This policy was last updated on 12 January 2023.
1. ABOUT US
For the purpose of the EU General Data Protection Regulation (the “GDPR”) (and any other applicable UK laws, such as the UK GDPR), this policy applies to the situations where DICE is the “Data Controller” of Event Partners’ data.
3. THE BASIS FOR THE PROCESSING OF YOUR DATA
3.1 DICE processes Event Partners’ data as part of entering into a contract for the Services and performing such a contract with an Event Partner who is a natural person.
3.2 DICE further processes Event Partners’ data based on its legitimate interest to communicate in relation to the provision of Services, for market research, direct marketing purposes, for the purpose of MIO account access (as further described in the MIO User Guidelines), and to make-/defend against claims.
3.3 We may ask for your consent in other cases where we process your data. Such consent can be revoked at any time by contacting us at email@example.com. Please note that the withdrawal of consent will not affect the lawfulness of processing based on consent before the withdrawal.
4. INFORMATION GATHERED
4.1 Event Partners’ data may be collected directly from the data subjects or via other persons such as their work colleagues or our other business partners and contractors. It may further be obtained via open internet sources.
4.2 The data gathered may comprise name, contact details such as email or telephone, company affiliation, VAT number, bank details, copy of personal ID, date of birth, and signature. Other data may be gathered directly from the data subjects.
5. THE USE OF YOUR PERSONAL INFORMATION
We may use the Event Partners’ data we collect in order to:
- perform the contract with Event Partners;
- administer business relationships with Event Partners in order to allow us to provide the Services, including to provide customer service to Event Partners;
- communicate with Event Partners via email, SMS, voice calls, and other means;
- improve the Services;
- to profile an Event Partner in terms of its potential needs, which can to a limited extent be subject to the right to object;
- to send important information regarding the Services, or other technical notices, updates, security alerts, and support and administrative messages; and
- to carry out verification and security checks, and to make-/defend against claims.
6. DIRECT MARKETING
UK law allows us to use company emails, even where they are personalised, for direct marketing. That said, we will stop any commercial emailing should be receive a communication from the individual objecting to such direct marketing. Such communication may include clicking an unsubscribe link in an email.
7. RECIPIENTS OF YOUR INFORMATION
Event Partner data may be shared with third parties such as:
- Storage providers
- CRM providers
- Artists and other partners in the course of the Services provision
- Marketing and analytics providers
- Communications providers and web communications tools.
8. INTERNATIONAL TRANSFERS OF DATA
8.1 Event Partners’ data may be transferred to, and stored at, destinations outside the European Economic Area (EEA) where the laws on processing personal data may be less stringent than in your country. It may also be processed by staff operating outside the EEA who work for us or for one of our agents or suppliers.
8.2 Presently personal data collected from you is stored in data centres as well as cloud networks which are located or hosted in Ireland.
8.3 When your personal data is transferred to parties located outside of the EEA we shall undertake an assessment and take appropriate measures to ensure such third party will provide adequate security of such personal data and respect your rights to privacy. These safeguards are intended to ensure a similar degree of protection is afforded to your data wherever it may be transferred and may include:
- only transferring your personal data to countries which have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA (for example, if transferring your data to the USA).
8.4 For further information on the safeguards used, please contact us at firstname.lastname@example.org.
9. DATA TRANSMISSION
Although we take all steps reasonably necessary to ensure that your personal data is treated securely, you should be aware that the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data during its transmission.
10. DATA RETENTION
10.1 We may retain your personal data for as long as we require for the purposes for which it is processed or as is otherwise required by applicable law. If an Event Partner terminates their collaboration with us, we may continue to process that Event Partner’s data for a reasonable period and as required under applicable law, or for legitimate interests such as in relation to potential claims.
10.2 When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention or limitation periods. Once the processing of the data is no longer required, we may securely delete or anonymise your personal data.
10.3 For more details about our retention periods, please contact us at email@example.com.
11. YOUR RIGHTS
11.1 Under the GDPR and and any equivalent rules in the UK, you are entitled to certain rights in relation to our handling of your personal data, as described below.
11.2 You may request details of the personal information that we hold about you under data protection laws. If you would like a copy of the information held about you please write to us at firstname.lastname@example.org.
11.3 If you think any information we have about you is incorrect or incomplete, please write to us or email us at email@example.com as soon as possible. We will correct or update any information as soon as we can.
11.4 You have the right to erasure of your data, which you can exercise by means of the deactivation of your account. We are not required to delete the information important for the establishment, exercise or defence of legal claims, or that we need to retain in order to comply with the law.
11.5 You have the right of restriction of processing, where the data is wrongfully processed but should not be erased for a reason listed in Article 18 (1) of the GDPR.
11.6 Until a download option has been developed based on universally recognised standards, you may exercise your right of data portability by obtaining your data by sending us an email request.
11.7 If you would like to exercise these rights, please write to us or email us at firstname.lastname@example.org.
12. CONTACT AND COMPLAINTS
Should you have any complaints about how we handle your personal information, please contact us at email@example.com. Should we be unable to resolve your complaint and you wish to take your complaint further, you may do so by contacting the UK Information Commissioner’s Office.
13. DATA PROTECTION OFFICER CONTACT DETAILS
DICE has appointed a data protection officer for you to contact if you have any questions or concerns about the DICE’s personal data policies or practices. DICE’s data protection officer’s name and contact information are as follows:
163 City Rd
London EC1V 1NR
Contact email: firstname.lastname@example.org
Contact telephone: (+44) (0)20 3917 4158