Marichen Mortimer & Associates Privacy Policy stops your information from being sold to 3rd parties or otherwise made vulnerable to attack.


This is Marichen Mortimer's GDPR compliant privacy policy (as at Dec 2019): we protect your information fiercely and ethically.

When potential clients contact us via phone or e-mail or they enquire / follow via any of the automated mechanisms available, including newsletter subscription and social media, or they become a client, we clearly have access to contact information to allow us to contact them back, quote them, book them into our calendar, ask for satisfaction surveys or send out newsletters or other marketing material. This includes information generally classed as personally identifiable to you as an individual: name, e-mail address, contact telephone number/s, nature of business, bank and web address.

By virtue of the fact that you connect with us or provide us with any personal info, you are consenting to us collecting, storing and using your information. If you don't consent, kindly do not contact us, subscribe, follow us, or provide us with your information.

At MM&A we respect the privacy of information, treat it with absolute confidentiality and we will never share, sell or pass on your private / contact information to any 3rd party not directly linked with the management and marketing of Marichen Mortimer & Associates.

Your information is protected by administrative processes, electronic cyber secutiry systems and physical security measures on our premises.

You are within your rights to withdraw any consent previously granted, or inferred, regarding your info. You'll always be presented with the opportunity to unsubscribe from our letters via the UNSUBSCRIBE mechanism or by sending us an e-mail that requests us to remove you (we will send you a confirmation; if we don't we did not receive your e-mail). We will respond by deleting all information we have about you (unless we are required by law to retain any) and you won't receive further communications.

In our work with corporates especially, we also gain insight into their most closely guarded strategies and we sign a non-disclosure agreement (NDA) where required.

Please rest assured: our privacy policy and personal and business ethics will always solidly protect your valuable information, regardless.


Marichen Mortimer is the registered Information Officer for MM&A. She is responsible (and liable) for all compliance duties, working with the Regulator, establishing procedures, and training any team members in awareness and compliance.

The personal information MM&A is given by clients, prospective clients and followers include Name, E-mail Address, Contact Numbers, Business name & information, Bank info, website address and other personal and corporate information, in order to allow us to do the work we are asked to do. This information is stored digitally across e-mails, a subscriber database, on our website (e.g. where clients have provided a testimonial about the work we've completed, which is ALREADY in the public domain).

The information we keep is strictly relevant and not excessive for the purpose of being able to coach and consult with the client on the internet and in person as contracted to do. ONLY information absolutely required to do this effectively is requested and kept legitimately for as long as the client requires our support and/or where the law requires us to keep records.

We will never sell or share private information with 3rd parties not specifically contracted to assist with the digital marketing of the client in question.

MM&A secures the integrity and confidentiality of personal information in our possession or under our control by taking appropriate, reasonable technical and organisational measures to prevent unlawful access to, loss of, damage to or unauthorised destruction thereof. We take steps to establish and maintain appropriate safeguards against those risks, including cyber-attacks.

Our incident response plan is to report any actual or suspected breaches (security compromises) as soon as reasonably possible to both the Information Regulator and the data subject/s involved.

Where third parties (“operators”) hold or process any personal information for you (e.g. e-newsletter facilitators), they should act only with our authority, treat the information as confidential, and have in place all the above security measures.

The information we hold is kept behind digital security measures such as passworded log-ins and physical security measures such as an alarm system, beams and armed response.

All previous, current and past suppliers, employees and clients have the right to participate in their data and can e-mail the Information Officer to request that their information be updated, deleted, destroyed, objected to or to raise complaints if required.

Although only the information officer currently has access to private information stored, where it becomes relevant, staff members will be trained accordingly.

As a small business that does not employ more than 50 persons, does not exceed turnover threshold defined for the industry, and is managed by a sole proprietor, MM&A is exempt from having a s51 PAIA Manual.

Here are all the systems, technology and programmes we use in serving our clients, prospective clients & subscribers: All of MM&A's documents and emails are stored directly with Microsoft (adhering to all Microsoft standards) on OneDrive, SharePoint and MS Exchange. End-users' laptops are password secured as well as firewalled and running business Grade AVG Anti-Virus. There are multiple offline copies of all cloud data stored on separate devices, and disaster recovery will occur primarily from the Cloud based solutions at Microsoft (OneDrive, SharePoint and MS Exchange) with possibility of reverting from offline copies should anything catastrophic occur at Microsoft. Herewith a list of programs used: Adobe Acrobat Reader, AVG Business Anti-Virus, Microsoft Office 365 (MS Word, Excel, Outlook, Power Point), Microsoft Teams, Skype, Whatsapp, Zoom, Microsoft Windows 10, TouchBasePro, browsers like Firefox, Edge & Chrome, Facebook, Google, Samsung browser / contacts / email & Facebook (also Business suite).

We can therefore confirm that we use Anti-Virus software, user access controls, back-ups and encryption where provided.

MM&A collects via e-mail, phone call and coaching / consulting session and newsletter subscription information needed to serve our clients. The processes around the storage and duration of storage of such private information is solely dictated by what we need to be able to provide the support for as long as the data owner requires our support.