Who are ‘we’?
We are Mail Solutions UK Limited trading as Kalamazoo Direct (“Mail Solutions”), Halesfield 2, Telford, Shropshire, TF7 4QH, England, UK. Mail Solutions is responsible for processing the personal data you provide to us as a data controller and is registered with the Information Commissioner’s Office in the UK under the UK Data Protection Act 1998.
What is personal data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
What information do we collect?
We collect and process certain personal information about you to give you the best possible experience when interacting with us and when using our products and services.
Types of information recorded may include:
– Information about who you are, such as title, name, email address, postal address, telephone number(s) and date of birth
– Information on your company such as name, email address postal address, telephone number and nature of business
– Financial information such as bank details, credit card details and information obtained as a result of credit checks
– Information connected to completing an order for a product or service, such as billing address and delivery address
– Information about products and services you have previously shown interest in, such as enquiries received
– Information about order / purchase history such as expenditure figures, product types and buying patterns
– Information about your contact with us such as telephone calls, emails, meetings, feedback
– Information about your marketing preferences such as opting-in for email newsletters
Where we collect your information
We may collect your personal information directly from you, from a variety of sources, including:
– When purchasing any of our products or services
– When completing credit application / account contact forms
– Phone conversations with us
– Emails or letters you send to us
– Product or service enquiries you send us
– Meetings with members of our Sales Team
– Participating in research surveys or polls
– When using online services such as our websites (via cookies)
We may also collect or receive your personal information from other sources such as Fraud Prevention Agencies, Credit Reference Agencies, other lenders, HMRC, publically available directories and information (for example, telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organisations to assist in prevention and detection of crime, police and law enforcement agencies.
Cookies & IP addresses
To make this site work properly, we sometimes place small data files called cookies on your device.
What are cookies?
A cookie is a small piece of information that is saved onto your computer or other device when you visit our website. They help us to improve our site and to deliver a better and more personalised experience.
You can set your browser to refuse the setting of cookies. Please note that selecting this setting may restrict your use of our website. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
Please find below a list of cookies we use and their function.
Necessary Cookies: (Name = Function)
3rd Party / Analytical Cookies: (Name = Function)
|This cookie is installed by Google Analytics.
We may also collect information about your computer, including IP address information, operating system and browser type, to get detailed analytics information. This is not designed to spy on you or identify you as an individual; it is just to help us monitor the performance of our website.
How do we use your information?
We collect and use your personal information, for the following purposes:
– To provide you with products and services that you have requested from us
– To fulfil our obligations arising from any contracts / agreements entered into between you and us
– To tell you about any changes to our products and services
– To monitor and to keep records of our communications with you
– To provide you with information about products or services which we feel may be of interest you, but based on your marketing preferences
– To improve the content and design of both our offline and online marketing communications for a better user experience
– To develop new products and services and to review and improve existing products and services
– To carry out checks at Credit Reference and Fraud Prevention Agencies for all credit account applications and periodically after that
– To comply with legal and regulatory obligations, requirements and guidance
– For market research, statistical analysis and customer profiling to create more engaging communications
– For management and administrative purposes
– To facilitate the sale of one or more parts of our business
What is our legal basis for processing your personal information?
Data protection laws require that, where we process your personal information, we must satisfy at least one prescribed condition for processing.
These are set out in data protection law and we rely on the following legal bases to use your personal information:
– Providing our products and services to you: Processing your personal information may be necessary in order to provide the products or services that you have requested. For example, with any online orders we would need to record payment/transaction details and contact information such as name, delivery address and telephone number.
– Complying with applicable laws: We may process your personal information to comply with any legal obligations.
– Consent: Where you have given us your explicit consent, we may send you marketing information about our services or products, which we believe could be of interest and benefit to you. If we ask for your consent, we will explain why it is necessary and make it clear when you provide your personal information.
– Legitimate interests: We may process your personal information for legitimate business interests, such as maintaining our business records, sending marketing communications, carrying out market research and/or profiling, developing and improving our products and services.
When processing your personal information for our legitimate interests, we will consider and balance any potential impact on you and your rights under data protection and any other relevant law by carrying out an assessment.
Our legitimate business interests do not automatically override your interests. We will always act reasonably and give full and proper consideration to your interests in carrying out this assessment.
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our products or services.
Who do we share your information with?
Your personal information may be shared with other companies within the Mail Solutions Group, so they can assist us in providing products and services to you.
We may also share your information with third parties for the reasons outlined in ‘How do we use your personal information?’ Third parties include:
– Companies supporting us in the delivery of the products and services we offer to you
– Police, law enforcement, credit and identity check agencies for the prevention and detection of crime
– Fraud detection agencies and other third parties who operate and maintain fraud detection registers
– Governmental and regulatory bodies such as HMRC and the Information Commissioner’s Office for the UK (the ICO)
– Other organisations and businesses who provide services to us such as website hosting providers, IT software and maintenance providers, marketing services, document storage providers and suppliers of other administration functions
– Legal and regulatory authorities to protect our rights, property, or the safety of our customers, staff and assets
– Selected third parties in order to enforce or apply our terms, policies and other agreements
– In the event that we sell or buy any business or assets, in which case we’ll disclose your personal information to the prospective seller or buyer of such business or assets
– If Intrinsic Paper Straws, or substantially all of its assets are acquired by a third party, in which case personal information held by it about its customers will be one of the transferred assets
– Our online payment solutions are carried out using a ‘payment gateway’ (e.g. PayPal) which is a direct connection to a payment service provided by a bank. This means that your payment card information is handled by the bank and not processed by us.
We do not sell or share your personal information for other organisations to use.
Where your information is processed?
The majority of your information is processed in the UK. However, there may be instances where certain information is processed by third parties we work with outside the European Economic Area (EEA).
Where your information is being processed outside of the EEA, we will take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws.
How we protect your information
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
How long we keep your information
We will keep your personal information only where it is necessary to provide you with our products or services while you are a customer.
We may also keep your information after this period but only where required to meet our legal or regulatory obligations. The length of time we keep your information for these purposes will vary depending on the obligations we need to meet.
Keeping your personal information accurate
Intrinsic Paper Straws will make every effort to ensure that all personal information is kept accurate and up to date as far as is reasonably possible. However, we encourage individuals to inform us of any changes to their information.
Your information rights
You have the following rights in relation to our use of your personal information:
– The right to be informed about the processing of your personal information
– The right to rectification of your personal information if it is inaccurate and to have incomplete personal information completed
– The right to object to processing of your personal information
– The right to restrict processing of your personal information
– The right to erasure of your personal information (the “right to be forgotten”)
– The right to request access to your personal information and to obtain information about how we process it
– The right to move, copy or transfer your personal information (“data portability”)
– Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you
If you would like to know more about your rights under the data protection law, please visit the Information Commissioners Office website.
If you have any cause for complaint about our use of your personal information, you have the right to lodge a complaint with the Information Commissioners Office.
How to access your personal information
If you want to know what personal information we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal addresses shown in ‘How to contact us’. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal information within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
We would like to keep you informed, from time to time about relevant products and services as part of our marketing communications. We may use your postal address, email address, telephone or other electronic methods to contact you, based on your marketing preferences that we have recorded.
You have the right at any point to change or update your marketing preferences at any time by contacting us using the details for our Data Protection Team, or by following the instructions in the communication. If you ask us to stop sending marketing communications, please note we will retain your personal information for the purposes of indicating that you do not want to receive marketing communications.
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at firstname.lastname@example.org or by mail using the details provided below:
[Re: Data Protection Team]
Mail Solutions UK Limited, Halesfield 2, Telford, TF7 4QH, United Kingdom