mrl

Donate

1. Introduction

MRL® Public Sector Consultants Ltd (“MRL”, “we”, “us”, “our”) is committed to protecting the privacy and security of personal data. This Privacy Policy outlines how we collect, use, store, and protect personal information in accordance with the UK GDPR, the Data Protection Act 2018, and other applicable laws.

2. Who We Are

MRL is a UK-based consultancy firm providing services to public sector organisations. We may collect personal data in the course of providing consulting services, conducting research, or operating our business.

Contact Details:
MRL® Public Sector Consultants Ltd
[Insert Office Address]
Email: [Insert Email]
Phone: [Insert Phone Number]
Data Protection Officer: [Insert Name or Title if applicable]

3. What Information We Collect

We may collect and process the following categories of personal data:

  • Identification Data: Full name, job title, date of birth.
  • Contact Data: Address, phone number, email address.
  • Professional Data: Employment details, organisation name, public sector role.
  • Technical Data: IP address, browser type, usage data (from website analytics).
  • Communication Data: Records of communications with clients, stakeholders, or service users.

4. How We Collect Your Data

We collect data through:

  • Direct interactions (e.g. emails, meetings, forms).
  • Our website (e.g. through cookies or contact forms).
  • Third-party public sources (e.g. government websites or directories).
  • Contractual engagements with public sector bodies.

5. How We Use Your Data

We use personal data to:

  • Provide consulting services to clients.
  • Communicate with clients, stakeholders, and suppliers.
  • Manage contracts, billing, and administration.
  • Comply with legal or regulatory obligations.
  • Improve our services and website functionality.

6. Legal Basis for Processing

Our processing of personal data is based on one or more of the following legal grounds:

  • Performance of a contract – where data is required to deliver services.
  • Legal obligation – to comply with regulatory or statutory duties.
  • Legitimate interests – to operate our business effectively.
  • Consent – where we rely on your consent (e.g. for marketing, if applicable).

7. Data Sharing and Disclosure

We do not sell personal data. We may share data with:

  • Public sector clients and authorities (as required by contract).
  • Professional advisors (e.g. legal, accounting, or audit firms).
  • Service providers who support our IT, cloud storage, and operations (under confidentiality agreements).
  • Law enforcement or regulators, when required by law.

8. Data Retention

We retain personal data only as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. After this, data will be securely deleted or anonymised.

9. Data Security

We implement appropriate technical and organisational measures to protect personal data against accidental loss, misuse, or unauthorised access. These include:

  • Secure servers and firewalls.
  • Access control and encryption.
  • Staff training and confidentiality agreements.

10. Your Rights

You have the following rights under the UK GDPR:

  • Right to access your data.
  • Right to rectify inaccurate data.
  • Right to erasure (in certain circumstances).
  • Right to restrict processing.
  • Right to data portability.
  • Right to object to processing.
  • Right to lodge a complaint with the Information Commissioner’s Office (ICO).

To exercise your rights, contact us at: [Insert Email or DPO contact]

11. Cookies and Website Tracking

We use cookies to improve user experience and website functionality. You can manage cookie settings in your browser. For more information, see our [Cookie Policy] (if applicable).

12. Updates to This Policy

This Privacy Policy may be updated periodically to reflect legal, regulatory, or operational changes. The latest version will always be available on our website.