What this outlines
Definitions under GDPR
Data Subject – means an individual who is the subject of personal data. Data Controller – A person who (either alone or jointly or in common with other persons) determines the purposes for which, and the manner in which, any personal data is, or is to be, processed. Data Processor – In relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller. Personal Data – Any information relating to any person that can be used to identify them either directly or indirectly, such as their name, email address, address, web browsing data or other factors.
Lawful grounds for processing
Milligan Ltd may process personal data lawfully for a number of reasons, including in order to:
- Carry out a task as instructed by the data controller, as necessary for the performance of a contract Respond, with your consent, to a message you have sent us through the website
- Comply with a legal obligation
- Carry out a task in the public interest, or in exercising official authority vested in Milligan
- Protect the legitimate interests of Milligan Ltd or a third party, except where this is overridden by your own interests or rights
Name and Address of the Controller and Processor:
71 Wimpole Street
+44 (0)20 7297 4300
The website is owned and operated by Milligan Ltd and we are therefore the designated data controller for it. You can contact Milligan Ltd via post, a contact form on our website, by telephone or email. The data protection officer can be contacted at the same address. You may at any time contact our data protection officer directly with all questions and suggestions regarding this policy and data protection in general at Milligan Ltd.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Sharing and transferring personal data
Milligan will not share or disclose information about you collected via our website to any third parties, unless we are legally obliged to do so.
Record keeping and Data retention periods
We will maintain clear and accessible records of all data processing activities. Data will only be kept for as long as is required and treated with the data consents you have provided. If you request for your personal data to be erased, please contact the Data Protection Officer at Milligan Ltd.
Milligan’s websites – How your information will be used
The use of the pages on the Milligan website and Gateway at Peak website, is possible without any indication of personal data other than the public IP address that you are browsing from; however, if you want to send Milligan a message, processing of personal data will become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we will obtain consent from you.
Milligan acts as both the data controller and processor in respect to the data received through our website. No information is passed on to third parties or sub-processors unless additional consent is collected first.
The most common reason cookies are being used would be for tracking, e.g. Google analytics which measures web traffic and browsing from different sources. You may, at any time, prevent the creation of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in your web browser, all functions of our website will continue to be usable.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Contacting us via the website
Visitors can contact us through the forms on our websites and via the email links. The personal data transmitted to us is determined by the information you enter. The personal data is collected and stored exclusively for internal use and specifically for responding to the message and its contents.
By using the contact form, your external IP address and the date / time of when the message was sent is also stored. The storage of this data is a security measure that takes place as a way to prevent the misuse of our services and, if necessary, to make it possible to investigate committed offenses. This data is not passed on to third parties, unless there is a statutory obligation to pass on the data to serve the aim of a criminal prosecution.
We use the data collected when a message is sent to us for responding to the message and its contents. You are free to request a change of the personal data specified within the form at any time,
or to have the data completely deleted from our systems.
The information collected as part of our correspondence with the data subject is only stored for as long as it is required to complete the correspondence and satisfy the query.
Data security breaches
Milligan Ltd takes management of your personal data seriously and takes all reasonable steps to appropriately secure your data. In the event that a data security breach occurs, it is the responsibility of the Data Controller to notify you without undue delay if there is likely to be a high risk to your data. Information will be provided regarding the nature of the breach and action being taken. Concurrently to this, Milligan Ltd will notify relevant parties such as the ICO and/or law enforcement agencies to ensure appropriate action is taken.
This policy may be updated as required to ensure its compliance with data protection legislation and to exercise best practice. We recommend regular review of this policy to ensure you are happy and in agreement with our policy and associated practices.