LEWIS PRIVACY CENTRE
Updated January 2021
We have created this Privacy Centre to set out the personal data that we collect, use and process at LEWIS.
Given the different types of audiences (or “Data Subjects”) that we interact with day to day, this Privacy Centre is split into a Data Privacy Overview and specific sections addressing how we cover certain types of Data Subjects who we commonly deal with.
References to LEWIS, or “We”, or “Us” are to the data controller, which, unless otherwise stated is in reference to LEWIS Communications Limited of Millbank Tower, Millbank, London SW1P 4RS. For the different market versions of this website, the data controllers are set out in the data processor summary sheet provided in this link.
For more specific details as to what may apply to you, or about anything covered in this overview, please see the following:
Overview of data we process at LEWIS
The information we collect:
We collect information about you from different places including:
We’ll only collect your information in line with relevant regulations and law and this may relate to the interactions that we have with you currently, or have had in the past.
You’re responsible for making sure you give us accurate and up to date information. If you provide information for another person, you’ll need to tell them how to find LEWIS’ Privacy Notice and make sure they agree to us using their information for the purposes set out in it.
How we’ll use your information
We’ll use your information for various purposes. The main purposes are as follows:
We’ll only use your information where we’re allowed to by law. For example, carrying out an agreement or contract we have with you, fulfilling a legal obligation, where we have a legitimate business interest or where you agree to it.
How long we’ll keep your information
We’ll keep your information for as long as you continue to have a relationship or continue to have interactions with us.
After it ends we’ll keep it where we may need it:
We work hard to protect LEWIS from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold.
How can you remove your personal information?
You may request the deletion or the change of your own personal information by writing to [email protected] We will delete the data without unnecessary delay upon receiving the request for deletion, unless we need to retain the information to comply with the applicable legal provisions or governmental requests, or to protect the rights and property of LEWIS.
Where we store your personal data
Where we store your personal data in our own systems, it is stored in the region the data is stored. If your data is collected in EMEA, then the data is stored in the LEWIS EMEA office where the computer system is located, and it is backed up inside EMEA, in Ireland. If your data is collected in the US, then it is stored in the LEWIS US offices and backed up in our systems in the US. If your data is collected in APAC, then it is stored in the LEWIS APAC office and backed up in our systems in Singapore.
The data that we collect from you and process using LEWIS’ Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders for goods and services, the processing of payment details and the provision of services including support services. By submitting your personal data, you agree to this transfer, storing or processing.
In particular, your data may be accessible to i) LEWIS staff in our various offices globally or ii) may be stored by LEWIS’ hosting service provider on servers in the USA and APAC as well as in the EU. Therefore your data may be transferred and/or in countries outside the European Economic Area, including some that may not have laws that provide the same level of protection for personal information. When we do this, we’ll ensure it has an appropriate level of protection. For example, by entering into a data processor agreement with these entities. These data processor agreements are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
If you would like further information please contact us (see ‘Contact’ below).
Under the General Data Protection Regulation you may have a number of important rights. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO), or from the European data protection authority in the country which you reside, on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact us using our Contact details below. Please also let us have enough information to identify you, let us have proof of your identity and address, and let us know the information to which your request relates.
Your rights as a Californian resident
As of January 1, 2020, if you are a Californian resident you will have the following rights under the Californian Consumer Privacy Act 2018 (“CCPA”)
Please note that these requests for access to or deletion of Personal Information are subject to our ability to reasonably verify your identity on the basis of the information we request and that you have subsequently provided to us. These verifiable consumer requests (“VCR”) will be pursuant to CCPA requirements and legislation and can only be made by you, or by an Authorised Agent, a person registered with the Californian Secretary of State that you authorise to act on your behalf. When using an agent, a statement signed by you and the Authorised Agent which includes proof of the agent’s registration with the Californian Secretary of State must be provided. We do not knowingly hold household requests. Any such request will be dealt with as an individual request.
You may make a request related to your personal information twice per 12 month period. Any requests invoking your rights should be address to [email protected] OR via post to LEWIS PR. Inc, 111 Sutter Street Suite 850, CA.
Employees of LEWIS, job applicants, and contractors are currently exempt from CCPA.
Our sites are not intended to be used by individuals under 16. We therefore do not knowingly collect or maintain personal information from children under the age of 16. If we become aware that such information is being collected without parental or guardian consent, we will use all reasonable endeavours to delete it. If you are a parent or legal guardian and you think we have collected personal information from a child under the age of 16, please contact us at [email protected]
Do Not Track Notice
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers and allows them to disable any tracking of an individual users. We do currently not recognize or respond to browser-initiated DNT signals.
Further information on Do Not Track can be found here.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred.
The supervisory authority in the UK is the Information Commissioner who may be contacted via ICO or telephone: 0303 123 1113.
All other questions, comments and requests regarding this Privacy Notice should be addressed to the Data Protection Officer at [email protected].