Updated 22 May 2018 (to reflect the new GDPR requirements which come into force on 25 May 2018)
Westminster and City respect your privacy and have updated this policy to explain clearly our data and privacy practices. It outlines the type of personal data that we collect and store, why we process it and our legal basis for doing so, your rights and controls, and data security.
Please periodically revisit this page as we will keep this policy under review and update it to ensure continued best practice and in accordance with any changes to legislation, such as the forthcoming e-privacy Regulation.
How we use Personal Data
We may use the personal data that we hold about you in the following ways:
1) Direct Marketing
We take the requirements of the GDPR seriously and have conducted a Legitimate Interest Assessment for the purpose of B2B direct marketing in line with ICO guidance. We have concluded that we have a Legitimate Interest to process personal data in order to provide individuals with information on events that we believe may be relevant to them in their professional capacity. Marketing communications are limited to email and postal channels and individuals have the option to express preferences on the type of information they receive and opt out of one or both channels (see Your Rights and Controls below).
2) Transactional purposes
We may use your personal data in order to answer any queries, process an order that you make with us and to settle contractual obligations. This might include sending you your ticket, invoice and pre-conference information, important event updates (such as venue, timetable or speaker changes) and providing post-conference materials to which you are entitled.
3) Administrative purposes
We may process your data as part of our internal administrative activities including but not limited to the following purposes: event research and speaking invitations; targeting marketing communications; tracking online behaviour in response to email communications; database maintenance and analysis; and event feedback.
1) The personal data that we collect and process for B2B direct marketing purposes relates to individuals in their professional capacity only. It is derived from publically available sources, carefully screened third parties or freely given to us by the companies or individuals themselves (whether face to face such as through the provision of a business card, by phone, email or through this website). The data is limited to name, job title, company, postal address, telephone number, email, general business interests and previous attendance.
2) Other data that we may hold about you includes special dietary requirements (where you have attended an event and advised us of such), speaker biographies and photos (where supplied) and, if you have registered as a member of our website, any profile information that you submitted.
3) We do not collect sensitive data about you. If you pay by card through this website the information is submitted directly to SagePay and not held by us. If you pay by card over the phone the details are immediately entered into our SagePay portal and not retained by us.
4) Information will be held for as long as it is required for the purposes set out above. In the case of direct marketing we apply date filters to reduce the chance of data being out of date and the risk that you might receive material that is no longer relevant to you.
1) We are keen to ensure that the information we hold about you is accurate and up to date and do our best to keep up with any changes but if you notice any errors please email firstname.lastname@example.org and we will amend as requested.
2) If you are a sole trader or non-LLP and feel you should not be contacted on a Legitimate Interest basis please advise us and we will remove you from our lists unless you specifically request us not to and would like to be contacted under a consent basis.
Your Rights and Controls
You are entitled to know what information we may hold about you and have the right to amend it, restrict or object to further processing and to opt out of marketing communications.
1) All email and postal communications from us this will clearly outline your right to opt out and explain how to do so. Alternatively you can simply let us know by email email@example.com . If you unsubscribe from our emails using the ‘unsubscribe’ link this will take effect immediately but will only apply to email communications. If you ask to opt out by phone or email, we will action the specified request immediately upon receipt but due to the way we prepare postal communications in advance and the delivery times entailed you may receive further communications for around two weeks.
2) Please note: if you wish to opt out of our communications we may for suppression purposes need to retain some of your details rather than delete them (otherwise there is a risk you will be re-entered on to our database).
3) If you wish to know what data we hold about you please email firstname.lastname@example.org and we will respond in a timely fashion and correct, amend or delete information as requested.
4) We are keen to ensure you receive relevant information and would be pleased to tailor the information we hold to better meet your requirements.
5) If you have a complaint regarding our privacy and data practices please contact
email@example.com and we will do our best to resolve your issue. But you also have the right to refer your grievance directly to the Information Commissioner’s Office
1) We will not disclose to third parties information gathered for direct marketing purposes, except in the following circumstances:
i) where the law requires us to do so
ii) GDPR compliant service providers who will only use it to facilitate our activities (such as our chosen email marketing platform and database management company)
iii) in the event that Westminster and City is acquired by a third party
2) We do distribute speakers’ contact details to attendees at the event at which they are speaking.
3) If you attend an event we reserve the right to pass on your details to carefully screened third parties but in practice rarely do so. For example, this might include an event partner delivering interactive services through an event app or a sponsor of an event.
4) Our website may contain links to third party sites. These sites will have their own privacy policies and practices and whilst we will only partner with carefully selected organisations we cannot accept any responsibility or liability for your interactions with them.
1) Westminster and City no longer collect sensitive personal data but nonetheless take the security of your personal information seriously and have put in place appropriate technical and organisational measures to protect it. However, despite our best efforts and intentions no system is 100% secure and we cannot guarantee against a breach.
2) We cannot accept responsibility for any sensitive data that you may submit through our online payment partner – SagePay – but have confidence that their data protection measures are suitably robust.
Queries and Complaints
If you have any questions or complaints regarding our privacy and data practices please contact firstname.lastname@example.org and we will do our best to resolve your issue. You also have the right to refer your grievance directly to the Information Commissioner’s Office
Westminster and City Programmes Limited
231 Kennington Lane, London SE11 5QU
Tel: 020 7582 6516
Data Protection Officer: Douglas French
Company Registration Number 2045045
ICO Registration Reference Z829498X