Privacy Notice – Mummy Social
Any personal information provided to or gathered by Mummy Social is controlled by Mummy Social Limited (company number 9196932), registered in England and Wales and whose registered office is c/o Wortham Jaques, 130a High Street, Crediton, Devon EX17 3LQ (“we” or “us”). We are committed to protecting and respecting your privacy.
This Privacy Notice, together with any other documents referred to in it, sets out the basis on which any personal data that we gather or collect from you, or that you provide to us, will be processed. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it; we are the data controller under applicable data protection laws. By visiting www.mummysocial.com or using our mobile application (referred to here as our “Site”), you are accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 2018, including the General Data Protection Regulation 2016/679 (collectively, the “Act”), the data controller is Mummy Social Limited of 128 High St, Crediton, Devon, EX17 3LQ.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information you give us. You may give us information about you by filling in forms on our site or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our site, subscribe to our service, search for another user of our site by name, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey, and when you report a problem with our site. The information you give us may include your name, address, email address and phone number, personal description and photograph, your children’s names and dates of birth (if relevant), and if you are pregnant, your due date.
- Information we collect about you. With regard to each of your visits to our site, we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
- Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this site. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers) and may receive information about you from them.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
- Information you give to us. We will use this information
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
- to provide you with information about other services we offer that are similar to those that you have already purchased or enquired about;
- to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (email or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form);
- to notify you about changes to our service;
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
- Information we collect about you. We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- to provide a search function on our site which allows registered users to search for other registered users by name;
- as part of our efforts to keep our site safe and secure. For example, if you use our notice boards or circles, we may collect details of posts and private messages exchanged with other registered users for quality control and protection of individuals;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
- Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
We assess and document our processing activities on an ongoing basis and update our records, accordingly; our approach seeks to ensure good data governance and compliance with our data protection obligations.
We maintain records of consent, where we rely on active consent for the processing of personal data, and will ensure processing is limited or ceases where such consent is withdrawn.
WHY WE PROCESS YOUR PERSONAL INFORMATION
Our use of your personal information will at all times be in accordance with applicable data protection laws; we rely on the following grounds justifying our processing of personal data:
- Consent – explicit consent for us to do so.
- A Contract or Legal Obligation – to fulfil our obligations under an existing contract or other legal obligation, in certain circumstances our right to process this information will override your right to object to us doing so.
- Legitimate Interests – we may judge that we have legitimate grounds to process your personal information in certain ways and where that is the case, we will balance our own interests against your own or the relevant individual whose data is being processed, to ensure that the rights and interests of those individuals who interact with us are protected.
- Vital Interests – with particular reference to contact details, beliefs and medical information made known via our mobile application (or other ‘special category’ information), it may be necessary to process such information to protect an individual’s vital interests, in an emergency or a similar situation where the individual concerned may be unable to provide specific consent.
Where information is obtained through or as a result of your use of our website or mobile application, we use this information for the following purposes:
- To understand and appreciate your needs and requirements as a user of our site or our services generally;
- To keep in contact with you;
- For internal record keeping;
- To provide relevant information about our services or those that we may offer from time to time;
- To improve our products and services;
- For analysis in relation to the technical specification and user experience of our site, for the purposes of developing and improving our site and the services that we provide; and
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
In relation to childrens’ data, this may be processed for the purposes of helping to develop or improve our services and for communications about the services that we provide or are providing to you or to those participating, but we will only communicate in this way with your people where they have received appropriate information about our intentions and where relevant with their prior consent. We will not knowing send any communications of this nature to children who are 12 years old or younger.
We may process personal information, following anonymisation, to assess trends or for research or analysis; however, any particular individual will not be identifiable where we choose to undertake such activities.
YOUR RIGHTS AND HOW TO EXERCISE THEM
You may request a copy of the information that we hold about you (known as a Subject Access Request). In addition, under the GDPR, you may exercise the following rights:
- A right of access to the information that we hold about you – as above.
- A right to have your information corrected if it is inaccurate or incomplete.
- A right to have information removed or deleted from our records and systems.
- A right to block us from processing your personal data or to limit the way(s) in which we can use it.
- A right of portability; to request that we move your personal information to someone else, in a machine- readable form.
You have the right to manage your preferences in relation to the kinds of information that we collect and the manner in which your information is processed – you can update these preferences at any time through our site; you can also withdraw your consent, either as a whole or in relation to particular kinds of information or delivery methods. We encourage our users and clients to exercise these preferences so that they only receive the information that they wish from us and so that our use of their information is consistent with their own expectations.
You may ask us to erase information that we hold about you, except where there is some other reason requiring us to maintain the information, such as for insurance purposes, for example. We monitor and will also delete information and data that we hold, where we reasonably consider this no longer to be required.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes, or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at 128 High St, Crediton, Devon, EX17 3LQ / firstname.lastname@example.org.
Please contact us via a simple request, where you wish to exercise any of your above rights or if you wish to file a complaint about our collection, processing or use of your personal information.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
ACCESS TO INFORMATION
The Act gives you the right to access information held about you. Your right of access can be exercised at any time by sending us a simple request – this may be via e-mail, the contact us function within our website or mobile application or via written correspondence; if you make a request verbally, we may confirm this back to you in writing, for our own records.
Under GDPR (which, in this Privacy Notice, means EU Data Protection Regulation 2016/679 and laws implementing or supplementing GDPR as the data protection or privacy laws of any other country), the nature of the processing that we undertake does not require us to appoint a formal Data Protection Officer (DPO); however, we may maintain equivalent standards and the nominated representative for the purposes of compliance with our data protection obligations is our Managing Director.
DISCLOSURE OF YOUR INFORMATION
We will never share your personal information with others for commercial gain or in ways that you would not reasonably expect of us.
Unless we have your explicit consent otherwise, we will only share your personal information where this is necessary to fulfil our contract with you or where we have a legal obligation to do so.
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in SW1). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
Circumstances where we may disclose your personal information:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Mummy Social Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce any other legal agreements which apply to us; or to protect the rights, property, or safety of Mummy Social Limited, our registered users, or others.
- In addition, we may process your information where we are required or permitted to do so under applicable law, where required to do so by any Government agency or law enforcement, where it is necessary in connection with the sale or potential sale of our business or where we conclude that we have and can show one or more legitimate interests for doing so.
WHERE WE STORE YOUR PERSONAL DATA
We are committed to ensuring that your information is secure, and use high-tech servers that are using the latest security features in order to prevent unauthorised access or disclosure. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site, and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
SERVICE PROVIDERS AND THIRD PARTIES
We may on occasion have the need to transfer your data to suppliers located outside of the European Economic Area (“EEA”), including in the USA. We will only do so where the legal regimes of those territories outside of the EEA offer an equivalent standard of data protection to our own.
Where it is necessary to provide information to external service providers or partners in relation to services that they provide to us, in order to operate our business or to provide you with the services requested, we have adopted approved model data protection clauses in our arrangements with them, to ensure they meet the same high standards required in relation to the processing of your personal information under applicable data protection laws.
TECHNICAL AND ORGANISATIONAL MEASURES AND SECURITY
The protection of our clients’ personal information is important to us and therefore we have and maintain appropriate technical and organisational measures to achieve these aims. These seek to protect personal information that we process from and against unauthorised or unlawful use, or accidental loss, damage or destruction and we review these measures, on a regular basis to ensure that they are appropriate.
These include encrypted access to our systems, only accessible by our personnel, utilising secure and regularly-updated passwords and access to and processing of information though our site, using secure HTTPS. We do not however process any bank or card details through our site; instead using an established third party provider to take payments online.
In relation to data security, you accept the risk that data transmitted to us through this site via electronic means may be intercepted before reaching us or may be accessed by unauthorised third parties, or exploited unlawfully. We do not assume any responsibility for guarding against the acts of third parties and shall not be liable for any direct, indirect or consequential losses or damages incurred or suffered as a result.
HOW LONG WE STORE PERSONAL DATA
We maintain the data that we collect in providing our services to clients, for certain periods of time that we have determined; after which such data will generally be erased or securely destroyed.
YOUR INFORMATION AND KEEPING IT UP-TO-DATE
You have the right to request details of the information that we hold about you. Should you wish to be provided with these details, please contact us with a simple request.
We wish to keep any information that we hold about you accurate and up to date and therefore please contact us if the information we hold about you needs updating.
If you have any questions or concerns regarding your privacy, or if you experience difficulties in accessing or viewing any site(s) operated by us, please contact us.
We value your feedback in relation to our online presence and therefore welcome any comments or feedback which you may have.
CHANGES TO OUR PRIVACY NOTICE
Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy notice.