Privacy Policy

MPMA Privacy Policy

MPMA’s Privacy Policy is devised to help you feel more confident about the privacy and security of your personal details and shows how MPMA intends to process, retain and remove your personal data, and the lawful basis for doing so. It is applicable to any personal information which is given by you or your company to the Association.

What data do we process and who is it shared with?


Data is held for MPMA existing members, and new contacts that are added throughout a
company’s membership. The information we hold on file about you is:

  • Forename
  • Surname
  • Company name and address
  • Office Telephone number (either main switchboard or direct dial)
  • Mobile number (where known)
  • Job Description (where known)
  • MPMA Committees and Working Groups you are or have been a member of
  • Events attended

Our lawful basis for processing this data is that it is “necessary for a member’s legitimate interests” and information is sent to members that we feel relevant to a specific role.

Data is only shared with individuals in your company and members of MPMA staff (who
have each signed a Confidentiality Statement) and is not shared with any other third parties apart from i) Whittle Industry Data, who compile some member statistics independently

Non members

New contact data is added to the database to receive information that has been requested,
and/or information that we feel is of interest to that individual.

Data processed includes only contact and company name, job role, email address and
telephone numbers, and a clear reason why we process and retain that data is recorded. In
addition, personal data gathered through attendance at meetings and events is retained (eg
dietary requirements) and is shared only with organising and event venue staff.

How can the contact data we hold be viewed, amended or removed?


Members can request to view, amend or remove the contact data that we hold, and view
the Committees and Contact Groups that we believe are of interest to your role, and which
form the basis of the communications sent to you. Alternatively a request for such data to
be viewed, amended or removed can be made by emailing or . Such data will usually be removed within three working days but
will always be removed within one month of such written request being received.


A request for your contact data to be viewed, amended or removed can be made at any
time by emailing or .

Requests to be removed will usually be processed within three working days but will always
be actioned within one month of such written request being received.

What data do we retain and what data do we remove?

If we are notified that an individual has left a company, the database will be updated so that
no further information is sent to that person. Contact data may be retained for up to ten
years at which time it will be deleted. This includes data gathered about an individual when
they register for a meeting or event.

As above, if a request is received for that data to be deleted this will usually be removed
within three working days but will always be removed within one month of such written
request being received.

What process do we have to secure disposal of personal data?

Once a request has been made to remove contact data, this will be carried out by the
Administration Manager in the timescales noted above.

For the purposes of GDPR, MPMA is both a Data Processor and Data Controller, and as
noted above our lawful basis for processing your data is that “the processing is necessary for
your legitimate interests” as defined in clause 6(1)(f) of the legislation.


You should be aware that information and data may be automatically collected through the
use of Cookies. “Cookies” are small text files that store basic information that a web site. We may use this to observe the behaviour and compile aggregate data in order to improve the
website and assess general usage.

Cookies do not attach to your system and damage your files. If you do not want information
collected through the use of Cookies, there is a simple procedure in most browsers that
allows you to deny or accept the Cookie feature.


Security is very important to us. Security procedures are in place to protect the
confidentiality, integrity and availability of Your User information. Your User information will not be kept longer than is necessary for the purposes stated at the collection point or in this Privacy Policy.

Would you like to receive our latest blog?

Sign up to recieve alerts

  • This field is for validation purposes and should be left unchanged.