LEWIS PRIVACY CENTRE
Updated May 2018
We have created this Privacy Centre to set out the personal data that we collect, use and process at LEWIS.
Given the different types of audiences (or “Data Subjects”) that we interact with day to day, this Privacy Centre is split into a Data Privacy Overview and specific sections addressing how we cover certain types of Data Subjects who we commonly deal with.
References to LEWIS, or “We”, or “Us” are to the data controller, which, unless otherwise stated is in reference to LEWIS Communications Limited of Millbank Tower, Millbank, London SW1P 4RS. For the different market versions of this website, the data controllers are set out in the data processor summary sheet provided in this link.
For more specific details as to what may apply to you, or about anything covered in this overview, please see the following:
Overview of data we process at LEWIS
The information we collect:
We collect information about you from different places including:
We’ll only collect your information in line with relevant regulations and law and this may relate to the interactions that we have with you currently, or have had in the past.
You’re responsible for making sure you give us accurate and up to date information. If you provide information for another person, you’ll need to tell them how to find LEWIS’ Privacy Notice and make sure they agree to us using their information for the purposes set out in it.
How we’ll use your information
We’ll use your information for various purposes. The main purposes are as follows:
We’ll only use your information where we’re allowed to by law. For example, carrying out an agreement or contract we have with you, fulfilling a legal obligation, where we have a legitimate business interest or where you agree to it.
How long we’ll keep your information
We’ll keep your information for as long as you continue to have a relationship or continue to have interactions with us.
After it ends we’ll keep it where we may need it:
We work hard to protect LEWIS from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold.
How can you remove your personal information?
You may request the deletion or the change of your own personal information by writing to [email protected] We will delete the data without unnecessary delay upon receiving the request for deletion, unless we need to retain the information to comply with the applicable legal provisions or governmental requests, or to protect the rights and property of LEWIS.
Where we store your personal data
Where we store your personal data in our own systems, it is stored in the region the data is stored. If your data is collected in EMEA, then the data is stored in the LEWIS EMEA office where the computer system is located, and it is backed up inside EMEA, in Ireland. If your data is collected in the US, then it is stored in the LEWIS US offices and backed up in our systems in the US. If your data is collected in APAC, then it is stored in the LEWIS APAC office and backed up in our systems in Singapore.
The data that we collect from you and process using LEWIS’ Services may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders for goods and services, the processing of payment details and the provision of services including support services. By submitting your personal data, you agree to this transfer, storing or processing.
In particular, your data may be accessible to i) LEWIS staff in our various offices globally or ii) may be stored by LEWIS’ hosting service provider on servers in the USA and APAC as well as in the EU. Therefore your data may be transferred and/or in countries outside the European Economic Area, including some that may not have laws that provide the same level of protection for personal information. When we do this, we’ll ensure it has an appropriate level of protection. For example, by entering into a data processor agreement with these entities. These data processor agreements are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
If you would like further information please contact us (see ‘Contact’ below).
Under the General Data Protection Regulation you may have a number of important rights. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO), or from the European data protection authority in the country which you reside, on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact us using our Contact details below. Please also let us have enough information to identify you, let us have proof of your identity and address, and let us know the information to which your request relates.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred.
The supervisory authority in the UK is the Information Commissioner who may be contacted via ICO or telephone: 0303 123 1113.
All questions, comments and requests regarding this Privacy Notice should be addressed the Data Protection Officer at [email protected].