Privacy & EU GDPR Statement
MGC Websites Ltd has received, and will continue to receive training and advice on EU GDPR compliance. At the time of writing the UK Data Protection Bill has not reached parliament so the exact parameters are yet to be defined.
As a modern, digital business working with organisations and services all over the world, full EU GDPR compliance presents a significant challenge. Few of the products and services our business and our customers websites rely on are developed within the EU. Larger companies like Microsoft, Google and Apple are likely to make their services GDPR compliant, in many cases smaller companies will not.
As such MGC Websites Ltd aims for the maximum compliance level practicably possible whilst acknowledging that full compliance may not be achievable.
MGC Websites Ltd as a Data Controller
We are adapting our internal systems and investing in new hardware and software to increase our level of compliance. A full statement will be published here when one is ready.
MGC Websites Ltd as a Data Processor
Some of our clients websites store person data on, for example, their employees, customers, members or users. In administering these sites we have full access to this data. On occasions we may be presented with personal data that needs processing, e.g. a database of contacts that we are hired to import into the website. In both situations MGC Websites Ltd is considered a Data Processor.
It is the responsibility of the Data Controller to provide the Data Processor with a contract defining the rules around the use of any personal data that the Data Controller has been entrusted with.
MGC Websites Ltd recognises the small businesses it works for are highly unlikely to have the knowledge, skills or resources to provide the required contract. In such cases MGC Websites Ltd will implement it’s own policies as though it was the Data Controller. MGC Websites Ltd does not however accept the legal responsibilities of the Data Controller.