This notice describes how we collect and use personal data about you, in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK (‘Data Protection Legislation’).
Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
Parker Russell International Ltd (PRIL) , a company limited by guarantee incorporated in England and Wales with registered Number 04861541, whose registered office is at Level 30, The Leadenhall Building, 122 Leadenhall Street, City of London, London EC3V 4AB, United Kingdom.
For the purpose of the Data Protection Legislation and this notice, we are the ‘data controller’. This means that we are responsible for deciding how we hold and use personal data about you. We are required under the Data Protection Legislation to notify you of the information contained in this privacy notice.
We have appointed a Data Representative as our Data Protection Point of Contact. Our Data Representative is responsible for assisting with enquiries in relation to this privacy notice or our treatment of your personal data. Should you wish to contact our Data Protection Point of Contact you can do so using the contact details noted at below.
You are also an independent controller responsible for complying with data protection legislation and regulation in respect of the personal data you process and, accordingly where you disclose personal data to us you confirm that such disclosure is fair and lawful and otherwise does not contravene relevant requirements. Nothing within this engagement letter relieves you as a data controller of your own direct responsibilities and liabilities under data protection legislation and regulation.
Data protection legislation and regulation places obligations on you as a data controller where we act as a data processor to undertake the processing of personal data on your behalf, for instance where we operate a payroll service for you. We therefore confirm that we will at all times take appropriate measures to comply with relevant requirements when processing data on your behalf. In particular we confirm that we have adequate security measures in place and that we will comply with any obligations equivalent to those placed on you as a data controller.
At Parker Russell International (“PRI”) we take your privacy very seriously. This privacy statement will help you to understand what personal data we collect from you, either through our interactions with you or through our solutions, and how we share and use that data.
PRI offers a wide range of services, from guidance on branding to technical support. In this privacy statement we refer to these services including websites, apps, software, devices, servers, and International services
This statement applies to any interactions that PRI has with you and the services that are listed below. It also extends to other PRI services that display this privacy statement.
Our policy is simple. We only collect the personal data that is required for the purposes we have agreed with you, and our members are instructed only to share personal data when it is strictly needed for those agreed purposes.
Should it be necessary to process personal data in order to provide our services, our members are instructed to advise any other data subjects concerned, for example your family members, about how their personal data will be used.
We may also collect special categories of personal data for certain services or activities, or when required by law or with an individual’s consent. Special categories include, but are not strictly limited to race or ethnicity; mental or physical health; genetic or biometric data; sexual orientation or sex life; criminal records; religious or philosophical beliefs.
Broadly speaking, we collect personal data directly from our members, or via a third party that has been instructed to act on their behalf.
How do we collect personal data?
We collect data to provide you with the best network experience, and to operate effectively. Some of this data is provided directly by you, for example when you submit a query via email, register for an International event, or contact us for support.
Some data is obtained by recording the way in which you interact with our products. This could be via technologies like cookies, or by receiving error reports or usage data from the software that is running on your device.
Data is also obtained from third parties and our conference application. Any data obtained from third parties is protected according the practices outlined in this statement, as well as any further restrictions that are imposed by the data source. These third-party sources may vary over time, but include social networks (when you agree that a PRI product may access your data on one or more networks).
The personal data you share is optional and, when asked, you can decline to provide it. However, if that data is intrinsic to delivering one of our products or features, you may not be able to take advantage of that product or feature.
What data do we collect?
The data we collect will vary according to how you interact with PRI. This includes any personal choices you make, such as your privacy settings, and the particular products and features that you use. The following examples show you what data we collected, and when:
- Name and contact details – We collect your first name and surname, postal address, phone number, email address, and other contact information
- Authentication – We collect passwords, password hints and security credentials that you use to authenticate and access your account
- Demographics – We collect personal data about you such as your gender, age, country of residence, and preferred language
- Payments – We collect the data that is required to process your payment if you decide to make a purchase. This includes your payment instrument number, for example your credit card number, and the security code required to verify it
- Content – When necessary, we collect the content of your communications in order to provide you with the solutions you use, such as referral data
- Digital images – If you attend a conference or other similar training event, your image may be captured by our cameras or video recorders, or those belonging to other delegates.
How we use personal data
The date we collect is used for two main purposes, which are described in greater detail below. Firstly, we use the data to operate our business, and deliver, personalise and improve all the solutions that we offer. Secondly, we use the data to send and personalise communications, including marketing and promotional offers.
By combining the data that we collect, we are able to provide you with a personalised experience that is seamless and consistent. However, for privacy protection purposes, we have technologies and procedural safeguards in place that are designed to prevent specific data combinations. These safeguards include, but are not limited to, highly secure, GDPR-compliant solutions.
Providing and improving solutions
We use the data we collect to operate, maintain and improve our solutions, and perform essential business operations. This includes developing new product features, conducting research about our solutions, and providing essential support services for our members. For example, we use data to:
- Tailor experiences – Our solutions often have personalised features and recommendations based on the data we have about your location, activities, and interests. This data is used to tailor your experience of our solutions in a way that will enhance your personal enjoyment and productivity
- Support members – We use data to troubleshoot any potential problems with our solutions and provide other care and support services for our members
- Improve solutions – The data we collect also helps us to improve the solutions we provide by adding new services and capabilities. For example, we use feedback emails to upgrade features, search queries to make search results more relevant, and usage data to decide which new features or solutions should take priority
- Protect security and safety – Data helps us to keep our solutions, and our members, safe and secure. We also use data to detect and prevent fraud, to resolve disputes, and to enforce our agreements. The Microsoft security features that we employ are intended to disrupt the operation of malicious software. They also notify members if any malicious software is detected. For instance, some of our communications tools, such as Outlook, automatically scan content. This enables the identification of potential spam, viruses and abusive actions, and URLs that have been flagged as up a fraudulent, phishing or malware links. Our protection measures also include blocking suspect communications from being delivered, or removing any content that violates our terms
- Perform business operations – We use data for the purposes of aggregate analysis and business intelligence, so we can operate and protect our business, and make informed decisions on its performance.
- Personalising communications
The data we collect enables us to personalise the communications that you receive from us by phone or email etc. For example, we may contact you to discuss your membership, let you know you when a service or solution is due to be phased out, inform you about new services, invite you to take part in a meeting, conference or survey, or advise you to update your account details
In addition, you can choose to register for email subscriptions from PRI and decide whether to opt in to receiving other relevant communications via email, telephone, post or social enterprise network.
For more information about managing your contact details, email subscriptions and other communication preferences, please email firstname.lastname@example.org.
Why we share personal data
With your consent, we share any personal data necessary to complete a transaction, or provide a product or service you have authorised or requested. For example, when you agree to attend a training event of conference, you content will be shared with third parties when you authorise us to do so.
Any payment data that you provide when making a purchase will be shared with banks and other entities that process the payment transaction or provide other financial services, and to prevent fraud and reduce credit risk.
In addition, we share personal data with International-controlled affiliates and subsidiaries (for example, for branding and trademark purposes).
Personal data is also shared with vendors or agents that work on our behalf for the purposes described in this statement. For example, if we hire companies to provide service support for members, they may require access to personal data to fulfil those requirements. In cases of this nature, the companies in question must comply fully with our data privacy and security requirements and are not permitted to use the personal data they receive from us for any other purpose.
Personal data may also be disclosed during a corporate transaction, for example a merger or sale of assets.
Furthermore, we may access, transfer, disclose and preserve personal data and content, including the content of your discussions. These steps will be taken if we believe they are absolutely essential to:
- Comply with relevant and applicable laws;
- Respond to valid legal proceedings, including requests from law enforcement and government agencies;
- Protect our members from spam and fraud attempts;
- Help to prevent serious injury or loss of life;
- Operate and maintain secure services, including preventing or blocking threats to our networks or computer systems; or
- Protect PRI’s property and rights. This includes enforcing the terms that govern the use of our services. However, should any information we receive indicate our services are being used to steal and traffic PRI’s intellectual or physical property, we will not inspect a member’s private content ourselves. In this instance, the matter may be referred to law enforcement.
Manage your personal data
You can view, edit or delete your personal data by contacting Mrs Jade Perkins at email@example.com. You can also make choices about how we collect and use your data.
We will respond to any requests to access or delete your personal data within 14 days.
Your communication preferences
At any time, you can choose whether or not you would like to receive communications from PRI by email, post or phone. If you would like to opt out of receiving our emails, you can do so by following the instructions in those messages. However, these choices do not apply to mandatory service communications that are part of certain International services. Surveys or other informational communications may also have their own method to unsubscribe.
- Cookie controls – Any relevant browser-based cookie controls are described in the Cookies section of our privacy statement
- Tracking protection – Internet Explorer (versions 9 and later) feature Tracking Protection. This will block third-party content, including cookies, from any site you add to a Tracking Protection List. By limiting calls to these sites, the browser will limit the information that these third-parties can collect about you
- Browser controls for “Do Not Track” – Some browsers incorporate “Do Not Track” (DNT) features. These send a signal to any websites you visit to indicate that you do not want to be tracked. International services do not currently respond to all DNT signals as there is not yet a common understanding of how to interpret them. We will continue to monitor the online industry (via Microsoft) to define a common understanding of how DNT signals should be treated. In the meantime, we provide a range of other tools to help you control data collection and use, including the ability to opt out of receiving interest-based communications from International, as described above.
PRI assumes responsibility for keeping an accurate record of personal data at the time you submit the information. However, we cannot confirm the on-going accuracy of your personal information. Should you advise PRI that your personal data is no longer accurate, we will endeavour to amend it, where practical.
Providing information to third parties
To deal with your enquiry, information may be provided to one or more of PRI’s independent members. There may also be other circumstances, as a result of legal proceedings, where PRI is required to provide information.
PRI does not undertake marketing activities on behalf of third parties, nor do we provide information to third parties for their own marketing purposes.
Any personal data that we process is retained by us for a long as we consider it is needed to fulfil the purpose for which it was collected. This includes the time frame required by applicable laws and regulations.
In the absence of any specific legal, regulatory or contractual requirements, we have a baseline retention period. For records and other documentary evidence that is generated in the provision of services, this is eight years.
The data controller collecting the information as described in this statement is PRI.
We have implemented generally-accepted standards of technology and operational security to protect personal information from loss, alteration, destruction or misuse. All PRI personnel are required to keep personal information confidential and only authorised individuals have access to such information.
If you have any questions regarding this notice or if you would like to speak to us about the manner in which we process your personal data, please email our Data Protection Point of Contact firstname.lastname@example.org or telephone 020 7378 7500.
We seek to resolve directly all complaints about how we handle your personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office at:
Information Commissioner’s Office
Telephone – 0303 123 1113 (local rate) or 01625 545 745