Last Modified: 2020-07-27
Effective Date: 2020-07-27
We don’t want to patronize you and we’ve tried to steer clear of legal jargon, but we’ve explained any unusual terms you might not have come across before.
The important stuff
Purpose of this policy
Our website isn’t intended for kids (even the most tech savvy ones) and we don’t knowingly collect data relating to children.
If there’s something you really aren’t happy about, those of you based in the UK can make a complaint at any time to the Information Commissioner’s Office (ICO). They’re the UK supervisory authority for data protection issues. But if you’ve got any worries, we’d really appreciate the chance to deal with your concerns ourselves, so please get in touch with us in the first instance.
The data we collect about you
What do we mean by personal data anyway? It’s pretty straightforward. It means any information about a person which could be used to identify them. It doesn’t include ‘anonymous data’, where the person’s identity has been removed. We might collect, use, store and transfer the following different types of personal data about you:
- Identity Data – this includes your first name and last name.
- Contact Data – this includes your email address and telephone number. If you buy tickets to our training sessions or other events, it includes your billing address too.
- Financial Data – this includes your payment card details. If you buy tickets to our training sessions or other events, the people over at Stripe (or a similar payment processing platform) will collect this from you.
- Transaction Data – if you buy tickets to our training or other events, this includes details about payments you’ve made, like how much you’ve paid and when, and what event you’ve signed up for. This data could also be used to work out Profile Data (below).
- Technical Data – to better understand you and your team, we use Google Analytics. So Technical Data includes things like your IP address (although Google won’t give this to us), your time zone setting and location, your browser type and version, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.
- Profile Data – this includes any feedback you may give after attending one of our events or training sessions It also includes information about your interests and your history of events and training sessions you’ve attended with us, which we can work out from your Transaction Data (above).
- Usage Data – this includes information about how you use our website when you visit.
- Marketing and Communications Data – this includes whether you want to receive marketing from us and our third parties and your preferred means of communication.
We don’t collect any Special Categories of Personal Data about you (this includes really personal information like details about your race or ethnicity, religious beliefs, sexual orientation, political opinions or information about your health, although we might collect information about your dietary requirements if you attend one of our events).
If you’d prefer not to give out your personal data
Sometimes, we might need to collect personal data by law, or under the terms of a contract we have with you. In those situations, if you don’t provide that data when asked for, we unfortunately may not be able to perform the contract we have or are trying to enter into with you (for example, if you’ve signed up to attend one of our training sessions). If this happens, we may have to cancel your attendance at the training session you’ve signed up for with us, but we we’ll let you know at the time.
By the way, it’s really important that the personal data we hold about you is accurate and up to date, so if your personal data changes during the time we know you, please let us know.
How is your personal data collected
We collect data from and about you in a few different ways, like through:
- Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by contacting us by post, phone, email or otherwise. This includes personal data you provide when you:
- contact us for information about our services, training sessions, events, meetups, seminars and conferences;book or attend online meetups / discussion groups;
- book or attend training sessions, events, seminars and conferences;
- subscribe to our mailing lists;
- request marketing to be sent to you about future events;
- request marketing to be sent to you about future training sessions;
- give us feedback after attending one of our events or training sessions; or
- contact us using the ‘contact us’ form on our website.
- Third parties or publicly available sources. We’ll receive personal data about you from these third parties and public sources:
- Contact, Financial and Transaction Data from ticket agencies and providers of technical, payment and delivery services, such as Eventbee based outside the EU.
- Identity and Contact Data from Slack Technologies, Inc and Meetup LLC outside the EU.
- Technical Data from:
- analytics providers like Google Analytics based outside the EU;
- advertising networks; and
- search information providers.
- Identity and Contact Data from data brokers or aggregators.
- Identity and Contact Data from publicly available sources, like Companies House and the Electoral Register based inside the EU.
How we’ll use your personal data
We’ll only use your personal data when the law allows us to. The most common circumstances are:
- Where we need to perform a contract with you, for example to deliver a training session you’ve booked to attend.
- Where it’s necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights don’t override those interests.
- Where we need to comply with a legal obligation.
We will not knowingly disclose your personal data to a third party if we know or have reason to believe that the third party will use your personal data for direct marketing purposes.
Don’t forget, you’ve got the right to withdraw consent to such marketing communications at any time. Just get in touch with us at firstname.lastname@example.org.
Purposes we use your personal data for
In the table below, we’ve set out all the ways we plan to use your personal data, and which of the legal bases we’ll rely on to do so. We’ve also let you know what our legitimate interests are for doing so. What explained what we mean by ‘legitimate interest’ below the table.
Just so you’re aware, we may process your personal data for more than one lawful ground depending on the specific purpose we’re using your data for. Please get in touch if you need details about the specific legal ground we’re relying on to process your personal data where more than one ground is set out in the table below.
|Type of data
|Lawful basis for processing including basis of legitimate interest
|To register you as a new customer when you book to attend one of our training sessions, events meetups, seminars or conferences
|Performance of a contract with you
|To process and deliver your order via a third party payment processing platform
(e) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to receive payment for a service to be delivered)
(d) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to manage our relationship with you, to keep our records updated and to understand how customers use our services)
|To administer and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
|(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)
(b) Necessary to comply with a legal obligation
|To use data analytics to improve our website, services, marketing, customer relationships and experiences
|(a) Your consent
(b) Necessary for our legitimate interests (to define types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
|To make suggestions and recommendations to you about services that may be of interest to you
(f) Marketing and Communications
|(a) Your consent
(b) Necessary for our legitimate interests (to develop our services and grow our business)
Communications from us
We may use your information to provide you with details about our events, training, products and services. In doing so, we may contact you through channels such as email. We shall obtain your prior opt-in consent to send you marketing messages where appropriate to do so.
You can ask us to stop sending you marketing messages at any time, either by following the opt-out links on any marketing message sent to you or by getting in touch with us. If you ask us not to send you marketing messages, it may take us a short period of time to update our systems and records to reflect your request, during which time you may continue to receive marketing. Even if you tell us not to send you marketing messages, we may continue to use your contact details to provide you with important service information about the products or services that we are currently providing to you.
Change of purpose
We’ll only use your personal data for the purposes we collected it for, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you’d like us to explain this in any more detail please get in touch.
If we need to use your personal data for an unrelated purpose, we’ll notify you and we’ll explain the legal basis which allows us to do so.
Please be aware that we may process your personal data without your knowledge or consent in compliance with the above rules, but only where this is required or permitted by law.
Disclosures of your personal data
We and some of the external third parties we work with (like the payment platforms you’ll use if you buy tickets to one of our training sessions) are based outside the EEA, so when we (and they) process your personal data, if you’re based in the EEA it will involve a transfer of data outside the EEA.
Countries outside the EEA might have different data protection laws to those within the EEA. Whenever we transfer your personal data out of the EEA, we’ll make sure appropriate safeguards are in place or obtain your prior consent. Please get in touch if you want further information about this.
Our website is hosted in the US, so information collected from you via the website (for example, information you submit via forms on this website) will be transferred to the US so we can process it there. By using the website in this manner, you acknowledge and consent to this transfer of your personal data to the US.
Like we said earlier, your privacy is really important to us. We’ve put in place appropriate security measures to stop your personal data from being accidentally lost, used or accessed in an unauthorized way, changed or disclosed. We’ll also limit access to your personal data to the people in our team who have a genuine business need to know. They’ll only process your personal data if we ask them to and they’ll have a duty to keep it confidential. We’ve put in place procedures to deal with any suspected personal data breach and we’ll let you (and any appropriate regulator) know of a breach where we’re legally required to do so.
How long will we keep your personal data for?
We’ll only keep your personal data for as long as reasonably necessary to fulfil the purposes we collected it for. To work out how long it’s appropriate to keep your personal data for, we consider things like the amount, nature and sensitivity of the personal data, the purposes we process it for, the potential risk of harm from its unauthorized use or disclosure and things like legal and accounting requirements. If you were to make a complaint or if we reasonably believed there was a prospect of litigation between us, we might have to keep your personal data for longer.
There are some occasions where you can ask us to delete your data (take a look at Your legal rights below).
Sometimes, we’ll anonymize your personal data to use it for research or statistical purposes, in which case we might use this information indefinitely without further notice to you.
Your legal rights
You won’t have to pay a fee to access your personal data (or to exercise any of the other rights). We might charge a reasonable fee, but only in the unlikely event that your request is clearly unfounded, repetitive or excessive (in those circumstances, we don’t actually have to comply with your request).
We might need to ask you some questions to help us confirm your identity. This is a security measure to make sure that personal data isn’t given to someone it shouldn’t be. We might also contact you to ask you for further information about your request to help speed up our response.
We’ll try to respond to all legitimate requests within one month. It might take us longer than a month, for example if your request is really complicated or if you’ve made lots of requests. If that’s the case, we’ll let you know and keep you updated.
What are your legal rights?
|You have the right to: Request access to your personal data (this is called a “data subject access request”). This allows you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. Request correction of the personal data that we hold about you. This allows you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide us with. Request erasure of your personal data. You can ask us to delete or remove personal data where there’s no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you’ve successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we’re required to erase your personal data to comply with local law. However, sometimes we may not always be able to comply with your request of erasure for specific legal reasons which we’ll let you know (if applicable) when you make your request. Object to processing of your personal data where we’re relying on a legitimate interest (or those of a third party) and there’s something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: If you want us to establish the data’s accuracy. Where our use of the data is unlawful but you do not want us to erase it. Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims. You’ve objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it. Request the transfer of your personal data to you or to a third party. We’ll provide to you, or a third party you’ve chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. Withdraw consent at any time where we’re relying on consent to process your personal data. However, this won’t affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We’ll advise you if this is the case at the time you withdraw your consent.