy and investigatory powers is challenging. We share your personal information when the law says we have to, but we have strong oversight of what we do and get expert advice to make sure we’re doing the right thing to protect your right to privacy. You can read more about our approach to investigatory powers in our report on Privacy and free expression in UK communications. And you can see the terms of reference for our oversight body here.
We’ll also share personal information about you where we have to legally share it with another person. That might be when a law says we have to share that information or because of a court order.
In limited circumstances, we may also share your information with other public authorities, even if we do not have to. However, we would need to be satisfied that a disclosure of information is lawful and proportionate (in other words, appropriate to the request). We would need appropriate assurances about security and how the information is used and how long it is kept.
Protecting your information and how long we keep it
How do we protect your personal information?
We have strict security measures to protect your personal information. We check your identity when you get in touch with us, and we follow our security procedures and apply suitable technical measures, such as encryption, to protect your information.
How long do we keep your personal information?
We’ll keep:
• a summary copy of your receipts;
• your contact details on file while you’re one of our customers, and for six years after; and
• details relating to any dispute for six years after it was closed.
In other cases we’ll store personal information for the periods needed for the purposes for which the information was collected or for which it is to be further processed. Sometimes we’ll keep it for longer if we need to by law. Otherwise we’ll delete it.
How to contact us and further details
Got a question about how we use your information?
You can get in touch with our data-protection officer (DPO) by contacting us at data@mormair.com and marking it for the attention of our DPO.
If you’d like any more details, or you have comments or questions about our privacy policy, write to us at:
DPO
Mormaír
The Pentagon Centre
36 Washington Street
225e
Glasgow
G3 8AZ
If you want to make a complaint on how we have handled your personal information, please contact our DPO who will investigate the matter and report back to you. If you are still not satisfied after our response or believe we are not using your personal information in line with the law, you also have the right to complain to the data-protection regulator in the country where you live or work. For the UK, that’s the Information Commissioner.
How will we tell you about changes to the policy?
Our privacy policy might change from time to time. We’ll post any changes on this page for at least 30 days. If the changes are significant, we’ll tell you by email.
Glossary
We have included a description of how the technical terms we use are generally interpreted.
• Aggregated data means grouped information, for example the total number of calls made in a month or total number of minutes called.
• Anonymised data means data which has had all personally identifiable information removed.
• Apps means an application, such as one you’ve downloaded to your mobile or portable device.
• Binding corporate rules are designed to allow multinational companies to transfer personal information from the European Economic Area (EEA) to their affiliates outside of the EEA and to keep to data-protection legislation.
• Cookies are small text files (up to 4KB) created by a website and stored in the user's connected device – either temporarily for that session only or permanently on the hard disk (called a persistent cookie). Cookies help the website recognise you and keep track of your preferences.
• Encryption means scrambling information into an unreadable form that can only be translated back using a special key.
• Model contracts are standard contractual clauses set by the European Commission. They offer enough protection of people’s privacy, fundamental rights and freedoms when their personal information is moved from within the EEA to outside of it. The contracts keep to data-protection legislation.
• Personal information means information that identifies you as an individual or can do so.
• Power of attorney refers to the option to choose a trusted friend or relative (or more than one if you want) to act on your behalf. The person you appoint, called an 'attorney', can then use your money to pay bills, sell assets on your behalf and make gifts. In the UK an ‘attorney’ must be registered with the Office of the Public Guardian to be valid.
• Regulatory obligations means our obligations to regulators such as Ofcom and the Information Commissioner’s Office.
• Tags are an instruction inserted on a website that specifies how the site, or a part of the site, should be formatted and how it’s performing.
©2023 Mormair Ltd is a company registered in Scotland (Company Number: SC720176) at The Pentagon Centre, 36 Washington Street, 225e, Glasgow, G3 8AZ. All rights reserved. Use of this site constitutes acceptance of our Privacy Policy. The material on this site may not be reproduced, distributed, transmitted, cached, or otherwise used without prior written permission of Mormair Ltd.
©2023 Mormair Ltd is a company registered in Scotland (Company Number: SC720176) at The Pentagon Centre, 36 Washington Street, 225e, Glasgow, G3 8AZ. All rights reserved. Use of this site constitutes acceptance of our Privacy Policy. The material on this site may not be reproduced, distributed, transmitted, cached, or otherwise used without prior written permission of Mormair Ltd.
©2023 Mormair Ltd is a company registered in Scotland (Company Number: SC720176) at The Pentagon Centre, 36 Washington Street, 225e, Glasgow, G3 8AZ. All rights reserved. Use of this site constitutes acceptance of our Privacy Policy. The material on this site may not be reproduced, distributed, transmitted, cached, or otherwise used without prior written permission of Mormair Ltd.