You are advised to read this policy carefully before using our website.
Mayden House Limited trading as Mayden (We or Us) is committed to protecting and respecting your privacy.
This Policy explains when and why We collect personal information about individuals who visit our website, how We use it, the conditions under which We may disclose it to others and how We keep it secure. It applies to information We collect about visitors to our websites, surveys and job applications.We may change this Policy from time to time so please check occasionally to ensure that you are happy with any changes. By using our website, you are agreeing to be bound by this Policy and our Terms and Conditions. If you do not accept this Policy, you should stop using our website immediately.
Any questions regarding this Policy and our privacy practices should be sent by email to info@mayden.co.uk or by contacting our Data Protection Officer at: Mayden, The Old Dairy, Melcombe Road, Bath, BA2 3LR.
Who are we?
Mayden provides end-to-end managed web applications and bespoke system development to the healthcare sector. We specialise in innovative, flexible and cloud-based software solutions. The registered address is 1 Widcombe Crescent, Bath, BA2 6AH. Registered in England with company number 4005808.
We are registered with the Information Commissioner’s Office as a data controller (which means we make decisions about what personal data we collect from you, and how we use it) under registration number Z5351045.
Information you provide to us
This Privacy Policy sets out the basis on which any personal information that We collect from you, or that you provide to Us, will be processed by Us. Some of this information will be personal data, which is specifically protected under Data Protection Legislation.
To the extent that you supply Us with personal data about third parties (for example, your employer) you are confirming that you are entitled and authorised to disclose such data to Us and that We are entitled to use such information in the same way that we use information about you as described in this Privacy Policy.
Reasons for collecting your personal information
There are a number of ways in which you may provide Mayden with personal information. We must have a lawful basis (which means we must have a legal reason) for collecting and using your personal data. There are six legal justifications which organisations can rely on under UK and European Law. The most relevant of these to Us are where we use your personal data to:
- Pursue our legitimate interests (our justifiable business aims) but only if those interests are not outweighed by your rights and freedoms (e.g. your right to privacy); and
- Comply with a legal obligation that we have.
The table below sets out the lawful basis we rely on when we use your personal data. If we intend to use your personal data for a new reason that is not listed in the table we will update our privacy notice and notify you.
Purpose | Category of personal data | Lawful basis |
When you fill in our ‘contact us’ form to request information about our products and services | Name, Email Address, Telephone Number | Legitimate interest (necessary to provide our services and for product and service improvement purposes) |
When you complete surveys on this site, | Name, Email address. | Legitimate interest (necessary to provide our services and for product and service improvement purposes) |
When you register on this site to sign up to our newsletters or job alerts | Name, Email Address, Job Title and Organisation Name | Legitimate interest (necessary to provide our services and for product and service improvement purposes) |
When you provide Us with information for the purposes of processing a job application | Name, Telephone Number, Email Address, Education and Employment History (CV) and any correspondence we have with you during the job application process. | Legitimate interests (necessary to provide our services)
Legal Obligation (complying with our legal obligations to include checking your eligibility to work in the UK as required by immigration law) |
Taking steps to enter into a contract with you, if you have been successful in applying for a position. | Name, Telephone Number, Email Address, Home Address and any correspondence we have with you during the job application process. | Legitimate interests (necessary to conclude our contract with you and obtain contact details for key personnel |
The onboarding process requires the following information from you. | Name
Marital status Gender pronoun Date of birth Phone number(s) Email address Home address Emergency contact details (Name, relationship to you, Phone number(s), Email address, Home address |
Legitimate interests (necessary to conclude our contract with you and obtain contact details for key personnel |
When you contact Us to make requests or report faults. | Name, Email Address, Job Title and Organisation Name | Legitimate interest (necessary for product and service improvement purposes) |
Details of your visits to our website (and your computer) allows us to observe where things went wrong, and administer, maintain and update our website in order to provide you with a better user experience. | Technical Data about the device used to access our website, which could include your IP address, operating system and browser type. Usage data about your visit which we obtain through server logs and the use of cookies.
This is statistical data about our users’ browsing actions and patterns and is collected for system administration purposes and is not personalised to you. This is carried out using Google Analytics. |
Legitimate interest (necessary to provide our services and website, monitor and improve network security and prevent fraud)
Consent you give when accepting non-essential cookies on our website to use your personal data for analytical and advertising purposes |
Sending Marketing Communications | Name, Email Address, Job Title and Organisation Name | Legitimate interests (necessary to promote our services and grow our business) |
Online Job Applications
When you apply online for a job through the Mayden website your application is automatically sent as an email to our HR Department. All of the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes. The information you provide will be held securely by Us whether the information is in electronic or physical format.
We will use the contact details you provide to Us to contact you to progress your application. We will use the other information you provide to Us to assess your suitability for the role you have applied for. By submitting your information, you give Us permission to share it with any Mayden employee who is involved with shortlisting and at any stage of the recruitment process, for any role We feel you may be suitable for, without the need for any prior additional explicit consent. If you would like to restrict your information to only the role you are applying for, please let Us know when you submit your application details.
What information do we ask for, and why?
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. The information We ask for is used to assess your suitability for employment. You don’t have to provide what We ask for but it might affect your application if you don’t.
Application Stage
The online form will ask you to provide your contact details which will include name, phone number, email address, if you have the right to work in the UK and if you have any unspent criminal convictions. You will also be asked to submit your CV to cover skills, qualifications and experience. This file is then emailed directly to our HR department who will have access to all this information. All files are then deleted from the server, so no personal data is ever stored on the server.
Your information will be shared with the recruiting team who will review and shortlist applications for interview. If you are invited to attend an interview, depending on the role that you have applied for, you may be asked to participate in assessments, complete tests or occupational personality profile questionnaires, or a combination of these. Information will be generated by you and Us. For example, you might complete a written test or We might take interview notes.
Offer of employment
If We make you an offer of employment We are required to confirm the identity of our staff, their right to work in the United Kingdom and seek assurances as to their trustworthiness, integrity and reliability.
You will therefore be required to provide:
- Proof of your identity – you will be asked to attend our offices with original documents, We will take copies.
- Proof of your qualifications – you will be asked to attend our offices with original documents, We will take copies.
- We will contact your referees, using the details you provide in your application, directly to obtain references.
- Bank details – to process salary payments
- Emergency contact details – so We know who to contact in case you have an emergency at work
How long is the information retained for?
If you are successful, the information you provide during the application process will be retained by Us as part of your employee file for the duration of your employment, and up to 6 years following the end of your employment. This includes your criminal records declaration and records of any security checks and references.
If you are unsuccessful at any stage of the process, the information that you have provided until that point will be retained for 12 months from the closure of the recruitment campaign.
Information generated throughout the assessment process, for example interview notes, is retained by Us for 12 months following the closure of the campaign.
Who we share your personal data with
The anonymous information generated by Google Analytics cookies about your use of this website is transmitted to Google. This statistical information is processed to compile statistical reports on website activity for this site. This information helps us to optimise our content to better meet the needs of our customers.
We confirm that We do not provide, sell or otherwise disclose personal information We hold about you, including but not limited to for marketing purposes, to third parties unless we have your express permission or where we are under a duty to do so by applicable law.
Data storage and international data transfers
We usually store your data in the United Kingdom on secure cloud storage.
We may send to, and store data about you in a destination outside the United Kingdom (“UK”) or European Economic Area (“EEA”) which may be processed by staff operating outside the UK or EEA who work for Us or for one of our suppliers (third parties). We will ensure that the appropriate due diligence and safeguards are in place with the relevant third parties to protect your data in accordance with applicable laws.
Your Marketing Preferences
You have a choice about whether or not you wish to receive information from Us. If you do not want to receive direct marketing communications from Us about our products and services, then you can select your choices by ticking the relevant boxes situated on the form on which We collect your information. If you wish to stop receiving marketing communications from Us by email you have the option to unsubscribe at any time.
We will not contact you for marketing purposes by email, phone or text message unless you have given your prior explicit consent. We will not contact you for marketing purposes by post if you have indicated that you do not wish to be contacted. You can change your marketing preferences at any time by contacting us by email: info@mayden.co.uk or telephone 01249 701100.
Your rights
Under Data Protection Legislation, you have certain rights as an individual which you can exercise in relation to the personal information We hold about you.
You have a right to:
- access and obtain a copy of the personal data that We hold about you and to ask Us to correct your personal data if there are any errors or it is out of date
- ask Us, in some circumstances, to restrict the processing of your personal data until any errors are corrected.
- object to the processing of your data where the organisation is relying on legitimate interests as the legal ground for processing.
- have your personal data erased which is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.
- ask Us, in some circumstances, to send either yourself or a third party a copy of the personal data we hold about you (in part or in full), which is also known as the ‘right to data portability’.
You can obtain further information about these rights from the Information Commissioner’s Office at: www.ico.org.uk or via their telephone helpline (0303 123 1113).
If you would like to exercise any of these rights you can do this by sending an email message to info@mayden.co.uk or by writing to the Data Protection Officer at: Mayden, The Old Dairy, Melcombe Road, Bath, BA2 3LR.
If you believe that We have not complied with your data protection rights, please let us know by emailing info@mayden.co.uk or by contacting our Data Protection Officer at the details provided above.
If you are not satisfied with how We respond to your complaint you can contact the Information Commissioner’s office through their website www.ico.org.uk or via their telephone helpline.
How you can access and update your personal information
The accuracy of your information is important to Us. Mayden complies with all applicable regulations when giving people access to their personal information. You can find out if We hold any personal information by making a ‘Data Subject Access Request’ under Data Protection Legislation. If We do hold information about you, We will;
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form.
If you would like to access any of the information We hold about you or have any concerns regarding the way We have processed your information then please email info@mayden.co.uk.
If We do hold information about you, you can ask Us to correct any mistakes by, once again, contacting Us on the email above.
Security
We are committed to ensuring that your information is secure. We have a number of security measures in place to protect against the loss, misuse and alteration of any personal information We receive from you via this website.
We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this policy. For example, our website uses an encrypted connection to make it difficult for unauthorised people to view information travelling between our server and your device.
Unfortunately, the transmission of information via the internet can never be guaranteed to be 100% secure. As a result, while We strive to protect your personal information, We cannot guarantee the security of any information you transmit to Us, and you do so at your own risk. Once We receive information, We make our best effort to ensure its security on our systems. Once We have received your information, We will use strict internal procedures and security measures to try to prevent unauthorised access.
We have ISO27001:2013 and our Information security policies and procedures are subject to regular external assessments by a UKAS accredited certification company.
How do we use Cookies?
The Mayden website uses ‘cookies’ to help you personalise your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you. They collect statistical data about your browsing actions and patterns and do not identify you as an individual.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalise Mayden pages, or register with the Mayden site or services, a cookie helps us to recall your specific information on subsequent visits. This helps Us to improve our website and deliver a better more personalised service.
You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
The below list details the cookies used in our website.
Cookie | Description |
---|---|
Necessary | |
cookielawinfo-checkbox-necessary | Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Necessary" category. |
cookielawinfo-checkbox-functional | The GDPR Cookie Consent plugin sets the cookie to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-performance | Set by the GDPR Cookie Consent plugin, this cookie stores the user consent for cookies in the category "Performance". |
cookielawinfo-checkbox-analytics | Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Analytics" category. |
cookielawinfo-checkbox-advertisement | Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category. |
cookielawinfo-checkbox-others | Set by the GDPR Cookie Consent plugin, this cookie stores user consent for cookies in the category "Others". |
elementor | The website's WordPress theme uses this cookie. It allows the website owner to implement or change the website's content in real-time. |
_GRECAPTCHA | Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks. |
JSESSIONID | New Relic uses this cookie to store a session identifier so that New Relic can monitor session counts for an application. |
viewed_cookie_policy | The GDPR Cookie Consent plugin sets the cookie to store whether or not the user has consented to use cookies. It does not store any personal data. |
CookieLawInfoConsent | CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie. |
Functional | |
lang | LinkedIn sets this cookie to remember a user's language setting. |
li_gc | Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes. |
lidc | LinkedIn sets the lidc cookie to facilitate data center selection. |
Analytics | |
_gid | Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously. |
_gat_gtag_UA_* | Google Analytics sets this cookie to store a unique user ID. |
_ga_* | Google Analytics sets this cookie to store and count page views. |
_ga | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. |
CONSENT | YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data. |
Advertisement | |
YSC | Youtube sets this cookie to track the views of embedded videos on Youtube pages. |
VISITOR_INFO1_LIVE | YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface. |
yt-remote-device-id | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
yt.innertube::requests | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::nextId | YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen. |
yt-remote-connected-devices | YouTube sets this cookie to store the user's video preferences using embedded YouTube videos. |
bcookie | LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs. |
bscookie | LinkedIn sets this cookie to store performed actions on the website. |
Others | |
VISITOR_PRIVACY_METADATA | Description is currently not available. |
li_alerts | Description is currently not available. |
Links to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website, so We encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you link to our website from a third-party site, We cannot be responsible for the privacy policies of the owners and operators of the third-party site and recommend that you check the policy of that third party site.
Amendments
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy.
This Privacy Policy was last updated April 2023.