Last Updated: 9 December 2024
1.Introduction
1.1 World Retail Congress Ltd. respects your right to privacy. This Privacy Policy explains who we are, how we collect, share and use personal information about you, and how you can exercise your privacy rights.
1.2 If you have any questions or concerns about our use of your personal information, then please contact us using the contact details provided at the bottom of this Privacy Policy.
1.3 We recommend that you read this Privacy Policy in full to ensure you are fully informed.
2. What do we do?
2.1 World Retail Congress Ltd is a provider of business information and organises the World Retail Congress. We are headquartered in the United Kingdom. Our services help businesses to succeed by delivering information, networking and solutions to customers and companies.
2.2 For more information about World Retail Congress Ltd, please see the “About” section of our Website at https://www.worldretailcongress.com/about-world-retail-congress
3. What personal information does World Retail Congress Ltd collect and why?
3.1 By personal data we mean identifiable information about you. The personal information that we may collect about you broadly falls into the following categories:
- Contact Data includes data such as your email address, geographical address, mobile and home telephone number;
- Identity Data includes your first name, last name, date of birth, job; employer; gender;
- Marketing Data includes your preferences in receiving marketing from us.
- Financial Data includes details you provide to us so that we can process your payments;
- Transaction Data includes details of your bookings and any cancellations;
- Technical Data includes data such as internet protocol (IP) address, your login data, browser type and version, cookies, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website and any communications we may send to you.
- Usage Data includes information about how you use our website such as information about your visit to our website, including the full Uniform Resource Locators (URL) clickstream to and through, pages you viewed or searches you made, page response times, download errors, length of visit, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as it does not directly or indirectly identity you. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we will treat the combined data as personal data which will be used in accordance with this Privacy Policy.
3.3 We shall process all such personal data in accordance with this Privacy Policy. Certain personal data is mandatory to be provided to us in order that we can fulfil your request and we shall make this clear to you at the point of collection of the personal data. All personal data that you provide to us must be true, complete and accurate and at our request, you shall promptly provide evidence of your identity. When you contact us by email or post, we may keep a record of the correspondence and we may also record any telephone or video call we have with you.
3.4 Certain parts of our Website may ask you to provide personal information voluntarily: for example, we may ask you to provide Contact Data and Identity Data in order to register to attend our events or to download a report, to subscribe to marketing communications from us and/or to submit enquiries to us.
3.5 When you visit our website, we may automatically collect and store information about your Technical Data and Usage Data. In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws.
Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, please see our Cookies Policy.
3.6 From time to time, we may receive personal information about you from third party sources, but only where we that third party has confirmed that they either have your consent or are otherwise legally permitted or required to disclose your personal information to us.
The types of information we collect from third parties include Financial Data and we use the information we receive from these third parties to collect payment for subscriptions and attendance at events.
3.7 We may also collect Contact Data and Identity Data about you from public sources (such as public databases and social media websites). This is to ensure we have accurate, up to date or necessary information for us to communicate with you or to provide the best possible service. The types of information we may collect includes personal details and contact information (including postal address and telephone numbers).
4. With whom does World Retail Congress Ltd share my personal information?
For our legitimate interests, we may disclose your personal information to the following categories of recipients:
4.1 to our third party services providers who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the security of our website, to carry out audits to certify circulation), or who otherwise process personal information for purposes that are described in this Privacy Policy or notified to you when we collect your personal information. We shall provide our service providers only with such of your personal data as they need to provide the service for us and if we stop using their services, we shall request that they delete your personal data or make it anonymous within their systems.
4.2 to any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
4.3 to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Privacy;
4.4 to event sponsors and events attendees, we make available job titles of delegates and the name of the employer of each delegate;
4.5 if you attend an event and permit your badge to be scanned, your Identity Data and Contact Data will be shared with the individual or organisation scanning your badge;
4.6 if you download a report from our website, we will share your Identity Data and Contact Data with the sponsor of that report; and
4.7 to any other person with your consent to the disclosure.
5. Legal basis for processing personal information
We will use your personal data only where we have a lawful base to do so. The lawful bases that we rely on under this Privacy Policy are:
- consent (where you choose to provide it);
- performance of our contract with you;
- compliance with legal requirements; and
- legitimate interests. When we refer to legitimate interests we mean our legitimate business interests in the normal running of our business which do not materially impact your rights, freedom or interests.
|
PURPOSE/ACTIVITY |
TYPE OF DATA | LAWFUL BASIS FOR PROCESSING |
|---|---|---|
| To register you as a client/customer and to provide services to you as requested and respond to any queries |
Contact |
Performance of a contract with you |
| To manage your account including managing payments and for audit purposes |
Contact Transaction |
Performance of a contract with you Legitimate interests (fraud-checking) |
| To manage our relationship with you such as notifying you about changes to our terms or this Privacy Policy | Contact Identity |
Performance of a contract with you Necessary to comply with a legal obligation Necessary for our legitimate interests |
| To administer and protect our business and this website (including improving and fixing our service, analysis, testing, system maintenance, support, reporting and hosting of data) | Technical | Necessary for our legitimate interests (for running our business security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) Necessary to comply with a legal obligation |
| To deliver relevant website content and advertisements to you and measure and understand the effectiveness of the advertising we serve to you |
Contact |
Necessary for our legitimate interests (to analyse how customers use our website and manage our business accordingly) |
| To use data analytics to improve our website, products/services, marketing, customer relationships and experiences |
Technical |
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
| To comply with any legal obligations, demands or requirements, for example, as part of anti-money laundering processes or to protect a third party’s rights, property, or safety, including a venue owner |
Contact |
Necessary for our legitimate interests |
| In connection with, or during negotiations of, any merger, sale of assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company; |
Contact |
Necessary for our legitimate interests |
6. Marketing
6.1 You may consent to receive marketing email messages from us about our website, services and business. You can choose to no longer receive marketing emails from us by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us at enquiries@worldretailcongress.com or by using the contact details provided under the “How to contact us” heading below. Please note that it may take us a few days to update our records to reflect your request.
6.2 If you ask us to remove you from our marketing list, we shall keep a record of your name and email address to ensure that we do not send to you marketing information. We will still contact you as necessary about your account.
7. How does World Retail Congress Ltd keep my personal information secure?
We use appropriate technical and organisational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Specific measures we use include:
- encrypting your personal information in transit;
- the pseudonymisation and encryption of personal data on supported systems;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; and
- the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
8. Data retention
8.1 We retain personal information we collect from you where we have an ongoing legitimate business need to do so for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements. To determine the appropriate retention period for personal data, we consider the type of the personal data, the potential risk of harm from unauthorised use or disclosure of the personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means.
8.2 When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible, then we will securely store your personal information and isolate it from any further processing until deletion is possible.
9. Your data protection rights
You have a number of rights under applicable data protection legislation. Some of these rights are complex, and not all of the details have been included below. Further information can be found here
9.1 If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.
9.2 In addition, if you are a resident of the UK or the European Union, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “How to contact us” heading below.
9.3. If we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
9.4 If you have any complaints in relation to this Privacy Policy or otherwise in relation to our processing of your personal data, please tell us. We shall review and investigate your complaint and try to get back to you within a reasonable time. You can also contact the Information Commissioner, see www.ico.org.uk or if you are based outside of the United Kingdom, please contact your local regulatory authority. Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.
9.6 We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you for additional information to confirm your identity and for security purposes, before disclosing information requested to you.
9.7 We reserve the right to charge an administrative fee if your request in relation to your rights is manifestly unfounded or excessive.
10. Updates to this Privacy Policy
10.1 We may update this Privacy Policy from time to time in response to changing legal, technical or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Policy changes if and where this is required by applicable data protection laws.
10.2 You can see when this Privacy Policy was last updated by checking the date displayed at the top of this Privacy Policy.
11. How to contact us
If you have any questions about this Privacy Policy at any time, please contact us using the following details:
The data controller of personal information collected about you through this Website is World Retail Congress Ltd, a limited liability company registered in England (registered number is 15740401) whose registered office is at Preston Park House, South Road, Brighton, BN1 6SB.
You can write to us at the address above (marked for the attention of the Data Protection Officer) or e-mail us at: enquiries@worldretailcongress.com