Effective Date: August 2023
This Policy outlines our practices related to the collection, usage, storage, and transfer – collectively termed as “processing” – of your personal data. Our operations align stringently with contemporary data protection laws, prominently including the EU General Data Protection Regulation (2016/679) (“GDPR”), along with other relevant regulations as applicable.
We encourage you to read this Policy in its entirety to understand our data handling methods, ensuring complete transparency in our processes and your absolute comprehension of the steps we take to maintain your privacy.
Commitment to Privacy
At GBR, safeguarding your privacy stands at the heart of our operations. We uphold a firm commitment to protect the confidentiality of your data, and assure you that it will never be sold or shared with third parties without your explicit consent.
We deeply respect your data rights which encompass your entitlement to access, rectify, and erase your personal data. You also hold rights to control how we use your information and how we engage with you.
In our ongoing quest to secure your data, we adopt stringent technical and organisational measures. These are specifically designed to shield your information against unauthorised access, accidental or illicit disclosure, alteration, and destruction.
Our privacy commitment is grounded in the principles of transparency, accountability, and respect for the individual’s privacy. We continually strive to ensure that these standards are reflected in all aspects of our data handling practices.
In this Policy, “Personal Data” pertains to any information that allows the identification of an individual. The type of personal data we may collect includes, but is not limited to, your name, date of birth, gender, email address, postal address, country of origin or current residence, IP address, device identifiers, preferences, and responses to surveys.
Our process of data collection is primarily twofold. Firstly, we collect data that you voluntarily provide. This can occur when you express interest in our organisation, register for our events, or partake in our surveys.
Secondly, some data is collected automatically through digital technologies like cookies when you interact with our website or engage with our digital communications. This includes information such as IP addresses and device IDs, which support us in enhancing your user experience by providing insight into how our platform is being used.
Rest assured, our data collection practices are governed by a commitment to fairness, lawfulness, and transparency. We adhere strictly to the prevailing standards of data privacy, ensuring your information is collected, processed, and stored with the utmost respect for your rights and freedoms.
Use of Your Data
At GBR, we employ your data to serve the following objectives:
a) Event and Programme Management: We use your data to process your applications for GBR events and to handle all associated communication. Our actions align with the terms and conditions furnished during your application process.
b) Direct Marketing: Provided we have your explicit consent, we utilise your data to dispatch promotional content, updates, and resourceful information tied to GBR events and opportunities.
c) Social Media Outreach: To spread awareness about our events, we leverage your data to execute promotional campaigns for our followers across various social media platforms.
- d) Service Improvement Analysis: We employ your data, including statistical and anonymized data extracted from our website or social media interactions, to analyse and refine our operations and services, aiming for a consistently improved user experience.
Cookies are small files stored on your computer that help us analyse web traffic and tailor your website experience. We use them to improve our services, for instance, by identifying popular sections of our site. We use both “session cookies”, which expire when you close your browser, and “persistent cookies”, which remain on your computer until deleted.
You can choose to opt out of our cookies at the start of your visit to the GBR website or by adjusting your browser’s settings.
Legal Bases for Data Processing
GBR processes your data in accordance with the following lawful bases:
a) Informed Consent: Our primary foundation for processing your data rests on your unequivocal consent, which we seek when you voluntarily offer your data or express your willingness to receive marketing communications from us.
b) Legitimate Interests: There may be circumstances where your data is processed based on GBR’s legitimate interests, provided these interests are not overridden by your fundamental rights and freedoms. In such scenarios, the processing is conducted with due diligence and respect for your privacy.
c) Legal Compliance: There are situations where we are obligated to process your data in order to adhere to legal and regulatory requirements. In such instances, the processing is strictly confined to what is legally necessary.
Utilisation of Data for Enhancing Services
GBR is dedicated to continual improvement and enhancement of our services. To fulfil this commitment, we employ your data in a thoughtful and responsible manner, specifically focusing on analytics that contribute to service refinement.
We primarily utilise anonymised or statistical data obtained from our website, application forms, and social media platforms. This data helps us to understand how you interact with our content, thereby enabling us to fine-tune our online presence and design event programmes that resonate with your interests and needs.
Be assured that this analytic process is rooted in respect for your privacy and is solely aimed at elevating your experience with us. We adhere strictly to data protection standards, ensuring that the analysis and improvement do not compromise your privacy or rights.
Change of Purpose
GBR is committed to transparency and accountability in our data processing activities. We primarily use your personal data for the purpose it was initially collected for, respecting the context of your relationship with us.
However, there may be occasions where we identify a legitimate need to use your data for a different purpose, which is nonetheless compatible with our initial reason for data collection. If such situations arise, we will carefully evaluate whether this secondary use respects the context of your relationship with us and maintains an appropriate level of data protection. Should you have any inquiries about how this new use aligns with the original purpose, please do not hesitate to contact us.
In instances where we need to use your data for a purpose unrelated to the initial reason for collection, we will inform you promptly, providing detailed explanation about the new use and its legal basis.
Please be aware that there may be circumstances where your data may need to be processed without your knowledge or consent. Such situations only occur when strictly necessary and legally required or permitted. We will always ensure such processing aligns with applicable data protection laws to respect your rights and interests.
Data Retention and Security
GBR retains your personal data only for as long as necessary to fulfil the purposes outlined in this Policy or as required by law. We implement technical and organisational measures to protect your data from unauthorised access, loss, disclosure, alteration, or destruction.
Data Sharing and Disclosure
At GBR, we hold your data with highest respect and safeguard your privacy by limiting any disclosure or transfer of your data. Your data remains within GBR unless one of the following conditions applies:
a) Legal Obligation: There might be circumstances under which we are legally obligated to disclose your data. In such cases, the release of your data is necessitated by law, and GBR will comply to ensure regulatory adherence.
b) Consent-based Sharing: Your data may also be shared or transferred to third parties when you provide us with explicit consent to do so. This ensures that you retain full control over your data, with us acting solely based on your informed and clear consent.
You have certain rights related to your data, including the right to be informed, access, rectify, object to our processing, restrict our processing, erase, and transfer your data. To exercise these rights, please contact us at email@example.com with the subject “Data Rights Request”.
Opting Out of Our Communications
We respect your preferences regarding the communications you receive from us. If at any point you decide that you no longer wish to receive our emails, you can easily unsubscribe. This can be done either by sending us an email at firstname.lastname@example.org expressing your desire to opt-out, or by clicking the “Unsubscribe” link located at the bottom of every email we send. We will promptly honour your request and cease all further communications.
GBR events and communications are not intended for children under the age of 16, and we do not knowingly collect personal information from them. If you believe your child has provided personal information to us, please contact us immediately, and we will take appropriate action to remove such information.
Updates to this Policy
GBR is committed to evolving its practices to ensure the maximum care for your data. As a result, this Policy may undergo modifications as necessitated by changes in legal regulations or our operational processes.
We strongly encourage you to periodically review this Policy to stay updated on how we manage your data. Rest assured, any significant alterations that fundamentally change our data processing practices will be communicated clearly to ensure your awareness and understanding.