Privacy Policy - the Protection and Processing of your Personal Data

Given that we are committed to the protection of your personal data, we process your personal data (abbreviated to “data”) exclusively on the basis of the statutory regulations. This data protection policy is designed to provide you with comprehensive information on how your data is being processed by our company and your rights and claims under the Data Protection Act 2018 and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as the case may be.

1.  Who is responsible for processing your data and who can you contact?

Responsible for data processing: 


1 Haslemere Business Centre

Lincoln Way, 

Enfield, Middlesex


Phone: 0208 443 4343


2.  What data is processed and what  are the sources of the data ?

We process data received from you in the course of initiating and establishing the contact, through the usage of our website ( We also process data from companies with which we have an ongoing business relationship.

The following personal data is processed when you use the contact form on our website: first name, last name, email address.

Should you consider applying for a job with us, we may process the following personal data: first name, last name, company, position, email address, phone number, date of birth, education and any other information you will see fit to provide through your CV. 

All details regarding the opportunities and the circumstances under which we consider your application, can be found here:  

3.  For what purposes and on what legal basis do we process the data?

By filling in your personal data on the contact page, or sending your CV to the designated email address, you hereby grant your freely given, specific and unambiguous consent for the processing of your data for the following purposes:

     to respond to your inquiry or first contact and for the associated technical administration. 

•   to evaluate and analyse your credentials in assessing whether you meet the requirements for a certain position / job within our organisation.

You can withdraw your consent, without explanations, at any given moment, by just sending us a short e-mail to: In this case, if we have no further legal grounds to process it, your data will be deleted. 

When you use the contact form on our website we also process the personal data in the purposes of our legitimate interests to expend our portofolio by informing you about any updates that may be of interest to you from other companies within the M Price Group. 

4.  Who receives your data?

Your personal data may be processed by M Price Ltd only according to the purposes mentioned above and we will not publish or make your data public, in any other context. 

Your personal data may also be transmitted to other companies within the M Price Group, but we have made sure that the appropriate security measures are in place and all the other entities comply with the relevant personal data protection regulations. 

If we commission a contracted processor, we will nonetheless remain responsible for the protection of your data. All contracted processors are under contractual obligation to keep your data confidential and to process these data within the scope we set out. The contracted processors commissioned by M Price Ltd. will only receive your data if these data are necessary to provide the respective services. These may include:

•     IT service providers required for the operation and security of our IT systems

       Service providers commissioned for programming and maintenance of our website / applicant database.

 5.  How long will your data be stored?

       If you use the contact form on our website to send us your personal data, your data will be deleted as soon as we have processed your inquiry.

       The data you send us through your CV, will be stored for a period of up to 6 months. 

6.  What are your data protection rights?

In accordance with the provisions of the data protection regulations, you have the following rights in connection to our processing of your personal data: 

Right of access:

You have the right to obtain information from us concerning whether and to what extent we process your data.

Right to rectification:

If we process data that is incomplete or incorrect, you shall have the right to obtain rectification or completion of this data from us at any time.

Right to erasure:

You have the right to obtain from us the erasure of your data in the event that we have unlawfully processed this data or if processing this data constitutes a disproportionate infringement of your legitimate interests. Please note that immediate erasure may be barred on some grounds, e.g. statutory retention provisions.

Right to restriction of processing:

You have the right to obtain restriction of processing your data if:

•   you contest the accuracy of the data, for a period enabling us to verify the accuracy of the data,

     the processing is unlawful, and you oppose the erasure of the data and request the restriction of their use instead,

     we no longer need the data for the intended purposes, but you require these data for the establishment, exercise or defence of legal claims, or

•   you have objected to the processing of the data.

Right to data portability:

You have the right to receive the data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit these data to another responsible party without hindrance from us, provided that the processing is carried out by automated means. If technically feasible, you have the right to have your data transmitted directly to another responsible party by us.

Right to object:

If we process your data on the basis of legitimate interests, you have the right to object to this processing, on grounds relating to your particular situation, at any time. We shall then no longer process your data unless we can demonstrate compelling, legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. 


You may exercise your above rights by sending a written, signed and dated request by email at or by post to us at: 1 Haslemere Business Centre, Lincoln Way, Enfield, Middlesex, EN1 1DX .

In addition to the above, you are also entitled to lodge a complaint regarding the processing of personal data, with the Information Commissioner’s Office -- Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113,



7.     Use of social sharing

We do not use plugins for the social media services for social sharing functionalities. Instead, we merely set a text (“follow us on Twitter” and “like us on Facebook”). These links do not transmit any data, such as your IP address, browser used, screen resolution, websites viewed, date and time, to the respective social media services.

However, if you click on a social sharing link while logged into your respective social media account, you can share the contents of our pages on your profile. This allows the social media service to assign your visit to our pages to your user account. Please note that as the provider of the pages, we are informed of neither the content of the transmitted data nor their use by Facebook or Twitter.

8.     Cookies

By accesing our website, you understand and agree that there is a cookies policy in place, as detailed below. 

Google Analytics is a simple, easy-to-use tool that helps website owners measure how users interact with website content. As a user navigates between web pages, Google Analytics provides website owners JavaScript tags (libraries) to record information about the page a user has seen, for example the URL of the page.

The Google Analytics JavaScript libraries use HTTP Cookies to "remember" what a user has done on previous pages / interactions with the website.

Google Analytics supports three JavaScript libraries (tags) for measuring website usage: gtag.jsanalytics.js, and ga.js. The following sections describe how each use cookies.

gtag.js and analytics.js - cookie usage

The analytics.js JavaScript library is part of Universal Analytics and uses first-party cookies to:

  • Distinguish unique users
  • Throttle the request rate

When using the recommended JavaScript snippet cookies are set at the highest possible domain level. For example, if your website address is, analytics.js will set the cookie domain to Setting cookies on the highest level domain possible allows measurement to occur across subdomains without any extra configuration.

gtag.js and analytics.js do not require setting cookies to transmit data to Google Analytics.

gtag.js and analytics.js set the following cookies:

Cookie Name

Expiration Time



2 years

Used to distinguish users.


24 hours

Used to distinguish users.


1 minute

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.


30 seconds to 1 year

Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.


90 days

Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.


Read the gtag.js Cookies and user identification guide to learn all the ways these default settings can be customized with gtag.js.

Read the analytics.js Domains & Cookies developer guide to learn all the ways these default settings can be customized with analytics.js.

Read the Security and privacy in Universal Analytics document for more information about Universal Analytics and cookies.

ga.js - cookie usage

The ga.js JavaScript library uses first-party cookies to:

  • Determine which domain to measure
  • Distinguish unique users
  • Throttle the request rate
  • Remember the number and time of previous visits
  • Remember traffic source information
  • Determine the start and end of a session
  • Remember the value of visitor-level custom variables

By default, this library sets cookies on the domain specified in the browser property and sets the cookie path to the root level (/). This library sets the following cookies:

Cookie Name

Default Expiration Time



2 years from set/update

Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.


10 minutes

Used to throttle request rate.


30 mins from set/update

Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.


End of browser session

Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.


6 months from set/update

Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.


2 years from set/update

Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics.


The following methods can be used to customize how cookies are set:

urchin.js - cookie usage

Historically, Google Analytics provided a JavaScript measurement library named urchin.js. When the newer ga.js library launched, developers were encouraged to migrate to the new library. For sites that have not completed the migration, urchin.js sets cookies identically to what is set in ga.js. Read the ga.js cookie usage section above for more details.

Google Analytics for Display Advertisers - cookie usage

For customers that are using Google Analytics' Display Advertiser features, such as remarketing, a third-party DoubleClick cookie is used in addition to the other cookies described in this document for just these features. For more information about this cookie, visit the Google Advertising Privacy FAQ.

Content Experiments - cookie usage

For websites using Google Analytics content experiments, the following cookies are used for these features in addition to the other cookies described in this document:

Cookie Name

Expiration Time



18 months

Used to determine a user's inclusion in an experiment.


18 months

Used to determine the expiry of experiments a user has been included in.

Optimize - cookie usage

For websites using Optimize, the following cookies are used in addition to the other cookies described in this document:

Cookie Name

Expiration Time



Depends on the length of the experiment, but typically 90 days.

Used to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.


24 hours

Used for campaigns mapped to Google Ads Customer IDs.


24 hours

Used for campaigns mapped to Google Ads Campaign IDs.


24 hours

Used for campaigns mapped to Google Ads Ad Group IDs


24 hours

Used for campaigns mapped to Google Ads Criterion IDs


24 hours

Stores the last utm_campaign query parameter.