Last Update: 23 October 2018
The Data Controller, BandLab UK Limited, a company registered in the United Kingdom (Registered No. 11417244) at DMH Stallard LLP, Griffin House, 135 High Street, Crawley, West Sussex, UK RH10 1DQ, is committed to protecting your privacy in accordance with the Data Protection Act 1998 (the ‘Act’) and the General Data Protection Regulation (the ‘GDPR’). BandLab UK Limited is a subsidiary of BandLab Technologies.
If you have any questions about this policy, the representative responsible for Data Protection, the Data Protection Officer, can be contacted by writing to the above address or alternatively by sending an email to email@example.com.
BandLab UK Limited is an independent magazine publishing company. Our products and services include magazines, live events and websites. Our websites are:
To use some of our services, you must provide your name, address, email address and in some instances your company name, job title and telephone number. In order to make payments, you must provide credit card, debit card or bank account information. In some cases, we will direct you to one of our service providers who only act under our contractual instructions in order to collect this information from you and fulfil your order. We do not collect any special category data such as information on your racial or ethnic origins, political opinions, trade union affiliations, sexual life or criminal history.
When you access our services online using any device, we collect and store device data including but not limited to geolocation data to provide offers relevant to your region (using cookies). We also collect information such as which pages of our website you visit, IP addresses, the type of browser you use, details of the transactions you have made, time spent on the website, the type of device you are using, and the times you access our website.
If you enter a prize draw or competition you will need to provide certain personal information which will be used in accordance with the terms of the prize draw or competition. We will only send you marketing communications if you actively opt in to receive such messages. We will contact winners by email.
We will only keep your information for as long as is necessary for the purpose of providing you with the service you have requested from us or to meet specific anti-fraud and legal requirements. If you would like more information, please contact the Data Protection Officer.
The provision of the information detailed above is a requirement necessary to provide our services. By providing your information and using our service you are entering a contract for the term of the service. If you object or are not willing to provide this information, please do not register or use these services.
Our primary purpose in collecting your information is to provide you with a service. You agree that we may use your personal information to:
- Provide the service to you
- Notify you about your service
- Carry out internal administration and analysis
- Monitor or improve the performance of, and products and services available through, our websites
If you purchase or subscribe to one or more of our magazines, you will enter into a contract with us. This means that during the contractual period we will communicate with you about this contract. In this respect ‘performance of a contract’ is our legal basis for processing your data.
Similarly, advertiser data will be processed under ‘performance of a contract’ if the third party enters into a commercial contract ie. pays for advertising in our magazines and/or websites.
For client prospect data, we will use ‘Legitimate Interest’ as our legal basis for contacting prospective clients. An opt out for these types of communication will be offered on the channel used, for example, via email or telephone call.
We will only send you direct marketing communications in circumstances where we have your specific consent or where we believe we can demonstrate a legitimate interest.
When you sign up to any of our services, we ask for your consent to send you direct marketing communication over a variety of channels. We will honour your right to withdraw your consent at any time.
When you enquire about or request a service from us, we may rely on our legitimate business interests to send you marketing communications (via post, email or telephone). This relates to individual customers as well as clients eg, advertisers. These communications will always be related to our services and we believe will be of interest to you. We will always provide you with the opportunity to opt-out of marketing communications when you provide your information to us.
If you want to stop receiving direct marketing from us, you can use the unsubscribe mechanism on any email you receive, tell us when we call you, or alternatively you can contact the Data Protection Officer using the details available in the Privacy Summary.
We use web beacons in our emails to track the success of our marketing campaigns. If you open an email from us, we can see which of the pages of our website you visited. Our web beacons communicate with our cookies on your computer and they can tell us when you have opened an email from us. We keep track of the emails that we send you. We also keep a record of what communications you have selected to receive or not to receive. We will only send you marketing emails if you have consented to receive these. You are able to access your preference centre from any marketing email that we send you and update your preferences through this mechanism. You may also unsubscribe by clicking on the ‘unsubscribe’ link in any of our emails to you.
Data Profiling and Remarketing
Periodically we conduct data profiling on the information we collect to better understand our customers in order to provide targeted communications which suit your needs. We rely on ‘legitimate interests’ as our lawful basis for processing this data.
Some of our websites use the Facebook pixel which allows us to analyse behaviour on our own websites and then remarket with relevant messages via Facebook. A Facebook pixel is code placed on our website. It helps track conversions from Facebook ads, optimize ads based on collected data, build targeted audiences for future ads, and remarket to qualified leads. We rely on ‘legitimate interests’ as our lawful basis for processing this data.
We sometimes use Facebook to create lookalike audiences based on profiling our subscribers.
We also use the Google Display Network as a channel for remarketing to our users.
In order to serve adverts on our websites and report on their performance, we use an advertising management system. This system gathers information using IP addresses. This allows us to target adverts by geo-location and device in order to make adverts from third parties more relevant to the user.
We also serve targeted adverts for our own products based on user behaviour on our own websites.
Legitimate interest is used as the lawful basis for data profiling and remarketing. However, if we target email data for this activity we will use opted in data where the user has consented to marketing.
If you wish to stop your information being used for data profiling and remarketing, please contact the Data Protection Officer.
We will not sell or rent your information to third parties for their marketing purposes without your consent. However, just like most service providers, BandLab UK Limited works with third parties who administer important functions for us that allow us to offer and enhance the services we provide. These providers are covered by an appropriate agreement. Sometimes it will be necessary for us to disclose information required for the specific purpose to them so that the services can be performed.
We reserve the right to disclose to third parties your information to comply with applicable laws including but not limited to disclosure in accordance with the Act, the Regulation of Investigatory Powers Act 2000 and lawful authority requests, to safeguard the proper operation of our systems and to protect ourselves and the companies we work with.
The third parties we work with are;
- Subscription bureau to fulfil orders and manage subscriber data
- Email Service Provider (ESP) for sending emails, organising and managing competitions, and managing user email preferences
- Survey platform for administering surveys or polls
- Google Analytics for website analysis and data analysis & profiling
- Google Adsense to serve interest-based adverts
- Payment processors (eg. PayPal and Sage Pay) for processing credit card payments
- Providers of digital versions of our products including Apple, Google, Amazon, Exact Editions, Zinio, Jellyfish Connect (Pocketmags and Magazinecloner), Readly and Ebsco
- Agent websites which sell our products on our behalf
- Conversion Rate Optimisation (CRO) agency working with our brand and ecommerce websites
- Magazine printers to print the magazines and sort subscriber data
- Mailing houses and postal services to fulfil subscription postage
- Telemarketing agency for subscription orders
- Events ticketing platforms to sell tickets to our events
BandLab UK Limited is committed to handling your information with high standards of information security. We collect, store and process your information on servers primarily located in the United Kingdom. We use safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files and we authorise access to personal information only for those employees who require it to fulfil their job responsibilities. Our site uses industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of information during transmissions to our servers. These security measures mean that we may occasionally have to ask you for proof of identity before we are able to disclose personal information to you.
Accessing Your Information
You can access the personal information you have provided us by making a Subject Access Request to the Data Protection Officer using the details available in the Privacy Summary. Upon receipt and following any necessary proof of identification checks, Subject Access Requests will be responded to within one calendar month.
Deleting Your Information
A request to have the personal information you have provided to us removed from our systems can be made to the Data Protection Officer using the details available in the Privacy Summary. Your information will be removed from our systems except in circumstances where we are required to retain this information for compliance with legal obligation or for future suppression purposes, where the minimal amount necessary will be retained in order to honour an individual’s right.
Updating Your Information
You can review the personal information you have provided to us and make any desired changes or rectifications at any time either online or by contacting the Data Protection Officer using the details available in the Privacy Summary.
The Right to Object
The GDPR gives individuals the right to object to the processing of their personal data in certain circumstances. Individuals have an absolute right to stop their data being used for direct marketing. An individual can make an objection verbally or in writing. We will respond to an objection within one calendar month.
Children are not eligible to use any service we offer and we ask that minors (persons under the age of 18) do not submit any personal information to us.