Privacy Policy

Data protection information for the website www.mhk.co.uk in accordance with Art. 13 GDPR

We are pleased that you are visiting our website. We respect your privacy. Data protection and data security when using our website are very important to us. We would like to inform you with this data protection notice about the processing of your personal data in connection with our website.

Name and address of the person responsible

The controller within the meaning of the General Data Protection Regulation (GDPR) and other data protection regulations is

MHK UK LTD

Bloxham Mill

Barford Road

Bloxham OX15 4FF

United Kingdom

Phone: +44 1295 4081 54

E-mail: info@kichen-experts.co.uk

General information on data processing

Legal basis for the processing of personal data

We would like to inform you about the basics of our data processing, as required by Art. 13 GDPR:

If we ask for your consent, we refer to Art. 6 para. 1 lit. a GDPR.
When it comes to processing your data in order to provide our services, fulfil contracts or respond to your enquiries, we rely on Art. 6 para. 1 lit. b GDPR.
We rely on Art. 6 para. 1 lit. c GDPR to fulfil our legal obligations.
If the processing is necessary for the performance of a task - which has been assigned to the controller - or is in the public interest or is carried out in the exercise of official authority, Art. 6 para. 1 lit. e GDPR is the legal basis.
Sometimes we have to process your data in order to protect the legitimate interests of our company or a third party - of course only if your rights do not outweigh this. In such cases, our basis is Art. 6 para. 1 lit. f GDPR.

Data erasure and storage duration

We adhere to the principles of data minimisation in accordance with Art. 5 para. 1 lit. c GDPR and storage limitation in accordance with Art. 5 para. 1 lit. e GDPR. We only store your personal data for as long as is necessary to achieve the purposes stated here or as provided for by the retention periods stipulated by law. After the respective purpose no longer applies or after these retention periods have expired, the corresponding data will be deleted as quickly as possible.

External links

This website may contain links to third-party websites or to other websites under our responsibility. If you follow a link to a website outside our responsibility, please note that these websites have their own data protection information. We accept no responsibility or liability for these third-party websites and their data protection notices. Therefore, before using these websites, please check whether you agree with their data protection declarations.

You can recognise external links either by the fact that they are displayed in a different colour from the rest of the text or underlined. Your cursor will show you external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the destination of the link. In particular, the operator of the other website receives your IP address, the time at which you clicked on the link, the page on which you clicked on the link and other information that you can find in the data protection information of the respective provider.

Please also note that individual links may lead to a data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not have any legal remedies against this data access. If you do not want your personal data to be transferred to the link destination or even exposed to unwanted access by foreign authorities, please do not click on any links.

Rights of the data subject

We would like to explain to you what rights you have when it comes to your personal data. These rights are set out in the General Data Protection Regulation (GDPR):

Right to information (Art. 15 GDPR): You may find out what data we have stored about you, why we store it and to whom it is passed on. In the case of a request for information that is not made in writing, we ask for your understanding that we may then require proof from you that you are the person you claim to be.
Right to authorisation (Art. 16 GDPR): If something is wrong with your data, you can ask us to correct it.
Right to erasure (Art. 17 GDPR): You can request that we erase your data if there is no longer a good reason to store it.
Right to restriction of processing (Art. 18 GDPR): Sometimes you may not want us to delete your data completely, but neither do you want us to actively use it. In this case, you can ask us to restrict the processing of your data.
Right to object (Art. 21 GDPR): If we use your data for certain purposes, you can object to this. You always have the right to say no, especially in the case of direct marketing.
Right to data portability (Art. 20 GDPR): You can receive your data in a commonly used format and have it transferred to another service.
Right to lodge a complaint with a supervisory authority: If you believe that we are not handling your data correctly, you can lodge a complaint with a data protection authority. In particular, you can lodge a complaint with a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.
Right to withdraw consent: If you have authorised us to use your data, you can withdraw this permission at any time.

Provision of the website (web host)

Our website is hosted by:

Timme Hosting GmbH & Co KG
Ovelgönner Weg 43, 21335 Lüneburg
Germany

When you visit our website, we automatically collect and store information in so-called server log files. Your browser automatically transmits this information to our server or to the server of our hosting company.

These are:

IP address of the website visitor's end device
Device used
Host name of the accessing computer
Operating system of the visitor
Browser type and version
Name of the retrieved file
Time of the server request
Amount of data
Information on whether the retrieval of the data was successful

This data is not merged with other data sources.

Instead of operating this website on our own server, we can also have it operated on the server of an external service provider (hosting company), which in this case we have named above. The personal data collected by this website is then stored on the hosting company's servers. In addition to the data mentioned above, the web host also stores contact requests, contact data, names, website access data, meta and communication data, contract data and other data generated via a website for us, for example.

The legal basis for the processing of this data is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is the technically error-free presentation and optimisation of this website. If the website is accessed in order to enter into contractual negotiations with us or to conclude a contract, another legal basis is Art. 6 para. 1 lit. b GDPR. In the event that we have commissioned a hosting company, there is an order processing contract with this service provider.

Use of local storage items, session storage items and cookies

Our website uses local storage items, session storage items and/or cookies.

Local storage is a mechanism that enables the storage of data within the browser on your end device. This data usually contains user preferences, such as the "day" or "night" mode of a website, and is retained until you delete the data manually. Session storage is very similar to local storage, whereas the storage period only lasts during the current session, i.e. until the current tab is closed. The session storage items are then deleted from your end device. Cookies are information that a web server (server that provides web content) stores on your end device in order to be able to identify this end device. They are either stored temporarily for the duration of a session (session cookies) and deleted at the end of your visit to a website or permanently (permanent cookies) on your end device until you delete them yourself or they are automatically deleted by your web browser.

These objects may also be stored on your device by third-party companies when you visit our website (third-party requests). This enables us as the operator and you as a visitor to this website to utilise certain third-party services that are installed on this website. Examples of this include the processing of payment services or the display of videos.

These mechanisms can be used in a variety of ways. They can improve the functionality of a website, control shopping basket functions, increase the security and convenience of website use and carry out analyses of visitor flows and behaviour. Depending on the individual functions, they must be categorised under data protection law. If they are necessary for the operation of the website and intended to provide certain functions (shopping basket function) or serve to optimise the website (e.g. cookies to measure visitor behaviour), they are used on the basis of Art. 6 para. 1 lit. f GDPR. As the website operator, we have a legitimate interest in the storage of local storage items, session storage items and cookies for the technically error-free and optimised provision of our services. In all other cases, local storage items, session storage items and cookies are only stored with your express consent (Art. 6 para. 1 lit. a GDPR).

If local storage items, session storage or cookies are used by third-party companies or for analysis purposes, we will inform you about this separately in this data protection notice. Your required consent will be requested and can be revoked at any time.

Use of external services

External services are used on our website. External services are services from third-party providers that are used on our website. This can be done for various reasons, for example for embedding videos or for the security of the website. When using these services, personal data is also passed on to the respective providers of these external services. If we do not have a legitimate interest in the use of these services, we will obtain your consent as a visitor to our website, which can be revoked at any time, before using them (Art. 6 para. 1 lit. a GDPR).

Consent Management

To comply with data protection requirements, we use a consent management tool on our website. We use this tool to obtain the necessary consent for the setting of cookies or the use of external services. The consents are stored.

The processing is necessary for the fulfilment of a legal obligation to which the controller (operator of the website) is subject. Art. 6 para. 1 lit. c GDPR is therefore used as the legal basis for processing.

TYPO3 Cookie Manager

We use the TYPO3 Cookie Manager service on our website. The provider of the service is the TYPO3 Association, Sihlbruggstrasse 105, 6340 Baar, Switzerland.

As this service is hosted locally on the web server, there is no data transfer to third parties.

Content Management System

A content management system enables the creation, editing, organisation and presentation of digital content. We use a content management system to create content for our website. This enables us to design a more appealing website.

We base this processing on a legitimate interest (Art. 6 para. 1 lit. f GDPR).

Our legitimate interest lies in the technically error-free presentation and optimisation of the website.

TYPO3 CMS

We use the TYPO3 CMS service on our website. The provider of the service is the TYPO3 Association, Sihlbruggstrasse 105, 6340 Baar, Switzerland.

As this service is hosted locally on the web server, there is no data transfer to third parties.

Name: fe_typo_user

Storage period: session

Type: 1st party, cookie

Purpose: This cookie is used to identify a session ID of the current user when logged into the TYPO3 frontend.

Interface software

Business processes are cheaper, faster and more error-free if they are automated with the help of software via interfaces. This allows them to be efficiently integrated into company processes via your own website or social networks. We use interface software on our website to link different applications with each other and to transfer personal data securely from one application to another.

Processing will only take place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data will not be processed in the manner described above. If you withdraw your consent (e.g. via the consent banner or other options provided on this website), we will terminate this data processing. This does not affect the legality of the processing carried out up to the point of withdrawal.

Google Tag Manager

We use the Google Tag Manager service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data being transferred to a third country (USA). The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

Video/music service

Audio and videos are integrated on our website. These are retrieved from the server of our provider, the so-called audio or video platform. In order to be able to play an audio or video, your end device establishes a connection with the audio or video platform and transmits personal data to it. This includes, in particular, the IP address, any location data or information about the user's browser and end device.

Flowplayer

We use the Flowplayer service on our website. The provider of the service is Flowplayer AB, Regeringsgatan 29, 111 53, Stockholm, Sweden.

As this service is hosted locally on the web server, there is no data transfer to third parties.

Name: flowplayerTestStorage

Storage period: Permanent

Type: 1st-Party, Local Storage ()

Purpose: Used to provide information about the flow player status of the visitor, which determines whether the visitor accesses media content or not on the website.

Advertising and marketing tools

Tools are used on our website that facilitate or enable the placement of advertisements and the evaluation of the success of ads placed. Personal data is processed for this purpose, in particular the IP address, access times and device information.

In addition, browsing behaviour, page views, dwell time, conversions, interactions with advertisements, demographic data and interest profiles are processed. The tools enable cross-device tracking, remarketing, lookalike audience creation and personalised advertising.

Processing will only take place if you consent to this data processing (via our consent banner on the website). The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR). Without your consent, data will not be processed in the manner described above. If you withdraw your consent (e.g. via the consent banner or other options provided on this website), we will terminate this data processing. This does not affect the lawfulness of the processing carried out up to the point of withdrawal.

Meta Ads (Facebook Ads)

We use the Meta Ads service with Meta Pixel on our website. The provider of the service is Meta Platforms Ireland Limited, Merrion Road, Dublin 4, D04 X2K5, Ireland.

Processed data: IP address, device information, browser data, page views, dwell time, conversions, custom audiences, lookalike audiences, demographic data.

We would like to point out that Meta stores and processes the data.

Purposes: Personalised advertising on Facebook, Instagram, WhatsApp and Messenger, remarketing, conversion tracking, A/B testing, target group creation.

Third country transfer: The use of the service results in a data transfer to the USA. Meta Platforms, Inc. is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection for certified processing operations.

Storage period: cookies up to 2 years, conversion data up to 7 years.

The service uses the following cookies on our website:

Name: _fbp

Storage duration: 90 days

Type: 1st-Party

Purpose: This cookie is used to provide you with more relevant advertising on Facebook.

Name: lastExternalReferrer

Storage duration: persistent

Type: 1st-PartyLocal Storage

Purpose: This cookie is used for attribution purposes. It allows us to determine which link or page a user used to reach the current page.

Name: lastExternalReferrerTime

Storage duration: persistent

Type: 1st-Party Local Storage

Purpose: Determines how the user reached the website by registering their last URL address.

Name: datr

Storage Duration: ~2 years

Type: 1st party

Purpose: Security: Detects suspicious activity such as login attempts, bot traffic, and helps protect user accounts

Name: sb

Storage Duration: 1–2 years

Type: 1st party

Purpose: Security & Marketing: Stores browser details, helps identify devices, and supports account

Further information can be found in Meta's data protection information at: https://www.facebook.com/privacy/policy

Google Ads

We use the Google Ads service with Google Tag Manager and Google Analytics on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Processed data: IP address (anonymised), device information, browser data, search histories, page views, conversions, interest categories, demographic data.

Purposes: Search adverts on Google, display advertising on the Google network, YouTube adverts, remarketing, conversion tracking, keyword performance analysis.

Third country transfer: The use of the service results in a data transfer to the USA. Google LLC is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an appropriate level of data protection for certified processing.

Storage period: cookies up to 2 years, analytics data up to 14 months (configurable).

The service uses the following cookies on our website:

Name: _gcl_ls

Storage duration: persistent

Type: 1st-Party Local Storage

Purpose: Stored by Google Ads on the local device.

Name: _gcl_au

Storage Duration: 90 days

Type: 1st party

Purpose: Google Ads conversion tracking and campaign performance

Further information can be found in Google's data protection information at: https://policies.google.com/privacy

LinkedIn Ads

We use the LinkedIn Ads service with LinkedIn Insight Tag on our website. The provider of the service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Processed data: IP address, device information, browser data, professional information (if LinkedIn profile available), page views, conversions, company sizes, job titles.

Purposes: Personalised business advertising on LinkedIn, account-based marketing, lead generation, conversion tracking, professional targeting.

Third country transfer: The use of the service results in a data transfer to the USA. LinkedIn Corporation is certified under the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection for certified processing.

Storage period: cookies up to 2 years, conversion data up to 6 months.

The service uses the following cookies on our website:

Name: __cf_bm

Storage Duration: ~30 minutes

Type: 3rd party

Purpose: Bot management and security (Cloudflare)

Name: AnalyticsSyncHistory

Storage Duration: 30 days

Type: 1st party

Purpose: Stores timestamp of analytics cookie synchronization

Name: bcookie

Storage Duration: 2 years

Type: 1st party

Purpose: Browser ID for security and fraud prevention

Name: li_sgr

Storage Duration: Session

Type: 1st party

Purpose: Likely for server routing and load balancing

Name: bscookie

Storage Duration: 2 years

Type: 1st party

Purpose: Secure browser ID for authentication

Name: UserMatchHistory

Storage Duration: 30 days

Type: 1st party

Purpose: Retargeting and ad optimization

Name: lidc

Storage Duration: 24 hours

Type: 1st party

Purpose: Load balancing across LinkedIn servers

Name: li_gc

Storage Duration: 6 months

Type: 1st party

Purpose: Stores user’s cookie consent preferences

Further information can be found in LinkedIn's data protection information at: https://www.linkedin.com/legal/privacy-policy

Cross-platform tracking:

These services can combine data across platforms and create cross-device user profiles. This enables personalised advertising across different websites and apps.

Automated decision making:

All services use algorithms for automated decisions regarding advertising playout, bidding strategies and target group segmentation. You have the right not to be subject to a decision based solely on automated processing (Art. 22 GDPR).

Analytics

We process the personal data of website visitors in order to analyse user behaviour. By analysing the data obtained, we are able to compile information about the use of the individual components of our website. This enables us to increase the user-friendliness of our website. The analysis tools used can be used, for example, to create user profiles for the display of targeted or interest-based advertising messages, to recognise our website visitors the next time they visit our website, to measure their click/scroll behaviour, their downloads, to create heat maps, to recognise page views, to measure the duration of visits or bounce rates and to trace the origin of website visitors (city, country, which page the visitor comes from). The analysis tools help us to improve our market research and marketing activities.

Google Analytics

We use the Google Analytics service on our website. The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Further information can be found in the provider's data protection information at the following URL: https://business.safety.google/privacy.

The service uses the following cookies on our website:

Name: _ga

Storage period: 400 days

Type: 1st party, cookie

Purpose: Contains a randomly generated user ID. Based on this ID, Google Analytics recognises returning users on this website and merge the data from previous visits.

Name: _ga_NCL2R7ECDH

Storage period:400 days

Type. 1st-party, cookie

Purpose: Collects data on how often a user has visited a website, as well as data for the first and last visit.

Contact form

You have the option of contacting us via a contact form on our website. In particular, your contact details are required to contact us via this form.

If you give your consent, the legal basis is Art. 6 para. 1 lit. a GDPR. This can be revoked at any time.

If you send enquiries about our products, services or our company, the processing is carried out for the purpose of contract fulfilment or pre-contractual measures in accordance with Art. 6 para. 1 lit. b GDPR. There may also be a legitimate interest in maintaining business relationships or responding to your enquiry for other reasons. The legal basis for the processing of your data in this case would be Art. 6 para. 1 lit. f GDPR.

The data will be deleted when we have finally answered your enquiry and there are no other retention obligations to the contrary.

Contact by telephone or e-mail

We have provided a telephone number and email address on our website in accordance with legal requirements. The data transmitted via these channels is automatically stored by us in order to process corresponding enquiries or to be able to contact the person making the enquiry. We will not pass this data on to third parties without your consent.

If contact is made by telephone or via our e-mail address for pre-contractual or contractual purposes, the processing of personal data is based on the legal basis of Art. 6 para. 1 lit. b GDPR. For all other contact on your part , the processing of personal data by us is based on our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.

Up-to-dateness and amendment of this data protection notice

This data protection notice is currently valid and is dated 25/07/2025.

It may become necessary to amend this data protection notice as a result of the further development of our website and services or due to changes in legal or official requirements.