Privacy Policy

1. Introduction

IES must gather, store and use “personal data” as defined by the European Union Regulation (EU) 2016/679 in order to market our products and services to you. The collection and processing of personal data is subject to restrictions aimed at protecting the privacy of individuals.

We are registered with the Information Commissioner Office and we adhere to good practice in our data protection policy, including adherence to the General Data Protection Regulations and the PECR guidelines for records retention. A copy of the data protection policy can be obtained from our website or by emailing dataprotection@iesve.com.
 
 This privacy statement will describe the reasons why personal data is needed, how it will be used, who will be able to access the information and when it will be deleted from our records. It also explains your rights to access your data under data protection laws or seek to have it rectified or deleted.  We will at all times comply with the provisions of the European Union General Data Protection Regulations (“GDPR”)

2. Personal data which we hold about you

We request very little identifying information from you and only for specific set of purposes.

The personal data we hold on you is:

  • Full name
  • Company name
  • Email address
  • Job role
  • Company address, including postcode
  • Company telephone and mobile number
  • IP address
  • Email marketing preferences

Your personal data is held:

  • For registration to certain areas of the Website including competitions;
  • To allow us to consider your comments, queries and suggestions and respond if necessary;
  • To allow us to respond to your enquiries for further information; and
  • To distribute requested materials

Sometimes, we may ask questions where you are not personally identifiable from your response although we may post responses on the Website. These instances will be highlighted to you but in all other instances, you should assume that we track any information you provide on a personally identifiable basis.

3. Purposes of processing

We will process your personal data for the purposes of:

  • Sending you marketing information out or;
  • performing our obligations and exercising our rights under your contract of IESVE licence

We will only process your personal data where one of the following apply:

  • you have provided your consent for us to do so.
  • processing is necessary for the performance of a contract [or to make preliminary arrangements for the creation of a contract]
  • there is a legal obligation to do so; or
  • processing is necessary for the purposes of the legitimate interests pursued by IES or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.

4. Third parties

In processing your personal data for any of these purposes, we may from time to time pass it to our partner companies. A full and up-to-date list can be found in Appendix one.

We will write to all third parties and ask them for a copy of their data protection policy. If we are not satisfied that they have sufficient safeguards in place for the protection of personal data, we will request a change in process or may switch provider.

Because we want your experience of the Website to be as informative and useful as possible, we provide a number of links to Third Party Websites. Always be aware of where you end up. Third Party Websites may send their own cookies to users, or otherwise collect data or solicit personal information. We assume no responsibility for the information gathering practices of websites that you are able to access through ours, and we encourage you to review each website's privacy policy before disclosing any personally identifiable information.

5. Transfers of your personal data outside the EEA

IES is an international business and, from time to time, we may transfer your personal data outside the EEA as follows:

  • Your personal data will be stored on a CRM cloud system, currently Salesforce, which is headquartered in USA
  • Your personal data may be stored in an Event Technology platform, currently Eventbrite, which is headquartered in USA, if you have registered for an IES event.

6. Retention of your personal data

We will retain your personal data only so long as we reasonably require in light of the purposes for which we are holding it and all relevant legal, commercial and operational considerations.

Where we hold your data for the performance of a contract, your data will be until the completion of the contact plus 2 years.

Where we hold your data with your consent, we will ask you to provide your consent again after 5 years.  

If you choose to unsubscribe from receiving marketing emails from us your email address will be held on our email suppression list in order to prevent us from contacting you again via email. This is held under the Legal Obligation basis in order for us to comply with GDPR law.   

We frequently review the ICO and PECR guidelines for data retention.

7.  Subject Access Rights

You have a right (referred to as the data subject access request, “DSAR”) to access the personal data that we hold about you. If you would like to exercise that right, you must submit a request to dataprotection@iesve.com specifying the information that you want us to provide you.

We are obliged to respond to any such request within one month of receiving it (subject to limited exceptions).
We will inform you via email following receipt of your request and, if necessary, seek additional information from you about your request.

8. Accuracy of Information and Corrections

You have a right (referred to as the right to rectification) to have your personal data rectified if it is inaccurate or incomplete. If you become aware that any of the data that we hold about you is inaccurate, you can

  • update your personal information on our website if you hold an account
  • update your preferences at the bottom of any eshot you receive if you are subscribed to our mailing list
  • submit a request to dataprotection@iesve.com

Please do this as soon as practical. We are obliged to comply with requests within one month. This may be extended to 3 months where a rectification request is complex.

9. Storage of Data

Personal data will be stored in password protected software as a service CRM, event technology platform and email marketing platform, password protected documents within electronic folders or locked filing cabinets, which are only accessible to members of the marketing team. We do not hold any sensitive personal data.

10. Deletion/Unsubscribe

You have a right (referred to as the right to erasure) to request the deletion or removal of your personal data where there is no compelling reason for its continued process. In these instances your data will be removed within one month apart from where we hold your email address on our mailing list, where your email address will then be held on email suppression list, which we must hold for legal reasons. You will be notified if any of your data must continue to be held for any legal reasons.

If you would like to exercise this right, you can:

  • unsubscribe at the end of any marketing email you receive, if you want to unsubscribe. An unsubscribe link is included in every IES mail shot email by law.
  • submit a request to the dataprotection@iesve.com.  We will then consider this request in accordance with obligations under data protection laws.

11. Transferring your personal data

You have a right (referred to as the right to data portability) to obtain and reuse your personal data for your own purposes across different services. This right allow you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way.

If you would like to exercise this right, you must submit a request to dataprotection@iesve.com, specifying the information that you wish to be transferred.

We are obliged to comply with any such request within one month. This may be extended to 3 months where the rectification request is complex or multiple requests from the same data subject are received at the same time. We will notify you if an extension is necessary.

12. Restricting use of your personal data

You have a right (referred to the right to restrict processing) to block or suppress the processing of personal data in certain circumstances.

If you contest the accuracy of the personal data, processing may be restricted until the accuracy of the personal data has verified. This also applies where you contest that the processing is unlawful.

If you would like to exercise this right, you must submit a written request to dataprotection@iesve.com, specifying the information that you wish us to impose a processing restriction on.

13. Data Protection officer and Complaints Process

We have appointed a Data Protection Officer who has overall day-to-day responsibility for the processing of personal data.

If you have any questions at all about this privacy notice or would like more information about any of the issues covered in it, please contact dataprotection@iesve.com

If you have a concern or complaint about the way we have handled your personal data you have the right to complain to the information commissioner via the helpline 0303 123 1113 or by visiting the Information Commissioner's Office website.

Appendix one

A list of all third party companies that we share personal data with is listed below:

We share customer contact details with Bionova (our One Click LCA Partner) where individuals have requested marketing or product information on LCC and LCA applications and we have received their consent to do so. Where IES customers purchase LCC or LCA applications their contact details will be held by IES and Bionova in order to fulfil sales, maintenance or training contact(s). Bionova, a company registered in Finland, hold mutual customer data in accordance with the EU GDPR and their privacy policy can be found on their website.

We share printed registration lists with venues that we, IES, hosts events in where data subjects are listed on a registration list. This is for security purposes and to allow us to send data subjects post-event resources where applicable and requested by delegates. No sensitive data is required and copies are discarded with 2 weeks of the event ending. Details of all venues will be given to you in advance and their privacy policy can be found on their website or by contacting the venues directly.

We share customer contact details with Encon (our IES TaP partner) where individuals have requested marketing or product information on IES TaP and we have received their consent to do so. Where IES customers purchase IES TaP their contact details will be held by IES and Encon in order to fulfil sales, maintenance or training contact(s). Encon, a company registered in the United Kingdom, hold mutual customer data in accordance with the EU GDPR and their privacy policy can be found on their website.