1. Introduction

This privacy policy is for all PRI Association public facing websites and governs the privacy of its users who choose to use to them. It explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) and PECR (Privacy and Electronic Communications Regulations).

This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA & PECR are adhered to. Further explanations may be provided for specific pages or features in order to help you understand how our websites and third parties (if any) interact with you and your computer/device in order to serve these to you. Our contact information is provided in section 12 of this policy if you have any questions.

2. How we use your personal data

In this Section we set out:

  • the general categories of personal data that we may process.
  • in the case of personal data that we did not obtain directly from you, the source and specific categories of that data.
  • the purposes for which we may process personal data and
  • the legal bases of the processing.

We may process your personal data for the main purposes listed below.

The legal basis for the following processing activities is our legitimate interests, namely monitoring and improving our website, business and services.

  • Account data – your name and email address, amongst other personal data. The source of the account data is you or your employer. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.

The legal basis for the following processing is typically consent, or our legitimate interests, namely monitoring and improving our website, business and services.

  • Usage Data – data concerning the use of our website and services. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the website and services.
  • Profile data – your personal profile information on our website. The profile data may include your name, address, telephone number, email address, profile pictures, gender, date of birth, relationship status, interests, educational details and employment details. The profile data may be processed for the purposes of enabling and monitoring your use of our website and services.
  • Service data – data that is provided in the course of the use of our services. The service data may include website usage data. The source of the service data is you or your employer. The service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
  • Publication data – information that you post for publication on our website or through our services. The publication data may be processed for the purposes of enabling such publication and administering our website and services

Other purposes for processing, and the lawful bases for this processing, include:

  • Enquiry or correspondence data – this includes information contained in any enquiry you submit to us regarding products and/or services, and, more generally, in or relating to any communication that you send to us. Data may include the communication content and the metadata associated with the communication. By placing an enquiry with us, we will processes your personal data for the purposes of answering that enquiry. The legal basis for this processing is your consent (by placing the enquiry with us), as well as our legitimate interests in responding to your enquiries/messages and keeping records. Your data may be processed for the purposes of offering, marketing and selling relevant products and/or services to you where you have provided your consent.
  • Transaction data – The transaction data may include your contact details, card and the transaction details for the purchases of goods and services from us. The transaction data is processed to perform the contract between you and us and to keep proper records of those transactions.
  • Notification data – If you subscribe to our email notifications and/or newsletters. The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters.

In addition to the specific purposes for which we may process your personal data set out in this Section, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

3. Sharing your personal data with others

We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this policy.

We may share your personal data with third parties where necessary to facilitate our events, seminars, webinars and other such similar services we offer. For example, in some cases we may publish a list of attendees or speakers. Data shared for this purpose will be used in line with this policy.

We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.

We may disclose your personal data to our suppliers or subcontractors (for example, our events organisation contractors) insofar as reasonably necessary for providing a service.

Financial transactions relating to our websites and services are handled by our payment services providers. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices here.

We may disclose your enquiry data to one or more of those selected third party suppliers of goods and services identified on our website for the purpose of enabling them to contact you so that they can offer, market and sell to you relevant goods and/or services. Each such third party will act as a data controller in relation to the enquiry data that we supply to it; and upon contacting you, each such third party will supply to you a copy of its own privacy policy, which will govern that third party’s use of your personal data. You have full control of this use of your information and can request that your personal data is not disclosed to any third party for these purposes.

In addition to the specific disclosures of personal data set out in this Section 4, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

4. International transfers of your personal data

In this Section 4, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA), including countries where there may be a lower standard of data protection, or where you may have fewer rights in respect of your data than you do under local law.

PRI and our other group companies have offices and facilities in the USA, Japan, China, Brazil and Hong Kong. Data transfers to each of these countries will be protected by appropriate safeguards, namely the use of standard data protection clauses (Model Contracts) adopted or approved by the European Commission.

The hosting facilities for our website are situated mostly in the EU. Transfers to countries outside of the EU will be protected by appropriate safeguards, namely the use of standard data protection clauses (Model Contracts) adopted or approved by the European Commission. Please contact us if you would like more information about these safeguards.

You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.

5. Retaining and deleting personal data

This Section 5 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.

We won’t keep personal data that we process for any purpose for longer than is necessary for that purpose. Transaction data will be retained for a period of 2 years.

In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will continue to review the necessity of keeping such data and upon a decision that it is no longer necessary for the processing purposes, we will delete those data.

Notwithstanding the other provisions of this Section 6, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

6. Amendments

We may update this policy from time to time by publishing a new version on our website.

You should check this page occasionally to ensure you are happy with any changes to this policy.

We may notify you of changes to this policy by email or through the private messaging system on our website.

7. Your rights

You may instruct us to provide you with any personal information we hold about you. We may ask you to supply appropriate evidence of your identity (e.g. a copy of your passport) if we need to.

We may withhold personal information that you request to the extent permitted by law.

You may instruct us at any time not to process your personal information for marketing purposes. In practice, you will usually either agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.

You may also have other rights available to you in respect of the personal data we hold, including the right to object and/or withdraw consent to the processing of your personal data and the ability to erase, restrict or correct your personal data. We will comply with any requests to exercise your rights in accordance with applicable law, but you should note that there are certain situations where your rights will not be exercisable because of other factors, or where you have not established the criteria needed to exercise a particular right. To exercise your rights, please contact us using the methods listed in section 12 below.

Cookies

8. About cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. You can find more information at www.allaboutcookies.org and www.youronlinechoices.eu.

9. Cookies that we use

PurposeDescription of what they do

authentication

identifies you when you visit our website and as you navigate our website

status

determines if you are logged into our website.

personalisation

stores information about your preferences and to personalise the website for you.

security

an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally

advertising

displays content that will be relevant to you

analysis

analyses the use and performance of our website and services.

We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google’s privacy policy is available at: https://www.google.com/policies/privacy

cookie consent

Manages your preferences in relation to the use of cookies more generally

10. Cookies used by our service providers

Our service providers use cookies and those cookies may be stored on your computer when you visit our website (e.g. Google Analytics).

11. Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you may not be able to use all the features on our website.

12. Our details

This website is owned and operated by PRI Association.

We are registered in England and Wales under registration number 7207947, and our registered office is at 5th Floor 25 Camperdown Street London E1 8DZ.

You can contact us:

  • by post, using the postal address given above.
  • using our website contact form.
  • by telephone, on the contact number published on our website from time to time.
  • by email, using the email address [email protected].

13. Further Information

If you would like further information about data protection, or if you would like to view the register of Data Controllers, you can visit the Information Commissioner’s site at www.ico.gov.uk. You may also have the right to complain to ICO if you have concerns about your personal information. If you have such concerns, we request that you initially contact us (on one of the mediums listed above) so that we can investigate, and hopefully resolve, your concerns.

Downloads