UKTN Announces Updated Privacy Policy
UKTN, the technology news publication, has published an updated privacy policy to enhance transparency and compliance with data protection regulations. The new policy, effective from February 4, 2024, outlines how the company collects, uses, and protects personal data of its website visitors. This revision aims to provide users with a clearer understanding of their rights and the measures UKTN takes to safeguard their information.
Key Changes and Responsibilities
The updated policy designates UKTN as the controller of personal data, responsible for ensuring that all processing activities comply with legal standards. The company has appointed Marco Callegari as Data Protection Officer (DPO), who oversees privacy-related inquiries and requests. Users can contact the DPO via email at mydata@wearemvi.com or by mail at 124 City Road, London, EC1V 2NX. UKTN emphasizes that individuals have the right to lodge complaints with the Information Commissioner's Office (ICO), but encourages contacting the DPO first to resolve concerns.
Types of Personal Data Collected
UKTN collects several categories of personal data, including Identity Data (such as name, username, marital status, title, date of birth, and gender), Contact Data (billing address, delivery address, email address, telephone numbers), Financial Data (bank account and payment card details), Transaction Data (details of payments and purchases), Technical Data (IP address, browser type, time zone, operating system, and other device information), Profile Data (username, password, preferences, feedback, and survey responses), Usage Data (how users interact with the website), and Marketing and Communications Data (preferences for receiving marketing and communication channels). The company also collects Aggregated Data, which is anonymized and cannot identify individuals directly. However, if aggregated data is combined with personal data, it is treated as personal data. UKTN explicitly states that it does not collect Special Categories of Personal Data (sensitive information about race, religion, health, etc.) or data on criminal convictions.
How Personal Data Is Collected
The company collects data through direct interactions when users fill out forms, create accounts, subscribe to services, purchase products, enter competitions, or provide feedback. Additionally, automated technologies such as cookies and server logs collect Technical Data as users browse the website. UKTN may also receive personal data from third parties, including analytics providers like Google (based outside the EU) and advertising networks like Google DoubleClick for Publishers (DFP). The policy warns that failure to provide required personal data may prevent UKTN from fulfilling contracts or providing services, and users will be notified in such cases.
Purposes and Legal Bases for Processing
UKTN processes personal data based on several legal grounds: performance of a contract, legitimate interests, and compliance with legal obligations. The company rarely relies on consent, except for direct marketing via email or text message. Specific purposes include registering new customers, processing and delivering orders (including payment management and debt recovery), managing relationships (notifying of changes, requesting reviews), enabling participation in prize draws, competitions, or surveys, administering the website (troubleshooting, data analysis, system maintenance), delivering relevant content and advertisements, conducting data analytics to improve services, and making recommendations for products or services that may interest users. For each activity, UKTN specifies the type of data used and the corresponding lawful basis, as detailed in the policy tables.
Marketing and User Choices
The policy outlines that users will receive marketing communications if they have previously requested information, purchased goods or services, or entered a promotion, provided they have not opted out. UKTN will obtain express opt-in consent before sharing personal data with external parties for their own marketing. Users can opt out of marketing at any time by adjusting preferences in the members area, following opt-out links in messages, or contacting the company directly. Opting out does not affect data used for transactional purposes. UKTN also provides information about cookies, noting that users can control cookie settings through their browser, though disabling cookies may affect website functionality.
Data Sharing and International Transfers
UKTN may share personal data with internal third parties (other companies within the group) and external third parties (service providers, professional advisers, and regulatory authorities). In the event of a business merger, sale, or transfer, data may be shared with new owners. All third parties are contractually obligated to protect data and process it only according to UKTN's instructions. The policy states that UKTN does not transfer personal data outside the European Economic Area (EEA). If transfers occur, they would be based on adequacy decisions by the European Commission or approved contracts that ensure equivalent protection. Providers in the US may be used if they are certified under the Privacy Shield.
Data Security Measures
UKTN has implemented appropriate security measures to prevent unauthorized access, loss, alteration, or disclosure of personal data. Access is limited to employees, agents, and contractors who need the data for legitimate business purposes. The company has established procedures to detect and respond to data breaches, and will notify regulators and affected individuals if legally required.
Data Retention Policy
The policy explains that UKTN retains basic customer information (Contact, Identity, Financial, Transaction Data) for six years after the customer relationship ends, primarily for tax purposes. Users can request deletion of their data in certain circumstances, as outlined under the legal rights section. The company may anonymize data for research or statistical purposes and retain it indefinitely.
User Rights and How to Exercise Them
Under data protection law, users have the right to request access to their personal data (data subject access request), request correction of inaccurate or incomplete data, request erasure (right to be forgotten) when there is no compelling reason for processing, object to processing based on legitimate interests or direct marketing, request restriction of processing in specific situations, request transfer of data in a structured, machine-readable format, and withdraw consent at any time if consent is the basis for processing. UKTN emphasizes that withdrawing consent does not affect the lawfulness of prior processing. The company does not charge a fee for most requests but may charge a reasonable fee for unfounded, repetitive, or excessive requests. To verify identity, UKTN may request specific information and aims to respond within one month, extending to two months for complex or multiple requests.
Further Details
The policy includes a glossary defining key terms such as legitimate interest, performance of contract, and comply with a legal obligation. It also lists internal and external third parties, including IT service providers and professional advisers based in the UK or EU. UKTN encourages users to contact the DPO for any questions about the policy or to exercise their rights. The revised privacy notice marks a continued commitment to transparency and accountability in handling personal data, ensuring that users remain informed and in control of their information.
Source:UKTN News
