EU General Data Protection Regulation
The EU General Data Protection Regulation (GDPR) is a legal requirement in the UK and across the European Union. It unifies many current data sharing requirements and will give persons the ability to have more control over how their personal data is stored and distributed. Said persons are to be more informed on how their data is used and can expect absolute clarity from data processors who are storing their data.
Data controllers, such as Manic Panic UK (Colour Distribution LTD), must now prove their awareness of the importance of protecting personally identifiable data. Persons providing their data to processors must be made aware of how their data is being used and stored before the information is disclosed.
Our Commitment to GDPR Responsibilities
We are committed to being GDPR compliant and have many processes put in place to ensure that our customers’ and account holders' data is dealt with in a safe and proper manner.
Data provided to Manic Panic UK will be used in the interest of helping customers to complete their orders successfully and keeping you updated. Data kept past the point of successful delivery will be used for remarketing purposes (if the client has opted in) or to improve the experience for returning customers.
For wholesale account holders & applicants
Data provided to Manic Panic UK during account applications will be used in the interest of completing the necessary checks required to approve or decline an account.
Data provided will be viewed by the relevant department to help determine the success of an account application. We may carry out credit checks and identity checks when you apply for services for you or your business and we may share your personal information with Credit Reference Agencies to help us with this. We may continue to share your personal data with Credit Reference Agencies as long as you are a customer. If we ask Credit Reference Agencies about you or your business, they will note it on your file. We process personal data to comply with our legal obligations and statutory requirements. We process personal data so as to safeguard the legitimate interests pursued by us or a third party.
We will keep your personal data for as long as we have a relationship with you as an individual or as a business. Once this relationship has ended we generally keep your data for up to two (2) years. We keep prospective customer data for six (6) months from the date of notification of rejection.
To promote further transparency, we have also made sure to provide our customers and account holders with an extensive list of the processes and software in which their data may come into contact with once it is has been inputted onto our website. Please see our Data Sharing Policy here.
Our Commitment to Your Individual Rights
As the owner and subject of the data in question, you have certain rights and control over the details you input onto www.manic-panic.co.uk. As the data controller of information provided, we are required to uphold your right to the following conditions:
- Right to be forgotten: you can request your data to be removed from our database and servers. This request will be fulfilled immediately, with all of your information being completely removed and you being notified of this successful deletion.
- Right to object: this allows customers to opt-out of certain actions or processes that they do not want their data to be a part of. Customers are free to opt-in and opt-out of marketing and correspondence at any time.
- Right to rectification: you are able to amend and update any information that you believe to be incorrect. This could be categories including, but not limited to, change of address or name. This promotes accuracy within our customer information, increasing its validity.
- Right to access: this permits you to have full transparency and control over how your data is handled. You are able to request additional information on what data is being stored and for what purposes. It is our obligation to provide you with this information in full.
- Right to portability: this allows you to request your data be transferred between controllers. When requested, we will be able to aid the transfer of your personal information to another data processor. This involves providing your information in a machine-friendly format.
Should you have any questions, queries or requests regarding the movement of your personal information then please contact us via firstname.lastname@example.org.