Ways that we collect information
We may collect and process the following personal data (information that can be uniquely identified with you):
- information required to access the services provided by us, including your name, job title, business address, e-mail address and telephone number;
- records of any correspondence between you and us;
- details of your visits to our website and the resources that you access;
- information we may require from you when you report a problem with our website.
You do not have to supply personal data to us but you may not be able to take advantage of all the services we offer without doing so.
We also collect online identifiers such as Internet Protocol (IP) addresses and cookies. These may be personal data if they can be used to identify you. An IP address is a number assigned to your computer by your Internet Service Provider (ISP) so you can access the internet. We use your IP address to diagnose problems with our server, report aggregate information, and determine the fastest route for your computer to use in connecting to our website and to administer and improve the website.
Use and Disclosure
We will only collect and use your personal data if we are satisfied that it is fair and lawful.
We use your personal data when we have a legitimate interest and your privacy rights do not override our interests in the following ways to:
- ensure that the content of our website is presented in the most effective manner for you and for your computer, and customise our website to your preferences;
- allow you to participate in features of our website and other services;
- analyse how users are making use of our website and to assist in making general improvements to the website;
- carry out and administer any obligations arising from any agreements entered into between you and us;
- for internal marketing and research purposes.
We always ask for your consent for non-essential cookies (see the Cookies section).
MycoHAB does not carry out any direct marketing activities and we do not carry out automated decision making which has a legal effect or otherwise significantly affects you.
We do not disclose any information that you provide to us to any third parties except:
- if we are under a duty to disclose or share the information in order to comply with any legal obligation (for example, if required to do so by a court order or for the purposes of prevention of fraud or other crime);
- where we need to share the information with a regulator;
- to protect the rights, property, or safety of MycoHAB, our website’s users, or any other third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
- where information is shared with our suppliers (for example, our lawyers, accountants or third party contractors who provide technical support);
- where you have given us consent to share the information with the specific third party; or
- as part of a transfer of our assets to any third party, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, merger, reorganisation, change of legal form, dissolution or similar event (we will notify you in advance and take steps to ensure that your privacy rights will continue to be protected).
Retention of Data and Data Security
We retain information for as long as is required by statute or other regulation.
Retention periods may be extended or reduced if we deem it necessary, for example, to defend legal proceedings or if there is an on-going investigation relating to the information.
Hard copy data is securely stored on our premises or off site by a specialist storage provider. Electronic data is held on specialist software designed specifically for such purposes.
We take steps to protect data that you transmit from your computer to our website, and to protect such data from loss, misuse and unauthorised access, disclosure, alteration, or destruction. We use leading technologies to safeguard your data and operate strict security standards to prevent any unauthorised access to it.
We have in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
If you do not consent to cookies, this will not affect your access to the majority of information available on our website but you may not be able to make full use of our online services.
We use log files generated by our web servers to analyse website usage and statistics. Log file analysis helps us to understand usage patterns on our website and to make improvements to our service.
You have the right to:
- Request access to your personal data (commonly known as a subject access request). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Ask us to correct personal data that we hold about you which is incorrect, incomplete or inaccurate.
In certain circumstances, you also have the right to:
- Ask us to erase your personal data from our files and systems where there is no good reason for us continuing to hold it.
- Object to us using your personal data to further our legitimate interests (or those of a third party).
- Ask us to restrict or suspend the use of your personal data, for example, if you want us to establish its accuracy or our reasons for using it.
- Ask us to transfer your personal data to another person or organisation.
If you have given your consent to us processing your personal information, you have the right to withdraw your consent at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your personal information and, subject to our retention policy, we will dispose of your data securely.
If you want to exercise any of these rights, please contact firstname.lastname@example.org
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to speed up our response.
We cannot be responsible for the privacy policies and practices of websites that are not operated by us, even if you access them via a website that is operated by us. We recommend that you check the policy of each website you visit and contact its owner or operator if you have any concerns or questions.
In addition, if you came to our website via a third-party website, we cannot be responsible for the privacy policies and practices of the owners or operators of that third party website and recommend that you check the policy of that third party website and contact its owner or operator if you have any concerns or questions.
Transferring your information outside of Mauritius
As part of the services offered to you through our website, the personal data you provide to us may be transferred to, and stored at, countries outside of Mauritius which may not have similar data protection laws. By way of example, this may happen if any of our servers are from time to time located in a country outside of Mauritius or one of our service providers is located in a country outside of Mauritius. We may also share information with regulatory or equivalent national bodies located in countries worldwide.
If you use our website while you are outside Mauritius, your information will be transferred outside Mauritius in order to provide you with those services.
By submitting your personal data to us you agree to the transfer, storing or processing of your information outside Mauritius in the manner described above.
If at any time you would like to contact us with your views about our privacy practices or with any enquiry relating to your personal information, you can do so by way emailing us at email@example.com
You have the right to make a complaint at any time to the Data Protection Office (ICO), the Mauritius supervisory authority for data protection issues – https://dataprotection.govmu.org/Pages/Home%20-%20Pages/Take%20Action/To-report-your-Complaint.aspx