Privacy Policy for Metronet UK
1. Introduction
At Metronet UK, accessible via metronetuk.com, we are unwavering in our commitment to safeguarding the privacy and personal data of our users. We are dedicated to processing your information in a manner that is lawful, fair, transparent, and respectful of your rights under applicable privacy laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). This Privacy Policy outlines how we collect, use, disclose, and protect your personal information when you interact with our website and services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through metronetuk.com, including any correspondence and services therein. For the purposes of the GDPR and other applicable data protection laws, Metronet UK is the “Data Controller” of your personal data, determining the means and purposes of processing. Where required, we also act as a Data Processor on behalf of our customers or partners per contractual obligations.
3. Categories of Data We Process
We may collect, use, store, and share the following categories of personal data:
– Usage Data: Includes browser type, IP address, device identifiers, browsing actions, and patterns, session durations, referring URLs, time zone settings, and language preferences.
– Account Data: Includes your full name, billing and shipping address, email address, telephone number, account credentials, and login history.
– Profile Data: Includes your purchases or orders, product preferences, interaction history, and configuration settings.
– Communication Data: Includes support requests, service inquiries, call and email logs, chat transcripts, and any communications you initiate with us.
– Technical Data: Includes device characteristics, operating systems, system configurations, diagnostic data, error logs, and performance metrics.
– Transaction Data: Includes payment history, transaction IDs, delivery information, purchase timestamps, and payment processor references.
– Preference Data: Includes marketing opt-ins, newsletter subscriptions, product interest preferences, and cookie choices.
4. Legal Bases for Processing Personal Data
We process your personal data under the following lawful bases, in accordance with Article 6 of the GDPR and relevant CCPA principles:
– Consent: Where you have given clear consent for the processing of your personal data for specific purposes (e.g., subscribing to newsletters).
– Contractual Necessity: When processing is necessary for the performance of a contract with you, such as fulfilling orders or delivering services.
– Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
– Legitimate Interests: Where processing is necessary for our legitimate interests or those of a third party, provided such interests are not overridden by your fundamental rights and freedoms (e.g., fraud prevention, service improvement).
5. Your Rights
As a data subject under GDPR and consumer under CCPA, you are entitled to the following rights, which may be exercised at any time:
– Right of Access: You may request confirmation and access to the personal data we hold about you.
– Right of Rectification: You may request correction of any inaccurate or incomplete personal information.
– Right to Erasure: You may request deletion of your personal data, subject to applicable legal obligations.
– Right to Restrict Processing: You may request limitation of how we use your data in certain circumstances.
– Right to Data Portability: You may request to receive your personal data in a structured, commonly used and machine-readable format, and request its transfer to another controller.
– Right to Object: You may object to data processing based on legitimate interest or direct marketing purposes.
– Right to Withdraw Consent: Where processing is based on your consent, you may withdraw such consent at any time.
– Right to Non-Discrimination (CCPA): We will never discriminate against you for exercising your rights under the CCPA.
To exercise your rights, please contact us at [email protected].
6. Security Measures
We implement industry-standard administrative, technical, and physical security measures to protect your personal data against unauthorized access, disclosure, or destruction. These include, but are not limited to:
– Data encryption at rest and in transit
– Role-based access controls and multi-factor authentication
– Regular internal audits and penetration testing
– Secure system configurations and firewalls
– Routine staff training on data protection practices
– Encrypted backups and secure disaster recovery protocols
Despite these efforts, no system is entirely immune to risk. We therefore encourage you to take caution when transmitting information over the internet.
7. International Transfers
Your personal data may be stored and processed in regions outside of the UK or European Economic Area (EEA), including the United States. Where such transfers occur, we implement appropriate safeguards, including Standard Contractual Clauses (SCCs) approved by the European Commission, to ensure adequate protection of your data. We also ensure that third-party processors adhere to equivalent privacy and data protection standards.
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including to satisfy legal, accounting, or reporting requirements. Our typical retention periods include:
– Account and Profile Data: Retained for the duration of the customer relationship and up to 6 years thereafter.
– Communication Data: Retained for a period of 3 years to ensure service quality and record-keeping.
– Transaction and Payment Data: Retained for 7 years for compliance with tax and accounting regulations.
– Usage and Technical Data: Retained for 18 months for analytics, diagnostics, and security purposes.
– Marketing and Preference Data: Retained until you withdraw your consent or opt out of marketing communications.
9. Cookie Policy
We use cookies and similar tracking technologies on metronetuk.com to enhance your browsing experience and improve service quality. Cookies may be categorized as follows:
– Essential Cookies: Necessary for website functionality and cannot be disabled (e.g., account login, payment processing).
– Functional Cookies: Remember choices you make (e.g., language, region), improving usability.
– Analytical Cookies: Gather aggregated data on website usage and performance, helping us optimize design and navigation.
– Performance Cookies: Measure and analyze system robustness, uptime, and user engagement.
10. Cookie Management and Compliance
We fully comply with GDPR and CCPA requirements regarding user consent. When visiting metronetuk.com, you have the ability to accept, reject, or customize cookie preferences through our cookie management tool. Consent is required for non-essential cookies and can be withdrawn at any time via the cookie settings panel. Browser settings also allow you to manage cookie placement on your device.
11. Special Protections for Children
metronetuk.com is not intended for or directed at individuals under the age of 13. We do not knowingly collect personal information from children. If you believe a child under 13 has provided personal data to us, please contact us immediately at [email protected] so that we may take appropriate action to delete such information promptly.
12. Policy Updates
Metronet UK reserves the right to update or modify this Privacy Policy at any time, in accordance with applicable law. Where changes materially affect your rights or how we process your data, we will provide prominent notice on metronetuk.com and, where appropriate, seek your consent. Users are encouraged to periodically review this page to remain informed of our practices.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the personal data we hold about you, please contact us at:
Email: [email protected]
Website: https://metronetuk.com
We are committed to full compliance with applicable data protection laws and ensuring that your personal information is handled responsibly, transparently, and with your privacy in mind.