REACH PLC PRIVACY NOTICE
WHO WE ARE
We are the publishing group Reach plc. We, via our various subsidiary companies and brands, publish many national websites, regional websites, and mobile applications (“Sites”), that millions of people enjoy every month. You can see the list of websites and brands we publish here.
ABOUT THIS PRIVACY NOTICE
This is the main Privacy Notice for the Reach Group. It applies to all our Sites, and brands, but some of them may publish additional or alternative notices, in which case those take precedence.
In summary, depending on your relationship with us, we’ll use your personal information:
- As needed to provide our products and services, for example to administer subscriptions, take orders and ad placements and handle customer service queries.
- To provide a single customer view across our Sites and ensure we understand who our customers are and their preferences and how our products and services are generally perceived.
- To provide the interactive features of our Sites, such as commenting, discussion forums and competitions.
- To send you direct marketing communications about products and services that we feel may be of interest.
- To display digital advertising on our Sites that is tailored to your preferences so the online adverts you see are more relevant to you.
- To manage our business and to comply with the law.
This Privacy Notice, which covers all of your personal information whether collected online or offline, including by telephone or where you write to us, together with our Cookie Notice and any Site-specific notice, provide detail about our activities and explains your rights and how to exercise them.
For all our Sites, and brands, either Reach plc or one of its subsidiary companies is the data controller of the personal information that we gather about you. Regardless of which Reach Group company is the controller, you can always contact us with questions or concerns about your privacy by emailing us at [email protected]
1. TYPES OF INFORMATION WE PROCESS AND WHERE IT COMES FROM
Information that we collect and process about you includes:
- Personal and contact details you have provided to us, such as your name, email address or postal address, for example when you register on a Site or to receive a newsletter, enter a sales promotion or competition, or at an event, or where you have agreed to receive marketing materials from us or third parties.
- Information you have provided when you obtain products or services from us or enquire about those products or services.
- Information included in any communications between us or which you provide in any post on any Site, or any information collected when you participate in any poll or quiz or obtained via social media or which is publicly available.
- Information about your use of third-party products or services or from third parties who we may use to operate certain aspects of our business.
- Information obtained if we carry out a credit search at a credit search referencing agency.
- Information we buy or obtain from third parties, including marketing lists; and
- We also collect information from cookies on your devices and this includes information about your IP address, MAC address and other identifying information, information about your devices, including your location, from third party advertising networks and how you use our products and services.
For more information about cookies, please see our Cookie Notice.
2. USE OF YOUR INFORMATION
We want to offer you the best customer experience and products and services which are relevant to you. We may therefore use and permit others to use your personal information as set out below, where we have a legal basis to do so:
To provide products and services:
- We may use your information to assess your request to receive the products and services we offer, including where necessary conducting identity and credit reference checks and other due-diligence checks.
- We may use your information to provide and administer the products and services you have elected to receive, including notifying you of changes and updates to our products and services.
- We may use your information for the management of our business and improving the operation of our business and that of our business partners, to assess our internal processes and carry out financial checks.
- We may use your personal information to manage and administer competitions and events offered by us and our third-party partners.
- We may conduct market research to evaluate and improve our products and services generally or develop new offerings.
- If you log-in to our Sites using social media, (e.g., Facebook, Google+, Twitter or similar social media platforms), you are granting permission to the social media platform to share your user details with us. This will include your name and email address which will then be used to form a user identity.
- If you send us a picture, or video, for publication you confirm that you have the consent of all the people in the picture or video. If the picture, or video, features a child, or children, you confirm that you are the parent or guardian of the child, or children, and have the legal right to grant consent (or the parent or guardian of the child, or children, has granted such consent).
- Where you enquire or raise complaints about our products and services, we will use your personal information to investigate and respond to your enquiry or complaint.
To understand our customers, how you use our products & services, and tailor your experience:
- We may use your information to provide a single customer view across our Sites and ensure we understand who our customers are and their preferences and how our products and services are generally perceived.
- We may customise and tailor your experience on our Sites and the products and services we offer to ensure they are more relevant to your interests and preferences.
- We may use the personal information gathered from our Sites to analyse and determine the level of engagement with our Sites and whether the communications that we send to customers are relevant, e.g., we may analyse your browsing behaviours and whether or not you open the communications that we send you.
- We may send you direct marketing communications (via email, post, or telephone) about products and services we feel may be of interest to you. You can choose not to receive direct marketing communications from us at any stage. Where you opt-in to the receipt of newsletters and other content via email we may include first and third-party advertisements, some of which may be personalised, based upon our profile of you as a customer. The personal data provided at opt-in for newsletters and accounts may also be used to enhance our profile of you, and further improve the relevance of any content which you receive across our channels and customer touchpoints.
- We will conduct analytics and modelling to identify trends and assess our performance and internal processes. We may disclose the insight we gain through such analysis to other businesses e.g., to demonstrate patterns of use to third-party ad partners and others. However, any information shared is either aggregated, anonymised or pseudonymised.
Legal obligations and information security:
- Where permitted by applicable laws, where you interact with us, we may monitor, record, and retain all associated correspondence and communications, such as written letters, telephone call recordings, emails, text messages, social media messages, in person meetings and any other communications. We will do this to, (i) comply with our legal and regulatory obligations (ii), prevent, or detect crime (iii), maintain appropriate evidential records (iv), protect the security of our communications systems and (v) for training and quality purposes.
- We will use your information to monitor and manage data security and the security of our Sites and networks.
- We will use your personal information to comply with our legal and regulatory obligations and monitor compliance with the same across our business. Where necessary, we will also use your personal information to defend ourselves from any legal claims brought by you in connection with the provision of our products and services.
- We will also use personal information to manage and administer our business generally.
3. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
We share information as needed with our third-party service providers and partners, to other members of the Reach Group, as part of providing and administering our products and services or operating our business or as set out below.
When you browse our websites or use our mobile applications and when you provide your email address on these (either to log in, or sign up to a newsletter, or similar) we may share it, in hashed, pseudonymised form, with our partner LiveRamp Inc and its group companies, acting as joint controllers. LiveRamp uses this information to create a secure online identification code for the purpose of recognising you for cross-channel advertising. This code is placed in our cookie, does not contain any of your directly identifiable personal data (such as your name or unhashed email address), and will not be used by LiveRamp to identify you. It may be shared with our advertising partners and other third-party advertisers globally for the purpose of enabling interest based content or targeted advertising through Reach sites. These third parties may in turn use this code to link demographic or interest-based information you have provided in your interactions with them to the pseudonymised code. Detailed information on LiveRamp’s data processing activities is available in LiveRamp’s privacy notice and opt-out here: https://your-rights.liveramp.uk/home . You have the right to withdraw your consent or opt-out to the processing of your personal data at any time using our Cookie Management Platform (via our ‘PRIVACY’ tab at the bottom left of every page).
We will disclose your information and co-operate with appropriate bodies and authorities in good faith where we are required to by law, a court order, a regulatory authority, or otherwise, including with the police, trading standards, regulatory authorities, or other relevant authorities. We may share information about you with credit reference agencies.
We will share information with security consultants and IT security system providers, where necessary, to monitor and manage data security and the security of our Sites and networks, and to develop security threat intelligence data.
We may also share information to facilitate the sale of one or more parts of our business, including if we are approached by a potential buyer or the restructuring of one or more parts of our business and with auditing organisations such as the Audit Bureau of Circulation
We collect information about you automatically when you visit our Sites by using cookies (small text files) and other tracking technology. For more information about cookies, and other tracking technology including how to turn them off, please see our Cookie Notice.
5. TRANSFERS OUTSIDE OF UK AND EUROPE
We’re based in the UK and the Republic of Ireland but sometimes your personal information may be transferred outside of the UK and the European Economic Area. If we do so we’ll make sure that suitable safeguards are in place, for example Adequacy Decisions, and approved contractual agreements, including standard contractual clauses, unless certain exceptions apply. We can provide more information about this on request.
6.WHAT ARE THE LEGAL GROUNDS FOR OUR PROCESSING OF YOUR PERSONAL INFORMATION (INCLUDING WHEN WE SHARE IT WITH OTHERS)?
We rely on the following legal bases to use your personal information:
A. For the performance of a contract where it is needed to provide you with our products or services, such as:
- Managing products and services you hold with us, or an enquiry about one.
- Updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate).
- Sharing your personal information with third parties and services providers when you apply for a product or service to help manage your product or service.
- All stages and activities relevant to managing any product or service including enquiry, application, administration, and management of accounts.
B. Where it is in our legitimate interests to do so, such as:
- Managing your products and services, updating your records.
- To perform and/or test the performance of, our products, services, and internal processes.
- For some direct marketing communications, in compliance with The Privacy and Electronic Communications Regulations, subject to appropriate controls and safeguards.
- To follow guidance and recommended best practice of government and regulatory bodies.
- For management and audit of our business operations including accounting.
- To carry out monitoring and to keep records of our communications with you and us.
- To administer our good governance requirements and those of other members of our Group, such as internal reporting and compliance obligations or administration required for AGM processes.
- For market research and analysis and developing statistics.
- To provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses.
- Where we need to share your personal information with people or organisations in order to run our business.
- To manage the security of our Sites and networks.
C. To comply with our legal obligations or where we reasonably believe we are under a legal or regulatory obligation.
D. With your consent or explicit consent
- For some direct marketing communications and digital advertising activities
- For some of our processing of special categories of personal data such as that related to your health.
7. HOW LONG DO WE KEEP YOUR DATA FOR?
In general, we keep your personal information for as long as we need it for the purpose for which it was collected, plus a short additional period in case of problems. How long we keep it therefore varies according to the type of information it is and why we have it, and will range from a few days or weeks to, in some cases, several years. We have established a full data retention policy and can provide further information on request.
8. WHAT ARE YOUR RIGHTS UNDER DATA PROTECTION LAW?
The law gives you certain rights in respect of the information that we hold about you. Below is a short overview of those rights. The website of the Information Commissioner’s Office (http://www.ico.org.uk) has a wealth of useful information in respect of your rights over your personal information. If you wish to exercise your rights, you can write to us by email [email protected] or by post to Reach plc, One Canada Square, London E14 5AP, for the attention of the legal department.
Your right to withdraw your consent
If we are processing your personal information based on your consent, you have the right to withdraw that consent at any time. You can withdraw this at any time by unsubscribing from services or by contacting us at [email protected] .
Your right to access the information we hold about you
With some exceptions designed to protect the rights of others, you have the right to a copy of the personal information that we hold about you, as well as information about what we do with it, who we share it with and how long we will hold it for. We may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs.
Your right to have inaccurate information about you rectified
You have the right to have the information we hold about you corrected if it is factually inaccurate.
Your right to object to what we do with your data, and to have restrictions placed upon it
Where we process your personal information based on our legitimate interest, you have the right to object to that processing and to have restrictions placed upon it while we consider your objection.
Your right to have your information erased in some circumstances
You have the right to require us to delete the information that we hold about you if it is no longer necessary for the purpose we collected it for, and there is no other legal basis on which we must, or are allowed to, retain it.
Your right to stop receiving direct marketing from us
You have the right to require us to stop sending you direct marketing material (for example, promotional emails). It can sometimes take a few days to action these requests.
Your right to complain to the Information Commissioner’s Office (ICO)
You have the right to lodge a complaint about our handling of your personal information with the supervisory authority, which in the UK is the Information Commissioner’s Office. But before you do so, please do contact us first to give us an opportunity to put matters right, at [email protected] You can contact the ICO on 0303 123 1113.
9. CHANGES TO THIS PRIVACY NOTICE
It’s likely that we’ll need to update this Privacy Notice from time to time. Any changes to this Privacy Notice will be posted here and such changes will become effective as soon as they are posted. Your continued use of the relevant Site constitutes notice to you of all these changes.
10. CONTACT US
If you have any questions about this Privacy Notice, or if you wish to exercise your rights you can contact us by email at [email protected] . Alternatively, you can write to The Data Protection Officer, Reach plc, One Canada Square, London E14 5AP.
This Privacy Notice was updated on 15th September 2021 to clarify our use of your personal information or reflect changes to it.