Policies

Last updated: 18th Sept 2021

Overview

We will have a privacy policy that is clear to understand, uses plain English and is delivered in concise sections. We propose to the use the layered approach where possible, with due consideration to the platform being used by the individual user / data subject.

We do not anticipate that children will be using our service. Our products and services are not designed to be marketed or offered to children. That said, we will have trained advisors should any child approach us for help.

https://ico.org.uk/for-organisations/guide-to-data-protection/privacy-notices-transparency-and-control/privacy-notices-in-practice

Privacy Policy

We are a company called Chipside Limited and we use your personal data to provide our services to you. We take seriously our responsibilities to look after your data. Your privacy is very important to us. Our policies and systems are designed to protect your privacy.

There are actions that you can take to protect your privacy - by telling us how you would like your personal data to be processed. These actions are described in this privacy policy.

Who is responsible for your data?

Chipside Limited is responsible for your data. Our registered address is Chipside Limited, Unit 7, Callow Park, Callow Hill, Brinkworth, Wiltshire, UK, SN15 5FD. We are registered as a company in England and Wales. Our company number is 04049461.

We are the Data Controller for any data that we collect from you. We control the ways that your personal data is collected and how we use that data.

Personal data that we collect about you

We might collect the following kinds of information about you during the course of our contacts with you.

Type of Data Description
Your name and contact details (email address, telephone number, address). When you contact us through our telephone lines, our website contact forms and our applications.
Information about services you have asked us to provide. This will include data about services used by you and of services that you have expressed an interest in using.
Sensitive information about you. This is subject to strict controls and will only be requested when absolutely necessary - for example when you ask us to provide services based on a particular need that you have.
Communications that we have with you, including content. When you get in touch with us via email, letter, telephone, internet, social media, verbally or other means.
Information captured via CCTV or ANPR. Our offices are protected by CCTV systems for protection and investigation purposes.
Information about you, your location and how you use our website, mobile applications and telephone contact systems. We will capture data to help us to deliver our services to you. Examples include your preferred browser settings, your choice of mobile device, your location where you have enabled that function in our applications.
Payment card details. We will record payment information when you pay us for any service provided to you. Full card details are not stored.

Sensitive Data

Certain kinds of personal data about your racial or ethnic origin, your physical or mental health, your religious beliefs or alleged commission or conviction of criminal offences, are special categories of personal data which by law require additional protection. In the course our contacts with you, you might tell us for example:

  • You require large fonts for accessibility reasons.
  • You require an interpreter.

By providing any sensitive personal data, you explicitly agree that we may collect it and use it to provide our services to you.

How we use your personal data

The law states that we can only use your personal data if we have a proper legal reason for using it. The law says that we can use your data for one of the following reasons:

  • To fulfil a contract with you.
  • If we are required by law to use your data for a particular reason.
  • When you consent to us using your personal data
  • When it is in our legitimate interests

Many contacts with you fall under more than one reason. We have set out some examples of the reasons we will use when processing your personal data.

Why we use your personal data Legal reasons for use Legitimate reasons for use
To provide services to you and to explain new services to you. To fulfil a contract with you. Processing with your consent Legitimate reasons. To protect security. Innovating our products, services and prices Undertaking our book keeping and audit processes.
To communicate with you about our products and services. To fulfil a contract with you Processing with your consent Legitimate reasons. Using efficient methods to communicate with you, fulfil our contract obligations and keeping records for audit purposes.
To respond to customer enquiries and complaints.
To meet our health and safety policies To fulfil a contract with you Processing with your consent Legitimate reasons. Our legal duty. We monitor everything that we do to ensure we provide safe working and customer environments.
To prevent, detect or investigate fraud. To prevent, detect or investigate security matters. To fulfil a contract with you Processing with your consent Legitimate reasons. Our legal duty. To ensure that we provide safe systems and comply with legal duties.
To run our business as efficiently as we can. To protect our business interests. To manage and work with suppliers and third parties. To fulfil a contract with you Processing with your consent Legitimate reasons To maintain our brand advantage, to provide you with a good level of service and to work as efficiently as we can.

How we use your data to personalise the service we offer you

We use the data we collect about you from different sources to so that we can personalise the service we offer to you. We use information you give us directly and from cookies. Cookies are small pieces of information stored on your device by the web browser of your device. We use cookies placed on your devices to collect data about your use of our websites, products and services. Please see more about cookies in our cookie policy.

Some common ways that we might personalise the service offered to you using your data are:

  • To provide content in the most appropriate language.
  • To identify you when you access our websites from different devices or locations.
  • To monitor the security of our systems.
  • To help you complete an enquiry, purchase or use or services.

How to manage the marketing messages you receive

You have the right to stop us sending you direct marketing messages. We will record your personal data on our systems to assist us carry out your request.

Chipside does not wish to send out mass marketing to its customer base. We might have to send out automated messages to you in the event that we need to communicate with our customers quickly for any reason.

We will ask you to "opt in" to receiving marketing messages, to help us make sure that we only send you information that you have asked to see.

We will continue to send you communications containing information about your contracts with us, or where you have asked us to communicate with you for a particular reason.

How long we keep your data

We keep your data only for as long as we need it. This period will vary according to why we are processing or holding the data. We need to keep records for a long time to fulfil legal requirements, contractual obligations or to protect our legitimate interests.

We actively review the information we hold. When there is no longer a need for us to hold it, we will securely delete. We are allowed to use some data after that time for historical research, scientific, statistical or public interest purposes.

How we protect your data

We design systems by default to protect your personal data against unauthorised access, unlawful use, accidental loss, corruption or destruction.

We consider carefully whether we need the data in first place. Where we do need your data, we use a range of technical measures to protect your data. These include encryption and password protection.

We also use operational measures to protect the data and to limit the number of people who have access to the systems storing your data.

We keep these security measures under review and refer to industry security standards to keep up to date with current best practice.

Sharing your data

When collect, store and process your data, we do so as part of our normal business operations. That data is private to you and to us. We have no wish to sell your data to other companies. We will not pass your data to companies that purely seek to buy data to operate mass marketing campaigns.

We might pass your personal data to third parties as part of our normal business operations. We might also receive data about you from third parties:

  • Government authorities, law enforcement authorities and other parties with legal powers to demand the data.
  • Suppliers who provide services to us, for example in processing your payment for services. that Our suppliers will give us an undertaking to respect your personal data and comply with data protection laws.
  • Other parties as necessary, after careful review of the need. For example, to investigate a complaint from you, to assess network performance, to assess product or service performance

Sending data outside of the European Economic Area

Our systems, products and services are diverse and rely on modern technology systems that are delivered by many global companies.

Your personal information may be processed outside the European Economic Area (EEA). This means that privacy laws may not provide protection to the same level as in the UK.

Before any transfer takes place we will take steps to ensure that your personal information will be adequately protected as required by the UK law.

Automated Decision Making

Our systems, products and services might use algorithms that make decisions for you and us based on rule sets. An example would be where we work out which product to offer based on data that you have input. This process is designed to let us work efficiently and to produce a timely decision. If you disagree with the result, please contact us and we will ensure that the automated decision is reviewed by a human.

Your rights

We respect your rights. We have designed our systems, products and services with that in mind. Our reputation relies on ensuring that we put things right if we have made a mistake.

You are entitled to see copies of all personal data held by us and to amend, correct or delete such data.

You can limit, restrict or object to the processing of your data.

If you gave us your consent to use your data so that we can send you marketing emails, you can withdraw your consent at any time.

To object to us processing your data, you can call us, send an email to us at data.protection@mipermit.com or you can write to us at Data Protection, Chipside Limited, Unit 7, Callow Park, Brinkworth, Wiltshire, SN15 5FD.

Those same contact details can be used to let us know you wish to exercise any of your rights.

Once you have contacted us, the law requires us to respond to you. For most cases, this will be within one month - we will strive to respond much more quickly. We may ask you to verify your identity before we provide any information to you.

If your request is complicated, it may take a little longer to come back to you but we will come back to you within two months of your request.

There is no charge for most requests, but if you ask us to provide a significant amount of data we are allowed by law to ask you to pay a reasonable admin fee.

Privacy Policy Updates

Our privacy policy will continue to evolve to reflect legal requirements, updated best practice, guidance notes from the Information Commissioner's Office and elsewhere. We may also need to update our policy to protect our legitimate interests.

If we decide to change this privacy policy, we may do so at any time. We will post the updated policy to our internet sites.

Right to Object

You have the right to stop your personal data being used by us for direct marketing. We as a company will not use your data for direct marketing. We will keep a record of any specific request that you make to refuse direct marketing.

We might use your personal data to communicate with you for other reasons - for example to update you about a product or service that you use, or have asked to use.

You can limit, restrict or object to the processing of your data.

To object to us processing your data, you can call us, send an email to us at data.protection@chipside.com or you can write to us at Data Protection, Chipside Limited, Unit 7, Callow Park, Brinkworth, Wiltshire, SN15 5FD. There is also an 'opt out' contact form you can use to inform us of your choices.

Once you have contacted us, the law requires us to respond to you. For most cases, this will be within one month - we will strive to respond much more quickly. We may ask you to verify your identity before we provide any information to you.

If your request is complicated, it may take a little longer to come back to you but we will come back to you within two months of your request.

There is no charge for most requests, but if you ask us to provide a significant amount of data we are allowed by law to ask you to pay a reasonable admin fee.

Complaints

We respect your rights and work hard to ensure we do things correctly. If we make a mistake, we hope that we can put things right quickly. If you want to complain about our processing of your personal data, please email us at data.protection@mipermit.com or write to us at Data Protection, Chipside Limited, Unit 7, Callow Park, Brinkworth, Wiltshire, SN15 5FD.

You have the right to lodge a complaint with the supervisory authority which is responsible for the protection of personal data in the country where you live or work, or in which you think a breach of data protection laws might have taken place.

Customers in the UK can contact the Information Commissioner's Office by telephone on 0303 123 1113, or by using the live chat service which is available through the Information Commissioner's website www.ico.org.uk.

Feedback - Contact Us

We receive feedback on a continual basis. We use feedback to review our policies and procedures. If you would like to let us know something please let us know using any one of the contact points offered by us. For data processing related issues, please email us at data.protection@mipermit.com or write to us at Data Protection, Chipside Limited, Unit 7, Callow Park, Brinkworth, Wiltshire, SN15 5FD.


Cookie Policy

How we use Cookies

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.

If you disable cookies for this site, you will not be able to login and use our services. This is because we currently use cookies to create and authenticate your session when logged in and without this we cannot confirm your authentication in to the application. You are able to disable cookies for visitor tracking if required. This will not affect your experience of using our application.

For more information on cookies and how to remove them, please see www.aboutcookies.org

 

Cookies set by this web site:

Cookie Name Purpose Expires
*SESSIONID* Session information cookie generated by the Microsoft's Classic ASP programming language. Expires on browser exit

 

Cookies set by third party suppliers:

MiPermit do not use third party cookies to track marketing or user engagement.


Browser Support

We have detected that your browser is up-to-date enough to give the best experience of our services.

MiPermit's web application is designed to be run on modern internet browsers that support the latest technologies as set out by the W3C (World Wide Web Consortium) who promote web standards and best practice for designing web sites and web applications.

While we endeavor to support older browsers, at times there can be functionality that requires a more modern browser. If you are using an old browser, there may be issues with some parts of our application which may not be limited to:

  • Styling of pages or elements may not be shown as intended
  • Functionality may be reduced to enable compatibility
  • Functionality in places may be removed where a compatible workaround cannot be found
  • If Javascript is disabled in your browser, functionality may also be reduced or in places will not work at all

To ensure your experience of our services is as we intended it to be (as well as many other web sites on the internet) it would be advisable for you to update your browser to the latest version if possible.

Please note, MiPermit are not responsible for your decision to upgrade your browser, and we do not suggest any one browser or version that you should upgrade to. If you decide to upgrade your browser, please seek advice from your system administrator.


Accessibility Statement

This is an accessibility statement from MiPermit Ltd.

Measures to support accessibility

MiPermit Ltd takes the following measures to ensure accessibility of the MiPermit Portals:

  • Include accessibility throughout our internal policies.
  • Provide continual accessibility training for our staff.
  • Assign clear accessibility goals and responsibilities.
  • Include people with disabilities in our design personas.

Conformance status

The Web Content Accessibility Guidelines (WCAG) defines requirements for designers and developers to improve accessibility for people with disabilities. It defines three levels of conformance: Level A, Level AA, and Level AAA. MiPermit Portals are partially conformant with WCAG 2.1 level AA. Partially conformant means that some parts of the content do not fully conform to the accessibility standard.

Additional accessibility considerations

Although our goal is WCAG 2.1 Level AA conformance, we have also had some Level AAA success such as colour contrast for text size and weight.

Feedback

We welcome your feedback on the accessibility of the MiPermit Portals. Please let us know if you encounter accessibility barriers on any MiPermit Portals:

We try to respond to feedback within 10 working days.

Compatibility with browsers and assistive technology

The MiPermit Portals are designed to be compatible with the following assistive technologies:

  • Latest versions of Edge, Firefox, Chrome on Windows (supporting NVDA)
  • Latest versions of Safari, Firefox, Chrome on MacOS (supporting Apple VoiceOver)

The MiPermit Portals are not compatible with:

  • Older or bespoke browsers that do not support the latest technologies.
  • Older operating systems that do not support secure connectivity using TLS1.2 or greater.

Technical specifications

Accessibility of the MiPermit Portals relies on the following technologies to work with the particular combination of web browser and any assistive technologies or plugins installed on your computer:

  • HTML
  • WAI-ARIA
  • CSS
  • JavaScript

These technologies are relied upon for conformance with the accessibility standards used.

Limitations and alternatives

Despite our best efforts to ensure accessibility of the MiPermit Portals, there may be some limitations. Follows is a description of known limitations, and potential solutions. Please contact us if you observe an issue not listed.

Known limitations for the MiPermit Portals:

  1. Calendar Date Picker (not on all pages): Not accessible using keyboard navigation. To overcome this a date can be entered directly into the date field without using the date picker.
  2. Customer Portal Branding (colours): Customer portal branding may contain colours that fail contrast ratio checks if their branding does not take into account accessibility. We advise customers where these colours may cause issues and suggest changes that can be made.

Assessment approach

MiPermit Ltd assessed the accessibility of the MiPermit Portals by the following approaches:

  • Self-evaluation using Axe, Arc, and IBM tools.

Formal complaints

We aim to respond to accessibility feedback within 10 working days. We also aim propose a solution within 15 working days should the issue not have an alternative way to achieve its goal.

Formal approval of this accessibility statement

This Accessibility Statement is approved by:

MiPermit Application Development Team