- Data is a liability, it should only be collected and processed when absolutely necessary.
- We don’t like spam either, therefore we won’t spam you!
- We will never sell, rent or otherwise distribute or make public your personal information.
Consent to Collect
We collect data from users that have created accounts with us, and user that use our contact forms, trade account application forms and newsletter subscriptions. See section 3 for more detailed information
We ask for consent during the account creation process with a checkbox. A link to this page is provided during the account creation process.
The legal basis for us to collect the data is to be able to provide you with a service.
Who Has Access to Our Data?
Only we have access to our data.
This website collects and uses personal information for the following reasons:
Site visitation tracking.
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
What Data Do We Hold?
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.
We accept payments through Payment Sense. When processing payments, some of your data will be passed to Payment Sense, including information required to process or support the payment, such as the purchase total and billing information.
Contact forms and email links
Should you choose to contact us using any of our contact forms, we willstore the data for our own administration within the website database. Data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then de-crypted by our local computers and devices.
You can request the data that is stored from our GDPR – Request Personal Data Page.
Newsletter & emails
If you have subscribed to our newsletter or if you are a member of our website (you can log in) or if you have purchased on our website, there is a good chance you will receive emails from us.
We will only send you emails which you have signed up to receive, or which pertain to the services we provided to you.
To send you emails, we use the name and email address you provide us. Our site also logs the IP address you used when you signed up for the service to prevent abuse of the system.
This website can send emails through the MailPoet sending service. This service allows us to track opens and clicks on our emails. We use this information to improve the content of our newsletters.
No identifiable information is otherwise tracked outside this website except for the email address.
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor. The email address that you submit will also be stored within this website’s own database, this allows us to use our in-site newsletter function.
Your email address will remain within MailChimp’s database and within our website for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal using our Request Personal Data Page . When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
You can unsubscribe at any time using the unsubscribe links contained in any email newsletters that we send you.
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the MailChimp & Website database, you will receive periodic newsletter-style emails from us. You can unsubscribe at any time using the unsubscribe links contained in any email newsletters that we send you.
As detailed in section 3 above we store personal information, we have to in order to provide a service to you the customer.
If you have an account on this site, Requested a quote, purchased goods or have left comments our site will store information. The information is stored in an identifiable fashion however you can choose to delete or anonymise your data.This does not include any data we are obliged to keep for administrative, legal, or security purposes. You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you by using the GDPR – Request Personal Data Page.
We have invested to protect your data. We host our website on our own dedicated server and our hosts https://freshsites.co.uk/ have a strong server side firewall in place.
You have the right to be forgotten completely and we don’t mind if you want to. To do this you can delete your account using our Delete My Account Request Form.
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out in section 2.0. 2 of these third parties are based in the USA and are EU-U.S Privacy Shield compliant.
We will report any unlawful data breach of this website’s database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
It is highly unlikely that this will happen as we operate a double firewall system via our hosts servers and and site-wide firewall.
The data controller of this website is: Mechanical Air Supplies LTD. We are UK Private limited Company (company number: 2711708).
Our registered address is:
2nd Floor Curzon House
24 High Street Banstead,
Our Operating Branch Addresses can be found on Our Branches Page.
As an SME, we do not fall under the requirements to appoint a Data Protection Officer, however we do have staff that can answer any enquiry regarding the use of data.
You can request your personal data and delete you account on our GDPR – Request Personal Data Page.