It is important to understand who is responsible for keeping personal data safe. MGAC is the “controller” of all personal data collected and used, and we are responsible for deciding how and why data is used, and for ensuring that personal data is handled legally and safely.
We collect data from several different sources. Some data is collected directly from individuals; for example, from forms, inquiries, surveys, or applications someone completes on or about the Website; communications sent through or regarding the Website or information thereon; through surveys we provide; or when opted-in to receive MGAC email marketing communications. This data includes an individual’s full name, company name, and email address. When applying for career opportunities at MGAC, we collect candidate curriculum vitae (resumes) and application details, which include the candidate’s name; address; email address; contact telephone numbers; current and previous employers; details of past work responsibilities, skills, and experiences; education; and qualifications along with references.
Additionally, data is collected automatically as an individual navigates through MGAC’s Website. We collect information which includes viewing history, IP addresses, device identifiers, and information about how long someone has stayed on certain pages or what pages that individual has clicked on (Behavioral Data). Some of this information may be used for analytics and advertising purposes.
We do not knowingly collect or process data from anyone under the age of thirteen (13) years old. Our services are intended to be used by adults and corporate entities interested in MGAC. They are not intended for children, and MGAC does not knowingly collect or store personal information about children under the age of 13.
We collect and use personal data in several different instances:
- Communications. We use data to comply with requests, respond to inquiries, and send newsletters, publications, or other information that may be requested. If an individual contacts us by email through the Website, we may keep a record of this individual’s contact information and correspondence and use it to respond. We will further use the data to fulfill any other purposes for which it was provided, and as disclosed at the time the data is collected.
- Business Operations. We may also use data to conduct data analysis or audits that enable us to operate and improve the performance of our firm and tailor our Website.
- Marketing. We may contact an individual about certain matters that may be of interest to them.
- Services. We may also use personal data to contact an individual from time-to-time with product or service updates; provide the information, services or support an individual requests and related after-sales services; manage our relationship with that individual and to carry out any related administration.
- Employment. All career application data submitted by an individual is used to match that individual to suitable graduate program, trainee program, internship, or job across the MGAC business only.
All data and information that is provided to us, or that we collect, is confidential and can only be accessed by authorized MGAC personnel and is solely used for MGAC business and marketing purposes. An individual’s data will be kept until that individual notifies us.
Personal data collected by MGAC may be stored and processed in an individual’s region, in the United States, and in any other country where MGAC or its affiliates, or service providers operate facilities. These parties may be engaged in, among other things, the fulfillment of information requests, meeting requests, and the provision of support services. Typically, the primary storage location is in an individual’s region or in the United States. By submitting personal data, an individual agrees to this transfer, storing, or processing.
We transfer personal data from the European Economic Area (EEA) to other countries. When we do, we use a variety of legal mechanisms, including specific intercompany contracts, to protect data and fulfill individual rights.
We will keep personal information confidential, and we will only share it when necessary, with companies that host our web servers, analyze data, and provide marketing assistance; our insurers, auditors; lawyers, and other external advisors; and our customers or potential customers in the event of a referral.
We also may use or disclose personal data if we believe that we are required to do so for any of the following reasons:
- To comply with applicable law or respond to requests from governmental, regulatory, or public authorities.
- To protect our clients, for example to prevent spam, attempts to defraud, or other criminal offenses.
- To operate and maintain the security of our systems, including to prevent or stop attacks on our systems or networks.
- To protect the rights, interests, privacy, security, property, business, or safety of MGAC, our partners, and our people, and the users of the Website or the public.
- In connection with actual or proposed litigation.
We have implemented technical and organizational controls to protect personal information to comply with the latest data protection requirements. The measures include the following:
- Anti-virus, firewall, and malware protection software.
- Access control regimes.
- Employee training and e-learning.
- Use of password protection, Multi-Factor Authentication, and constant scanning using industry standard vulnerability scanning tools.
Our security measures are kept under monthly review and are regularly updated to reflect developments in technology and security, and changes to our business.
How to Unsubscribe
An individual can opt-out of receiving MGAC marketing emails at any time by following the instructions to unsubscribe in any of our email marketing communications. All opt-out requests will be honored from our mailing lists with immediate effect. Unsubscribing will not remove any previously collected data tracking information.
Rights under EEA Law
An individual has the right to request from us access to their personal information. Anyone based in the EEA can:
- Request access to their personal data that we hold.
- Request the data to be updated or corrected.
- Request for the data to be deleted.
- Restrict the processing of personal data.
- Object to the processing of personal data.
Getting in Touch