Reach plc - Privacy Notice

WHO WE ARE

We are the publishing group Reach plc. We, via our various subsidiary companies and brands, publish many national websites, regional websites, and mobile applications (“Sites”), that millions of people enjoy every month. You can see the list of websites and brands we publish HERE

ABOUT THIS PRIVACY NOTICE

This is the main Privacy Notice for the Reach Group. It applies to all our Sites, and brands, but some of them may publish additional or alternative notices, in which case those take precedence.

In summary, depending on your relationship with us, we’ll use your personal information:

• As needed to provide our products and services, for example to administer subscriptions, take orders and ad placements and handle customer service queries.
• To provide a single customer view across our Sites and ensure we understand who our customers are and their preferences and how our products and services are generally perceived.
• To provide the interactive features of our Sites, such as commenting, discussion forums and competitions.
• To send you direct marketing communications about products and services that we feel may be of interest.
• To display digital advertising on our Sites that is tailored to your preferences so the online adverts you see are more relevant to you.
• To manage our business and to comply with the law.

This Privacy Notice, which covers all of your personal information whether collected online or offline, including by telephone or where you write to us, together with our Cookie Notice and any Site-specific notice, provide detail about our activities and explains your rights and how to exercise them.

For all our Sites, and brands, either Reach plc or one of its subsidiary companies is the data controller of the personal information that we gather about you. Regardless of which Reach Group company is the controller, you can always contact us with questions or concerns about your privacy by emailing us at dataprotection@reachplc.com

1. TYPES OF INFORMATION WE PROCESS AND WHERE IT COMES FROM

Information that we collect and process about you includes:

• Personal and contact details you have provided to us, such as your name, email address or postal address, for example when you register on a Site or to receive a newsletter, enter a sales promotion or competition, or at an event, or where you have agreed to receive marketing materials from us or third parties.
• Information you have provided when you obtain products or services from us or enquire about those products or services.
• Information included in any communications between us or which you provide in any post on any Site, or any information collected when you participate in any poll or quiz or obtained via social media or which is publicly available.
• Information about your use of third-party products or services or from third parties who we may use to operate certain aspects of our business.
• Information obtained if we carry out a credit search at a credit search referencing agency.
• Information we buy or obtain from third parties, including marketing lists; and
• We also collect information from cookies on your devices and this includes information about your IP address, MAC address and other identifying information, information about your devices, including your location, from third party advertising networks and how you use our products and services.

For more information about cookies, please see our Cookie Notice - HERE

2. USE OF YOUR INFORMATION

We want to offer you the best customer experience and products and services which are relevant to you. We may therefore use and permit others to use your personal information as set out below, where we have a legal basis to do so:

To provide products and services:

• We may use your information to assess your request to receive the products and services we offer, including where necessary conducting identity and credit reference checks and other due-diligence checks.
• We may use your information to provide and administer the products and services you have elected to receive, including notifying you of changes and updates to our products and services.
• We may use your information for the management of our business and improving the operation of our business and that of our business partners, to assess our internal processes and carry out financial checks.
• We may use your personal information to manage and administer competitions and events offered by us and our third-party partners.
• We may conduct market research to evaluate and improve our products and services generally or develop new offerings.
• If you log-in to our Sites using social media, (e.g., Facebook, Google+, Twitter or similar social media platforms), you are granting permission to the social media platform to share your user details with us. This will include your name and email address which will then be used to form a user identity.
• If you send us a picture, or video, for publication you confirm that you have the consent of all the people in the picture or video. If the picture, or video, features a child, or children, you confirm that you are the parent or guardian of the child, or children, and have the legal right to grant consent (or the parent or guardian of the child, or children, has granted such consent).
• Where you enquire or raise complaints about our products and services, we will use your personal information to investigate and respond to your enquiry or complaint.

To understand our customers, how you use our products & services, and tailor your experience:

• We may use your information to provide a single customer view across our Sites and ensure we understand who our customers are and their preferences and how our products and services are generally perceived.
• We may customise and tailor your experience on our Sites and the products and services we offer to ensure they are more relevant to your interests and preferences.
• We may use the personal information gathered from our Sites to analyse and determine the level of engagement with our Sites and whether the communications that we send to customers are relevant, e.g., we may analyse your browsing behaviours and whether or not you open the communications that we send you.
• We may send you direct marketing communications (via email, post, or telephone) about products and services we feel may be of interest to you. You can choose not to receive direct marketing communications from us at any stage. Where you opt-in to the receipt of newsletters and other content via email we may include first and third-party advertisements, some of which may be personalised, based upon our profile of you as a customer. The personal data provided at opt-in for newsletters and accounts may also be used to enhance our profile of you, and further improve the relevance of any content which you receive across our channels and customer touchpoints.
• Digital advertising helps us to fund the news articles and content published on our Sites and enables us to provide some of our content for free. We and our third-party ad partners may display digital advertising on our Sites that is tailored to your interests and preferences so the online adverts you see are more relevant to you. We work with a number of third-party ad partners to deliver digital advertising on our Sites, and we use cookies and other personal information to personalise the advertising that you see, such as your email address, postcode, and other observed browsing behaviour. We do not share identifiable information about you with our third-party ad partners. Where we share, match, and use data for this purpose it is always pseudonymised beforehand, which means it is converted into a hashed series of numbers and letters to protect your identity.
• Where we use cookies on our Sites for advertising purposes, we will always ask for prior consent and where you provide your consent the cookie information will be used along with other information we hold about you to display digital advertising that is more relevant to you. It is important to note, however, that where you do not provide your consent for digital adverting you will still see digital advertising on our Sites, but this will not be tailored to your interests and preferences.
• We will conduct analytics and modelling to identify trends and assess our performance and internal processes. We may disclose the insight we gain through such analysis to other businesses e.g., to demonstrate patterns of use to third-party ad partners and others. However, any information shared is either aggregated, anonymised or pseudonymised.

Legal obligations and information security:

• Where permitted by applicable laws, where you interact with us, we may monitor, record, and retain all associated correspondence and communications, such as written letters, telephone call recordings, emails, text messages, social media messages, in person meetings and any other communications. We will do this to, (i) comply with our legal and regulatory obligations (ii), prevent, or detect crime (iii), maintain appropriate evidential records (iv), protect the security of our communications systems and (v) for training and quality purposes.
• We will use your information to monitor and manage data security and the security of our Sites and networks.
• We will use your personal information to comply with our legal and regulatory obligations and monitor compliance with the same across our business. Where necessary, we will also use your personal information to defend ourselves from any legal claims brought by you in connection with the provision of our products and services.
• We will also use personal information to manage and administer our business generally.

3. WHO WE SHARE YOUR PERSONAL INFORMATION WITH

We share information as needed with our third-party service providers and partners, to other members of the Reach Group, as part of providing and administering our products and services or operating our business or as set out below.

When you browse our websites or use our mobile applications and when you provide your email address on these (either to log in, or sign up to a newsletter, or similar) we may share it, in hashed, pseudonymised form, with our partner LiveRamp Inc and its group companies, acting as joint controllers. LiveRamp uses this information to create a secure online identification code for the purpose of recognising you for cross-channel advertising. This code is placed in our cookie, does not contain any of your directly identifiable personal data (such as your name or unhashed email address), and will not be used by LiveRamp to identify you. It may be shared with our advertising partners and other third-party advertisers globally for the purpose of enabling interest based content or targeted advertising through Reach sites. These third parties may in turn use this code to link demographic or interest-based information you have provided in your interactions with them to the pseudonymised code. Detailed information on LiveRamp’s data processing activities is available in LiveRamp’s privacy notice and opt-out here: https://your-rights.liveramp.uk/home . You have the right to withdraw your consent or opt-out to the processing of your personal data at any time using our Cookie Management Platform (via our 'PRIVACY' tab at the bottom left of every page).

We will disclose your information and co-operate with appropriate bodies and authorities in good faith where we are required to by law, a court order, a regulatory authority, or otherwise, including with the police, trading standards, regulatory authorities, or other relevant authorities. We may share information about you with credit reference agencies.

We will share information with security consultants and IT security system providers, where necessary, to monitor and manage data security and the security of our Sites and networks, and to develop security threat intelligence data.

We may also share information to facilitate the sale of one or more parts of our business, including if we are approached by a potential buyer or the restructuring of one or more parts of our business and with auditing organisations such as the Audit Bureau of Circulation

4. COOKIES

We collect information about you automatically when you visit our Sites by using cookies (small text files) and other tracking technology. For more information about cookies, and other tracking technology including how to turn them off, please see our Cookie Notice - HERE

5. TRANSFERS OUTSIDE OF UK AND EUROPE

We’re based in the UK and the Republic of Ireland but sometimes your personal information may be transferred outside of the UK and the European Economic Area. If we do so we’ll make sure that suitable safeguards are in place, for example Adequacy Decisions, and approved contractual agreements, including standard contractual clauses, unless certain exceptions apply. We can provide more information about this on request.

6. WHAT ARE THE LEGAL GROUNDS FOR OUR PROCESSING OF YOUR PERSONAL INFORMATION (INCLUDING WHEN WE SHARE IT WITH OTHERS)?

We rely on the following legal bases to use your personal information:

A. For the performance of a contract where it is needed to provide you with our products or services, such as:

• Managing products and services you hold with us, or an enquiry about one.
• Updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate).
• Sharing your personal information with third parties and services providers when you apply for a product or service to help manage your product or service.
• All stages and activities relevant to managing any product or service including enquiry, application, administration, and management of accounts.

B. Where it is in our legitimate interests to do so, such as:

• Managing your products and services, updating your records.
• To perform and/or test the performance of, our products, services, and internal processes.
• For some direct marketing communications, in compliance with The Privacy and Electronic Communications Regulations, subject to appropriate controls and safeguards.
• To help us to understand your preferences and interests based on the newsletters you sign up to, and to use data provided on sign-up to services and accounts to build a profile of you as a Reach customer, and enable secure, pseudonymised tracking where you have also consented to the use of cookies. We won’t share that profile with third parties. We will use that profile information to inform the content we recommend to you, the adverts you see on our sites and – if you have separately consented to it – to help us to target offers and other direct marketing materials which we send to you.
• To follow guidance and recommended best practice of government and regulatory bodies.
• For management and audit of our business operations including accounting.
• To carry out monitoring and to keep records of our communications with you and us.
• To administer our good governance requirements and those of other members of our Group, such as internal reporting and compliance obligations or administration required for AGM processes.
• For market research and analysis and developing statistics.
• To provide insight and analysis of our customers to business partners either as part of providing products or services, helping us improve products or services, or to assess or to improve the operating of our businesses.
• Where we need to share your personal information with people or organisations in order to run our business.
• To manage the security of our Sites and networks.
   

C. To comply with our legal obligations or where we reasonably believe we are under a legal or regulatory obligation.

D. With your consent or explicit consent

• For some direct marketing communications and digital advertising activities
• For some of our processing of special categories of personal data such as that related to your health.

7. HOW LONG DO WE KEEP YOUR DATA FOR?

In general, we keep your personal information for as long as we need it for the purpose for which it was collected, plus a short additional period in case of problems. How long we keep it therefore varies according to the type of information it is and why we have it, and will range from a few days or weeks to, in some cases, several years. We have established a full data retention policy and can provide further information on request.

8. WHAT ARE YOUR RIGHTS UNDER DATA PROTECTION LAW?

The law gives you certain rights in respect of the information that we hold about you. Below is a short overview of those rights. The website of the Information Commissioner’s Office (http://www.ico.org.uk) has a wealth of useful information in respect of your rights over your personal information. If you wish to exercise your rights, you can write to us by email dataprotection@reachplc.com or by post to Reach plc, One Canada Square, London E14 5AP, for the attention of the legal department.

Your right to withdraw your consent

Your right to access the information we hold about you

With some exceptions designed to protect the rights of others, you have the right to a copy of the personal information that we hold about you, as well as information about what we do with it, who we share it with and how long we will hold it for. We may make a reasonable charge for additional copies of that data beyond the first copy, based on our administrative costs.

Your right to have inaccurate information about you rectified

You have the right to have the information we hold about you corrected if it is factually inaccurate.

Your right to object to what we do with your data, and to have restrictions placed upon it

Where we process your personal information based on our legitimate interest, you have the right to object to that processing and to have restrictions placed upon it while we consider your objection.

Your right to have your information erased in some circumstances

You have the right to require us to delete the information that we hold about you if it is no longer necessary for the purpose we collected it for, and there is no other legal basis on which we must, or are allowed to, retain it.

Your right to stop receiving direct marketing from us

You have the right to require us to stop sending you direct marketing material (for example, promotional emails). It can sometimes take a few days to action these requests.

Your right to complain to the Information Commissioner’s Office (ICO)

You have the right to lodge a complaint about our handling of your personal information with the supervisory authority, which in the UK is the Information Commissioner’s Office. But before you do so, please do contact us first to give us an opportunity to put matters right, at dataprotection@reachplc.com You can contact the ICO on 0303 123 1113.

9. CHANGES TO THIS PRIVACY NOTICE

It’s likely that we’ll need to update this Privacy Notice from time to time. Any changes to this Privacy Notice will be posted here and such changes will become effective as soon as they are posted. Your continued use of the relevant Site constitutes notice to you of all these changes.

10. CONTACT US

If you have any questions about this Privacy Notice, or if you wish to exercise your rights you can contact us by email at dataprotection@reachplc.com . Alternatively, you can write to The Data Protection Officer, Reach plc, One Canada Square, London E14 5AP.

This Privacy Notice was updated on 15th September 2021 to clarify our use of your personal information or reflect changes to it.

The information collected from customers when making a purchase is used for delivery and administration purposes and will be kept confidential. Payment details are collected by Worldpay. A copy of their privacy policy can be found HERE