Data Privacy Statement
1. How do we handle your personal data?
We attach great importance to the protection and security of personal data. We will process your personal data in connection with this website in compliance with the relevant data protection regulations. We are most notably subject to the provisions set out within the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (UK GDPR) and the Data Protection Act 2018 (DPA 2018) insofar as we process personal data.
We would like the users of our site to feel assured and this is why we wish to disclose our personal data handling practices and to provide you with detailed information about the processing of your data and about your rights under Art. 12, 13, 14 and 21 UK GDPR. This website data privacy statement outlines which personal data are collected on visits to our website and how we manage these data and information.
2. Who is responsible for data processing and who is available for you to contact?
The party responsible for data processing, referred to as the controller in the UK GDPR and in other data protection regulations, is as follows:
MEWA UK Textile Services Limited Unit 5 Roman Park Roman Way Coleshill, United Kingdom, B46 1HG
Tel. (main office): 0121 752 58 50 Email: info@mewa.co.uk
Contact details for our company data protection officer:
MEWA UK Textile Services Limited Data Protection Officer Unit 5 Roman Park Roman Way Coleshill, United Kingdom, B46 1HG
Email: data.protection@mewa.co.uk
3. What are personal data?
Personal data are pieces of information relating to an identified or identifiable natural person.
4. For what purposes do we process your personal data? And on what legal basis?
We process personal data for specific purposes, as explained in detail below for your information. The extent to which, and the way in which, your data are processed will essentially depend on the specific services and functions offered on our website which you use. We mainly process data for the following purposes:
- so that you can access and visit our website and we can protect our website and other systems from security risks;
- so that you can contact us (contact form/email inquiries);
- so that we can optimise our website content, making it user-friendly and tailoring it to your needs (including displaying advertisements in line with your interests here and on other websites).
Further processing of your personal data beyond the cases mentioned in this data privacy statement will only take place in circumstances where it is our express entitlement or obligation under a statutory provision or where you have explicitly consented to the data processing. We will inform you of any changes of purpose in accordance with the legal requirements.
(1) Accessing and visiting our website You can visit our website purely for information purposes without communicating any further personal data. In this case, the only data which will be automatically saved when you visit our website are the technical access data transmitted by your browser, i.e. the name of your Internet service provider, the site from which you are referred to our site, the date and time of your visit, and the data identifying the browser/operating system used. The web server will also be required to save your IP address which may, under certain circumstances, allow reference to your personal identity. We also use cookies in order to provide you with our services in the best possible way and to tailor our website to your needs, even if you are only looking for information (details about this and your options are summarised below in the section “Use of cookies and associated functions/technologies”). The access data will not be merged with data from other sources, nor will the data be evaluated for marketing purposes.
The aforementioned access data will be stored in so-called server log files on our web server and will be required for technical reasons in order to provide a functional website and to ensure system security. In addition to the aforementioned purposes, we use access data for the sole purpose of improving the structure of our website and tailoring it to your needs purely for statistical purposes and without tracing your personal identity.
If you visit our website in order to find out more about our range of goods and other services or to use our services, the temporary storage of access data and log files is based on Art. 6 (1) b) UK GDPR (legal basis), especially when used to take steps prior to entering into a contract. In this respect, Art. 6 (1) f) UK GDPR also serves as the legal basis for the temporary storage of access data and log files. Our legitimate interest in this regard is to provide you with a technically functioning and user-friendly website and to guarantee the security of our systems.
The access data collected in the course of using our website are only stored for the period of time for which these data are required to achieve the aforementioned purposes. Your IP address is stored on our web server for a maximum of 35 days.
(2) Contact form / contact requests We collect and store personal data which you enter in the contact form provided on our website and send to us or when you contact us in any other way (e.g. by email). It is up to you to decide whether to provide us with information when making contact requests and, if so, which information. If you contact us by email, we will store the data you provide. If you use the contact form on our website, we collect the data you enter in the form (e.g. forename, surname, postal address, your individual message). The data marked with an asterisk (*) are mandatory and we need this information to answer your inquiry. The other voluntary details enable us to classify and process your request to better effect. When you use the contact form on our website, the following technical access data will also be stored at the time of sending: date and time at which you sent the request and your IP address.
If you contact us within the context of an existing contractual relationship or if you contact us in advance for information about our range of goods or other services, the data and information you provide will be processed for the purpose of processing and answering your inquiry or request in accordance with Art. 6 (1) b) UK GDPR (legal basis). The technical access data collected during the sending process will be stored for the purpose of providing contact options and in order to guarantee system security on the basis of Art. 6 (1) f) UK GDPR (legal basis), and this storage serves to safeguard legitimate interests.
We store the personal data collected when you contact us in order to process your request and for the duration of this processing. The technical access data stored in this context will only be kept for the period of time for which these data are required for technical reasons, especially for the functional provision of the contact options and in order to ensure system security. Your IP address is stored on our web server for a maximum of 35 days.
(3) Use of cookies and associated functions / technologies We use so-called cookies in some sections of our website in order to make it attractive to visitors and to enable the use of certain functions. Cookies are files which are stored on your hard drive or in your Internet browser cache when you visit our website. We also refer to web beacons and other comparable storage technologies for tracking user activity as “cookies”. Web beacons are mostly transparent graphic images, usually no larger than 1 x 1 pixel, which are integrated into the website and will allow the detection of cookies on your devices.
One way in which we use cookies is to store session-related information within the website. These cookies expire at the end of the session/browser session (so-called transient cookies) and are not stored permanently. Other cookies remain on your computer after the browser session and enable us to recognise your computer again on your next visit (so-called persistent/permanent cookies). Persistent cookies are automatically deleted after a specified period of time which may vary depending on the type of cookie.
Cookies can be divided into the following main categories / types:
- Strictly necessary cookies
Cookies for the required performance of specific website functions
- Functional cookies
Cookies which serve the purpose of enabling services and functions of the website and/or increasing the usability of the website
- Analysis/tracking cookies
Cookies for analysing data regarding the location, the interests of visitors and the like in order to obtain information about the visitors to our website and the requested content
You can, of course, also visit our website without using cookies. You can disable the use of cookies on your computer by changing the browser settings for cookies. The procedure for deactivating cookies is routinely available through the “Help” function in your Internet browser. Please note, however, that these settings may affect the full availability and functionality of our website. For more detailed information on cookie settings and deactivation options, please see the explanatory notes below on the individual cookies specifically used when visiting our website and on associated functions/technologies.
The consent management tool used on our website is provided by Piwik PRO GmbH, Kurfürstendamm 21, 10719 Berlin (“Piwik PRO”). This is a plug-in which can be used to obtain consent to the use of cookies and/or comparable technologies. Piwik PRO itself does not collect any personal data. You can use the Piwik PRO Consent Manager to change the settings you have chosen at any time and to withdraw your consent to the use of unnecessary cookies and technologies at any time. The Piwik PRO Consent Manager can be opened via this link:
Privacy settings We collect and process your data on this site to better understand how it is used. We always ask you for consent to do that. You can change your privacy settings here.
Change cookie settings / withdraw consent Some of the cookies we use on our website come from third parties who help us to analyse the impact of our website content and the interests of our visitors, to measure the capacity and performance of our website, to place targeted advertising and other content on our website or on other websites, or to communicate with you. We use first-party cookies (only visible from the domain you are visiting) and third-party cookies (visible across domains and routinely set by third parties) on our website. The specific details are as set out below:
Strictly necessary cookies:
Name | Lifetime | Description/explanatory notes |
---|---|---|
ppms_privacy_ | 365 days | The cookie makes it possible to obtain and store the consent of the website visitor to the use of cookies and/or comparable technologies. It is set by Piwik PRO. |
ppms_webstorage | Individual objects are deleted when the underlying cookies expire. A website visitor can delete these pieces of information manually. | In addition to cookies, data are also stored locally in the browser of the website visitor in order to prevent data loss due to browser mechanisms. This technology stores information about cookies which have been set. |
ppms_data_store | Deleted as soon as data entered on website forms have been sent to the server. | In addition to cookies, data are also stored locally in the browser of the website visitor in order to prevent data loss. This technology is used to store information which website visitors have entered on forms in order to avoid data loss during transmission processes. |
cookie-notification | 12 years | This cookie stores the confirmation of the general cookie notice. |
anonymous-consents | 365 days | Stores various user consent data and information that users can interact with. |
acceleratorSecureGUID | Session | For authenticity verification of requests by a logged-in user. |
Functional cookies:
Name | Lifetime | Description/explanatory notes |
---|---|---|
JSESSIONID | 1 day | Maintains the system status of the user with all page requests. |
_stg_debug / stg_debug | 14 days | Assesses whether the debugger of the Piwik PRO Tag Manager should be displayed. Any such cookie is removed after the debugger has been closed. The cookie is set by Piwik PRO. |
viewport | 365 days | Saves the current version of the page layout / page size. Examples: lg, xxs, xxl |
ROUTE | Session | This cookie contains a hash value that does not contain any sensitive information, but the platform service is based on this value and directs the candidate to the correct server so that their request can be processed correctly. |
Analysis/tracking cookies:
Name | Lifetime | Description/explanatory notes |
---|---|---|
_pk_ses | 30 minutes | Shows an active session by a visitor. Absence of the cookie indicates that the session ended over 30 minutes ago and was counted in a pk_id cookie. The cookie is set by Piwik PRO. |
_pk_id | 13 months | Used to recognise visitors and record their different attributes. The cookie is set by Piwik PRO. |
_pk_cvar | 30 minutes | Contains user-defined variables from the page previously displayed. It is not activated in the de-fault settings. Needs access to the storeCustomVariablesInCookie () method for the JavaScript tracker object. The cookie is set by Piwik PRO. |
piwik_auth | 24 minutes | Stores session information for the Piwik PRO user interface (UI). As long as this cookie is valid and contains a login and a token_auth parameter, a visitor is regarded as a logged-in visitor and a PIWIK_SESSID cookie is refreshed. |
PIWIK_SESSID | 24 minutes | Stores a PHP session ID. The cookie is set by Piwik PRO. |
app_id | 365 days | This cookie is used to pass a site or app ID between Piwik PRO modules: Analytics, Tag Manager, Audience Manager, Consent Manager, Administration. |
stg_traffic_source_priority | 24 minutes | Stores the visitor source type which indicates how a visitor came to our website. The cookie is set by Piwik PRO. |
stg_last_interaction | 365 days | Establishes whether the session of the last visitor is still going on or whether a new session has started. The cookie is set by Piwik PRO. |
stg_returning_visitor | 365 days | Establishes whether a visitor has already been to our website. The cookie is set by Piwik PRO. |
stg_fired__ | Session | Establishes whether the tag and trigger combination was activated during the session of the cur-rent visitor. The cookie is set by Piwik PRO. |
stg_utm_campaign / stg_pk_campaign | Session | Saves the name of the campaign which led the visitor to our website. The cookie is set by Piwik PRO. |
stg_externalReferrer | Session | Saves the URL of a website which redirected the visitor to our website. The cookie is set by Piwik PRO. |
stg_opt_out_simulate | 365 days | Used to simulate the action of the opt-out snippet in the debugger. It turns off all the tracking tags in the relevant domain. The cookie is set by Piwik PRO. |
_stg_optout | 365 days | The cookie is used to turn off all the tracking tags in the relevant domain. The cookie is set by Piwik PRO. |
csrftoken | 8 hours | This cookie is set for the Piwik PRO users only. It stores a CSRF token to keep the Piwik PRO forms secure. The cookie is set by Piwik PRO. |
sessionid | 8 hours | This cookie is set for the Piwik PRO users only. It saves the session ID of the user currently logged in. The cookie is set by Piwik PRO. |
CONSENT | 2 years | This cookie is set by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”). It collects information on how the visitor uses the website and which advertisements the user may have seen before visiting the website. YouTube therefore has control over its own advertisements and video recommendations. |
YSC | Session | This cookie is set by YouTube. It records a unique ID in order to save statistics about which videos the user has seen on YouTube. |
VISITOR_INFO1_LIVE | 6 months | This cookie is set by YouTube. It allows checks on bandwidth use. |
hjSessionUser{site_id} | 365 days | Set when a user reaches a page for the first time. Retains the Hotjar user ID, which is unique to this website. Hotjar does not track users across various websites. Ensures that data from subsequent visits to the same website is assigned to the same user ID. Data type: JSON. |
_hjHasCachedUserAttributes | Session | Enables us to determine whether or not the data saved in the _hjUserAttributes local storage element is up to date. Data type: Boolean (true/false). |
_hjUserAttributesHash | 2 minutes, extended every 30 seconds. | Enables us to determine when a user attribute has changed and must be updated. Data type: Content hash. |
_hjUserAttributes | No explicit expiry date. | Local storage element. Saves user attributes sent via the Hotjar Identify API. Data type: Base64-encoded JSON. |
hjViewportId | Session | Session storage element. Saves details about the user’s viewport, such as size and dimensions. Data type: UUID. |
hjActiveViewportIds | No explicit expiry date. | Local storage element. Saves IDs of the user’s active viewports. Saves an expiration timestamp, which is used to validate active viewports during script initialisation. Data type: JSON. |
hjSession{site_id} | 30 minutes; extended on user activity. | Contains current session data. Ensures that subsequent requests in the session window are assigned to the same session. Data type: JSON. |
_hjCookieTest | Under 100 ms; cookie expiry time set to session. | Checks whether the Hotjar tracking code can use cookies. If it can, the value is set to 1. Deleted almost immediately after it is created. Boolean data type (true/false). |
_hjLocalStorageTest | Under 100 ms | Checks whether the Hotjar tracking code can use local storage. If it can, the value is set to 1. Data saved in _hjLocalStorageTest has no expiry time, but is deleted almost immediately after it is created. Boolean data type (true/false). |
_hjSessionStorageTest | Under 100 ms | Checks whether the Hotjar tracking code can use session storage. If it can, the value is set to 1. Data saved in _hjSessionStorageTest has no expiry time, but is deleted almost immediately after it is created. Boolean data type (true/false). |
_hjTLDTest | Session | We attempt to store the _hjTLDTest cookie for different URL substring alternatives until it fails. Enables us to determine the most generic cookie path instead of using the page hostname. This means that cookies can be shared across subdomains (where applicable). The cookie is removed after this check. Boolean data type (true/false). |
_hjClosedSurveyInvites | 365 days | Set when a user interacts with a link survey invite. Ensures that the same invite is not displayed again if it has already been displayed. List of survey IDs, URL-encoded. |
_hjDonePolls | 365 days | Set when a user completes a survey on the website. Ensures that the same survey is not displayed again if it has already been completed. List of survey IDs, URL-encoded. |
_hjMinimizedPolls | 365 days | Set when a user minimises a survey on the website. Ensures that the survey remains minimised when the user navigates through the website. List of survey IDs, URL-encoded. |
_hjShownFeedbackMessage | 1 day | Set when a user minimises or completes a feedback widget. Ensures that the feedback widget is loaded minimised when the user navigates to another page on which it is to be displayed. Data type: Boolean (true/false). |
The storage of information on your terminal equipment (e.g. PC, smartphone) and, if applicable, access to information stored on your terminal equipment is based on the national implementing regulation for Art. 5 (3) sentence 2 of the ePrivacy Directive, to the extent that the processing of such information is absolutely necessary to enable the use of our website that has been expressly requested by you. Any further storage of information on your terminal device is based on your consent, in accordance with the national implementing regulation for Art. 5 (3) sentence 1 of the ePrivacy Directive. The processing of data and the legal bases for the processing of data referred to in this data privacy statement apply solely to the further processing of personal data to the extent that the data were obtained through the storage of and/or access to information on your terminal equipment.
The further processing of personal data obtained via cookies, in the case of necessary cookies, is based on Art. 6 (1) b) UK GDPR (legal basis), for the purpose of providing information, and Art. 6 (1) c) UK GDPR (legal basis), for the purpose of complying with our legal obligations, in particular in order to provide you with a simple and documented option for granting or not granting your consent to cookies. The processing of data in respect of all other cookies is based on your consent pursuant to Art. 6 (1) a) UK GDPR (legal basis). Another clause which may be taken as the legal basis is Art. 6 (1) f) UK GDPR, i.e. the protection of our legitimate interests. Our legitimate interests as referred to in Art. 6 (1) f) UK GDPR most notably constitute the ability to provide you with a top-specification, user-friendly website geared to your needs and to guarantee the security of our systems.
(4) Piwik PRO We use the web analysis and tracking services provided by Piwik PRO GmbH, Kurfürstendamm 21, 10719 Berlin (“Piwik PRO”).
The analysis/conversion tracking processes are subject to your consent through the Piwik PRO Consent Manager for cookies (Art. 6 (1) a) UK GDPR as the legal basis). The cookies collect data on how you use this website, enabling us in turn to make further improvements to our website and services. This also includes personal data, including your IP address, user ID, device ID and visits to our website. Your IP address will be saved in an abbreviated form only so that we can no longer assign it to you personally.
The data are stored as raw data on cloud servers belonging to Microsoft Ireland Operations Limited in the EU for a period of 25 months and are then erased.
We use the Piwik PRO Tag Manager to integrate and manage some of the third-party services named in the cookie list on our website. The Piwik PRO Tag Manager enables the management of tags. Your consent settings for cookies are also taken into account in respect of the tools integrated through the Tag Manager.
Further information on Piwik PRO can be found here: https://piwikpro.de/datenschutz/
(5) Google Ads Conversion Tracking We use the “Google Ads” service to place ads for services offered by our company. In this context, we use the “Website Conversion Tracking” function of the “Google Ads” service. This service is provided by Google LLC (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The processing entity for users in the EU/EEA and in Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (“Google”). Google uses cookies for this purpose, provided that you have given your consent.
This function records a so-called "conversion" when you interact with a Mewa Google ad on our website within a period of up to 90 days. A conversion can, for example, take the form of you contacting us on our website or ordering information material. We only receive information about which of our ads lead to conversions. The information so gained allows us to optimise our future Google ads. We do not receive any identifying information about you as a user in this context. We are using the basic functions of Website Conversion Tracking and have chosen privacy-friendly settings; for example, we have disabled linking with information from other Google tools and also remarketing options. The information collected by Google cookies about your conversions on our website and your IP address, possible aggregated and linked with other data, could, however, be further processed by Google and transferred to a Google server in the USA and stored there. Information regarding data retention and deletion by Google can be found here: https://business.safety.google/adsretention/.
Further information can be found in the Google privacy policies: https://policies.google.com/privacy and https://policies.google.com/technologies/ads.
(6) Social Media (SoMe) Links Our website has integrated links to social media (SoMe) services, such as Facebook, X (Twitter), Instagram, YouTube, Xing and LinkedIn. After clicking on the various links or on the integrated SoMe icon you will be redirected to the site of the respective provider. Please note that we do not process your data in this context and that we are not responsible for the content of websites to which we publish links. If you follow a link to SoMe services, please refer to the policy on data usage and the data privacy statement issued by the respective provider.
(7) YouTube We use plug-ins from the YouTube video platform in order to be able to integrate videos and play them directly on this website. The operator of the video platform is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (“YouTube”). YouTube is a company affiliated with Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”).
YouTube videos are embedded in “privacy-enhanced mode”. According to the provider, this means that the site does not start storing information on any given user until a video is played. However, the privacy-enhanced mode does not necessarily prevent the transfer of data to YouTube partners. If you run embedded videos on our website, a connection to the YouTube servers will be established and the data transfer process will start. We have no control over the scope and content of the data which are transmitted to YouTube and, where applicable, to other YouTube partners when the plug-in is activated. One piece of information which will be sent to the YouTube server is which of our pages you have visited. This information is used for various pur-poses according to YouTube, such as collecting video statistics, improving user-friendliness and preventing abusive practices. YouTube uses cookies to collect information about consumer be-haviour, provided you have consented to the use of these cookies. If you are logged into your YouTube account, YouTube will be able to assign your surfing habits directly to your personal pro-file. You can prevent this by logging out of your YouTube account before pressing the play button.
The information generated by the YouTube cookies about your use of our website will generally be transmitted to a YouTube server in the USA and stored there. Follow this link for information on data protection at YouTube: https://policies.google.com/privacy?hl=en-GB.
(8) Hotjar We use the tool “Hotjar”, provided by Hotjar Ltd., Dragonara Business Centre, Dragonara Road, Paceville St Julian's STJ 3141, Malta (“Hotjar”) to optimise our website, the services associated with it and your experience. Hotjar is a technology service that helps us to better understand our users’ experience (e.g. how much time they spend on which pages, which links they click on, what users like and don’t like, etc.), which enables us to develop and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data about our users’ be-haviour and their devices (list of cookies under (3) Use of cookies and associated func-tions/technologies). This includes the IP address of a device (processed during your session and saved in an anonymised form), the screen size of your device, the type of device (unique device identifiers), browser information, geographical location (only country) and the preferred lan-guage for displaying our website. Hotjar saves this information in a pseudonymised user profile on our behalf.
More information can be found in the "About Hotjar" section on the Hotjar support page.
(8) Use of SalesViewer® technology This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes. In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally The data stored by SalesViewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them. The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
5. How do we protect your data?
We take precautions to ensure the security of your personal data and we have appropriate technical and organisational measures in place to protect our website and other systems. Your data are most notably protected against loss, destruction, falsification, manipulation, alteration by unauthorised persons, unauthorised access and unauthorised disclosure or distribution. Any data which you provide via our website will be transmitted over the Internet in encrypted form using SSL technology.
6. Who receives your data and are they sent to a third country or to an international organisation?
The only employees who will be privy to your personal data in the first instance are our employees who are engaged in technical, commercial or editorial duties. Your data may also be forwarded to employees at other companies in the Mewa Group if they need them for these and other relevant purposes (e.g. to answer your inquiry). If you are a customer of another national company, for example, an inquiry through our contact form would also be forwarded to this national company so that it can be duly processed and answered.
We also use or instruct external service providers to perform the data processing operations outlined above. If service providers receive your personal data under commissioned data processing arrangements, they are strictly bound by our instructions when handling your personal data. The categories of external recipients are listed below:
IT service providers, e.g. as part of their administration and hosting of our website or individual services/functions as well as for website analysis/measurement; logistics service providers, where applicable, in order to be able to send you ordered goods or information brochures; payment service providers and banks for the processing of payments; debt collection agencies and legal advisers for the assertion of our claims. If you have given your consent to the use of cookies by YouTube or Google, your personal data may be transferred to the USA. Google’s US companies are certified under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework and the Swiss-U.S. Data Privacy Framework, on which the data transfers are based. To the extent that adequacy decisions do not exist or are not applicable to US data transfers based on the aforesaid frameworks, the respective data transfer is based on standard contractual clauses issued by the European Commission and entered into with the service provider. We do not otherwise transfer your personal data to countries outside the EU or the EEA or to international organisations within the meaning of Art. 4 no. 26 UK GDPR.
7. What rights do you have as a data subject?
Data subjects may assert the following legal rights against us or against our data protection officer at any time in writing or in electronic format, using the contact addresses provided (see above “Who is responsible for data processing and who is available for you to contact?”):
Right of access to information: Under Art. 15 UK GDPR, data subjects are entitled at any time to request confirmation as to whether or not personal data relating to them are being processed; if this is the case, data subjects are also entitled under Art. 15 UK GDPR to obtain information about these personal data and certain other information (such as processing purposes, categories of personal data, categories of recipients, envisaged storage period, their rights, the origin of the data) and a copy of the data in question.
Right to rectification: Under Art. 16 UK GDPR, data subjects are entitled to ask for personal data stored on systems to be rectified if they are incorrect or inaccurate.
Right to erasure: Data subjects are entitled under Art. 17 UK GDPR to request the immediate erasure of their personal data. Instances in which the right to erasure does not apply include cases where the personal data need to be processed for certain purposes, such as to fulfil a legal obligation (e.g. statutory obligations to keep records) or to establish, exercise or defend legal claims.
Right to restriction of processing: Data subjects are entitled under Art. 18 UK GDPR to request the restriction of the processing of personal data.
Right to data portability: Under Art. 20 UK GDPR, data subjects are entitled to ask for personal data concerning them and provided by them to be issued to them in a structured, commonly used and machine-readable format.
Right to object under Art. 21 UK GDPR: Data subjects have the right to object, on grounds relating to their particular situation, at any time to the processing of their personal data which is carried out on the basis of Art. 6 (1) e) UK GDPR (performance of a task carried out in the public interest) or Art. 6 (1) f) UK GDPR (legitimate interests of the controller); this also applies to any profiling based on these provisions. If the data subject objects, we will no longer process the relevant personal data unless we can demonstrate compelling legitimate grounds for their processing which override the interests, rights and freedoms of the data subject, or if the data are processed for the establishment, exercise or defence of legal claims. This does not apply if we engage in direct marketing based on the above provisions. If objections are raised to the processing of personal data for the purposes of direct marketing, the personal data concerned will no longer be processed for these purposes – unreservedly and irrespective of any weighing of conflicting interests. Objections pursuant to Art. 21 UK GDPR may be set out in writing or emailed to us or to our data protection officer at the contact addresses provided (see above “Who is responsible for data processing and who is available for you to contact?”).
Right to withdraw consent under Art. 7 (3) UK GDPR: Data subjects have the right to revoke any declarations of consent which may have been issued under data protection law and to do so at any time with effect for the future.
Right to lodge a complaint with a supervisory authority: Data subjects are entitled under Art. 77 UK GDPR to lodge a complaint with a supervisory authority, especially in the UK, the Member State of their habitual residence, place of work or place of the alleged infringement, if they consider that the processing of their personal data infringes the UK GDPR. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy. The supervisory authority responsible for our company is as follows: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF Other concerns: If you have any further questions or concerns regarding data protection, please contact our data protection officer by email at data.protection@mewa.co.uk.
8. Do you have a duty to provide data?
In order to make our website available to you and to enable you to use the relevant services/functions (e.g. contact form, online purchase orders, etc.), we need you to provide the personal data required for these purposes. Without these data, it will not be possible to access our website content or to use the relevant services/functions.
9. Are your data used in the context of automated decision-making / profiling?
You have the fundamental right not to be subject to a decision based solely on automated processing – including profiling – which produces legal effects concerning you or significantly affects you in a similar manner. It is important to note that these decisions may not be routinely based on special categories of personal data pursuant to Art. 9 (1) UK GDPR. We would like to point out that we do not use any such decision-making processes in the context of our website and the associated data processing operations.
10. Can changes be made to this data privacy statement?
Further development of the Internet and of our website may also affect our data privacy statement. We reserve the right to revise this data privacy statement from time to time in the future in order to ensure that it complies with the current legal requirements or to reflect additions or changes to our website. The version of this data privacy statement which is applicable at the time of your visit can be accessed on each page under the link “Privacy Policy”.
11. How do we handle customer data?
In addition to this website-related data privacy statement, we also refer to our general information on “Managing Personal Data” which outlines the policy governing the processing of personal customer data in other respects and is also available in digital form under the following link: please click here.
Last revised: December 2023