ABOUT THIS NOTICE
International In-house Counsel Journal Ltd is committed to protecting the
privacy and security of your personal information. This privacy notice
describes how we collect and use personal information about you in
accordance with data protection law. Please read it carefully.
Data protection law says that the personal information we hold about you
must be:
-
Used lawfully, fairly and in a transparent way.
-
Collected only for valid purposes that we have clearly explained to you and
not used in any way that is incompatible with those purposes.
-
Relevant to the purposes we have told you about and limited only to those
purposes.
-
Accurate and kept up to date.
-
Kept only as long as necessary for the purposes we have told you about.
-
Kept securely
If you have any questions about this notice or how we collect and use
personal information about you please contact us.
1 INFORMATION ABOUT US
1.1 We are International In-house Counsel Journal Ltd. Our
registered office is at Salisbury House, Station Road, Cambridge, CB1 2LA,
United Kingdom and our registered company number is
6187841.
1.2 If you have any questions, our contact details are:
1.2.1 Salisbury House, Station Road, Cambridge, CB1 2LA, United
Kingdom
1.2.2 +44 1223 750 755
2 CONTRACT INFORMATION AND OTHER CORRESPONDENCE
2.1 When
you enter into a contract with us (or someone does so on your
behalf) there will be personal information about you relating to that
contract such as your name, contact details, contract details, delivery
details, and correspondence with us about the contract.
2.2 We need certain information to carry out our contract with
you and you must provide this in order to enter into a contract with us (or
as required under that contract), if you do not, we may not be able to carry
out our contract with you. Mandatory information fields are generally set
out when you are entering into the contract, but in particular, you must
provide the following information:
2.2.1 Your name and contact details.
2.2.2 Your delivery address.
2.2.3 Your payment details.
2.2.4 Information to verify your identity and other information
for us to carry out anti money laundering checks.
2.3 Other correspondence or interaction (for
example by email, telephone, post, SMS or via our website) between you and
us, will include personal information (such as names and contact details) in
that correspondence. This may include enquiries, reviews, follow-up comments
or complaints lodged by or against you and disputes with you or your
organisation.
2.4 Call information. We may also collect details of
phone numbers used to call our organisation and the date, time and duration
of any calls. Please note that we may record your calls to or from us for
quality and training purposes.
2.5 We will keep and use that information to carry out our
contract with you (if applicable), to comply with any legal requirements for
us to maintain certain records or carry out certain verifications, and/or
for our legitimate interests in dealing with a complaint or enquiry and
administering your (or your organisation’s) account or order and any
services we offer, as well as to review and improve our offerings, including
troubleshooting, data analysis, testing, research, statistical and survey
purposes.
2.6 If you work for one of our customers, suppliers or business
partners, the information we collect about you may include your contact
information, details of your employment and our relationship with you. This
information may be collected directly from you, or provided by your
organisation. Your organisation should have informed you that your
information would be provided to us, and directed you to this policy. We use
this as necessary for our legitimate interests in managing our relationship
with your organisation. If we have a business relationship with you or your
organisation, we may receive information about you from your organisation.
2.7 Where your information relates to a contract, it
is kept for a period of up to 7 years after your account is closed to enable
us to deal with any after sales enquiries or claims and as required for tax
purposes and may be stored in our archive for reference purposes for as long
as our business need.
3 MARKETING
3.1 Wilmington businesses may collect your name and contact
details (such as your email address, phone number or address) based on
legitimate interests or consent in order to send you information about our
products and services which you might be interested in or have requested to
receive.
3.2 Wilmington businesses retain your details on their
marketing lists until you “opt-out” at which point they add you to their
suppression list. We keep that suppression list indefinitely to comply with
our legal obligations to ensure we don’t accidentally send you any more
marketing.
3.3
Further information on this process is available on each
businesses privacy policy online. contact details. For any queries please
contact us at
info@iicj.net
4 WEBSITE INFORMATION
4.1 We
may collect information about you and your use of our website via
technical means such as cookies, webpage counters and other analytics tools.
We use this as necessary for our legitimate interests in administering our
website and to ensure it operates effectively and securely.
4.2 For detailed information on the cookies we use and the
purposes for which we use them see our Cookie Notice.
4.3 We keep this website information about you from when it is
collected until the relevant cookie expires or you disable it.
4.4 Our website may, from time to time, contain links to third
party websites, plug-ins and applications. Clicking on those links or
enabling those connections may allow third parties to collect or share data
about you. We do not control these third party websites and are not
responsible for their privacy statements. When you leave our website, we
encourage you to read the privacy notice of every website you visit.
5 INVESTORS
5.1 Personal data will be processed to maintain the Register of
members and enable trading on the London Stock Exchange.
5.2 We may use your personal data to administer ordinary WIL
shares held on the Register; to process dividend payments; to send
correspondence on voting, elections and Annual reports.
5.3 This information is kept for the duration of your entry on
the Register of Members and for a period of up to 12 years following your
last entry on the Register or completion of service.
6 INFORMATION COLLECTED AT OUR PREMISES
6.1 Visitor
information. We collect information about visitors to
our premises. We may record information on your visit, including the date
and time, who you are visiting, your name, employer, contact details and
vehicle registration number. If you have an accident at our premises, this
may include an account of your accident.
6.2 CCTV. We
may operate CCTV at our premises which may record you and your activities.
We display notices to make it clear what areas are subject to surveillance.
We only release footage following a warrant or formal request from law
enforcement, or as necessary in relation to disputes.
6.3 We use this information as necessary for our legitimate
interests in administering your visit, ensuring site security and visitor
safety, and administering parking.
6.4 Visitor
information is kept for a period of up to 3 months. If
you have an accident on our premises, our accident records are retained for
a period of up to 3 years
6.5 CCTV
recordings may be kept for a period of up to 35 days (unless there
an incident occurs and it is necessary for us to keep recordings for longer
to properly deal with it).
7 JOB APPLICANTS
7.1 We will collect and hold information on job applicants,
including information you provide to us in your application via email or
through our online platform, or provided to us by recruitment agencies, as
well as information on you from any referees you provide.
7.2 We use this as necessary to enter into an employment
contract with you, and for our legitimate interests in evaluating candidates
and recording our recruitment activities, and as necessary to exercise and
perform our employment law obligations and rights.
7.3 If you are successful in your application, your information
will be used and kept in accordance with our internal privacy notice. If you
currently work for us, or used to work for us, you can request a copy of
this from us. If you are not successful in your application, you information
will be held for up to 6 months after the relevant round of recruitment has
finished.
7.4 You must provide certain information (such as your name,
contact details, professional and educational history) for us to consider
your application fully. If you have not provided all of this information, we
may contact you to ask for it. If you do not wish to provide this
information, we may not be able to properly consider your application.
7.5 If you are listed as a referee by an applicant, we will
hold your name, contact details, professional information about you (such as
your employer and job title) and details of your relationship with the
applicant. We will use this information as necessary for our legitimate
interests in evaluating candidates and as necessary to exercise and perform
our employment law obligations and rights. Your information will be kept
alongside the applicant’s information.
7.6 If you are listed as an emergency contact by someone who
works for us, we will hold your name, contact details and details of your
relationship with that worker. We will use this to contact you as necessary
to carry out our obligations under employment law, to protect the vital
interests of that worker, and for our legitimate interests in administering
our relationship with that worker. Your information will be kept until it is
updated by that worker, or we no longer need to contact that worker after
they have stopped working for us.
8 LEGAL CLAIMS
8.1 Where we consider there to be a risk that we may need to
defend or bring legal claims, we may retain your personal information as
necessary for our legitimate interests in ensuring that we can properly
bring or defend legal claims. We may also need to share this information
with our insurers or legal advisers. How long we keep this information for
will depend on the nature of the claim and how long we consider there to be
a risk that we will need to defend or bring a claim.
9 INFORMATION WE RECEIVE FROM THIRD PARTIES
9.1 We may also receive information about you from the
following sources:
9.1.1 Our
service providers. We work closely with third parties
(including, for example, business partners, sub-contractors in technical,
payment and delivery services, advertising networks, analytics providers,
search information providers and credit reference agencies) who may provide
us with information about you, to be used as set out above.
9.1.2 Businesses
we have bought. If we have acquired another business, or
substantially all of its assets, which originally held your information, we
will hold and use the information you provided to them, or which they
otherwise held about you, in accordance with this privacy notice.
9.1.3 Our
other channels. This is information we receive about
you if you use any of the other websites Wilmington businesses operate or
the other services or products we provide. In this case we will have
informed you when we collected that data if we intend to share those data
internally and combine it with data collected on this website. We will also
have told you for what purpose we will share and combine your data.
9.1.4 Credit
information. We may also collect credit information on
you from third party reference agencies.
10 WHY ELSE DO WE USE YOUR INFORMATION?
10.1 Common
uses of your information. We will only use your
personal information when the law allows us to do so. Although in limited
circumstances we may use your information because you have specifically
consented to it, we generally use your information in the ways set out in
this notice because:
10.1.1 we need to perform a contract we have entered into with
you.
10.1.2 we need to comply with a legal obligation.
10.1.3 it is necessary for our legitimate interests (or those
of a third party) and your interests and rights do not override those
interests.
10.1.4 we need to protect your interests (or someone else’s
interests) or where it is needed in the public interest (although these
circumstances are likely to be rare).
10.2 Change of purpose. We will only use
your personal information for the purposes for which we collected it as set
out in this notice, unless we reasonably consider that we need to use it for
another reason and that reason is compatible with the original purpose. If
we need to use your personal information for an unrelated purpose, we will
notify you and we will explain the legal basis which allows us to do so.
11 SHARING YOUR INFORMATION
As well as any sharing listed above, we may also share your information with
third parties, including third-party service providers and other entities in
our group. Third parties are required to respect the security of your
personal information and to treat it in accordance with the law. We never
sell your data to third parties.
11.1 Why
might we share your personal information with third parties?
We may share your personal information with third parties if we are under a
duty to disclose or share your personal information in order to comply with
any legal obligation, or in order to enforce or apply our agreements with
you, or to protect the rights, property, or safety of us, our customers, or
others or where we have another legitimate interest in doing so. This may
include exchanging information with other companies and organisations for
the purposes of fraud protection and credit risk reduction.
11.2 Which
third-party service providers process your personal information?
11.3 We also may need to share your personal information for
third-party service providers (including contractors and designated agents)
so that they can carry out their services.
11.4 The following activities are carried out by third-party
service providers: registrar services, IT services, legal advice, market
research, website development and hosting.
11.5 When
might we share your personal information with other entities in the group?
11.6 We may share your personal information with other entities
in our group in our shared CRM, email marketing and finance systems, as part
of our regular reporting activities on company performance, in the context
of a business reorganisation or group restructuring exercise, and for system
maintenance support and hosting of data.
11.7 How
secure is your information with third-party service providers and other
entities in our group?
All our third-party service providers and other entities in the group are
required to take appropriate security measures to protect your personal
information. Where third parties process your personal information on our
behalf as “data processors” they must do so only on our instructions and
where they have agreed to treat the information confidentially and to keep
it secure.
11.8 What
about other third parties?
We may share your personal information with other third parties, for example
in the context of the possible sale or restructuring of the business where
necessary in connection with the purposes which your information was
collected for. We may also need to share your personal information with a
regulator or to otherwise comply with the law.
12 WHERE WE STORE YOUR INFORMATION
12.1 Our office headquarters are based in London and our main
data centre is located in Telford, UK. However, where required to perform
our contract with you or for our wider business purposes, the information
that we hold about you may be transferred to, and stored at, a destination
outside the UK and the EU. It may also be processed by staff operating
outside the UK and EU who work for us or for one of our service providers.
Our group of companies operate in the following countries: UK, Spain,
France, Ireland, USA, Dubai, Singapore and Hong Kong.
12.2 We will take all steps reasonably necessary to ensure that
your personal information is treated securely and in accordance with this
privacy notice.
12.3 If we transfer data to countries or organisations outside
of the UK and the EU which the EU does not consider to have an adequate data
protection regime in place, we will ensure that appropriate safeguards (for
example, model clauses approved by the EU or a data protection authority)
are put in place where required. To obtain more details of these safeguards,
please contact us.
13 DATA SECURITY
13.1 As well as the measures set out above in relation to
sharing of your information, we have put in place appropriate internal
security measures to prevent your personal information from being
accidentally lost, used or accessed in an unauthorised way, altered or
disclosed. In addition, we limit access to your personal information to
those employees, agents, contractors and other third parties who have a
business need to know. They will only process your personal information on
our instructions and they are subject to a duty of confidentiality.
13.2 We have put in place procedures to deal with any suspected
data security breach and will notify you and any applicable regulator of a
suspected breach where necessary.
14 HOW LONG WILL WE KEEP YOUR INFORMATION FOR?
14.1 We have set out above indications of how long we generally
keep your information. In some circumstances, it may be necessary to keep
your information for longer than that in order to fulfil the purposes we
collected it for, including for the purposes of satisfying any legal,
accounting, or reporting requirements.
14.2 To determine the appropriate retention period for personal
information, we consider the amount, nature, and sensitivity of the personal
information, the potential risk of harm from unauthorised use or disclosure
of your personal information, the purposes for which we process your
personal information and whether we can achieve those purposes through other
means, and the applicable legal requirements.
14.3 In some circumstances we may anonymise your personal
information so that it can no longer be associated with you, in which case
we may use such information without further notice to you.
15 YOUR RIGHTS
15.1 Data protection law gives you a number of rights when it
comes to personal information we hold about you. The key rights are set out
below. More information about your rights can be obtained from the
Information Commissioner’s Office (ICO). Under certain circumstances, by
law you have the right to:
15.1.1 Be
informed in a clear, transparent and easily
understandable way about how we use your personal information and about your
rights. This is why we are providing you with the information in this
notice. If you require any further information about how we use your
personal information, please let us know.
15.1.2 Request
access to your personal information (commonly known as
a “data subject access request”). This enables you to receive a copy of the
personal information we hold about you and to check that we are lawfully
processing it.
15.1.3 Request
correction of the personal information that we hold
about you. This enables you to have any incomplete or inaccurate information
we hold about you corrected.
15.1.4 Request
erasure of your personal information. This enables you
to ask us to delete or remove personal information where there is no good
reason for us continuing to process it (for instance, we may need to
continue using your personal data to comply with our legal obligations). You
also have the right to ask us to delete or remove your personal information
where you have exercised your right to object to processing (see below).
15.1.5 Object
to processing of your personal information where we
are relying on a legitimate interest (or those of a third party) and there
is something about your particular situation which makes you want to object
to us using your information on this basis and we do not have a compelling
legitimate basis for doing so which overrides your rights, interests and
freedoms (for instance, we may need it to defend a legal claim). You also
have the right to object where we are processing your personal information
for direct marketing purposes.
15.1.6 Request
the restriction of processing of your personal
information. This enables you to ask us to suspend the processing of
personal information about you, for example if you want us to establish its
accuracy or the reason for processing it.
15.1.7 Request
the transfer of your personal information to another
party where you provided it to us and we are using it based on your consent,
or to carry out a contract with you, and we process it using automated
means.
15.1.8 Withdraw
consent. In the limited circumstances where we are
relying on your consent (as opposed to the other bases set out above) to the
collection, processing and transfer of your personal information for a
specific purpose, you have the right to withdraw your consent for that
specific processing at any time. Once we have received notification that you
have withdrawn your consent, we will no longer process your information for
the purpose or purposes you originally agreed to, unless we have another
legitimate interest in doing so.
15.1.9 Lodge
a complaint. If you think that we are using your
information in a way which breaches data protection law, you have the right
to lodge a complaint with your national data protection supervisory
authority (if you are in the UK, this will be the ICO).
If you want to review, verify, correct or request erasure of your personal
information, object to the processing of your personal information, withdraw
your consent to the processing of your personal information or request that
we transfer a copy of your personal information to another party, please
contact us at
info@iicj.net.
15.2 No
fee usually required. You will not have to pay a fee
to access your personal information (or to exercise any of the other
rights). However, we may charge a reasonable fee if your request for access
is clearly unfounded or excessive. Alternatively, we may refuse to comply
with the request in such circumstances.
15.3 What
we may need from you. We may need to request specific
information from you to help us understand the nature of your request, to
confirm your identity and ensure your right to access the information (or to
exercise any of your other rights). This is another appropriate security
measure to ensure that personal information is not disclosed to any person
who has no right to receive it.
15.4 Timescale. Please
consider your request responsibly before submitting it. We will respond to
your request as soon as we can. Generally, this will be within one month
from when we receive your request but, if the request is going to take
longer to deal with, we will let you know.
16 CHANGES TO THIS PRIVACY NOTICE
Any changes we make to our privacy notice in the future will be posted on
this page and, where appropriate, notified to you by e-mail or otherwise.
Please check back frequently to see any updates or changes to our privacy
notice.