Privacy Notice

Introduction

McAllister Litho Glasgow Limited (“MLG”) is committed to protecting and respecting your privacy. We want to tell you how we use and protect your personal information. This includes informing you of your rights regarding your personal information that we hold.

This Privacy Notice sets out how we may use, process and store your personal information. We may get that information from you or our partners, through contracts or other legal arrangements you have with us or our partners on behalf of us, or to deliver contractual/legal obligations. In other cases, we will get that information from you with your permission and consent.

The Laws and Regulations

The laws that govern personal data in the UK are:

  • The Data Protection Act (1998)
  • REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”).

The independent authority that upholds information rights in the public interest in the United Kingdom is the Information Commissioner’s Office (the “ICO”). Further information can be found at https://ico.org.uk.

Who is MLG?

This is MLG’s registered address, company number and contact information:

McAllister Litho Glasgow Limited
170 Elliot Street
Glasgow, G3 8EX
Company Registration Number: SC439973

ICO Registration Number: Z3563773

Email: dataprotection@mlg.co.uk

Phone: +44 (0) 141 248 7240

MLG’s Websites: www.mlg.co.uk, http://mlg.myrtq.com/

Information we may collect from you

MLG may collect information from you because we have a legal reason (allowed by law or under contract) to collect the information, or because you have consented for us to do so for a specific purpose.

Information you give us

You may give us information about you with your consent, for example:

  • By filling in a form
  • Sending us an e-mail
  • Applying for a job at MLG.

This information may be personal, financial, educational, or related to your employment history.

You may give us information for legal reasons, such as to enter into a contract with us, when you are buying goods or services from us, or when you are taking a job at MLG.

Information we collect about you

If you visit our website we may automatically collect information about you, for example:

  • Technical information
  • IP addresses
  • Information about what type of device you use to connect to our website
  • How you interact with our website.

Information we receive from other sources

We may receive information about you if you use any of the other websites we operate, any other services we provide, or from our business partners instructed to collect information on our behalf.

We also work with third parties (including, for example, business partners, sub-contractors in technical, payment, mailing and delivery services, analytics providers, credit reference agencies) and may receive information about you from them as part of the service we provide you, or for legal reasons.

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.

 

Cookie

Name

Purpose (Expiration Time)

Google Analytics (gtag.js and analytics.js)

_ga

Used to distinguish users. (2 years)

Google Analytics (gtag.js and analytics.js)

_gid

Used to distinguish users. (24 hours)

Google Analytics (gtag.js and analytics.js)

_gat

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>. (1 minute)

Google Analytics (gtag.js and analytics.js)

AMP_TOKEN

Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service. (30 seconds to 1 year)

Google Analytics (gtag.js and analytics.js)

_gac_<property-id>

Contains campaign related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out. (90 days)

Google Analytics (ga.js)

__utma

Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics. (2 years from set/update)

Google Analytics (ga.js)

__utmt

Used to throttle request rate. (10 minutes)

Google Analytics (ga.js)

__utmb

Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. (30 mins from set/update)

Google Analytics (ga.js)

__utmc

Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit. (End of browser session)

Google Analytics (ga.js)

__utmz

Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics. (6 months from set/update)

Google Analytics (ga.js)

__utmv

Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics. (2 years from set/update)

RedTie Common (RTT & RTQ)

SRVID

Temporary cookie not stored once the browser is closed. Set by the load balancers to ensure future requests return to the same server, contains a small token (e.g. srv-101) we don't use this for any tracking, or link to any identifiers.

RedTie Common (RTT & RTQ)

ASPSESSIONID{xxxx}

ASP.NET_SessionId

Temporary cookie set by the website script engine, drives Session functionality allowing us to securely persist actions across pages, verify you're logged in etc. Cookies are random system-generated tokens, don't expose any sensitive data but enables us to securely link data to it in backend server code. We don't use these for tracking directly (again only lasts as long as the browser stays open) but it does enable us to associate your actions in the browser to your account, e.g. selecting products.

RedTie RTT

setup

Persistent cookie (~120 days) storing the most recently used webstore default language as the content (e.g. English) in case it's not available elsewhere, typically when a session has been logged out or tries to resume an expired session. We don't use this for any tracking, or link to any identifiers.

RedTie RTT

affiliate

Persistent cookie (~120 days) storing any inbound affiliate # as the content (e.g. 1234) so their conversions can be tracked later. Rarely used but is something which can be reported on against orders.

RedTie RTT

purlEntryPoint

Persistent cookie (~24 hours) storing the most recently used webstore BURL as the content in case it's not available elsewhere. We don't use this for any tracking, or link to any identifiers.

RedTie RTT

loUser_{xxxx}_idCust

loUser_{xxxx}_guidCust

Persistent cookie (variable, managed by BURL) used to identify and persist logged out customer browsing & shopping. We use these to link logged out customers to a database record, we don't track the cookies beyond that though we will report via the database on logged in vs. logged out activity.

RedTie RTT

rttSSO

Persistent cookie (~24 hours) storing the recently used webstore BURL when logging in via the APIs.

RedTie Gateway

pagingDetails

Persistent cookie (~1 hour) managing the current page number on multi-page result lists. We don't use this for any tracking, or link to any identifiers.

RedTie Gateway

iltBrand

Persistent cookie (~60 days) determining which site was used last.  Possibly unused? We don't use this for any tracking, or link to any identifiers.

RedTie Gateway

userDetails

billingUserDetails

iltUserDetails

Persistent cookie (~1 year) stores the open/close state of sidebar menus. We don't use this for any tracking, or link to any identifiers.

RedTie Admin

customerType

customerStatus

customerSort

accountnameFilterCookie

filterbyFilterCookie

idCategoryFilterCookie

Temporary cookies used to persist search filters on the customer and orders views. We don't use these for any tracking, or link to any identifiers.

RedTie RTQ

RTQ_InvFormat

Temporary cookie used to persist search filters on the invoicing page. We don't use this for any tracking, or link to any identifiers.

RedTie RTQ

RTQx{xxxx}

Persistent cookie (~90 days) used for the remember login feature. Due to be removed. We don't use this for any tracking, or link to any identifiers.

 

How do I change my cookie settings?

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org

Find out how to manage cookies on popular browsers:

Google Chrome

Microsoft Edge

Mozilla Firefox

Microsoft Internet Explorer

Opera

Apple Safari

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit:

http://tools.google.com/dlpage/gaoptout

 

Why does MLG collect personal information?

MLG collects information for the some or all of the following reasons:

  • To provide information about products or services you have shown interest in purchasing within a reasonable time afterwards, if you are already an existing MLG customer
  • To provide information to you about products or services you have purchased from us, or related products or services
  • To employ you or consider you for employment
  • To provide goods or services to you under contract
  • For legal reasons, for example, if you have entered into a contract with us
  • To provide information to you about our products and services if you have consented to receive it.

What legal basis does MLG have for processing my information?

MLG may process your information because:

  • We have a contract with you
  • You have given us permission to do so
  • We must provide services to you after you have purchased something from us
  • To comply with the law.

All of these reasons are reasons MLG may legally process the information we have about you.

Who might MLG share your information with?

MLG may share your personal information with third parties, either because you have consented to allow us to do so or for legal reasons. For example, we may share your personal information with:

  • Subcontractors and third parties for the purpose of the performance of a contract that we hold with them or that we hold with you
  • With third parties because you have given consent
  • With third parties who provide shipping or mailing services because you have purchased goods or services

Other reasons MLG may share your personal information with a third party

If MLG or substantially all of its assets are acquired by a third party, personal data held by MLG about its customers will be one of the transferred assets of the company.

In addition, MLG will share your personal data with third parties for the following reasons:

  • If MLG must comply with a legal obligation
  • To enforce or apply our Website Terms of Use or other agreements
  • To protect the rights, property, or safety of MLG, our customers or others
  • We will exchange information with other companies or organisations to prevent fraud or to reduce our credit risks.

Where we store your personal data

We primarily store and process your personal data in the EU/European Economic Area (“EEA”). If we do transfer your personal data outside the EEA it will be because you have consented or because we have a legal reason to do so.

Some examples of reasons your data may be processed outside of the EEA include:

  • Order fulfilment
  • Payment processing
  • Technical support services.

If your personal data cannot be processed within the EEA, we will:

  • Comply with all other data protection principles
  • Where possible, be to a country that is on the list of the EU Commissions’ countries that provide adequate protections for the rights and freedoms of data subjects
  • If the transfer is to the United States of America, we will use reasonable endeavours to make sure they participate in the Privacy Shield program
  • Make sure we have assessed the adequacy of protections in all other cases.

Access to your stored personal data via password

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Transmission and storage of your personal data

Unfortunately, the transmission of information via the internet is not completely secure. Although we use best practice to ensure your data is encrypted to the standard required in the GDPR to protect your personal data, we cannot guarantee the security of your data as it is transmitted and stored.

How long will you keep my personal information?

MLG will not retain your personal information for longer than required.

We will keep your personal information:

  • For as long as required by law
  • Until we no longer have a valid reason for keeping it
  • Until you request us to stop using it.

We may keep just enough of your personal information to ensure that we comply with your requests not use your personal information or comply with your right to erasure. For example, we must keep your request to be erased even if it includes your personal data until such time as you are no longer our customer.

What if I chose not to give you my personal information?

If the personal information is necessary in order to supply goods or services to you under a contract between you and MLG, then we will not enter into that contract or provide the services or goods if you do not give us your personal information.

Your Rights

MLG will respect your legal rights to your data.

Legal right

 

What MLG does to protect your rights

The right to be informed

 

MLG is publishing this Privacy Notice to keep you informed as to what we do with your personal information. We strive to be transparent about how we use your data.

The right to access

 

You have the right to access your information. Please contact MLG’s Data Protection Officer at dataprotection@mlg.co.uk if you wish to access the personal information MLG holds about you.

The right to rectification

 

If the information MLG holds about you is inaccurate or not complete, you have the right to ask us to rectify it. If that data has been passed to a third party with your consent or for legal reasons, then we must also ask them to rectify the data. Please contact our Data Protection Officer if you need us to rectify your information: dataprotection@mlg.co.uk

The right to erasure

 

This is sometimes called ‘the right to be forgotten’. If you want MLG to erase all your personal data and we do not have a legal reason to continue to process and hold it, please contact our Data Protection Officer: dataprotection@mlg.co.uk

The right to restrict processing

 

You have the right to ask MLG to restrict how we process your data. This means We are permitted to store the data but not further process it. We keep just enough data to make sure we respect your request in the future. If you want Us to restrict processing of your data, please contact our Data Protection Office: dataprotection@mlg.co.uk

The right to data portability

 

MLG must allow you to obtain and reuse your personal data for your own purposes across services in a safe and secure way without this effecting the usability of your data. Please contact our Data Protection Officer if you want information how to port your data elsewhere: dataprotection@mlg.co.uk. This right only applies to personal data that you have provided to Us as the Data Controller. The data must be held by Us by consent or for the performance of a contract.

The right to object

 

You have the right to object to MLG’s processing your data even if it is based on Our legitimate interests, the exercise of official authority, direct marketing (including data aggregation), and processing for the purposeless of statistics. If you wish to object please contact our Data Protection Officer: dataprotection@mlg.co.uk

The right to withdraw consent

 

If you have given Us your consent to process your data but change your mind later, you have the right to withdraw your consent at any time, and MLG must stop processing your data. If you want to withdraw your consent, please contact our Data Protection Officer: dataprotection@mlg.co.uk

The right to complain to a Supervisory Authority

 

You have the right to complain to the ICO if you feel that MLG has not responded to your requests to solve a problem. You can find their contact details here: https://ico.org.uk/concerns/

 

 

 

 

 

 

Links to Other Websites

From time to time, our website may contain links to and from other websites. If you follow a link to any of these websites, please note that these websites may have their own privacy notices and that we do not accept any responsibility or liability for any such notices. Please check these notices, where available, before you submit any personal data to these websites.

Changes to Our Privacy Notice

MLG may change this notice from time to time in the future. Any such changes will be posted here and, where appropriate, notified to you in writing. We advise you to check back frequently to see any updates or changes.

 


Web quoting and job handling software © 2006-2019, RedTie