Contact Us

Privacy Policy

The Controller - Who we are:

We are the Ballyvesey Group of Companies (see attached Appendix 1 for full listing).


Data Protection:

Data Protection in the Ballyvesey Group is administered by the GDPR Steering Group.

• Alan Thomson (Finance)

• James Darragh (Compliance & HR)

• Gordon Willis (ICT)

• David Andrews (Chief Information Officer)

All members of the GDPR Steering Group have received training on data protection and information

security relating specifically to their responsibilities. In addition, at least one member of the Steering

Group holds a General Data Protection Regulations Practitioner Certificate.

The steering group can be contacted by emailing: dataprotection@ballyvesey.com

Or, alternatively by writing to:

Data Protection, Ballyvesey Group, 607 Antrim Road, Newtownabbey, BT36 4RF

Categories of Data Collected:

To provide a service to our customers it is necessary to collect data. The data we collect may include,

Public Data, Company Data, Third Party Data and Personal Data. Personal Data is protected in law by

the General Data Protection Regulations 2018 and UK Data Protection Act 2018.


Processing of Data:

Client & third party data is collected if required to carry out the reasonable instructions of the client

in the performance of the legitimate business interests of Ballyvesey Group. Client and or Third

Party data may also be collected to meet any legal obligation place upon the controller by a

statutory provision. These purposes may include, but are not limited to, the raising of orders,

invoices and accountable record keeping, to produce revenue in the interests of the business,

statutory taxation, prevention of fraud and criminal offences and protecting the company assets and

revenues.


Who will receive the data:

In most cases the data will only be processed by the Group Company engaged by the client in the

course of their business operations. For accountable record keeping and statutory obligations, some

data may be shared throughout other parts of the Ballyvesey Holdings Group wherein they process

parts of the data on behalf of Ballyvesey Group. Data will only be provided to third parties where

there is a legal obligation to do so, or the client requires us, in order to fulfil their operational

requirements. Information may be provided to a Credit Reference Bureau when processing a credit

history check.


International Transfer:

Ballyvesey Group, on rare occasions may be legally obliged to provide some information to other

countries within EEA, such as Republic of Ireland etc. for border / custom controls and inter-state

taxation. No data is transferred out of EEA at this time, if we facilitate a client request which requires

this, we will discuss those obligations at that time.

Retention Period:

In order to comply with the legal obligations of statutory provisions for taxation we will retain

relevant records for a period of seven years. In doing this we will practice data minimisation and only

retain the actual data we will need to meet this requirement.


Your Rights:

Ballyvesey Group undertakes to protect the rights and freedoms of all individuals whose data we

process. We will uphold the principles in Article 5 of the General Data Protection Regulations, as

directed by European Court of Justice and when applicable the rights provided under statute by any

Act of the United Kingdom’s Parliament having gained Royal Assent from the Data Protection Bill

2018. We respect any individual’s right to:

• Submit a Subject Access Request for their personal data

• Request correction and/or deletion of inaccurate or incorrect personal data

• Object to our processing of their personal data, if our processing is not lawful, fair, nor

transparent

• Have us explain to you the impact of failing to provide, withdrawing consent, or objecting to

our processing of your personal data and the effects that may have

If you are still not satisfied that we have dealt with any complaint regarding your personal data, in a

comprehensive and professional manner, you have the right to complain to the Information

Commissioner’s Office (ICO).


Automated Systems:

To protect the legitimate business interests of the Ballyvesey Group, the results of a credit history

check may be determined by automated decision making processes provided by the Credit

Reference Bureau. If you disagree with the result, you can request that we humanly review that

decision. Price comparison and limited customer profiling processes may be used to determine the

best value for our customers and to maintain competitiveness in the market. We will endeavour to

inform you as and when any further automated processes, other than those already stated, are used

within the operation parameters of our business.


Document Downloads


CCTV Release Form

CCTV Policy

Appendix 1

Employee Privacy Notice

MTG Client Privacy Notice

MTG Group Privacy Notice Statement

MTG Supplier Privacy Notice 

Schedule Disclosure Request Form

Section 45 Subject Access Request