top of page





This privacy notice provides you with details of how we collect and process your personal data.


If you need to contact us about anything related to this policy, please email, or write to MGA Ltd., 32 Paul Lane, Flockton Moor, Wakefield, WF4 4BP.


What Data Do We Hold?


We may hold the following data:

  • Your name

  • The name and address of the school/business where you work

  • Your school/business email address

  • Your school/business phone number

  • Your personal email address

  • Your personal mobile phone number


How We Will Use Your Data


We will use your data to contact you regarding offers of, or the delivery of, our services, and for evaluations and reporting back to the sponsors who fund our programmes.


Our Lawful Ground of Processing


Under General Data Protection Regulations we are only legally able to process your personal data if we have a lawful ground for doing so.


Our lawful grounds of processing are:

  • Use of people’s data in ways they would reasonably expect, and which have a minimal privacy impact, or where there is a compelling justification for the processing.

  • In relation to Customer Data we have obtained in regard to you booking our services that we hold for the purposes of fulfilling the delivery of that service, informing you about updates to the service and keeping records of the contract, the processing is necessary for the performance of a contract to which you are subject and for our legitimate interests in  informing you about updates to the product or service, record keeping, and to establish, pursue, or defend legal claim as responsible business operations.


We do not collect any Sensitive Data about you – data that details race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health and biometric data.


How We Collect Your Data


We obtain data about you from sources that are in the public domain, such as school websites, or phoning the school, or business premises where you are employed, and where information is volunteered. Further details may be obtained by direct communication with you once an offer of our service has been accepted.

Marketing Communications


Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests to grow our business or to deliver contractual obligations.


Under the privacy and Electronic Communications Regulations, we are permitted to contact you as one corporate body to another but are obliged to remove your details if we receive notification from you not to contact you again.


You can ask us or any third party to stop sending you marketing messages at any time by emailing us at


Disclosure of Your Personal Data


If your personal data is collated as part of an offering delivered by MGA Ltd on behalf of another business or corporation, the sponsor of the offering will be considered to be the Data Controller, and MGA Ltd the Data Processor. As such, your personal data will be made available to the business or corporation with compliance to the security of your personal data.


If your personal data is held by MGA Ltd for offerings (either employment or product) of MGA Ltd, MGA Ltd assume the role of Data Controller and Data Processor. Any data held, or shared with explicit permission, will be compliant to the security of your personal data. We require all third parties whom we share your data with, to respect the security of your personal data also, and to treat it in accordance with our instructions.


Data Security


We have security measures in place to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and will keep it confidential.


We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we were legally required to.


Data Retention


We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or reporting requirements.


When deciding what the correct time is to keep the data we will consider the amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by any other means and legal requirements.


Your Legal Rights


Under data protection laws you have rights in relation to your personal data that includes the rights to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.


You can see more about these rights at:


If you wish to exercise any of the rights set out above, please email us at


You will not have to pay a fee to access your personal data (or exercise any of the other right). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or refuse to comply with your request in these circumstances.


We may need to request specific information from you to help others confirm your identity and ensure your rights to access your personal data, or to exercise any of your other rights. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  We may also contact you to ask for further information in relation to your request to speed up our response.


We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.


If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office, the UK supervisory authority for data protection issues (


Please contact us first if you do have a complaint so that we can try to resolve it for you.

bottom of page