Privacy Policy

McMullan & O’Donnell Ltd

Privacy Policy (GDPR)

1. Who we are

McMullan & O’Donnell Ltd is a Limited Company. We are Window & Door Manufacturers in the

Construction Industry.

Registered Company Number NI 31571. Registered Office 101 Drumflugh Road, Benburb, Co.

Tyrone BT71 7LF

2. Your rights

At McMullan & O’Donnell Ltd we are committed to protecting and respecting your personal data

and privacy. This privacy policy relates to our use of any personal data we collect from you.

Whenever you provide such information, we are legally obliged to use your information in line

with all applicable laws concerning the protection of personal data.

The General Data Protection Regulation (‘GDPR’) ensures that we use your personal information

only if we have a proper reason to do so. The law says we must have one or more of these

reasons for using your data:

  • To fulfil a contract we have with you to provide our services;
  • Where it is our legal duty;
  • When it is in our legitimate interest;
  • When you consent to the use of the data.

    • A legitimate interest is when we have a business or commercial reason to use your information.

    If we rely on our legitimate interest, we will tell you what that is.

    Under the GDPR your rights are:

    To be informed – we must make available this privacy notice with the emphasis on transparency

    over how we process your data.

    Access – you are entitled to find out what details we may hold about you and why.

    Rectification – we are obliged to correct or update your details.

    Erasure – this is the right to be forgotten.

    Restrict processing – you have the right to suppress the processing by us of your personal

    data.

    Data portability – you have the right to obtain your personal data that you have provided to us.

    Object – you have the right to object to us processing your data.

    3. Your personal data

    At McMullan & O’Donnell Ltd we process personal data. This may include your name, address &

    contact details, email address etc. We primarily collect personal data in relation to the provision

    of our services, including details of your bank account or Credit Card.

    3.1. How we collect data

    We generally collect your data in the following ways:

  • Through engagement (or potential engagement) of our services.
  • By communications including email, telephone & post.
  • When you fill in a form on our website (such as the contact request form)
  • Via Google Analytics*

    • * We use Google Analytics to store information about how our website visitors use our website so

    that we may make improvements and give visitors a better user experience.

    Google Analytics is a third-party information storage system that records information about the

    pages you visit, the length of time you were on specific pages and the website in general, how

    you arrived at the site and what you clicked on when you were there. These cookies do not store

    any personal information about you e.g. your names, address, etc. and we do not share the

    data. You can view their privacy policy below:

    Google – http://www.google.com/intl/en/policies/privacy/

    We use Facebook occasionally and their advertising services but there are no tracking codes

    installed on our website and so no personal data is stored.

    3.2. How & why your data will be used

    At McMullan & O’Donnell Ltd we take your privacy seriously and will only use your personal

    information in the course of the provision of service or engagement that you have requested from

    us. We will only use information provided to us subject to your instructions, data protection law

    and our duty of confidentiality.

    Your data may be utilised for internal use and operations including data analysis for management

    purposes, organisation and maintenance to our own internal systems.

    We may use your personal information to provide you with information about services we offer

    that we feel would be of benefit or interest to you or to notify you about changes to our services.

    3.3. How we will share your data

    Your information may be shared internally within our organisation for administration purpose or

    for the purpose of service provision. Otherwise your information will be retained with McMullan &

    O’Donnell Ltd except where disclosure is required or permitted by law or when we use third party

    service providers (data processors) to supply and support our services to you.

    We use third party service providers such as organisations to help us provide services to you.

    These would include:

    1. Accounting & payroll providers including Sage,Windowmaker Software, Auto Entry and

    associated processing services;

    2. Email & secure document exchange systems;

    3. Our IT Service support is Central Business Systems,Saintfield, Co. Down

    4. Cloud storage solutions and providers.

    We may share you data with third parties such as HMRC, Revenue Commissioners Ireland, or

    any other legislative body as deemed necessary under legal or statutory requirements. Any

    interaction with third party financial institutions or financial/legal professionals will be done at your

    request or prior agreement.

    3.4. Data Retention

    We will only retain your personal data for as long as is necessary to fulfil the purposes for which

    it is collected. When assessing what retention period is appropriate for your personal data, we

    take into consideration:

  • The requirements of our business and the services provided;
  • Any statutory or legal obligations such as HMRC record retention legislation;
  • The purposes for which we originally collected the personal data;
  • The lawful grounds on which we based our processing;
  • The types of personal data we have collected.

    • 3.5. Data security

    We have put in place appropriate security measures to prevent your personal data from being

    accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we

    limit access to your personal data to those employees, agents and other third parties who have a

    business need to know. They will only process your personal data on our instructions and they

    are subject to a duty of confidentiality. We have put in place procedures to deal with any

    suspected data security breach and will notify you and any applicable regulator of a suspected

    breach where we are legally required to do so.

    3.6. Data correction/deletion/consent withdrawal

    Should you wish to have a necessary correction made to the data we hold, make an application

    for your data to be deleted or you wish to withdraw your consent to data processing, you should

    make a request in writing to the postal or email address provided.

    Please note:

  • We may have a legal or statutory requirement to retain some data following a data deletion

    • request/withdrawal of consent.

  • The withdrawal of consent does not affect the lawfulness of earlier processing.
  • If you withdraw your consent, we may not be able to continue to provide services to you.

    • 4. Subject Access Request

    A Subject Access Request under GDPR is your right to request a copy of the information that we

    hold about you. Such requests must be in writing to the contact details provided in this policy. If

    we do hold your personal data, we will respond in writing within one calendar month of your

    request (subject to the request being submitted in accordance with this policy and verification of

    identity).

    The information we supply will:

    Confirm that your data is being processed, verify the lawfulness and the purpose of the

    processing and will contain the information held in a readable format.

    In the event that we do not hold information about you, we will also confirm this in writing at the

    earliest opportunity.

    How to contact us:

    Please contact us if you have any questions about our Privacy Policy or wish to make a formal

    request as noted above.

    By Email: info@mcmullanodonnell.com Subject ref: Privacy/GDPR

  • Or in writing to GDPR Compliance, McMullan & O’Donnell Ltd, 101 Drumflugh Road,

    • Benburb, Co. Tyrone BT71 7LF

  • Or alternatively, full copy available in reception

    • You also have the right to lodge a complaint with the Information Commissioner's Office,

    whose contact details are as follows:

    Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

  • Telephone 0303 123 1113 (local rate) or 01625 545 745