BMPS Privacy Notice
Baby Mailing Preference Service (BMPS) Privacy Notice
BMPS understands its obligations to protect your privacy, the information that you provide to us is valuable in tackling the problem of personally addressed unsolicited direct marketing mail delivered to UK residential addresses. We therefore value it and wouldn’t want to use it in a way that you won’t expect.
This Privacy Notice informs you about what we do to protect your privacy and how you can control the way we use your personal data.
If you have any concern about how we use your data including making changes please contact us using the methods below:
- By Email: mps@dma.org.uk
- By Phone: 020 7291 3310
- By Post: BMPS, Rapier House, 40 Lambs Conduit Street, London, WC1N 3LJ
Information you provide to us
Information is provided to us directly via our website, email, over the phone, by letter or face to face, we will only ask for information that we need to enable us to provide the service requested. In order to administer the central ‘Do Not Mail’ register and the value added complaints handling service we normally ask you to provide us with:
- Your name
- Your contact details
- Your Postal address registered (or to be registered)
Information provided to us by other organisations
You may also provide your information to us via another website e.g. agencies who promote reduction in personally addressed unsolicited direct marketing mail, e.g. local authority and consumer protection organisations.
Any such information should have been collected under the other organisations Privacy Notice, we ask that you read and fully understand how they handle your personal data.
Information provided to us via cookies
A “cookie” is a piece of information, like a tag, which some websites create on your PC. Our cookies allocate each user of this website with a random number. The cookies used on this site are not used for the collection of any personal information. Our cookies will not be used to analyse your visits to other websites or track any internet searches you may undertake whilst on the website. The information collected via cookies will be used to track movement on this website and for statistical analysis.
How we use your data
We use your personal information in various ways to:
- Register your address unto the central ‘Do Not Mail’ register
- Process your complaint about receipt of unsolicited direct marketing mail
- Process query relating to registration or complaint handling
- Administer the process of enabling organisations who send out unsolicited direct marketing mail with a licence to facilitate screening against the central ‘Do Not Mail’ register so they can identify subscribers and addresses to which personally addressed unsolicited direct marketing mail must not be sent.
- Report to regulatory and enforcement bodies to enable enforcement against organisations who are reported by you to have failed to comply with their obligations relating to BMPS and/ or the Ad codes
- Research and statistical analysis
Who we share your data with
We only share your personal data for reasons directly relating to registration or complaint handling.
We use processors for our business operations who process personal data under our control:
- Advertising Standards Authority (ASA) who enforce advertising rules against all UK media
- Acxiom for registration unto the central ‘Do Not Mail’ register
- MIQ Solutions for website hosting and complaint handing application
- Aspire Technology Solution who provide our office and email hosting system
All servers unto which personal data is stored are held and processed within the European Economic Area (EEA).
If required we will disclose or share your information without your consent, for example if we are required to do so by the courts, the police or other legal reasons.
How we keep your personal information safe
We understand and take our obligations to keep your personal data safe and secure very seriously. We comply with all regulatory and best practice guides including the DMA Code.
We hold Cyber Essential Plus certification, a UK government backed scheme that protects against a whole range of the most common cyber attacks.
Personal information is accessible on a job specific basis with all staff members undergoing data handling training as part of their ongoing development.
We hold a document library of information governance policies and procedures which all staff members comply with.
We have specific technical controls in place to restrict access.
How long we keep your personal information
As part of our information governance we hold a data retention policy, we keep personal information in line with our data retention policy.
We hold on the register registrations for as long as the subscriber wishes to remain registered.
Our retention period for complaints reported about receipt of an unsolicited direct marketing mail is 6 years.
In relation to organisations who purchase a licence to enable screening against the register in order to identify consumers at their residential addresses to which personally addressed unsolicited direct marketing mail must not be sent, we have a statutory obligation to keep financial information.
Our retention period is 7 years for financial auditing purpose.
How to keep your personal information up to date
It is vital that we hold the correct address for you on the register for the service to be effective to you, we also require up to date contact details in order to communicate with you in direct relation to your registration or complaint handling.
Organisations who receive complaints about receipt of personally addressed unsolicited direct marketing mail must ensure that we are always provided with valid contact details to issue complaints.
To update your personal information please email mps@dma.org.uk .
How you can find out about the information we hold about you
It is your right to request from us a copy of the information that we hold about you.
To request a copy of some or all of your personal information, please write or email us using the contact details provided in this policy.
Once we have verified your identity which may involve asking you for various information and we have ascertained that we hold information about you we will:
- Give you a description of it
- Tell you why we are holding it
- Tell you who it may be shared with
- Provide you with a clear and coherent copy of the information
Our legal basis for processing your personal information
The legal basis upon which BMPS relies is that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Where the mailing breaches the Ad Codes, the complaint is referred to the ASA for appropriate action.
Asking us to suppress or remove your personal information
We would only contact you in direct relation to registration, complaints handling or administering the licence for access to the register.
Should you wish to remove your information entirely from our records (and assuming we have no other obligation to keep it) then please contact us notifying us of your wish.
We may need to hold for the purpose of suppression only.
Transfer to third countries
Organisations who are based abroad including outside the European Economic Area (EEA) who send personally addressed unsolicited direct marketing mail to UK residential addresses are expected to screen against the BMPS as appropriate.
The register is made available to organisations in third countries for the purpose of suppression only. This is done under a licence agreement in order to ensure the same level of data protection in the United Kingdom will apply.
What to do if you have a complaint
If you have a complaint regarding your personal information please contact us at mps@dma.org.uk .
If after our response you remain unsatisfied with the way your complaint was handled, it is your right to contact the Information Commissioners Office (ICO) https://ico.org.uk/concerns/
Links to other websites
Our privacy notice does not apply to third party websites that you may access from this website. We recommend that you familiarise yourself with the applicable privacy policy before entering any personal information on to a third party website.
Sale of business
Should BMPS be sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers’ advisers, passing it onto the new owners of the business. We will notify you should this occur and you will have the opportunity to request suppression or deletion at that time.
Changes to this policy
We ensure that this policy notice is reviewed regularly. This policy was last updated in May 2018.
Company Information
We are The Mailing Preference Service Limited (BMPS)
- Our company registration number is 01640762
- BMPS is a subsidiary of the Data & Marketing Association (UK) Limited, registration number 2667995
- Our Office is registered at Rapier House, 40 Lambs Conduit Street, London, WC1N 3LJ