Mdeg Limited is a full service media agency that collects data from a number of partners to help our clients accurately target their advertising, and other purposes as detailed in this policy.
We are committed to respecting your privacy and being transparent about how we collect your personal data, how we use your data, how we keep your data safe and your rights to access, amend, object or delete the data we hold about you.
We take our accountability for your data very seriously so if you feel there is a question that is not answered here, or if you would like more information about how we process your data, you can contact us at any time by emailing
or writing to
We compile our database using carefully vetted partners who have collected your data through:
Online Comparison Websites
Online Lifestyle Clubs
Online Offer websites
You have a right to withdraw your consent or object to our processing of your data under our and our service providers legitimate interest at any time by contacting us using the details at the top of this policy.
What type of information we hold about you?
We only hold personal information about you that you have provided to our data partners. This includes names, postal addresses, email addresses, telephone numbers, IP addresses, lifestyle and demographic data.
We do not hold or process any sensitive data about you such as:
Data relating to children
What do we use your data for?
Your data is used by our clients for the following purposes:
The sending of relevant marketing communications - to help our clients decide whether or not marketing communications will be relevant to you
Verification and enhancement of customer and marketing databases - to help our clients keep their own databases up to date and to add extra information to help them make better decisions about how and when to communicate with you
Enhance targeting relevance through market research, analysis, segmentation and profiling - to provide relevant and targeted marketing to consumers by preferred channel. The data that we provide to our Clients and Services Providers may be added to the information that they already hold about you. As an example, a car insurance company will check whether you have been a customer of theirs before. This is to ensure that they provide the right types of products, services and pricing to you.
Identity verification, credit and risk management, revenue collection, database tracing activities - to help our clients protect you – and themselves – from financial harm such as fraud or identity theft.
Who do we share your information with?
Your data may be used by our clients and their brands in the following areas:
Automotive – car dealerships and manufacturers
Careers and Education – job opportunities, college course details
Charity – volunteering, events
Entertainment and Leisure – sporting events, local activities
FMCG – supermarkets, pharmacies
Finance – bank accounts, credit cards, loans, mortgages, investments, pensions and savings
Insurance – car warranties, home insurance, life insurance, pet insurance, private medical insurance, travel insurance, vehicle insurance
Legal Services – claims management including PPI claims, will writing
Lifestyle – health and beauty, fitness
Marketing and Surveys – direct marketing, marketing agencies, market research, consumer surveys
Public Sector – local information and services
Publishing and Media – TV services, magazine subscriptions
Property – home improvements, estate agencies
Retail – clothing and fashion, food and drink, home furnishings, online retail
Telecoms – broadband and internet services, mobile phone contracts
Utilities – electricity and gas providers, solar power, water suppliers, energy saving solutions
In addition, we may supply some or all of your data, under strict licensing terms to Services Providers (which may include companies who will use it for a variety of direct and email marketing, targeted advertising, measurement, identity resolution, testing and resource & development purposes on behalf of themselves and/or their clients).
Services Providers carry out data profiling and will combine your data with data they get from other sources (including public sources) and use it to create “predictive models”. Services Providers use these models to try to predict behaviour and preferences (e.g. how likely you are to buy a holiday online or take a particular type of holiday) or likely circumstances (e.g. whether you are eligible for a particular credit card).
Some Services Providers use the data we supply to help their clients with fraud prevention, tracing and ID verification.
Services Providers will also try to match and then link your data with data that they receive about you from other sources, to make sure that the data they hold about you is correct (e.g. to check whether you have recently moved address).
They share your data, including the profiled data they have created about you, primarily to:
help organisations better understand the likely characteristics of their customers (and find others like them);
improve the relevancy and appropriateness of an organisation’s marketing to its customers (e.g. offers, its products and services); and
help them communicate with their customers more effectively offline and online. This may mean that you receive tailored advertising via direct mail or when you visit a website.
In sharing your data with Services Providers, we rely on a lawful ground called ‘legitimate interest’, as our business depends on our ability to partner with third parties who process personal data for marketing-related reasons.
The Services Providers we work with are limited to only those organisations who we have completed checks on and who will only process personal data in compliance with all relevant privacy laws, regulations and guidance.
To understand more about the use of your data by Services Providers, and to find out how to exercise your data protection rights in relation to their use of your data (including how to opt-out), please click through to the websites of the companies below:
A full list of our Services Providers and Clients can be found here
What is our lawful basis for processing your data?
We process your data for marketing purposes under the consent you have provided to our data partners when they collected your data. If you wish to withdraw your consent please contact us and we will globally suppress your details from receiving any further third-party marketing, within 24hrs.
For some processing we rely on our legitimate interest as a business or those of a third-party, provided those interests are not outweighed by your interests, fundamental rights and freedoms.
In each of our data partner’s privacy policies, Mdeg is highlighted as a designated third-party with whom your data will be shared under the data partner’s legitimate interest particularly for fraud prevention, tracing and ID verification. We further process your data for use by our Services Providers under our legitimate interest as a business to provide your data for these purposes.
In specific situations, we may process your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
You have the right to object to this processing and if you wish to do so please inform us by emailing
or by using any of the other contact details at the beginning of this policy.
How long do we keep your data?
We only retain information for as long as it is required for the purpose(s) for which we legitimately use it, or for longer periods if required for legal and regulatory reasons. The period for which we use personal data can vary depending on the contract terms with our data partners.
If we are asked to delete personal data from our files, we fulfil the request within 24 hours. In addition, we will inform the data partner who provided the information to delete it within 7 days and ensure our Services Providers delete the record within 14 days.
How do we keep your data safe?
We take our obligations to keep your personal data safe and secure very seriously. Within Mdeg, access to your personal information is strictly controlled on a ‘need to know’ basis. Staff members are only allowed access to your personal data if they have been sufficiently trained in data handling. We have specific technical controls in place to restrict access and these are monitored regularly.
Where is your data stored?
We store your personal information in an Amazon Web Service cloud environment located in the European Economic Area (EEA). We do not transfer your data to any country that outside this area.
Our clients may transfer your data outside of the EEA only where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any information being processed and compliance with applicable privacy and data protection laws. These measures may include the use of Standard Contractual Clauses.
Your rights in controlling how we use your data
Under data protection law you have rights regarding how we process your data. Please use the contact details listed below to exercise any of your following rights:
Your right of access
You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process. You can read more about this right here.
Your right to rectification
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies. You can read more about this right here.
You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests. You can read more about this right here.
Your right to data portability
This only applies to information you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you. You can read more about this right here.
You are not required to pay any charge for exercising your rights. We have one month to respond to you.
You also have the right to complain to the Information Commissioner’s Office whose address is Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Data Protection Officer
The contact details of our Data Protection Officer:
The Data Protection Officer
63-66 Hatton Garden,