Data Protection / Privacy Policy

DCD GROUP OF COMPANIES – PRIVACY POLICY

We have prepared this Privacy Policy to explain how, why and when we collect data from you.

1. Introduction

Your personal information is being processed by Data Centre Dynamics Limited (“DCD”) registered in England with company number 06799556 registered and principal trading address 102-108 Clifton Street, London EC2A 4HW, United Kingdom, on behalf of all companies in the DCD Group of companies. DCD respects your privacy and is committed to protecting your personal information. We comply with the principles of the Data Protection Act 1998 as amended or replaced and the EU Regulation 2016/679 General Data Protection Regulation (“GDPR”). Our aim is to maintain consistently high levels of best practice in our processing of your personal information. This Privacy Policy relates to our use of any personal information you provide to us through the DCD Group network of websites and/or other services provided by DCD or any company in the DCD Group of Companies. To provide you with the full range of services, we may request and/or record information about you. This Privacy Policy explains the following:

  • the type of information we collect;
  • how the information is used;
  • when we may contact you;
  • whether we will disclose your details to anyone else; and
  • rights of access to your data
  • data storage
  • IP addresses and the use of cookies.

DCD´s websites contain hyperlinks to websites owned and operated by third parties. These third-party websites have their own privacy policies and we encourage you to review them. We do not accept any responsibility or liability for the privacy practices of such third-party websites and your use of such websites is at your own risk.

2. What type of personal information is collected?

When you sign up to participate in or receive a service from any DCD website by completing an online form, such as a newsletter, account creation or completing a registration form on a third-party platform for event/webinar registration or completing a survey, we will ask for limited personal information. We will also collect personal information from you when you subscribe to our magazines and when you communicate with us over the telephone or via written correspondence. This can include information such as your name, postal address, telephone or mobile number, fax number, email address, gender or date of birth. By entering your details in the fields requested, you enable DCD to provide you with the services you select.

3. How will the information be used?

DCD will process your personal information for certain legitimate business purposes. Legitimate Interest means the interest of our company in conducting and managing our business to enable us to give you the best service/products and the best and most secure experience. We have an interest in making sure our marketing is relevant for you, so we process your information to send you marketing that is tailored to your interests. We may process your information to protect you against fraud when transacting on our website, and to ensure our website and systems are secure. When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically overwrite your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you, unless we have your consent or are otherwise required to do so by law. The points below set our further detail on some of the ways we process your data:

  1. We may contact you for service-related reasons that you have subscribed to, signed up for, or participate in (e.g. to make you aware of any changes in your subscription, reminding you of a password or username, or about a comment you have made on a website);
  2. To invite you to share your opinions and comments through a research study;
  3. To send operational information, i.e Badge and App info for event attendance
  4. To track traffic flows and to make our websites easier for you to use and to better understand how our websites are used
  5. To fulfil subscription orders, provide information relating to the product you signed up to
  6. To provide a user online community; and for
  7. To determine the effectiveness of promotional campaigns and advertising
  8. Planning and managing our business activities by understanding aggregated analysis on behaviour and habits

4. Will I be contacted for marketing purposes?

The Privacy and Electronic Communications Regulations 2003 (PECR) allows us to make contact to staff members of limited companies, public limited companies, incorporated partnerships, trusts and foundations, local authority and government institutions via business email addresses (corporate subscribers). Under PECR DCD can contact individuals via their corporate email address and we do not need to have their consent or have had any previous dealings with them providing the processing is on a legitimate interest basis, Legitimate Interest being one of the six lawful bases for processing under GDPR, providing there is no disproportionate impact on the rights, freedoms and interests of the data subject concerned. By relying on Legitimate Interest rather than consent to process data, DCD understands we must take on extra responsibility for considering and protecting people’s rights and interests and we guarantee that we will do this. We offer every opportunity for a data subject to ‘Opt Out’ of communications with DCD by using the unsubscribe link at the bottom of all marketing and product emails and by emailing [email protected] The Telephone Preference Service (TPS) and the Mailing Preference Service (MPS) offer consumers important statutory and non-statutory protection against unsolicited marketing contact. If you are registered on either service, DCD will assume that your subsequent submission of personal data via a DCD website or data capture form indicates, for the time being, your consent to receive marketing by us. You may opt-out at ANY time by contacting us at [email protected]

5. Will DCD share my information with anyone else?

DCD may share your data with other companies in the DCD Group of Companies, including our holding company and its subsidiaries. We may disclose your personal data where DCD believes it is compelled to do so by law; for the prevention or detection of crime, the capture or prosecution of offenders; and the assessment or collection of tax or duty. We do not require any further consent from you to share your data in such circumstances and DCD will comply as required with any legally binding request that is made of it. In the event we propose to sell or buy any business assets or any part of our group of companies, we may disclose your personal data to the prospective seller or buyer of such business or assets if relevant, but on a strictly confidential basis. We only ever disclose or share data within the bounds of the law. As part of our terms and conditions, DCD informs attendees to our events and webinars that we will pass personal data to the sponsoring third parties. This is stated at registration with access to the sponsor list. All data is date and time stamped, and should an individual decide not to share data they can email our Data team using [email protected] with their request. DCD will only share data with the Sponsors shown in the list at the time of registration for Events and Webinars. DCD does not share or sell data outside of this condition. Please note that some of our partners may be located outside the European Economic Area (EEA). Countries outside the EEA may not be required to protect personal information as stringent as countries inside. We may compile and share statistics about the use of our websites including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying information.

6. Rights of Access - What personal information DCD holds on me?

Under GDPR you have the right to access your information and to be aware of and verify the lawfulness of processing and receive

  • Confirmation your data is being processed
  • Access to personal data

The purpose of the ‘rights of access’ is for the individual to be aware of and verify the lawfulness for processing. A subject access request will first need to be verified by ‘reasonable means’. An individual will be asked to specify the information the request relates to and this will be free of charge. Where requests are manifestly unfounded or excessive DCD Ltd will

  • Charge a ‘reasonable’ amount taking into account the administrative costs for providing the information
  • Refuse to respond

Information will be provided within one month unless the request is complex. In this case DCD will contact the individual within one month extending the period up to two months with an explanation as to why the extension is necessary. If any of the personal information that we hold about you is incorrect, you can contact us at [email protected] and we will update your details as soon as practically possible.

7. Changes to the DCD Privacy Policy?

This Privacy Policy may be updated at any time with or without notice to comply with new practices, regulations or the general law. Any changes will be immediately posted on our websites and you will be deemed to have accepted the terms of this Privacy Policy on your first use of any of our sites following the alterations. We recommend that you visit this page to keep up-to-date every time you submit personal information to any DCD websites.

8. Where We Store Your Personal Data

The data that we collect from you may be transferred to and stored at a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA working for us or one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing and processing. We will take all steps reasonably necessary to ensure that your data is treated securely, in accordance with your rights and in accordance with this privacy policy. All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site, any transmission is at your own risk.

9. How We Protect Your Data

We have put in place security procedures and technical and organisational measures to safeguard your personal information. Access to all internal servers is limited to the specialist IT and Data personnel.

10. How Long Do We Keep Your Data?

We do not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed. When personal data is no longer required, all reasonable steps will be taken to erase or otherwise dispose of it without delay, however, we are required to keep certain information for audit and tax purposes in which case we hold personal data for up to 6 years.

11. IP Addresses, Cookies and your privacy

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users browsing actions and patterns and does not identify and individual.

To enable us to provide you with a personalised browsing experience, our websites use ‘cookie’ information collection technology. “Cookies” are small pieces of information that are issued to your computer when you enter a website. Cookies are stored by your browser on your computer’s hard drive, and they can be used for a wide range of purposes, such as identifying your computer’s previous visits to a website, and to ascertain the most popular features of a website.

Our websites use cookies as they enable us to identify your computer when you visit the website. For example, cookies can make it possible for us to identify and automatically log in registered users of certain services on the website without the need for us to ask users for their registration details and password each time they visit. We also use cookies to develop a clearer picture of which websites, and which parts of websites are the most popular to its visitors, and your preferences. Cookies are also used in behavioural advertising to identify users who share a particular interest so that they can be served more relevant adverts.

Our websites may place and access certain first party cookies on your computer or device. First party cookies are those placed directly by us and are used only by us. We have carefully chosen these cookies and have taken steps to ensure that your privacy is protected and respected at all times.

By using any DCD websites, you may also receive certain third-party cookies on your computer or device. Third party cookies are those placed by websites, services, and/or parties other than DCD. We use third party cookies on our websites for advertising and marketing purposes. These cookies are not integral to the functioning of DCD´s websites:

Name Description More Information
d.adroll.com AdRoll is the most widely used prospecting and retargeting platform. https://www.adroll.com/en-GB/about/privacy
addthis.com AddThis provides you with tools that collect information from visitors to your website or mobile device application. This information does not directly identify an individual and is instead designed to identify the devices used by your visitors. However, in certain circumstances, the visitor may opt to share their email address with AddThis to facilitate the services. These email addresses are not used for online behavioural advertising. http://www.addthis.com/privacy
adnxs.com Adnxs™ is a portal for Publishers to the AppNexus® online auction exchange used to sell advertising space. https://www.appnexus.com/en/company/privacy-policy
apis.google.com googleapis.com Google APIs is a set of application programming interfaces (APIs) developed by Google which allow communication with Google Services and their integration to other services. This domain is owned by Google. The main business activity is APIs Client Library for Javascript https://www.google.com/policies/privacy/
.adsrvr.org adsvr.org is the ad server for The Trade Desk, a real-time-bidding ad exchange. http://www.adsrvr.org/
.advertising.com ONE by AOL unifies multiple advertising technologies in a simple, open and intelligent solution. And above all else, it drives real results. http://privacy.aol.com/
.adtech.de ONE by AOL: Publishers is a simple, unified programmatic solution designed to help publishers maximize monetization across every format and channel. http://privacy.aol.com/
crdwcntrl.net This domain is owned by Lotame. is a Data Management Platform. Its main purpose of cookies set is Targeting /Advertising. It has products and services that help businesses – marketers, advertising agencies and publishers – engage in interest-based advertising. https://www.lotame.com/privacy/
.bidswitch.net A neutral, one-to-many connection infrastructure for the global programmatic ecosystem http://www.bidswitch.com/policies/
demdex.net This domain is owned by Adobe - Audience Manager. The main business activity is Online profiling for targeted marketing The main purpose of cookies set is Targeting/Advertising http://www.adobe.com/uk/privacy.html
dmp.demdex.net This domain is owned by Adobe - Audience Manager. The main business activity is Online profiling for targeted marketing The main purpose of cookies set is Targeting/Advertising http://www.adobe.com/uk/privacy.html
doubleclick.net DoubleClick uses cookies to improve advertising. Some common applications are to target advertising based on what’s relevant to a user, to improve reporting on campaign performance, and to avoid showing ads the user has already seen. https://support.google.com/ds/answer/2839090?hl=en
exelator.com This domain is owned by Exelate. The main business activity is: Advertising Data Aggregation. The main purpose of cookies set is Targeting/Advertising. http://exelate.com/privacy/opt-in-opt-out/
.eyeota.net We provide marketers with the data they need to reach the right online audiences and cut campaign waste whilst also enabling publishers to monetize their audiences more widely. http://eyeota.net/privacy-policy/
facebook facebook.com This domain is owned by Facebook, which is the world’s largest social networking service. As a third-party host provider, it mostly collects data on the interests of users via widgets such as the ‘Like’ button found on many websites. This is used to serve targeted advertising to its users when logged into its services. In 2014 it also started serving up behaviourally targeted advertising on other websites, similar to most dedicated online marketing companies. https://en-gb.facebook.com/policies/cookies/
freegioip.net freegeoip.net provides a public HTTP API for software developers to search the geolocation of IP addresses. It uses a database of IP addresses that are associated to cities along with other relevant information like time zone, latitude and longitude. https://freegeoip.net/
google.co.uk This domain is owned by Google Inc and is the company’s UK oriented search site. Cookies allow Google websites to remember information that changes the way the site behaves or looks. They can be Security, Processes, Advertising, Session State and Analytics cookies. https://www.google.co.uk/intl/en-GB/policies/privacy/
google.com This domain is owned by Google Inc. Cookies allow Google websites to remember information that changes the way the site behaves or looks. They can be Security, Processes, Advertising, Session State and Analytics cookies. https://www.google.com/policies/privacy/
log.olark.com log.olark.com is a live chat tool https://www.olark.com/privacy-policy
MI314_.com Madison Logic is a B2B lead generation network used by Fortune 500 and uses mI314.com to serve cookies. https://www.mywot.com/en/forum/49662-ml314-com
marketo.com Marketo, Inc. is a marketing automation platform focused on account-based marketing, including email, mobile, social, digital ads, web management and analytics. https://documents.marketo.com/legal/cookies/
mathtag.com MediaMath is a global provider of digital advertising media and data management technology. MediaMath’s proprietary TerminalOne™ platform (the "Platform") activates data, automates execution, and optimizes advertising interactions across addressable media — delivering greater performance, transparency, and control to marketers and a better experience to consumers. http://www.mediamath.com/privacy-policy/
nrpc.olark.com olark.com is a live chat tool https://www.olark.com/privacy-policy
openx.net This domain is owned by OpenX, a programmatic digital advertising exchange platform. The main business activity is Advertising. http://openx.com/legal/privacypolicy/
.pubmatic.com PubMatic is the automation solutions company for an open digital media industry. Featuring the leading omni-channel revenue automation platform for publishers and enterprise-grade programmatic tools for media buyers, PubMatic's publisher-first approach enables advertisers to access premium inventory at scale. https://pubmatic.com/legal/careers-privacy-policy/
plus.google.com This domain is owned by Google Inc. It is a Social Networking Platform. https://www.google.com/policies/privacy/
.rubiconproject.com Rubicon Project is a leading technology company automating the buying and selling of advertising. http://rubiconproject.com/privacy/
linkedin.com This domain is owned by Microsoft. It is a Social Networking Platform. https://www.linkedin.com/legal/privacy-policy
.taboola.com Taboola is the world's leading content discovery platform. https://www.taboola.com/privacy-policy
twitter.com This domain is owned by Twitter Inc. It is a Social Networking Platform. https://twitter.com/privacy?lang=en

12. Contacting DCD about this Privacy Policy

If you have any further questions or comments concerning your privacy, please contact us by email at [email protected] or by ordinary post addressed to:

The Data Controller,
The Data Team,
Data Centre Dynamics Limited,
102-108 Clifton Street,
London,
EC2A 4HW.

Please ensure that your query is clear, particularly if it is a request for information about the data DCD holds about you.

13. Recruitment – For Job Applications

Introduction

As part of any recruitment process, DCD collects and processes personal data relating to job applicants. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations under the Data Protection Act 1998 as amended or replaced and the EU Regulation 2016/679 General Data Protection Regulation (“GDPR”). The purpose of this privacy notice is to make all job applicants aware of how and why we collect and use your personal information, both during and after a job application process.

What information does DCD collect?

The organisation collects a range of information about you. This includes:

  • your name, address and contact details, including email address and telephone number;
  • details of your qualifications, skills, experience and employment history;
  • information about your current level of remuneration;
  • whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process;
  • information about your entitlement to work in the country where the job post is based; and
  • equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health and religion or belief.

The organisation collects this information in a variety of ways. For example, data might be contained in application forms, CVs, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment. DCD will also collect personal data about you from third parties, such as references supplied by former employers, and information from employment background check providers including information from criminal records checks. DCD will seek information from third parties only once a provisional job offer to you has been made and will inform you that it is doing so. Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).

Why does DCD process personal data?

The organisation needs to process data to take steps at your request prior to entering into a contract with you. It also needs to process your data to enter into a contract with you. In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the UK before employment starts.

The organisation has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the organisation to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. DCD may also need to process data from job applicants to respond to and defend against legal claims. DCD processes health information if it needs to make reasonable adjustments to the recruitment process for candidates who have a disability. This is to carry out its obligations and exercise specific rights in relation to employment. Where the organisation processes other special categories of data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is for equal opportunities monitoring purposes. For some roles, the organisation is obliged to seek information about criminal convictions and offences. Where the organisation seeks this information, it does so because it is necessary for it to carry out its obligations and exercise specific rights in relation to employment. The organisation will not use your data for any purpose other than the recruitment exercise for which you have applied.

Who has access to data?

Your information will be shared internally for the purposes of the recruitment exercise. This includes members of the HR department, interviewers involved in the recruitment process, managers in the department with a vacancy and IT contractors if access to the data is necessary for the performance of their roles. The organisation will not share your data with third parties unless your application for employment is successful and it makes you an offer of employment. The organisation will not transfer your data outside the European Economic Area.

How does the organisation protect data?

The organisation takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.

For how long does the organisation keep data?

If your application for employment is unsuccessful, the organisation will hold your data on file for twelve months after the end of the relevant recruitment process. If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. When your employment ends, DCD will retain your employment records for up to 6 years due to audit and tax purposes.

Your rights

As a data subject, you have a number of rights. You can:

  • access and obtain a copy of your data on request;
  • require the organisation to change incorrect or incomplete data;
  • require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
  • object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing; and
  • ask the organisation to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the organisation’s legitimate grounds for processing data.

If you would like to exercise any of these rights, please contact [email protected]. If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner.

What if you do not provide personal data?

You are under no statutory or contractual obligation to provide data to the organisation during the recruitment process. However, if you do not provide the information, the organisation may not be able to process your application properly or at all.