Preparing for GDPR
Behind the scenes, Pan European Networks has been busy preparing for the full implementation of the General Data Protection Regulation (GDPR) for some time.
As a publisher, we are taking significant measures to protect our clients and ourselves from breaching the regulation, and our data subjects from unwanted communications.
Any contact we have with our data subjects going forward will contain a data protection notice around these regulations so we can maximise consents and continue to use and license data for multiple purposes after this deadline. We have multiple channels in which we can gain consent from healthcare professionals, including telephone, mailing, email, online and events. These are the same channels that are available to clients wishing to access, communicate and network with professionals in line with data protection and individual channel preference post 25 May 2018. For more information regarding GDPR please see the following privacy notice.
Why are you sending me this Information Notice?
The General Data Protection Regulation (GDPR) is a new European directive relating to data protection that was adopted on 27 April 2016 and will come into effect on 25 May 2018. It replaces the data protection directive from 1995. The UK is required to implement and abide by the regulation from May 2018 until it leaves the European Union (expected by Summer 2019).
We have consulted with the Information Commissioner’s Office regarding this Information Notice to ensure that we have used appropriate wording, terminology and processes to ensure we are compliant with current and new data protection legislation.
How is it different to the current data protection guidelines?
Currently personal data for business to business purposes can be collected under ‘legitimate interest’ and used for relevant communications and services related to the individual’s professional role.
Why am I on your database?
The Arbalest Digital UK Ltd database contains individuals in healthcare, government, research & technology, construction and finance, who have either been self-declared, peer-nominated or identified as one whose role is as a key decision maker or opinion leader. As a result there could be many reasons why your professional information is currently held on our database. Two main reasons are:
- Your role has been identified as one which is required to receive regulatory notifications and communications; and
- Your role has been identified as one which would benefit from receiving updates.
Should you require specific details of how and when your information was collected please contact our GDPR customer services team on +44 (0)1260 273 802, or alternatively email us at firstname.lastname@example.org
But I’ve never heard of Arbalest Digital UK Ltd
Some of the communications and services you will have received may be from Pan European Networks Ltd. However, some of the communications or services that you receive from time to time may have come from another organisation or brand, who either provide a service to you or have sent you information or an invite that they believe to be relevant to your professional role or field of work, or using the Arbalest Digital UK’s Ltd database as a circulation or distribution list.
What will my professional details be used for?
Arbalest Digital UK Ltd operates in the UK and works closely with publishers of news and its suppliers to deliver services, facilitate communications and initiate conversations that aim to ultimately improve business outcomes and/or services.
We will never knowingly allow for your professional contact information to be used for anything other than related services or communications. The services that your details may be used for include, but are not limited to:
- Invitations to take part in healthcare and other studies, paid-for research or to request your views with regards to your work (from the NHS, pharmaceutical industry, local authorities or private sector);
- Invitations to attend, speak or take part in events, advisory boards or training;
- Invitations to write, contribute or review articles, courses and case studies;
- Educational, training, CPD and news services;
- Promotional information from selected companies, private organisations including suppliers to the government and private sector organisations; and
- To report your statutory obligation with payment disclosures (transfer of value) if appropriate.
Can I opt out?
You can opt-out of receiving promotional-type communications at any time.
Please note: apart from regulatory obligations, all other types of communication listed above, are considered ‘promotional’ for the purposes of data protection. Therefore, if you opt out you will not receive some of these services and communications that you may rely on or find useful in your role. Also note that the Arbalest Digital UK Ltd’s database is used for services and communications from other organisations, so you may stop receiving information that is relevant to your role if you opt out.
If you do choose to opt out, we will record this on our database. Please note that it may take time for all services that you receive to stop. You can change your preferences at any time by calling +44 (0)1260 273 802, or alternatively email us at email@example.com
Can I opt in or out on behalf of another person?
Organisations and other individuals are not permitted to opt out or give express permission on behalf of an individual (although they can validate an individual’s details). GDPR states that opt in must be expressed and personal.
What information do I need to provide?
An email address along with a copy of the email that you wish to opt out of receiving. Furthermore you can opt out of receiving all emails should you so wish.
The more information we have about you, your role and your preferences, the more targeted and relevant we can be with communications.
How will my information be kept?
Your data is held in a secure database with restricted access. Arbalest Digital will ensure the protection of the confidentiality, integrity and security of all data provided to it. No information will be disclosed if it is the view of the company that to do so would be a breach of GDPR. Data is kept for a minimum of seven years for regulatory and auditing purposes.