February 18th 2020 | Dynamic Earth, Edinburgh

Holyrood Event Summit Privacy Notice

Holyrood Communications Limited (“Holyrood”), is responsible as data controller for the processing of personal data you provide when you register for the event described in the registration form (“the Event”). In accordance with article 13 and 14 of the General Data Protection Regulation (“GDPR”), this Privacy Notice aims to inform you on the personal data processing we carry out and on your rights. 

The data

By registering for the Event, you are providing Holyrood with your personal data and contact information as requested in the online booking form. 

Purpose of the processing for the Event

  • Holyrood will use your personal data to hold the Event, and this will include to:
  • Register and facilitate your attendance at the Event;
  • Analyse attendance at and any subsequent communications in relation to the Event;
  • To provide you with updates and details relating to the Event;
  • Manage delegate, sponsor and customer contacts, queries, complaints or disputes;
  • Take photographs and record videos to make a record of the Event, and to produce promotional material to advertise the Event and to promote future events; and 
  • Handle any legal claims or regulatory proceedings and ensure legal and regulatory compliance.

Legal basis of the processing for the Event

The legal basis relied on by Holyrood for processing your personal data in relation to holding the Event, and promoting it, is out of necessity for the performance of a contract in which you are a party, which is your Event booking.
 
The legal basis relied on by Holyrood for processing your personal data in relation to taking photographs and recording videos of the Event is legitimate interests. The legitimate interests are in having a record of the Event and the means to promote the Event, including in future years.
 
To the extent that you provide, in the entry form, special categories of data revealing health, the legal basis for our processing your special category personal data is that:
• processing is necessary for the purposes of carrying out obligations and exercising specific rights of the controller and of the data subject in the field of social protection law.
Where you provide Holyrood with any information on your dietary requirements in the online booking form you consent for Holyrood, the venue and/or the catering provider to process this information for the purpose of providing you with catering services.

Purpose of other processing 

Holyrood will also use your data for the purposes of marketing to:
• provide you with updates relating to other conferences you might be interested in;
• inform you about similar events Holyrood intend to hold in the future;
• market certain goods or services which Holyrood believe will be of relevance or interest to you;
• improve existing products and services and develop new products and services; and
• photograph and/or record the Event for business and promotional purposes.
 
This may include contacting you from time to time by email, post or phone.

Legal basis for the other processing

The legal basis relied on by Holyrood for processing your personal data for marketing purposes is legitimate interests. Holyrood’s legitimate interests are to promote its business and events and those of third parties that could interest you, and to monitor the effectiveness of its promotional campaigns.

Third Parties

As part of your attendance to the event, Holyrood provides you with a QR code containing your personal data. You may voluntarily provide your QR code directly to event sponsors or other third parties at the event to be scanned, which will provide them with your personal data (including your contact information). This privacy notice does not cover how your data will be used by those sponsors or third parties, and you should consult the privacy notices of those organisations.
 
Holyrood may provide your data to other companies within its group for the purposes set out above.  Further information on how Holyrood hold and treat your data can be found at http://www.dodsgroup.com/privacy-policy 
 
As your personal data will be stored on our IT infrastructure it will also be shared with our data processors who provide email, document management, and storage services (including cloud hosting). 

Retention

We keep your personal data for as long as it is necessary for our legitimate business and legal purposes.
 
Where we retain your information for events and contract fulfilment, we will retain for the period required by applicable law for legal, tax, and accounting purposes. This will be a minimum of six years.
 
Where we store your information for marketing purposes, we retain it for three years from last engagement.

Your Rights

  • You have the right to request information about how your personal data are processed, and to request a copy of that personal data;
  • You have the right to request that any inaccuracies in your personal data are rectified without delay;
  • You have the right to request that any incomplete personal data are completed, including by means of a supplementary statement;
  • You have the right to request that your personal data are erased if there is no longer a justification for them to be processed;
  • You have the right in certain circumstances (for example, where accuracy is contested) to request that the processing of your personal data is restricted;
  • You have the right to object to the processing of your personal data where processing is based on legitimate interests. Please see the unsubscribe link provided in our email marketing or contact us at the address below to object to any of our processing; 
  • You have an absolute right to object to the processing of your personal data being used for direct marketing purposes, and to withdraw consent for third party advertising;
  • You have the right to request the transfer of your personal data that you have provided, and for it to be provided in a structured, commonly used machine-readable format.
Please contact us at the addresses communicated bellow if you would like to exercise any of these rights or have any queries regarding our use of your data.

International Transfers

Holyrood, which is part of the Dods Group, is a global business which means personal data may be accessed by our group companies or certain service providers from locations outside the European Economic Area (EEA). To ensure your personal data is given substantially similar protection as are provided in the EEA we use safeguards approved by the European Commission and have in place international data transfer agreements between our companies and our service providers where data is transferred outside the EEA.

Contact Details

The data controllers for your personal data is Holyrood Communications Limited. The contact details for the controllers are:
 
Holyrood Communications Limited (part of Dods Group Plc)
11th Floor
The Shard
32 London Bridge Street
London
SE1 9SG
 
If you have any questions, comments, or requests regarding this Privacy Notice or our practices relating to use of your personal information, please contact Holyrood at dataprotection@dodsgroup.com
 
Holyrood are committed to safeguarding and respecting your personal information and privacy. We are registered with the Information Commissioner with registration number Z9126038.

Complaints

If you consider that your personal data has been misused or mishandled, you may make a complaint to the Information Commissioner, who is an independent regulator. The Information Commissioner can be contacted at:
 
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
0303 123 1113