At Merson Signs Limited, we deliver the design and manufacturing of signage.
Merson Signs Limited is a company in Scotland registered in Scotland with registered number SC020547 and having its registered office address at 2 Young Place, Glasgow, G75 0TD.
We are a data controller for the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679) (GDPR) and related data protection legislation.
If you have any questions about our Privacy Notice or our data protection policies generally, please contact us:
We are fully committed to handling personal information in accordance with the General Data Protection Regulation (GDPR) which comes into force on the 25 May 2018.
This means your personal information will be:
It is important that you are aware of our procedures and practices and understand your rights in relation to your personal data and this Privacy Notice is designed to be part of that information.
We need to process your personal data throughout our relationship with you for updating you on our services, server issues, website updates, regulatory requirements.
“Personal data” or “personal information” is any information relating to or about an individual from which that person can be directly or indirectly identified. It does not include data where the identity has been removed (anonymous data).
We may collect this information directly from you (e.g. when you submit a form to us or enter into a contract for services with us or via a face to face meeting).
We will only use your personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
We may also use your personal information where we need to protect your interests (or someone else’s interest) or where it is needed in the public interest.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We will not share your personal information with third parties unless they are part of the Merson Group of companies. We will take all reasonable steps to ensure all information sharing is carried out in a secure way and will ask our third-party associates to assure us they will handle your personal data securely by using contracts to make our requirements clear and within the legal requirements as set out in the GDPR.
The retention periods for personal data depend on the purpose for which the information was obtained and will differ for different uses.
We may retain in our CRM system to highlight possible connections and touch points to better advise of contact with you, however we do regularly clean our databases to keep the information current and this information is securely deleted.
Your data is stored on a secured (CRM) database enforced by password protocols.
We do collect statistics on visits to our website and social media sites and whilst these are anonymous statistics, your IP address may be considered personal data under the legislation. Therefore, we may collect information about the computer or device which is used to access our website. We use this information to collect anonymous statistics to view traffic to the site and how the site is used. This collection does not identify individual users.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
In the event of a “high risk” personal data breach the individual(s) will be notified immediately within 72 hours as well as the Information Commissioners Office (ICO). Our company and staff shall follow our security protocols in line with our “Data Breach” company policy as well as the ICO guidelines and take all necessary precautions in order to minimise the severity of the breach for the individual. All personal data breach shall be recorded in our data breach register.
Right to be informed:
You have the right to be informed about the processing of your personal data, and this Privacy Notice provides you with the information you need to reassure you that we handle your personal data securely and lawfully.
Right of access:
You have the right to request access to your personal data and to request further information relating to your personal data such as the purposes of processing, the categories of organisations with whom we share your personal data, the retention period for such personal data and the existence of any automated decision-making relating to your personal data.
Right to rectification:
You have the right to have any inaccuracies or factual errors corrected or incomplete data amended. If this information has been disclosed to a third-party we will inform that party and request that they amend their records. We want your information to be accurate, complete and up to date so you can ask us to make any rectifications necessary as your details or circumstances change.
Right to erasure (the right to be forgotten):
You can request to have your personal data deleted or removed if there is no compelling reason to keep it, as follows:
If the personal data is held for statutory or regulatory requirements it cannot be erased. Any request made will be discussed with you, unless deletion is an obvious step.
Right to restrict processing:
This relates to personal data where the accuracy is contested or where you have objected to our processing based on our legitimate interests or where we no longer require the personal data but you request us to keep. It is a complex area and whilst a decision is being made in consultation with you, we will store the data but not process it.
Right to data portability:
You have the right to take and use your data for other services or purposes. Where the personal data provided by you is processed on the basis of your consent or a contract between us and you, we are required to make this information available to you in a readable easily transferred format.
Your right to object:
Where the processing of your personal data is based on our legitimate interests, you have the right to object (based on your particular circumstances) to the way we handle, use or store your personal data. If you object to our processing of your personal data, we will restrict any further processing until we determine whether or not there are any compelling reasons why we should continue the processing.
We will not sell your personal data:
We meet in person as we believe that is the best way to start our relationship and to asses your requirements for our services.
Exercise of your rights:
If you wish to exercise any of your rights in respect of your personal data, please contact us using the details above. Our Data Protection Officer will provide you with further information if required.
We will respond to any exercise of your rights within one month of such request, unless the request is complex in which case we will seek an extension and respond within a further two months thereafter.
We will respond to your requests to exercise your rights at no charge, although repeated or manifestly unfounded or excessive requests may be refused or may incur an administrative charge covering the time and other costs associated with this.
During the registration process we may ask how you wish to be contacted:
You are free to consent to all or one or more of these, however, the law requires that if you permit us to use only one method, that is the only method we can use. Given your requirements and opportunities that can come up at short notice you may wish to consider more than one contact method.
In the first instance we would request that you discuss any complaints with us. The ICO website has a template letter to assist you but we are happy to discuss in person if you contact us. If you are not satisfied after we address your complaint you can complain to the ICO;
Information Commissioners Office
The website has a live chat facility, or you can call 0303 123 1113 (local rate)
The latest news, articles and resources, sent to your inbox monthly.