Privacy Policy

This privacy policy sets out how Midland Control Systems uses and protects any information that you give Midland Control Systems when you use this website. Midland Control Systems is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Midland Control Systems may change this policy from time to time by updating this page. You should check this page to ensure that you are happy with any changes. This policy is effective from 09.03.2023 What we collect We may collect the following information:
  • Name and job title
  • Contact Information – including email address
  • Demographic information such as postcode, preferences and interests
  What we do with the information we gather We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
  • Internal record keeping.
  • We may use the information to improve our products and services.
  • We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
  • From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
  Security We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. How we use cookies A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. Click here to learn how you can turn off cookies from within your browser. Links to other websites Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question. Controlling your personal information You may choose to restrict the collection or use of your personal information in the following ways:
  • Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
  • If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at sales@midlandcontrolsystems.co.uk
  We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please write to Cannock Enterprise Centre, Unit 11-13, West Cannock Way, Hednesford, Cannock, WS12 0QW. If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.

Privacy Policy for MCS Connect App

1. Introduction

Midland Control Systems (“we,” “our,” or “us”) operates the MCS Connect mobile application (the “App”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App.

By using the App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, do not use the App.

2. Information We Collect

2.1 Information You Provide Directly

When you register for an account, we collect:

  • Name: Your full name for account identification
  • Email Address: Used for authentication, password resets, and account management
  • Phone Number: Contact information for your user profile
  • Customer ID: Multi-tenant identifier to isolate your data from other customers
  • Password: Securely stored via our authentication system (we do not have access to plaintext passwords)

 

2.3 SMS Communications

The App sends SMS messages to security panel phone numbers to configure and control panels. These SMS messages contain:

  • Panel serial numbers
  • Configuration commands (callpoint settings, PIN codes, authorized numbers)
  • Relay operation commands

SMS messages are sent directly from your device through your mobile carrier. We do not intercept, store, or have access to the content of these SMS messages.

2.4 Automatically Collected Information

Our authentication and cloud services may automatically collect:

  • Authentication Data: Login timestamps, authentication tokens
  • Device Information: Device model, operating system version (collected for service functionality)
  • App Usage Data: Crash reports and error logs (for debugging and app improvement)

 

3. How We Use Your Information

We use the collected information for the following purposes:

  • Account Management: Create and maintain your user account, authenticate login attempts, and process password resets
  • Security: Protect against unauthorized access and maintain the security of your account
  • Communication: Send you password reset emails and account-related notifications
  • App Improvement: Analyze error logs to identify and fix bugs

 

4. Data Storage and Security

4.1 Cloud Storage

We use secure cloud infrastructure provided by trusted third-party service providers to store:

  • User Authentication: User authentication credentials (email and hashed password)
  • User Profile Data: Name, email, phone number, customer ID, and account creation timestamp

Location: Data is stored on secure cloud servers in professionally managed data centers with industry-standard security measures.

Security Measures: – All data transmitted to/from our cloud services is encrypted using TLS/SSL – Passwords are hashed and never stored in plaintext – Access controls are configured to ensure users can only access their own data – Re-authentication is required for sensitive operations (email changes, account deletion, password updates)

4.2 Local Storage (Device)

Panel configuration data (callpoints, PIN codes, authorized numbers) is stored locally on your device. This data:

  • Is NOT backed up to our servers
  • Remains on your device until you uninstall the App
  • Is protected by your device’s security features (screen lock, device encryption)

4.3 Data Retention

  • User Account Data: Retained in our cloud storage until you delete your account
  • Local Panel Data: Retained on your device until you delete the panel, clear app data, or uninstall the App
  • Authentication Tokens: Automatically expire according to our security policies

5. Data Sharing and Disclosure

We do NOT sell, trade, or rent your personal information to third parties.

We may share your information only in the following circumstances:

5.1 Service Providers

We use trusted third-party service providers to facilitate our authentication and cloud storage services. These service providers have access to your data only to perform tasks on our behalf and are obligated not to disclose or use it for other purposes.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, government agencies).

5.3 Business Transfers

If we are involved in a merger, acquisition, or asset sale, your personal information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Update

You can access and update your account information at any time through the App’s account settings:

  • Update your name, email, phone number, or customer ID
  • Change your password
  • View your current account details

6.2 Account Deletion

You can delete your account at any time through the App. When you delete your account:

  • Your user profile data is permanently deleted from our cloud storage
  • Your authentication account is permanently deleted
  • Local panel data on your device can be manually deleted before account deletion

Important: Account deletion is irreversible. You will need to re-authenticate recently before performing this action for security purposes.

6.3 Local Data Management

You can manage locally stored panel data at any time:

  • Delete individual panels, callpoints, PIN codes, or authorized numbers
  • Clear all local data by uninstalling the app

6.4 Communication Preferences

You will only receive transactional emails (password resets, account notifications). We do not send marketing emails. You cannot opt out of service-related communications while maintaining an active account.

7. Children’s Privacy

The App is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

8. Third-Party Services

8.1 Cloud Services

We use secure, industry-standard cloud infrastructure services for user authentication and profile data storage. These services are provided by reputable third-party vendors with strong security and privacy practices.

8.2 SMS Services

The App uses your mobile carrier’s SMS services to send messages to security panels. Your carrier’s privacy policy and SMS rates apply. We do not control or have access to carrier SMS logs.

9. International Data Transfers

If you are located outside the country where our cloud servers are located, your information may be transferred to and processed in that country. By using the App, you consent to such transfers. We ensure that our service providers comply with applicable international data protection regulations.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy in the App
  • Updating the “Last Updated” date at the top of this policy
  • (For significant changes) Sending an in-app notification or email

Your continued use of the App after any changes constitutes acceptance of the updated policy.

11. Security Measures

We implement appropriate technical and organizational measures to protect your personal information, including:

  • TLS/SSL encryption for all data in transit
  • Access controls to prevent unauthorized data access
  • Regular security assessments of our authentication flows
  • Required re-authentication for sensitive account operations
  • Local device encryption for SQLite database
  • Use of industry-leading cloud infrastructure providers

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate personal data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request restriction of processing in certain circumstances
  • Right to Data Portability: Request transfer of your data to another service
  • Right to Object: Object to processing of your personal data
  • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)

To exercise these rights, contact us using the information below. We will respond within one month.

Legal Basis for Processing:Contract Performance: Processing necessary to provide App services – Legitimate Interests: Fraud prevention, security, and app improvement – Consent: Where you have provided explicit consent

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Midland Control Systems Email: app@midlandcontrolsystems.co.uk Website: midlandcontrolsystems.co.uk

For data protection inquiries specifically, you may also contact our Data Protection Officer (if applicable) at [Insert DPO Email].

14. Dispute Resolution

If you have a complaint about our handling of your personal data, you have the right to lodge a complaint with your local data protection authority (for EU residents) or the Information Commissioner’s Office (ICO) in the UK.

Acknowledgment

By using the MCS Connect App, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.