Who controls your information
For the purposes of UK data protection law, including the UK GDPR and the Data Protection Act 2018, MAC WILLIAMSON LTD is the controller of personal data processed through Mac Williamson unless this notice clearly states otherwise. If you contact us through the website, sign in to the demo dashboard, or request information about the product, we are responsible for deciding why that information is used and how it is handled. We keep our legal and operational company information visible because a consumer product should not obscure the business standing behind it.
The kinds of information we may collect
Depending on how you interact with the site, we may collect contact details such as your name and email address, enquiry information you choose to provide, basic technical data about your device and browser, page interaction information, and account-style fields entered into the sign-in modal. In a fuller production environment, this could also include saved food preferences, dietary notes, recipe history, and support records. In the current product state, the dashboard is a front-end demonstration and does not create a live consumer account, but we still describe these categories because they reflect the intended structure of the service.
How we use personal data
We use data to operate the website, respond to enquiries, maintain service security, understand product demand, and improve the usability of the Mac Williamson experience. We may also use information to understand how visitors move through the marketing pages, which product claims are most useful, and where navigation or content can be improved. Where you voluntarily contact us, we use the information you provide to answer your message, follow up on the subject you raised, and maintain a reasonable record of communications. We do not describe personal data use in vague marketing terms; each use should be tied to a practical and legitimate business need.
Lawful bases we rely on
Our lawful bases may include legitimate interests, the performance of a contract or steps taken before entering into a contract, compliance with legal obligations, and consent where the law or good practice requires it. For example, we may rely on legitimate interests to keep the service secure, understand product performance, or respond to ordinary business enquiries. We may rely on contract-related necessity where a user actively requests product access or support. If consent is used for optional analytics or non-essential messaging in a future production version, that consent should be capable of being refused or withdrawn.
Cookies and analytics
The current website is designed to operate without unnecessary complexity. In a live environment, we may use essential cookies or similar technologies to keep the site functioning, understand traffic volumes, and improve performance. If optional analytics or advertising technologies are introduced, we would expect to provide suitable notice and consent mechanisms in line with UK expectations and ICO guidance. We do not treat tracking as a default entitlement. If cookies are expanded later, this notice and the user-facing controls should be updated together so the explanation stays accurate.
Food preferences, dietary notes, and sensitive context
Mac Williamson is designed around meals, allergies, intolerances, and dietary goals. Some of this information may be more sensitive from a privacy perspective because it can reveal lifestyle, health-related concerns, or household patterns. We expect users to share only what is necessary to generate recipes or plans. Where dietary information becomes part of a stored profile in a future live service, we would handle it with an appropriately higher degree of care, limit internal access, and avoid using it for unrelated promotional purposes. Mac Williamson is not a medical service and should not be used to replace clinical advice.
Sharing data with service providers
Like most digital products, we may use specialist providers for hosting, product analytics, customer support, transaction processing, or security operations. Those providers would only receive the information reasonably needed to perform their function, and they would be expected to process it under appropriate contractual terms. We do not sell personal data. We do not describe ordinary vendor use as “partnership” activity because that wording often hides more than it reveals. If a third party has a meaningful role in delivering the service, we believe users should be able to understand that role in plain English.
International transfers
Where personal data is processed outside the United Kingdom, we expect to use recognised transfer safeguards or to rely on a jurisdiction that benefits from adequacy arrangements where available. The specific transfer mechanism depends on the vendor involved and the geography of the services used at the time. If the live product uses providers with cross-border infrastructure, we would document the relevant protections and keep them under review. International transfers should not be treated as a footnote if they are material to how the service works.
Retention
We keep personal data only for as long as reasonably necessary to fulfil the purpose for which it was collected, meet legal obligations, resolve disputes, and maintain appropriate business records. Contact submissions may be retained long enough to answer your enquiry and maintain an orderly record of communications. Product and account-style information would be retained according to the level of service provided, whether the account remains active, and whether there are legal or security reasons to keep a record for longer. Retention should be based on function and obligation, not habit.
Security and responsible handling
We use technical and organisational measures that are appropriate to the scale of the product and the nature of the information involved. That includes limiting access, using reputable hosting infrastructure, monitoring for misuse, and keeping internal handling practices proportionate. No online service can promise absolute security, but we believe a premium consumer product should take care not only in design but also in stewardship. Security decisions should reflect the realities of food, household, and account data rather than assume those details are trivial merely because they are not financial records.
Your rights
Depending on the circumstances, you may have the right to request access to your personal data, ask for correction, request deletion, restrict certain processing, object to certain processing, and request portability where applicable. You may also have the right to complain to the Information Commissioner's Office in the United Kingdom if you believe personal data has been handled improperly. We encourage users to contact us first so we can understand the issue and try to resolve it quickly, but doing so does not remove your right to complain to the ICO.
Children
Mac Williamson is intended for adult consumers managing household cooking and meal planning. We do not intentionally design the service for children or knowingly collect personal data from children without appropriate legal grounds and safeguards. If we become aware that information has been provided by or about a child inappropriately, we expect to review the circumstances and delete the data where required.
Changes to this notice and contact details
We may update this notice from time to time if the product, legal position, or service provider structure changes. Where changes are material, we would expect to present the revised notice clearly through the website. Questions about this Privacy Notice can be directed to MAC WILLIAMSON LTD using the contact details on the site. Mac Williamson is a brand of MAC WILLIAMSON LTD. Registered in Scotland. Company No. SC540455. Registered office: 99 Lilac Wynd, Cambuslang, Glasgow G72 7GH.