Tech City News Limited (UKTN) has announced an updated privacy policy, effective from February 4, 2024. The policy, which replaces the previous version, is designed to provide a clear and transparent explanation of how the company collects, uses, stores, and protects personal data when users visit its website or interact with its services. This update comes as part of UKTN's ongoing commitment to complying with data protection regulations, including the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Who is the Controller?
The policy identifies UKTN as the data controller, with a designated data protection officer (DPO) named Marco Callegari. Users can contact the DPO at mydata@wearemvi.com or via postal address at 124 City Road, London, EC1V 2NX. The company also reminds users of their right to lodge a complaint with the Information Commissioner's Office (ICO) but prefers to address concerns directly first.
Types of Data Collected
UKTN categorizes the personal data it collects into several types: Identity Data (name, username, title, date of birth), Contact Data (billing address, email, phone), Financial Data (bank account, payment card details), Transaction Data (payment history, service purchases), Technical Data (IP address, browser type, OS), Profile Data (password, preferences, survey responses), Usage Data (how users interact with the website), and Marketing and Communications Data (consent preferences). The policy explicitly states that no Special Categories of Personal Data (e.g., race, religion, health) or criminal conviction data are collected.
How is Data Collected?
The policy outlines three main methods of data collection: direct interactions (forms, correspondence, account creation, subscriptions, competitions), automated technologies (cookies and server logs), and third-party sources (analytics providers like Google, advertising networks). Users are encouraged to review the cookie policy for details on cookie usage.
Purpose and Legal Basis for Processing
UKTN processes personal data primarily under the lawful bases of contract performance, legitimate interests, and legal obligations. Consent is used mainly for third-party direct marketing. The policy provides a detailed table mapping various purposes (e.g., registration, order processing, customer relationship management, marketing) to the types of data used and the corresponding legal basis. Legitimate interests include improving services, fraud prevention, and business growth.
Marketing and Opt-Out
Users may receive marketing communications if they have purchased services or opted in. UKTN does not share data with third parties for marketing without explicit opt-in consent. Users can opt out at any time via the website's member area or by contacting the company. Opting out of marketing does not affect other transactional communications.
Data Sharing and International Transfers
The policy explains that personal data may be shared with internal third parties (other companies in the group) and external third parties (service providers, professional advisers, regulators). The company requires all third parties to adhere to strict data security and processing instructions. Importantly, UKTN states that it does not transfer personal data outside the European Economic Area (EEA). If such transfers were to occur, they would rely on adequacy decisions or standard contractual clauses.
Data Security and Retention
UKTN has implemented appropriate security measures, including access controls and procedures for handling data breaches. In the event of a breach, the company will notify affected users and regulators as required by law. Data retention periods are determined by legal obligations: basic customer data (Contact, Identity, Financial, Transaction) is retained for six years after the end of the customer relationship for tax purposes. Users may request deletion of their data in certain circumstances.
User Rights
The policy enumerates a comprehensive set of user rights under data protection law: the right to access personal data, correct inaccuracies, erase data (subject to exceptions), object to processing (including for direct marketing), restrict processing, request data portability, and withdraw consent. UKTN typically responds to legitimate requests within one month, though complex cases may require longer. No fee is charged unless requests are unfounded or excessive.
Glossary and Definitions
The policy includes a glossary defining key terms such as 'Legitimate Interest', 'Performance of Contract', and 'Comply with a legal obligation'. It also lists examples of third parties and provides detailed explanations of each user right. This layered approach allows users to click through to specific sections for more information.
UKTN's updated privacy policy reflects a thorough approach to data protection, aligning with best practices and legal requirements. Users are encouraged to review the policy in full and contact the DPO with any questions. The policy is available on the website and may be updated from time to time, with users being notified of material changes.
Source: UKTN News