Privacy Policy

Data Protection (GDPR compliant)

MIA and MCL Telecommunications Group (known as MCL Telecom) and all its associated companies are compliant with, and continually monitor and update processes and policies to ensure compliance with, the GDPR and Data Protection Legislation, and is committed to processing your data securely and transparently. As part of the various services and products we offer our customers, including system maintenance, we may hold or have access to data that can identify individuals in order to be able to provide our customers with the services, products and support that is agreed through our contracts. In all instances, access to such data is controlled and limited to specific individuals.

Use of information

This explains how we collect, use and protect your personal information. This policy may be updated from time to time. MIA & MCL Telecom Ltd may collect information from you when you:

Apply for a user log-in and password

Log-in with user ID and password

Provide us with contact and other relevant information in the course of

doing, or contemplating, business with us, including but not limited to engaging with our marketing material and/or campaigns.


This notice applies to:


Prospective customers


Website users 

MIA & MCL Telecom uses this information to

Provide our services and products to you.

Invoice you for using our services and products.

Assist us in responding to any queries you may have about our services and products.

Understand how you use our site, services and products so that we can develop and improve them.


Data Controller details:

MIA & MCL Telecommunications Group (MCL Telecom Ltd) is a data controller, meaning that determines the processes to be used when using your personal data. Our contact details are:

MCL Telecom Ltd

43 Victoria Road

Burgess Hill

West Sussex

RH15 9LR


Storage of information

Unless legally required to do so, or as part of the provision of a product or a service, we will only share your information with companies within the MCL Telecommunications Group and the following:

Other companies involved in delivering the services and products to you;

Credit scoring agencies; or

In the event of default, debt recovery specialists, including but not limited to lawyers and debt collection agencies.


Types of data

MIA & MCL Telecom Ltd processes data without consent in order to fulfill contractual obligations, such as (but not exclusive to):


Bank details to process salaries

Postal addresses in order to supply products and services

Contact details including name, job title, business and home addresses, business email address and contact phone numbers.


Prospective customers:

Personal details including your name, job title, business address, business email, and contact phone number.



Personal details including your name, job title, business address, business email, and contact phone number.


Website users:

Name and email address, contact details as completed.


How we collect your data

We collect data about you usually;

when you express an interest in MIA &MCL Telecom Ltd, we ask you for your contact details

when you become a customer of MIA & MCL Telecom Ltd we collect your information for the purposes of contracts and initial set up/implementation from you directly

when we engage you as a supplier to carry out services for MCL Telecom Ltd

when you sign up for our newsletter via our website


Personal data is kept securely within;

Outlook email contacts

within our in-house billing platform know as Cascade

Mailchimp for distribution

Accounting software – Sage Accounts

In-house CRM program


Why we process your data

Under GDPR, where we are the Data Controller we must have a lawful basis for processing all personal data. GDPR sets out the where processing of personal data can be undertaken legally;


As a current customer or supplier, the law on data protection allows us to process your data in order to perform the contract that we are party, in that;


we can communicate with you with regard the services

we can issue invoicing

we can send you information relating to our services, changes in our organisation and events as part of the contract services



Communicate with you as a Vendor in your supply and performance of services to us


As a prospective customer or website user, the law on data protection allows us to process your data for legitimate interests, in that;

Prospective customers:

We can communicate with you regard future contracts


Website users:

We can issue the newsletter you registered for on our website


Sharing your data

Your data is not shared outside MIA & MCL Telecom Ltd. Nine Group Telecom wholesale providers have access to our data, under our authority. Nine Group Telecom are GDPR compliant (see resources).

We do not share your data with bodies outside of the European Economic Area.


Protecting your data

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such.

Data is predominantly secured by password and access control.


How long we keep your data for

In line with data protection principles, we only keep your data for as long as we need it for, which will be at least for the duration of your contract with us though in most cases we will keep your data for a period after the contract has ended to enable transition to be managed smoothly.

MCL Telecom Ltd will retain your personal data where we have an ongoing legitimate need to do so, for example to engage in long term relationships with our customers and prospective customers.

Where there is no legitimate basis or there has been no engagement with you for a period of seven years, we will either delete or anonymise your personal data.


Your rights in relation to your data

The law on data protection gives you certain rights in relation to the data we hold on you. These are:

the right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice.

the right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request.

the right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it.

the right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it.

the right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct.

the right to portability. You may transfer the data that we hold on you for your own purposes.

the right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests.

the right to regulate any automated decision-making and profiling of personal data. You have a right not to be subject to automated decision making in way that adversely affects your legal rights.


Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.

If you wish to exercise any of the rights explained above, please contact the Data Controller as detailed above.

Making a complaint

The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.


Appendix – website privacy notice

This privacy policy is for this website; and served by MIA & MCL Telecom Ltd, 43 Victoria Road, Burgess Hill, West Sussex, RH15 9LR, and governs the privacy of its users who choose to use it. It explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) [pre GDPR enforcement] and the PECR (Privacy and Electronic Communications Regulations).


This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA & PECR are adhere to. Additionally, it will explain the use of cookies or software, advertising or commercial sponsorship from third parties and the download of any documents, files or software made available to you (if any) on this website. Further explanations may be provided for specific pages or features of this website in order to help you understand how we, this website and its third parties (if any) interact with you and your computer / device in order to serve it to you.

The DPA & GDPR May 2018

We and this website comply to the DPA (Data Protection Act 1998) and already comply to the GDPR (General Data Protection Regulation) which came into effect from May 2018. We will update this policy accordingly after the completion of the UK’s exit from the European Union.


Use of cookies

This website uses cookies to better the users experience while visiting the website. As required by legislation, where applicable this website uses a cookie control system, allowing the user to give explicit permission or to deny the use of /saving of cookies on their computer / device.


What are cookies? 

Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.


Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.


Website visitor tracking 

This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.


Downloads & media files

Any downloadable documents, files or media made available on this website are provided to users at their own risk.


While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.


We accept no responsibility for third party downloads and downloads provided by external third-party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.


Contact & communication with us

Users contacting us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.


Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.


Email mailing list & marketing messages

We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all our Mailchimp lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.


Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.


Our EMS (email marketing service) provider is Mailchimp and you can read their privacy policy in the resources section.


External website links & third parties

Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; LinkedIn, LinkedIn or


Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.


We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.


Social media policy & usage

We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.


There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.


Resources and further information

Overview of the GDPR – General Data Protection Regulation

Data Protection Act 1998

Privacy and Electronic Communications Regulations 2003

The Guide to the PECR 2003

Twitter Privacy Policy

Facebook Privacy Policy

Google Privacy Policy

LinkedIn Privacy Policy

Nine Telecom Privacy Policy

Mailchimp Privacy Policy