When we use your Personal Data we are required to do so in accordance with the General Data Protection Regulation (“GDPR”). We are responsible as ‘controller’ of your Personal Data for the purposes of the GDPR. We will use your Personal Data in accordance with your engagement with us and your instructions, the GDPR and other relevant EU legislation.
Data Security Breach means any act or omission that may or may already have compromised the security of Personal Data, e.g. accidental loss, destruction, theft, corruption or unauthorised disclosure of Personal Data;
Data Controller is the entity which determines the purposes for which, and the manner in which, any Personal Data is processed. It has a responsibility to establish practices and policies in line with the GDPR. Outside ideas is the data controller of all Personal Data used in its business;
Data Processor includes any person who processes Personal Data on behalf of a Data Controller. Employees of Data Controllers are excluded from this definition but it will include suppliers which handle Personal Data on Outside ideas’s behalf such as outsourced service providers;
Data Subject means the individual to whom the Personal Data relates;
EEA means the European Economic Area;
GDPR General Data Protection Regulation which applies across the European Union (including in the United Kingdom);
Personal Data means information relating to identifiable individuals. This includes expression of opinion about the individual and any indication of someone else’s intentions towards the individual. Personal Data includes Special Category Personal Data;
Processing Information means obtaining, recording, organising, storing, amending, retrieving, disclosing and/or destroying information, or using or doing anything with it. Processing also includes transferring Personal Data to third parties;
Special Category Personal Data Personal Data revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic and biometric data, and data concerning health, sex life or sexual orientation;
Information we may collect from you and how it is collected
We ask for Personal Data as it enables us to provide our service to you. If you do not provide the Personal Data we request, it may delay or prevent us from providing services to you.
We collect information about:
The GDPR recognises certain categories of personal information as sensitive and therefore requiring more protection, for example information about your health, ethnicity and political opinions (please see the definition of Special Category Personal Data above for more details). In certain situations, we may collect and / or use these Special Category Personal Data. We will only process Special Category Personal Data if there is a valid reason for doing so and where the GDPR allows us to do so.
People who use or enquire about using our services or becoming a member
We may collect information from you online in the following ways:
Personal Data we collect
Personal Data we will collect:
Personal Data we may collect depending on why you have contacted us
Visitors to our Website
The Personal Data we collect from visitors to our website also applies to people who subscribe to our mailing list.
Personal Data we may collect depending on why you use our website
People whose services we use
Where we engage individuals or organisations to carry out services for us we may be required to process Personal Data of the service provider or its personnel in order to facilitate the provision of the service. We may also collect and retain information to enable us to evaluate that service.
We may also receive Personal Data about you from various third parties and public sources such as:
How and why we use your Personal Data
We can only use your Personal Data if we have a proper reason for doing so, e.g.
to comply with our legal and regulatory obligations;
We won’t share your information with any other organisations for marketing, market research or commercial purposes, and we don’t pass on your details to other websites.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains what we use (process) your Personal Data for and our reasons for doing so:
What we use your Personal Data for
We may use your Personal Data to send you updates (by email, telephone or post) about industry developments that might be of interest to you and/or information about our services.
We have a legitimate interest in processing your Personal Data for these purposes (see above ‘How and why we use your Personal Data’). This means we do not usually need your consent to send you these communications. However, where consent is needed, we will ask for this consent separately and clearly. You have the right to withdraw this consent at any time.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
Where we store your Personal Data
The data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by persons operating outside of the EEA who work for us.
If we do send your Personal Data outside the EEA we will take all reasonable steps to ensure that the recipient implements appropriate measures to protect your information and any contract includes appropriate clauses about the use of data.
Disclosure of your information
We may disclose your personal information to third parties if we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply any agreements; or to protect the rights, property or safety of Outside ideas, or others. This includes exchanging information with other companies and organisations for the purposes of anti-money laundering legislation and credit risk reduction.
We only allow our service providers to handle your Personal Data if we are satisfied they take appropriate measures to protect your Personal Data. We also impose contractual obligations on service providers to ensure your confidentiality is maintained.
How long your Personal Data will be kept
We will keep your Personal Data after our relationship has come to an end. We will do so for one of these reasons:
You have the right to:
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Our website may, from time to time, contain links to and from websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.
The Alliance Membership account
If you choose to become a member and are provided with or create a user identification code, password or any other information as part of our security procedures, you must treat such information as confidential. You must not disclose it to any third party.
If you know or suspect that anyone other than you knows your user identification code or password, you must promptly notify us at email@example.com
Your subsequent use of this website or submission of personal information to Outside ideas will be deemed to signify your acceptance to the variations.
Post: Outside ideas, Hampden House, Monument Park, Chalgrove, OX44 7RW
We hope that we can resolve any query or concern that you may have. However, in the event that we are unable to do so, the GDPR also gives you the right to raise your concerns with a supervisory authority. The supervisory authority in the UK is the Information Commissioner’s Office (ICO) who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113. The ICO’s address is: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.