Header Logo

Privacy Policy

Privacy Policy

Effective Date: 1st January 2024

Mayatree Marketing is committed to respecting and protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information. Our practices align with the UK General Data Protection Regulation (UK GDPR), Data Protection Act 2018, and NHS standards for data privacy and security.


1. Who We Are

Mayatree Marketing is a healthcare marketing agency based in the UK, supporting the NHS and health tech suppliers with strategic communication and stakeholder engagement services. If you have questions about this policy or how we handle your data, you can contact us at:

Email: hello@mayatreemarketing.co.uk


2. Information We Collect

We may collect and process the following types of personal information:

  • Contact Information: Name, email address, phone number, and organisation.
  • Professional Details: Job title, role, and business needs.
  • Website Usage Data: IP addresses, browser type, and cookies to understand website usage.
  • Communication Records: Emails, phone calls, and other interactions.
  • Contractor Information: When contracting individuals to fulfil obligations, we may process contact details, payment details, and professional credentials.


3. How We Use Your Information

We collect your information to:

  • Respond to inquiries and provide requested services.
  • Deliver and improve our services, including marketing strategies and resources.
  • Manage contracts with contractors and suppliers.
  • Analyse website traffic and user behaviour to enhance the user experience.
  • Send updates, newsletters, or promotional content, if you’ve opted in.
  • Comply with legal obligations or NHS-specific guidelines.


4. Lawful Basis for Processing

We process your personal data under the following lawful bases:

  • Consent: For sending marketing materials, newsletters, or promotional content (where you’ve opted in).
  • Contract: To fulfil obligations under a service agreement or contractor relationship.
  • Legal Obligation: To comply with applicable laws or regulations.
  • Legitimate Interest: For improving our services, ensuring website security, or communicating with clients and suppliers in a B2B context.


For B2B marketing communications, we rely on legitimate interest and ensure that our communications are relevant and non-intrusive. You can opt out of marketing communications at any time.


5. How We Protect Your Information

We implement robust security measures to safeguard your personal data, including:

  • Encryption of sensitive data.
  • Access controls to limit data access to authorised personnel only.
  • Regular audits and compliance checks to align with NHS data security standards.


6. Sharing Your Information

We do not sell your personal data. However, we may share it in the following circumstances:

  • Service Providers: With trusted third parties who assist us in delivering services (e.g., analytics providers or contractors).
  • Legal Authorities: If required to comply with legal or regulatory obligations.
  • NHS Partners: When collaborating on projects, with your consent where necessary.


7. Contractors and Suppliers

When contracting individuals or organisations to fulfil project obligations, we process their personal data to:

  • Ensure contractual obligations are met.
  • Manage payments and communications.
  • Verify credentials and compliance with project requirements.


8. Data Retention

We retain personal information only for as long as necessary to fulfil the purposes outlined in this policy or as required by law. Specific retention periods depend on the type of data and our legal or contractual obligations.


9. International Data Transfers

If personal data is transferred outside the UK, we ensure it is protected through appropriate safeguards, such as Standard Contractual Clauses or compliance with adequacy decisions.


10. Your Rights

Under the UK GDPR, you have the following rights:

  • Access: Request a copy of your data.
  • Correction: Rectify inaccuracies in your data.
  • Deletion: Request the deletion of your data under certain circumstances.
  • Restriction: Limit how we process your data.
  • Objection: Object to processing for specific purposes, including marketing.
  • Data Portability: Request transfer of your data to another service provider.
  • Withdraw Consent: Withdraw consent for marketing communications at any time.

To exercise your rights, contact us at hello@mayatreemarketing.co.uk.


11. Cookies

Our website uses cookies to enhance your browsing experience. For details, see our Cookies Policy.


12. Legal Disclosures

We may disclose your personal data to legal authorities or regulators where required to comply with legal obligations, prevent fraud, or ensure the security of our operations.


13. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website.