Mediation Matters London, as a Data Controller, is bound by the requirements of the General Data Protection Regulations (GDPR).
We use and process the information you provide to us to enable us to provide mediation servces as outlined in the Agreement to Mediate Document (available on request) and for other related purposes including;
- Updating and enhancing client records including accounting records.
- Legal and regulatory compliance.
- Crime prevention.
We collect information about you when you fill in any of the forms on our Website. We will also collect information that you give us on paper and verbally by telephone or direct contact.
How will we use the information about you and why?
We will only use your personal information to provide the services you have requested from us, as detailed in the Agreement to Mediate Document. We will only use this information subject to your instructions, data protection law and our duty of confidentiality.
Our work for you may require us to pass your information to limited third parties, namely – our Professional Practice Consultant and Professional Indemnity Organization. Data that would identify you is not included unless the nature of the contact dictates it. Any information collected on our website solely to process your enquiry.
Transferring your information outside of Europe
As part of our services, the information which you give to us may be transferred to countries outside the European Union (“EU”). The sole reason for this transfer is for backup purposes and all data is encrypted while in transit and while in storage. The storage companies are unable to access your data so your privacy rights continue to be protected as outlined in this Policy. By submitting your personal data, you are agreeing to this transfer and storage.
When you give us personal information, we take steps to make sure that it is treated securely. Our systems are password protected and in secure premises. Data is backed up, encrypted and stored in secure facilities which may or may not be in the EU.
You should be aware that information you send to us by email is not secure unless it is encrypted. Once it is received we make our best effort to ensure its security on our system. Likewise, email that we send to you is also not secure and if you want us to use additional encryption you should inform us.
How long will we hold your data for?
We will hold your data in line with our regulatory requirements.
Access to your information, correction, portability and deletion
Under Subject Access Request regulations, you have the right to request a copy of the information that we hold about you. If you would like a copy of some or all your personal information, please email email@example.com with your request. Our aim is to respond within one month of receipt. We want to make sure your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate by emailing firstname.lastname@example.org
Withdrawal of consent to processing or retention of personal data
It is your right to lodge an objection to the processing or retention of your personal data. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing and retention, which override your interest, rights and freedoms, or the processing or retention is for the establishment, exercise or defence of a legal claim.
Your Right to be Forgotten
You can request that all the data that we hold on you is deleted and we will comply with this unless can show compelling legitimate grounds for the processing and retention, which override your interest, rights and freedoms, or the processing or retention is for the establishment, exercise or defence of a legal claim.
If you feel that your personal data has been processed in a way that does not meet the GDPR and you are unsatisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority which in the UK is the Information Commissioner’s Office.
How to contact us