Middlemist London GDPR Policy

1. Introduction

Middlemist London is committed to protecting the privacy and personal data of its users and customers. This GDPR policy outlines how we collect, store, process, and protect personal data in compliance with the General Data Protection Regulation (GDPR).

2. Data Collection and Processing

2.1. Personal Data Collection

We collect personal data from users and customers for the following purposes:

- Order processing and fulfillment
- Account registration and management
- Customer support
- Marketing and communication purposes (with explicit consent)

The personal data we may collect includes:

- Name
- Contact information (email address, phone number, mailing address)
- Billing and payment information
- Order history and preferences
- IP address and browsing information
- Other information voluntarily provided by users/customers

2.2. Legal Basis for Processing

We process personal data based on one or more of the following legal bases:

- Performance of a contract: Processing necessary for the performance of a contract with the user/customer.
- Legitimate interests: Processing necessary for our legitimate interests, such as improving our services, marketing, and fraud prevention.
- Consent: Processing based on the user's/customer's explicit consent for specific purposes.

2.3. Data Retention

We retain personal data for as long as necessary to fulfill the purposes outlined in this policy or as required by law. When personal data is no longer needed, it will be securely deleted or anonymized.

3. Data Security

We implement appropriate technical and organizational measures to ensure the security and confidentiality of personal data. This includes:

- Regular security assessments and updates
- Secure storage and transmission of data
- Access controls and authentication mechanisms
- Employee training and awareness programs
- Data breach response plan

4. Data Sharing and Third Parties

We may share personal data with third-party service providers or partners who assist us in providing our services. These third parties are contractually bound to protect the confidentiality and security of personal data and are prohibited from using it for any other purpose.

5. User Rights

Users and customers have the following rights under the GDPR:

- Right to access: Request access to personal data we hold about them.
- Right to rectification: Request correction of inaccurate or incomplete personal data.
- Right to erasure: Request deletion of personal data under certain circumstances.
- Right to restrict processing: Request restriction of processing under certain circumstances.
- Right to data portability: Request a copy of personal data in a structured, machine-readable format.
- Right to object: Object to the processing of personal data for specific purposes.
- Right to withdraw consent: Withdraw consent for processing based on consent.

To exercise these rights, users and customers can contact us using the information provided in the "Contact Us" section.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance user experience and collect usage data. Please refer to our separate Cookie Policy for more information.

7. Updates to the Policy

We may update this GDPR policy from time to time to reflect changes in our data processing practices or legal requirements. The updated policy will be posted on our website with a revised effective date.

8. Contact Us

If you have any questions, concerns, or requests regarding this GDPR policy or our privacy practices, please contact us at:

Middlemist London

Victoria Sandilands

52 Roberts Road, Basildon, Essex, SS156AY