phone
Telephone 01332 343000

Privacy Policy

KC Jones conference&events Limited is a limited company by guarantee in England and Wales (registered number 05028002).

The KC Jones office can be contacted at the following address: 1 Duffield Road, Little Eaton, Derby, DE21 5DR, by telephone: 01332 343000 and by email: dt@cjnsc.kaak-oe.ou

This notice explains how and why we collect, hold and use your personal information. If you no longer wish us to process your personal data you can at any time ask us to stop by emailing us at: dt@cjnsc.kaak-oe.ou

This privacy notice covers:
1. Why we use your personal information
2. The legal basis for processing
3. Sharing your data
4. What personal information we process
5. How we process your personal information
6. Your rights under Data Protection Law
7. Sharing personal information with third parties
8. How long will we keep your personal information
9. Changes to our privacy notice

1. Why we use your personal information:

We process your personal data for the following purposes:
• To ensure you receive the service, product or information you have requested or bought from us (or on behalf of our clients)
• Carry out reasonable administration of your conference, event or training booking and other services we may carry out on behalf of our client
• Keep in touch with you in the way that you wish us to
• Better understand our delegate bookings to enable us to improve the services we offer (on behalf of our clients)
• To enable us to comply with our legal and regulatory obligations
• To offer information on related services and products to you which are relevant and appropriate, and only to the extent that would be reasonably expected if you have given consent

If we plan to introduce further processes for the use of your information, we will provide information about that purpose prior to such processing.

2. The legal basis for processing:
Under Data Protection Law, there are various grounds which are considered to be a ‘legal basis for processing’. The legal basis for processing should be determined by the Data Controller. The Data Controller is the client whose conference or event we are organising.

Where we are the Data Processor, the legal basis is determined by the Customer. Typically, the legal basis in this scenario is: ‘Processing is necessary for the performance of a task carried out in the public interest’

Where we are the Data Controller, the legal basis for processing is based on: ‘Processing is necessary for the purposes of legitimate interests pursued by the controller’

3. Sharing your data:
• We do not sell your details to any third party under any circumstances
• Your data will only be used for the purpose (conference/event) for which it is intended
• Your data will not be used to promote relevant events or clients without your expressed interest to do so
• We do share your data with our client, as they are the Data Controller, and we are working on their behalf to deliver the conference or event
• When we do send your information to our client (the Data Controller) we do so securely
• We do, where necessary, share the relevant information you have provided with third parties for operational reasons e.g. requirements to a venue, access, medical or disability requirements this is done anonymously unless we feel that there is a serious risk to your health
• We do, where necessary, share relevant information with third parties e.g. your relevant details with hotels for the purpose of securing accommodation but no unnecessary data is shared with them

It should be noted that in some circumstances this legal basis may vary, however, we always operate in full compliance with Data Protection Law and will only process data with a fair and reasonable legal basis for doing so.

4. What personal information we process:
In order to carry out these services, we obtain and process the following:

Data Category

Description of data obtained

Title* - This is the delegate’s salutation
First Name* - This is the forename of the delegate
Last Name* - This is the surname of the delegate
Organisation - This is the delegate’s place of work/affiliation at time of record
Position/Job Role - This is the delegate’s job title at time of record
Address - This is the delegate’s postal address (home or business) at time of record
Telephone number* - This is the primary contact telephone number of the delegate
Email Address* - This is the primary contact email address of the delegate used to receive communications from KC Jones
Requirements - This is any dietary, access or other requirements provided by the delegate
Registration type - This is the delegate type e.g. member / non-member / day delegate / residential delegate
Payment method* - This is the method of payment for delegate, invoice, credit card or direct bacs
Payee contact details - This is the name, invoice address, telephone number, email address provided for the purpose of invoicing and payment communication
Payment card details - Payment card details are captured and passed to a 3rd party for authorisation. (PayPal)
IP Address - The network address of your device or internet connection
* Mandatory fields

5. How we process your personal information:
We use your personal information, and some of our employees have access to such information, only to the extent required to carry out the services for you. We have introduced appropriate technical and organisational measures to protect the confidentiality, integrity and availability of your personal information during storage, processing and transit.

Credit Card Payments:
We use PayPal as our credit card gateway for both website purchases online and over the telephone. We do not store credit card details nor do we share financial details with any 3rd parties.

Cancellation:
Each conference has its own cancellation policy and terms and conditions which are clearly listed on each event booking page. Each delegate has to click to accept the cancellation policy in order to process their booking. Refunds will be given as per the event cancellation policy.

6. Your rights under Data Protection Law:

6.1. Right to Access:
You have the right of access to your personal information that we process, on behalf of our clients, and details about that processing can be requested from KC Jones. However, should this not be possible, you can raise a Data Subject Access Request (DSAR) to receive this information in another format.

6.2. Right to Rectification:
You have the right to request that information is corrected if it’s inaccurate.

6.3. Right to Erasure (Right to be Forgotten):
You have the right to request that your information is removed; depending on the circumstances, we may or may not be obliged to action this request.

6.4. Right to Object:
You have the right to object to the processing of your information; depending on the circumstances, we may or may not be obliged to action this request.

6.5. Right to Restriction of Processing:
You have the right to request that we restrict the extent of our processing activities; depending on the circumstances, we may or may not be obliged to action this request.

6.6. Right to Data Portability:
You have the right to receive the personal data which you have provided to us in a structured, commonly used and machine readable format suitable for transferring to another controller.

6.7. Right to lodge a complaint:
If you think we have infringed your privacy rights, you can lodge a complaint with the relevant supervisory authority. You can lodge your complaint in particular in the country where you live, your place of work or place whereby you believe we infringed your right(s).

You can exercise your rights be sending an e-mail to dt@cjnsc.kaak-oe.ou
Please state clearly in the subject that your request concerns a privacy matter, and provide a clear description of your requirements.

7. Sharing personal information with third parties:
We use a range of trusted service providers to help deliver our services. All of our suppliers are subject to appropriate safeguards, operating in accordance with our specific instructions and limitations, and in full compliance with Data Protection Law.

These service providers include:
• Payment Processors - to securely process your credit card payments (we do not see, or store payment card details)
• Hosting Providers - to manage our secure website
• Security Providers - to protect our systems from attack
• Telephony Providers - we might record calls for training, quality and security purposes
• Where we are legally obliged to do so, e.g. to law enforcement and regulatory authorities
• Where disclosure is necessary to protect our interest e.g. to prevent or detect crime and fraud
• Where you give us permission to do so e.g. by providing consent within our website or via an online application or consent form

8. How long will we keep your personal information:
We will only retain information for as long as is necessary to deliver the service safely and securely. We may need to retain some records to maintain compliance with other applicable legislation - for example finance, taxation, fraud and money laundering law requires certain records to be retained for an extended duration, in some cases for up to seven years.

9. Changes to our Privacy Notice:
This policy will be reviewed regularly and updated versions will be posted on our website.

What to do if you’re not happy:
In the first instance, please talk to us directly so we can resolve any problem or query.
You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection, or if you would like to make a complaint. You can contact them using their help line 0303 123 113 or at www.ico.org.uk.

For broader advice and guidance please contact the data protection regulator:
The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 01625 545700

Policy reviewed: February 2019