Last updated 23rd May 2018
The mac2cash.com web site (referred to as ‘the Site’) is operated by The Bookyard Ltd. (referred to as ‘We’/‘Us’/‘Our’) who act as the data processor and whose principal place of business is at: ‘Unit 18 Matchworks, 140 Speke Road, Liverpool L19 2RF ‘ We can be contacted on 03456 800 256 or via firstname.lastname@example.org
This policy informs the user of the Site (referred to as ‘You’/’Your’) of the procedures and security measures We employ to comply with the General Data Protection Regulations (GDPR).
Where the Site contains links to other web sites, these other site are not governed by this policy and You should view the particular privacy policies of those sites for further information.
Personal information is data that can be used to identify or contact a single person.
You will be asked to provide the following pieces of personal information when booking in a device on the Site or when making contact with Us through the Site contact form.
1) Booking info
Personal information gathered during the Site booking process is used solely for the purpose of providing the requested service as follows.
Where You select a UPS service for shipment of Your device to Us or We need to return Your device to you for any reason, Your name, address, telephone number and email address will be supplied to UPS to facilitate collection & shipping.
Where cheque payment is chosen as Your preferred payment method, Your address will be used to post payment.
Where PayPal payment is chosen as Your preferred payment method, Your PayPal email address will be used to send payment.
Where BACS payment is chosen as Your preferred payment method, Your bank details (account name, account number & sort code) will be used to make payment.
Your email address will be used to provide status updates during the processing of Your booking up until payment has been made.
Your email address and telephone number may be used to contact you if there is a query or problem processing Your job.
In the event of an insurance claim for loss or theft of equipment, We may provide a copy of the booking confirmation email, containing all Your booking information, to Our insurance company as proof of ownership.
We do not use Your personal information for unsolicited correspondence.
Personal information gathered during the Site booking process constitutes Our proof of purchase from You and proof of ownership, therefore We retain this information indefinitely unless otherwise instructed.
2) Enquiry info
Personal information transferred to Us by email via the Site contact form is only used to provide email replies to Your query. Since these enquiries often form part of the agreed terms for a subsequent booking, We retain these emails for at least 5 years unless otherwise instructed.
We do not use Your personal information for unsolicited correspondence.
We take the security of Your personal information very seriously. Our Site operates via https and We protect Your personal information during transit using encryption such as Transport Layer Security (TLS).
When Your personal data is stored by Us, We use computer systems with limited access housed in data facilities using physical security measures. Our data centre is operated by UK Servers Ltd. and their GDPR statement can be seen at https://www.ukservers.com/gdpr-statement
Any paper printout containing Your personal information including shipping labels or order confirmation emails are destroyed by cross-cut shredder.
Under EU data protection law, You can make an Access Request for a report on all personal data We hold for you, and We will execute this in a timely manner.
You may also request that We delete all the personal data We store for you and We will comply where We are not required to retain the data by law or for legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. We may also decline aspects of deletion or access requests if We believe doing so would undermine Our legitimate use of data for anti-fraud and security purposes as described earlier. Access and deletion requests should be made directly to email@example.com.
If you want to disable cookies and you’re using the Safari web browser, go to Safari preferences and then to the privacy pane to manage Your preferences. On Your Apple mobile device, go to Settings, then Safari, scroll down to the Privacy & Security section, and tap on “Block Cookies” to manage Your preferences. For other browsers, check with Your provider to find out how to disable cookies. Please note that certain features of the Apple website will not be available once cookies are disabled.
As is true of most internet services, We gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites,, operating system and date/time stamp.
We use this information to understand and analyse trends, to administer the site, to learn about user behaviour on the site, to improve Our service, and to gather demographic information about Our user base as a whole.
In some of Our email messages, We may use a “click-through URL” linked to content on the Site. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on Our website. We track this click-through data to help Us determine interest in particular topics and measure the effectiveness of Our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
We advise You to erase all personal information from any device booked in the Site before shipping it to Us due to the risk of loss of data during transit by courier (hardware is insured). However, We employ strict data handling procedures for all devices We receive and all storage device are securely erased or destroyed within 20 days of receipt. To comply with our data protection regulations, in the event that an issue arised requiring us to contact you and we are unable to make contact via the telphone number or email address supplied at the time of booking, all data on the device will be securely erase within 20 days, or where the device cannot be erased due to a fault, we will physically destroy the hard disk, SSD or logic board containing any potential data. Our device disposal and data security processes are certified by, and regularly audited by ADISA, the gold standard in the asset disposal industry.
NOTE : ADISA do not certify the use of couriers due to the increase risk of loss, and therefore Our service is only certified to the ADISA standard from the point at which Your device arrives at Our premises. In selecting a UPS service on the Site, You are accepting any liability for the loss of data during transit.
Upon delivery to Our secure, alarmed (police response) premises, all devices are transferred directly to Our “hot zone” cage where they remains until securely erased. This area and access to it is under 24/7 CCTV coverage and access is restricted to Our DBS checked, vetted engineers.
Unless otherwise instructed all data bearing devices and storage media will be data sanitised as follows:
Functioning hard disk : 7-pass DoD 5220.22-M ECE secure erase
Functioning SSD : 2-pass random pattern secure erase
Faulty 2.5” hard disk : Punched through shattering glass platter
Faulty 3.5” hard disk : Removed platters destroyed by high speed spin abrading
Faulty SSD : Destroy by drilling through center of each memory chip
iPhones/iPads : Factory reset
Optical disks : Shredded to 4mm x 38mm pieces
If the storage medium within any data carrying asset cannot be sanitised in line with the default method, the storage medium will be physically destroyed to ensure data security.
If any additional data media is found within the collection (e.g. cards/usb/disks), the storage item will be assigned it’s own asset ID and You will be contacted to determine whether you require the device back or whether it should be sanitised.