DMA Group (“DMA”, “we”, “us”) is committed to ensuring that any personal data we collect and use is appropriate for the provision of our services and in compliance with relevant regulations including the General Data Protection Regulation 2016 (“GDPR”).
This policy describes what personal data we collect and why, how we process and share your personal data, how long we retain your data and your rights in relation to your data.
What personal data do we collect and why?
When you contact DMA in any capacity we may collect your name, email address, telephone number and other contact information. This is done for the purposes of responding to you and keeping a record of our communications. When you provide your personal data to us in person, or on the phone, or through electronic communication, you consent to us using your personal data for this purpose.
When you have a customer relationship with DMA we may collect your job title, physical location and other similar data. This is done for the purposes of providing our services to you.
We may also ask you to provide feedback on our services which may be associated with your personal data in our systems. This will not be disclosed publicly without your advance written consent.
When you have a supplier relationship with DMA we may collect your job title and similar data. This is done for the purpose of enabling your provision of services or products to us.
When you interact with DMA’s website or other online services we may collect information on your usage of those services that includes your physical location, IP address and other similar data. If you have already consented to provide us with your personal data, this usage data may be associated with that personal data. If you did not provide us with your personal data, the usage data is held anonymously. In either case, the purpose of usage data is solely for the improvement of the online services we offer.
How we process and share your personal data
DMA will never share your personal data with advertisers or sell your personal data to third parties.
In order to operate our business we share personal data with various third parties from the following categories:
- Subcontractors that provide services that we use in the provision of our own services to our customers.
- Suppliers that provide the materials we use in the provision of our services to our customers.
- Platform As A Service technology providers that supply us with hardware to run the bespoke technology that drives out business.
- Software As A Service technology providers that supply ancillary software we use in the course of operating our business, such as email, helpdesk, customer relationship management and similar services.
In each case, the relationship between us and that third party is governed by a Data Processing Agreement that ensures that our obligations to you under GDPR are maintained by that third party.
None of the third parties we use in this way is based in a country that does not have an adequate level of data protection as determined by the EU.
How long we retain your data
We intend to keep your data for no longer than necessary. This will typically be 12 months from your or your company’s last interaction with DMA, unless we receive specific instruction that you are no longer part of any contractual arrangement or you have requested us to remove your personal data as part of your right of erasure.
Your rights in relation to your personal data
Right to be informed: this policy explains how we are going to use your personal data.
Right of access: You have the right to access your personal data. You can submit a Subject Access Request by emailing DataProtection@dma-group.co.uk and we will try to respond as soon as possible.
Right to Rectification: You have the right to correct any data we hold about you that is incorrect. You may correct this data using our online services where available, or by asking us to do this by emailing DataProtection@dma-group.co.uk.
Right to Erasure: You have the right to ask us to delete your personal data. You can request this by emailing DataProtection@dma-group.co.uk and we will action the request or respond with an explanation of the legitimate reason why this is not possible.
Right to Restrict Processing: You have the right to restrict processing of your personal data in some circumstances. Please request this by emailing DataProtection@dma-group.co.uk and we can discuss the specific circumstances of your request.
Right to Object to Processing: You have the right to object if you disagree that your personal data is being used only in relation to our legitimate interests. Please email DataProtection@dma-group.co.uk to discuss the specifics of your objection.
Right to Data Portability: Similar to your right of access, please submit a Subject Access Request by emailing DataProtection@dma-group.co.uk and we will provide you with the information we hold about you.
You have the right to complain to the Information Commissioner’s Office (https://ico.org.uk) if you believe we have not met our obligations to you in relation to Data Protection.
How to contact DMA
Our data controller responsible for your personal data in connection with GDPR can be reached here:
Data Protection Officer
DMA Group
4 Ambley Green
Gillingham
ME8 0NJ
DataProtection@dma-group.co.uk
01634 384 220