This Privacy Notice applies to you if:
- You browse our website
- Communicate with us via our website e.g. through our Contact Form
- Purchase products or services via our website e.g. webinar or training course.
Personal information we collect and how we collect it
- Identity and Contact Data, including your name, address, telephone number, email address, employer’s name and contact details, job title and function, and other personal data that you choose to provide us as part of your enquiry;
- Financial and Payment Data, including your bank account and other data necessary for processing payments and fraud prevention and debt recovery, including credit/debit card numbers, security code numbers and other related billing information;
- Profile and Usage Data, including passwords to the DPPE website(s) or password protected platforms or services, your preferences in receiving marketing information from us, your communication preferences and information about how you use our websites(s) including the services you viewed or searched for, page response times, download errors, length of visits and page interaction information (such as scrolling, clicks, and mouse-overs);
- Technical Data, including information collected during your visits to our website(s), the Internet Protocol (IP) address, login data, browser type and version, device type, time zone setting, browser plug-in types and versions, operating system and platform;
- Images and video, may be recorded at our events such as a conference;
- Rarely, we may need to process special categories of personal data relating to you in order to comply with our legal obligations and to meet your needs. For example, we collect health information in order to cater for your specific requirements at an event and to ensure your comfort. This sort of information will only be used for these specific purposes.
Special Categories of Personal Data
Special Category Personal Data specifically means personal data relating to race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data.
With the exception of the categories identified below, DPPE does not expect to routinely collect or process special categories of personal data:
- We may need to collect information about a health or medical condition. For example, a disability, hearing or visual impairment where we need to make adjustments or ensure access arrangements at an event in order to meet your specific requirements.
- We may need to collect and record information about a health condition. For example, a dietary requirement at an event where we need to make alternative refreshments available for your needs and comfort.
This sort of information will only be used for these specific purposes.
We do not routinely collect any information about criminal convictions (including offences and alleged offences and any court proceedings or sentence) unless you give this sort of information to us.
Source of your personal information
DPPE expects to collect your personal information directly from you and from third party sources. For example:
- Directly from you: when you join DPPE or provide information via the DPPE Forum;
- Indirectly from third parties: where information is provided by third parties such as your employer as part of the joining process or in connection with the collection of membership subscription fees or event fees.
- Indirectly via our website: from a connection data sent to our webserver by your browser when you connect to the DPPE website.
- Indirectly via web based services: for example, where analytical information is collected through electronic platforms made available to you in connection with services that we provide to you.
Cookies and similar technologies
Information about other people
If you provide information to us about any person other than yourself, your employees, counterparties, your advisers or your suppliers, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.
How will we use your personal information?
- To administer your online enquiry or process your purchase or booking made via our website;
- To process payments, billings and collection of payments;
- We use the logs from our servers to assist in our security, as well as to develop our online strategy. For example, where they have not been disabled, our cookies may be used to improve the user-friendliness of our website, enhance your experience using our website and help us work out which pages are most popular;
- For promotional and marketing purposes.
Legal Basis for processing your personal data
Data protection law requires us to provide you with information about the legal basis for processing your personal data.
If you book an event via our website such as a Conference or webinar, we will require a minimal amount of personal information in order to administer and manage your booking. Our legal basis for processing your personal information is so that we can fulfil the contract between us.
We rely on your specific opt-in consent to process your personal information in the following circumstances:
- to send you electronic direct marketing that you haven’t specifically requested;
- to publish a testimonial you have provided in conjunction with your name;
- to publish an image or video of you where you are the main focus (or your image is accompanied by your name), on our website or on a third-party social networking platform such as LinkedIn, Facebook or Twitter;
- to share your personal data with a third party for their own journalistic purposes;
- to share your personal information with a third party for their marketing purposes.
We may need to use your personal data in order to comply with our legal obligations. For example, in order to comply with VAT rules.
In most other cases, our use of your personal data will be on the legal basis that it is necessary for our legitimate interests, or those of a third party such as an affiliate, providing those interests are not overridden by your own interests or fundamental rights and freedoms. For example:
- We will need to process your personal information in order to respond to and administer your enquiry, correspondence or complaint;
- We may process your personal information for security purposes.
Explicit Consent and Substantial Public Interests Based Upon Law
Rarely, we need to process special categories of personal data such as health or medical information. For example, in order that we can cater for specific dietary needs or a hearing impairment at an event you are attending. We will only process this sort of information with your explicit consent or where it is necessary for reasons of substantial public interest that are based upon a law.
DPPE may process special category personal information where it is necessary to establish, exercise or defence legal claims or where a court is acting in a judicial capacity.
DPPE processes personal data for the purposes of direct marketing and promoting our organisation. However, it will never sell or rent your personal information to a third party, without your consent, for that third party’s marketing purposes.
Where DPPE requires your consent to send you direct marketing, you have the legal right to withdraw that consent at any time.
To withdraw your consent to electronic direct marketing such as emails, please follow the opt-out links on any marketing message sent to you or contact firstname.lastname@example.org.
Withdrawal of consent to receive marketing communications will not affect the processing of personal data for the provision of our membership services because we do not rely upon your consent to provide you with these services. However, by withdrawing or not providing your consent to direct marketing, you may not receive information about DPPE events (both paid for and free events) such as webinars, seminars and training courses.
Disclosure of your personal data
Normally, we wouldn’t expect to share your personal data with another organisation except in the following circumstances:
- with our subsidiary undertakings and/or affiliates for the purposes of providing you with our services as described in this Privacy Notice;
- on a confidential basis with third parties for the purposes of collecting your feedback on our services, to help us measure our performance and to improve and promote our services;
- with service providers who we engage e.g. external software providers and mailers. For example, the DPPE forum platform and the DPPR website. Where we do this, the service providers are contractually required by us to keep your personal data secure and to only process it strictly in accordance with our instructions;
- where you have consented, with third parties for their marketing purposes;
- if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.
Information we transfer outside the European Economic Area (EEA) and the UK
Your information is normally kept within the UK or within the European Economic Area (EEA) and this is a priority for DPPE when choosing where we host and use your information.
On some occasions, we may have to use services that host your information outside of these areas. When this occurs, we will take steps to ensure that your information is protected by only using reputable suppliers that have gone through data protection due diligence checks and ensuring that the transfer complies with relevant data protection law.
If you require more information about this please contact the DPPE Privacy Manager.
How long we keep your personal data
We will only retain your personal data for as long is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and, where required for us to assert or defend against legal claims, until the end of the relevant retention period or until the claims in question have been settled.
For example, records of past members are usually retained for 7 years after they have left DPPE. Beyond this, we will retain your contact details on our database unless you ask us to delete them.
Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.
If you want to learn more about our specific retention periods for your personal data established in our retention policy, you may contact us at email@example.com.Legal Notices