Privacy Policy

This Privacy Policy sets out how we, Mission Road Electrical, collect, store, and use information about you when you use or interact with our website, https://Missionroad.co.uk (our website), and where we otherwise obtain or collect information about you.

This Privacy Policy is effective from 1st September 2022.

Contents

• Summary
• Our Details
• Information We Collect When You Visit Our Website
• Information We Collect When You Contact Us
• Information We Collect When You Interact With Our Website
• Information We Collect When You Place an Order
• Our Use of Automated Decision-Making and Profiling
• How We Collect or Obtain Information About You From Third Parties
• Disclosure and Additional Uses of Your Information
• How Long We Retain Your Information
• How We Secure Your Information
• Transfers of Your Information Outside the European Economic Area
• Your Rights in Relation to Your Information
• Your Right to Object to Processing for Certain Purposes
• Sensitive Personal Information
• Changes to Our Privacy Policy
• Children’s Privacy
• California Do Not Track Disclosures
• Copyright

Summary

This section summarises how we obtain, store, and use information about you. It provides a general overview only and must be read alongside the full Privacy Policy.

Data Controller

Mission Road Electrical

How We Collect or Obtain Information About You

• When you provide it to us (e.g. by contacting us, creating an account, or placing an order on our website).
• From your use of our website, including cookies.
• Occasionally, from third parties.

Information We Collect

• Personal Details: Name, contact details.
• Payment Information: Credit or debit card details.
• Technical Information: IP address, cookies, device and browser type.
• Usage Data: Pages visited, time of visit, clicks, and geographical location (based on IP address).
• Business Details (if applicable): Company name, VAT number.

How We Use Your Information

We use your information for:

• Administrative and business purposes (e.g. contacting you, processing orders).
• Improving our business and website.
• Fulfilling contractual obligations.
• Advertising our goods and services.
• Analyzing website usage.
• Legal compliance.

Disclosure of Your Information to Third Parties

We only share your information when necessary to:

• Run our business and work with service providers.
• Fulfil contracts with you.
• Comply with legal obligations or enforce our rights.

Do We Sell Your Information?

No. We do not sell your information to third parties, except in the case of a business sale or similar event.

How Long We Retain Your Information

We retain your information only as long as necessary, considering:

• Legal obligations (e.g. tax records).
• Other legal bases (e.g. consent, contractual performance, business interests).

For specific retention periods, see the "How Long We Retain Your Information" section below.

How We Secure Your Information

We implement technical and organisational measures, including:

• Secure servers for storing data.
• SSL encryption for data transfers and payments.
• Restricted access to personal information.

Use of Cookies

We use cookies on our website, including:

• Essential cookies
• Functional cookies
• Analytical cookies
• Targeting cookies

For more details, see our Cookies Policy.

Transfers of Your Information Outside the European Economic Area

In certain circumstances, we transfer your information outside of the European Economic Area (EEA), including to the following countries: United States of America. Where we do so, we will ensure appropriate safeguards are in place.

The third parties we use that transfer your information outside the EEA have self-certified themselves as compliant with the EU-U.S. Privacy Shield.

Use of Automated Decision-Making and Profiling

We use profiling on our website through our use of web analytics. However, we do not consider that this has any legal effect on you or similarly significantly affects you.

For further information, please see the section below entitled Our Use of Automated Decision-Making and Profiling.

Your Rights in Relation to Your Information

You have the following rights concerning your personal data:

• To access your information and receive details about how it is used
• To have your information corrected and/or completed
• To have your information deleted
• To restrict the use of your information
• To receive your information in a portable format
• To object to the use of your information
• To withdraw your consent for processing your data
• Not to have significant decisions made about you based solely on automated processing, including profiling
• To complain to a supervisory authority if you believe your data rights have been violated

Sensitive Personal Information

We do not knowingly or intentionally collect what is commonly referred to as ‘sensitive personal information’.

Please do not submit sensitive personal information to us.

For more details, see the main section below titled Sensitive Personal Information.

Our Details

The data controller for our website is Mission Road Electrical.

You can contact the data controller by emailing: [email protected].

If you have any questions about this Privacy Policy, please contact the data controller.

Information We Collect When You Visit Our Website

We collect and use information from website visitors as outlined in this section and in Disclosure and Additional Uses of Your Information.

Web Server Log Information

We use a third-party server to host our website: GoDaddy.

You can review GoDaddy’s privacy policy here:
GoDaddy Privacy Policy

Our website server automatically logs:

• The IP address used to access our website
• The pages accessed
• The information requested
• The date and time of the request
• The source of access (e.g., the website or URL that referred you to us)
• Your browser version and operating system

Use of Website Server Log Information for IT Security Purposes

Our third-party hosting provider collects and stores server logs to ensure network and IT security, ensuring that the server and website remain uncompromised.

This includes:

• Analysing log files to detect and prevent unauthorised access
• Preventing the distribution of malicious code
• Identifying denial-of-service attacks and cyber threats

Unless we are investigating suspicious or potential criminal activity, we do not make—nor allow our hosting provider to make—any attempt to identify you from the information collected via server logs.

Legal Basis for Processing

Compliance with a legal obligation to which we are subject (Article 6(1)(c) of the General Data Protection Regulation).

Legal Obligation

We have a legal obligation to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing information about individuals.

Recording access to our website using server log files is one such measure.

Legal Basis for Processing

• Legitimate Interests (Article 6(1)(f) of the General Data Protection Regulation)

Legitimate Interests

We have a legitimate interest in using your information to ensure network and information security.

Cookies

Cookies are data files sent from a website to a browser to record information about users for various purposes.

We use cookies on our website, including:

• Essential cookies – Required for core website functionality
• Functional cookies – Enhance user experience
• Analytical cookies – Help us understand website usage
• Targeting cookies – Used for marketing and advertising purposes

For more details, please review our Cookies Policy here:
Mission Road Electrical Cookies Policy

Managing Cookies

You can reject some or all cookies via:

1. Your browser settings – Adjust to block or delete cookies
2. Our cookie control tool – Disable non-essential cookies

Note: Disabling cookies may impact your ability to use some or all website features.

For further guidance on managing cookies, visit:
www.allaboutcookies.org

Information We Collect When You Contact Us

We collect and use information from individuals who contact us, as outlined in this section and in the section "Disclosure and Additional Uses of Your Information."

Email

When you email us using the address displayed on our website, we collect:

• Your email address
• Any additional information you provide, such as:
  • Your name
  • Your telephone number
  • Details in your email signature

Legal Basis for Processing

• Legitimate Interests (Article 6(1)(f) GDPR)
  • Purpose: Responding to enquiries and maintaining correspondence records.
• Necessary for Contractual Obligations (Article 6(1)(b) GDPR)
  • Purpose: If your enquiry relates to goods or services, we process your information to take steps before entering into a contract.

Transfer & Storage of Information

• We use Microsoft as our third-party email provider.
• Emails are stored on Microsoft’s servers in the USA.
• Microsoft’s privacy policy: View Here.
• For details on international transfers, see the section "Transfers of Your Information Outside the EEA."

Contact Form

When you submit our online contact form, we collect:

• Your name
• Your email address
• Reason for contact
• Your message
• Any optional information (e.g., telephone number)

If you do not provide the mandatory fields, you will not be able to submit the form.

Legal Basis for Processing

• Legitimate Interests (Article 6(1)(f) GDPR)
  • Purpose: Responding to enquiries and maintaining records.
• Necessary for Contractual Obligations (Article 6(1)(b) GDPR)
  • Purpose: If your enquiry is about goods or services, we process your data to take steps towards providing them.

Transfer & Storage of Information

• Contact form submissions are stored on Microsoft’s servers in the USA.
• Microsoft’s privacy policy: View Here.
• For details on international transfers, see "Transfers of Your Information Outside the EEA."

Phone Calls

When you contact us by phone, we collect:

• Your phone number
• Any additional information you provide during the call
• We do not record phone calls.

Legal Basis for Processing

• Legitimate Interests (Article 6(1)(f) GDPR)
  • Purpose: Responding to enquiries and maintaining records.
• Necessary for Contractual Obligations (Article 6(1)(b) GDPR)
  • Purpose: If your call relates to goods or services, we process your data to take steps towards providing them.

Transfer & Storage of Information

• Phone call information is stored by our third-party telephone service provider.
• Some data may be stored outside the EEA.
• For details on international transfers, see "Transfers of Your Information Outside the EEA."

Postal Correspondence

If you contact us by post, we collect:

• Any information you include in your letter

Legal Basis for Processing

• Legitimate Interests (Article 6(1)(f) GDPR)
  • Purpose: Responding to correspondence and keeping records.
• Necessary for Contractual Obligations (Article 6(1)(b) GDPR)
  • Purpose: If your letter relates to goods or services, we process your data to take steps towards providing them.

Information We Collect When You Interact with Our Website

We collect and use information from individuals who interact with certain features of our website in line with this section and "Disclosure and Additional Uses of Your Information."

Registering on Our Website

When you register and create an account, we collect the following information:

• First Name

• Surname

• Password

• Email Address

If you do not provide the mandatory fields, you will not be able to register or create an account.

Legal Basis for Processing

• Necessary for Contractual Obligations (Article 6(1)(b) GDPR)

  • Purpose: Creating an account is necessary to access the goods and services you purchase from us.

Transfer & Storage of Information

• Information submitted through the registration form will be stored within the EEA on our third-party hosting provider’s servers in the United Kingdom.

Information Collected or Obtained from Third Parties

Where We Receive Information About You in Error

If we receive information about you from a third party in error and/or do not have a legal basis for processing that information, we will delete it.

Information Obtained from Third Parties

In certain circumstances, we may obtain information about you from publicly accessible sources (both within and outside the EEA), including:

• Electoral registers
• Companies House
• Online customer databases
• Business directories
• Media publications
• Social media platforms
• Websites (including your own if applicable)

We may also obtain information from private sources in the EU and non-EU countries where necessary.

Legal Basis for Processing

• Necessary for Contractual Obligations (Article 6(1)(b) GDPR)
  • Purpose: If you have entered into a contract with us or requested services, we may obtain information from public sources to verify your details and provide an appropriate level of service.
  • Example: If you request information via email and we need to verify your email address, we may check publicly available sources.
• Legitimate Interests (Article 6(1)(f) GDPR)
  • Purpose: In specific situations, we may have a legitimate interest in obtaining information from public or private sources.
  • Example: If we suspect an infringement of our legal rights, we may collect relevant information to investigate and take appropriate action.

Our Use of Automated Decision-Making and Profiling

We use profiling on our website, but it does not have any legal or significant effect on you.

Your Rights:
You have the right to object to our use of automated decision-making and profiling. You can do so by:

• Opting out of cookies and similar technologies (refer to our cookies policy).
• Using a Virtual Private Network (VPN) or services like Tor to prevent the processing of your actual IP address.

For more details on our use of cookies and how to opt out, please review our Cookies Policy.

Profiling

Profiling refers to any form of automated processing of your information to evaluate personal aspects about you. This includes analysing or predicting factors such as your performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location, or movements.

Use of Profiling for Web Analytics

Our web analytics service, Google Analytics, collects information such as your location (based on your IP address) and behaviour (based on cookies) when you access our website. This includes the pages you visit and the actions you take.

• Consent Requirement: We only process cookie-based information if you have consented to their use in accordance with our Cookies Policy.

• Logic Involved: By analysing and categorising information such as location (via IP address), behaviour, and device usage, we gain insights into visitor preferences, website improvements, and marketing effectiveness.

• Significance & Consequences:

  • Cookies track and store behaviour and device information unless you opt out using our cookie control tool.

  • Your location is analysed based on your IP address.

  • We may target advertisements based on visitor interest levels and on-site behaviour.

Legal Basis for Processing: Legitimate interests (Article 6(1)(f) GDPR).

• Legitimate Interest: Analysing visitor interactions to improve our website and services.

Disclosure and Additional Uses of Your Information

Disclosure to Service Providers

We share your information with third-party service providers that assist in operating our business, including:

• Telephone provider (UK)

• Email provider (UK & USA)

• Web developer (UK)

• Hosting provider (UK)

Your information is shared only when necessary to provide you with services (e.g., accessing our website or purchasing goods/services).

• Security & Competitive Reasons: We do not publicly disclose service provider identities. However, you may request this information if you have a legitimate reason.

Legal Basis for Processing:

• Legitimate Interests (Article 6(1)(f) GDPR) – Ensuring efficient business operations.

• Contractual Necessity (Article 6(1)(b) GDPR) – Sharing information to fulfil contractual obligations.

Disclosure to Other Third Parties

Your information may also be disclosed to third parties in specific circumstances:

1. Google Inc. – Through Google Analytics, Google collects and processes information (e.g., IP addresses, cookie data) for service improvement. This data is shared on an aggregated and anonymised basis.

   • Opt-out: Google Analytics Opt-out Plugin

   • Google Privacy Policy: Google's Data Use

2. Professional Service Providers – Sharing your data with third parties essential to business operations:

   • Accountants (UK) – For tax purposes, including invoice processing.

   • Advisors (UK) – Legal, financial, or public relations guidance.

   • Business Partners (UK) – To provide complementary or co-offered services.

   • Independent Contractors (UK) – For project-based business functions.

   • Insurers (UK) – For claim management and coverage obligations.

3. Business Transactions – In cases of business sales, mergers, or acquisitions, your information may be disclosed as part of due diligence or the transaction process.

Legal Basis for Processing: Legitimate interests (Article 6(1)(f) GDPR).

• Legitimate Interest: Running and managing our business effectively.

Legal Use of Your Information

1. Reporting Criminal Activity

   • If we suspect fraud, cybercrime, or receive threats, we may report this information to relevant authorities (e.g., police, fraud agencies).

   • Legal Basis: Legitimate interests (Article 6(1)(f) GDPR).

   • Legitimate Interest: Crime prevention and public security.

2. Legal Enforcement

   • If you fail to meet financial obligations (e.g., unpaid invoices), we may share your data with debt collection agencies.

   • Legal Basis: Legitimate interests (Article 6(1)(f) GDPR).

   • Legitimate Interest: Enforcing contractual and legal rights.

3. Legal Disputes

   • If involved in legal proceedings, we may use and disclose your information in connection with mediation, arbitration, or court action.

   • Legal Basis: Legitimate interests (Article 6(1)(f) GDPR).

   • Legitimate Interest: Resolving legal disputes.

4. Compliance with Legal Obligations

   • We may disclose your information to comply with UK law (e.g., responding to court orders or requests from regulatory bodies such as the National Crime Agency).

   • Legal Basis: Compliance with a legal obligation (Article 6(1)(c) GDPR).

Retention of Your Information

We retain data for specific periods depending on its purpose:

• Server Logs: Retained indefinitely.

• Order History & Transactions: Retained as required by financial regulations.

• Marketing Data: Retained until consent is withdrawn.

Where a specific retention period is not possible, we determine the duration based on:

• Business necessity.

• Legal compliance requirements.

• Security risk assessments.
  
  

Transmission of Information to Us by Email

Transmitting information over the internet is not entirely secure. If you choose to submit any information to us via email, our website, or other online means, you do so at your own risk. We cannot be held responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities, or any other loss or damage resulting from your decision to transmit information in this manner.

Transfers of Your Information Outside the European Economic Area (EEA)

Your information may be transferred and stored outside the EEA in the following circumstances:

• To comply with legal obligations, such as court orders.

• When using third-party services that store data outside the EEA.

Where required, we ensure appropriate safeguards and protections are in place.

Contact Form

Information submitted through our contact form is transferred outside the EEA and stored on our third-party email provider’s servers. See the ‘Email’ section below for details.

Email

Information sent to us by email is transferred outside the EEA and stored on our third-party email provider’s servers.

• Provider: Microsoft

• Privacy Policy: Microsoft Privacy Statement

• Countries of Storage: United Kingdom and United States

• Safeguards: Microsoft has self-certified compliance with the EU-U.S. Privacy Shield (details here), an approved certification mechanism under Article 42 of the General Data Protection Regulation (GDPR).

Google Analytics

Google Analytics collects data (such as IP addresses and website interactions) and transfers it outside the EEA to Google’s servers.

• Provider: Google

• Privacy Policy: Google Privacy Policy

• Country of Storage: United States

• Safeguards: Google has self-certified compliance with the EU-U.S. Privacy Shield (details here).

Your Rights in Relation to Your Information

Subject to certain limitations, you have the following rights regarding your personal information. To exercise these rights, contact us at [email protected]:

• Access: Request access to your personal information and how we process it.

• Correction & Deletion: Request corrections or deletions of your personal data.

• Restriction: Request that we restrict how we use your information.

• Data Portability: Receive your data in a structured, commonly used format (e.g., CSV) and request its transfer to another data controller.

• Objection: Object to the processing of your data for certain purposes (see ‘Your Right to Object’ below).

• Withdraw Consent: Withdraw consent at any time (this does not affect the lawfulness of processing before consent was withdrawn).

• Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing, including profiling, where this produces legal effects or significantly affects you.

Complaints

In accordance with Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO): ICO Contact Information.

Further Information on Your Rights

For detailed guidance on your rights and any limitations, visit:

• ICO Guide to GDPR Individual Rights

• ICO Public Information on Data Handling

You can also read Articles 12 to 22 and 34 of the GDPR in the full regulation here: GDPR Legislation.

Verifying Your Identity When Requesting Access to Your Information

When you request access to your information, we are legally required to take reasonable steps to verify your identity. These measures help protect your personal data and prevent identity fraud, theft, or unauthorized access.

How We Verify Your Identity

If we have sufficient information on file, we will attempt to verify your identity using that data. If not, we may require original or certified copies of documents to confirm your identity before granting access. We will inform you of the specific documents needed at the time of your request.

Your Right to Object to Processing

You have the right to object to the processing of your personal data in the following cases:

• When we process your information for tasks carried out in the public interest or for our legitimate interests, including profiling (e.g., analyzing your behavior).
• When we use your information for direct marketing purposes, including related profiling.

To object, you can:

• Click the unsubscribe link in any marketing email and follow the instructions.
• Email [email protected] with “OPT OUT” in the subject line or message.

For details on objecting to cookie-based data collection, refer to our Cookies Policy.

Sensitive Personal Information

We do not knowingly collect sensitive personal data (e.g., racial/ethnic origin, political views, religious beliefs, health data, etc.). Please do not submit such information. If you do so unintentionally, you are considered to have given explicit consent under GDPR Article 9(2)(a), and we will process it solely for deletion.

Changes to Our Privacy Policy

Minor Changes

If we make minor updates, we will update the effective date at the top of the policy.

Major Changes

For significant updates or changes in data usage, we will notify you via email (if possible) or post a notice on our website. If legally required, we will obtain your consent before processing your data for a new purpose.

Children’s Privacy

We comply with the Children’s Online Privacy Protection Act (COPPA) and do not knowingly collect data from individuals under 18. If we discover that a minor’s data has been submitted fraudulently, we will:

• Obtain parental consent where required, or
• Delete the data if consent cannot be obtained.

To report such data, email [email protected].

California Do Not Track (DNT) Disclosures

“Do Not Track” (DNT) is a browser setting requesting websites not to track user activity. For details, visit www.allaboutdnt.org.

Currently, we do not respond to DNT signals. However, we and third parties may use cookies and similar technologies to collect data. To learn how to opt out, refer to our Cookies Policy.

Copyright

This Privacy Policy is protected by copyright laws. All intellectual property rights are reserved.