McBride plc and its subsidiary or associated companies and undertakings (together ‘McBride ‘) is committed to protecting and respecting your privacy.
McBride is a European manufacturer and supplier of Contract Manufactured and Private Label products for the domestic Household and professional cleaning/hygiene markets. The collection of personal information is limited to personal information of individuals representing the stakeholder or commercial enterprise/business entity that will enable us to manage McBride’s relationship with you, as explained further in this notice.
McBride will be the data controller of your personal information which you provide or which is collected by McBride via our Website. This means that McBride is responsible for deciding how to hold and use personal information about you and is required to notify you of the information contained in this notice. It is important that you read this notice so that you are aware of how and why McBride is using such information and how it will be treated.
The information which you provide to McBride may include information about other individuals who are associated with your organisation or business. If you provide McBride with information about such individuals, it is important that you provide them with a copy of this notice prior to providing McBride with the information and that you provide them with any updated notices McBride provide from time to time.
How we use your information
This notice tells you what to expect when McBride collects your personal information. It applies to information McBride collects:
When you interact with the McBride website or communicate with McBride by phone, email or otherwise;
Automatically when you use the McBride website; and
Where you apply for a job with us through our current vacancies and contracting positions microsites, available in Careers.
Website interaction and communication by phone, email or otherwise
If you interact with the McBride website or if you communicate with McBride by phone, email or otherwise, then McBride will collect your name, contact details, and any other personal information that you provide to us.
McBride will only use this personal information for the purpose of providing you with any information you request from McBride, or to deal with your enquiry. If you have provided any feedback to McBride, then we may use this feedback to improve the McBride website and/or the services McBride provide.
It is in McBride’s legitimate interests to process your personal information in this way, as it is necessary to respond to your request or enquiry and to help improve the McBride website and services we offer, and these interests are not overridden by any detriment to your rights or freedoms.
We will also keep a record of our correspondence.
Automatically when you use our Website
Each time you use the McBride website, we will automatically collect:
- We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to third parties. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual; and
- information about your visit such as the pages you request, clickstream to, through and from the McBride website, download errors and page interaction information such as scrolling, clicks and mouse-overs.
This information is only processed by McBride or a third party provider such as Google Analytics in a way that does not identify individuals. McBride does not make any attempt to find out the identities of those visiting our website.
We will use this information:
- to administer and improve the McBride website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to investigate and respond to website security incidents; and
- to ensure that content from the McBride website is presented in the most effective manner for you and your computer.
McBride will also disclose this information to selected third parties, including analytics, search engine and social media providers, that assist us with the improvement and optimisation of the McBride website (see the Disclosure of your Information section below for more information).
It is in McBride’s legitimate interests to use this personal information for the limited purposes set out above, which are not overridden by any detriment to your rights and freedoms, particularly as the information is only processed by us in a way that does not identify individuals.
McBride will not carry out any solely automated decision-making using your personal information obtained via the McBride website.
Where you apply for a job with us
Please refer to our Applicants privacy notices provided during our recruitment process, which explains what information we collect from you when you apply for a job with us and how we process that information.
Change of purpose
McBride will only use your personal information for the purposes for which McBride collect it, unless McBride reasonably considers that it needs to use it for another reason and that reason is compatible with the original purpose. If McBride needs to use your personal information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.
Disclosure of your information
The McBride website may, from time to time, contain links to and from other websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share information about you. McBride does not control those third-party websites and are not responsible for their privacy notices / policies. When you leave the McBride website, we encourage you to read the privacy notice of every website you visit before you provide them with personal information.
We may disclose your personal information to any member of our Group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If McBride or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of McBride, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Most of the personal information we collect about you is based in the United Kingdom or in some cases, a service provider or their sub-processor may be based elsewhere in the European Union (EU) and so, they are required to comply with European data protection law. On occasion, we may appoint a third-party service provider whose operation or a server or sub-processor may be based outside of the EU. As part of our Vendor Management Policy, we carry out due diligence on our third-party providers and assess whether your personal information will be transferred to them or accessed by them from outside the EU. If that is the case, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission1; or
- where we use providers based in the US, we may transfer personal information to them if they are part of the Privacy Shield which requires them to provide similar protection to personal information shared between the EU and the US. You can view certifications at privacyshield.gov2; or
- where we use certain service providers who are not in a ‘adequate’ country or part of the Privacy Shield, we may use specific contracts approved by the European Commission which give personal information the same protection it has in the EU, called an EU Model Clause Agreement3.
If you would like to know the specific mechanism used by us when transferring your personal information out of the EU, please contact us using the details set out in the “Contacting Us” section at the end of this notice.
Storage of your personal data
McBride will only keep your personal information for as long as necessary to fulfil the relevant purpose(s) collected for, as set out above in this notice, and for as long as we are required to keep it for legal purposes.
To determine the appropriate retention period for personal information, McBride consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances:
- you can ask McBride to delete your personal information, see Your Rights below for further details; and
- McBride may anonymise your personal information (so that it can no-longer be associated with you) for research, planning application or statistical purpose in which case, we may use this information indefinitely without further notice to you.
McBride have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
In addition, McBride limits access to your personal information to those employees, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator where we are legally required to do so.
Data protection laws provide you with the following rights, to:
- request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
- request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request erasure of your personal information in certain circumstances. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- request the restriction of processing of your personal information in certain circumstances. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it; and
- request the transfer of your personal information to another party.
You also have the right to object to the processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights above). However, McBride may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, McBride may refuse to comply with the request in such circumstances.
McBride may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. The ICO can be contacted by telephone on 0303 123 1113 or by post as follows: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or via email at firstname.lastname@example.org.
McBride would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance using any of the details set out below in the “Contacting Us” section.
If you have any queries, comments or requests regarding this notice or you would like to exercise any of your rights set out above, you can contact us as follows:
Contact: Company Secretary
McBride plc, Middleton Way, Middleton, Manchester, M24 4DP