This privacy policy applies between you, the User of this Website and Halifax Digital Festival Limited, the owner and provider of this Website ("Halifax Digital Festival"). Halifax Digital Festival takes the privacy of your information very seriously and is committed to safeguarding your information. This privacy policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the Website and about your privacy rights and how the law protects you.
Please read this privacy policy carefully so you understand how and why we are using your Data.
Date of Last Update: March 2024
1. Definitions and Interpretation
1.1 Definitions
- Data
- Collectively all information that you submit to Halifax Digital Festival via the Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws.
- Data Protection Laws
- Any applicable law relating to the processing of personal Data, including but not limited to the Directive 96/46/ec (Data Protection Directive) or the GDPR, and Data Protection Act 2018 (UK).
- GDPR
- The General Data Protection Regulation (EU).
- We or us
- Halifax Digital Festival Limited
- User or you
- Any third party that accesses the Website and is not either (i) employed by Halifax Digital Festival and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Halifax Digital Festival and accessing the Website in connection with the provision of such services.
- Website
- The Website that you are currently using, https://www.halifaxdigitalfestival.co.uk or known as Halifax Digital Festival, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
1.2 Interpretation
In this privacy policy, unless the context requires a different interpretation:
- the singular includes the plural and vice versa;
- references to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this privacy policy;
- a reference to a person includes firms, companies, government entities, trusts and partnerships;
- "including" is understood to mean "including without limitation";
- reference to any statutory provision includes any modification or amendment of it;
- the headings and sub-headings do not form part of this privacy policy.
1.3 Scope of Privacy Policy
This privacy policy applies only to the actions of Halifax Digital Festival and Users with respect to this Website. It does not extend to any websites that can be accessed from this Website including but not limited to, any links we may provide third party sites and to social media websites.
We are committed to protecting and respecting the privacy of our clients, prospective clients and the users of the Website. This Privacy Notice sets out the basis on which your personal data, as a client, prospective client or visitor of our Website, will be processed by us as a controller. If you visit our Website, we may use your personal data in connection with your request for or use of our Services. Our Services and the Website is not intended for children and we do not knowingly collect data relating to children under the age of 13.
2. Controller
The responsible data controller in the meaning of Art. 4 No. 7 GDPR is:
Halifax Digital Festival Limited.,c/o AND Digital,
First Floor, Fearnley Mill,
Halifax, HX3 5WP
Company Registration Number: 15563693
Email: info@halifaxdigitalfestival.co.uk
Website: www.halifaxdigitalfestival.co.uk
In accordance with UK and European Economic Area ("EEA") data protection laws, we are the controller of the personal data that you provide to us or that we collect from you. We are responsible for safeguarding your personal data which will be processed in accordance with this Privacy Notice.
You can contact the data protection officer via email at: info@halifaxdigitalfestival.co.uk.
3. Data Collection
We collect Data in the following ways:
- Data is given to us by you (completing a form); and
- Data is collected automatically (from Data providers and cookies)
3.1: Data that is given to us by you
This type of Data is considered personal Data. This refers to any information about an individual from which that person can be identified. Halifax Digital Festival will collect your Data in a number of ways, for example:
- When you contact us through the Website by filling out an enquiry form, post, email, or through any other means, and
- any other information you choose to share with us.
Where we mention "legitimate interests", this is the lawful basis we rely on when we feel that it is necessary to use your personal data for a reason which is in our and/or your interests and which does not unfairly affect your rights over your personal data.
3.1.1 What personal data do we process?
- Identity Data: this may include your full name, company name, current job title, historic job roles and employers, geographical location and other personal identifiers. Any additional data that you provide to us during any conversations you have with us for the purposes of contractual or relationship management (such as the nature of your relationship with us).
- Professional Contact Data: this may include your email address and any other contact details you may choose to provide to us.
- Feedback and Enquiry Data: Additional data may be collected about you from the correspondence that you send to us, any client testimonials that you provide us with, any conversations you have with us and any feedback you give us.
- Special Requirements Data: you may choose to provide us with optional information such as your dietary and mobility requirements for the purposes of making reasonable adjustments for our events, however, this data is not retained in our database after the event you have attended has ended.
3.1.2 Why do we process personal data given to us by you?
Provide our Services to you as a client including, registering you as a client on our customer relationship management system and sharing your information with our third-party service providers which facilitate the provision of our Services.
Relationship Management & Business Development
- To provide our customer service to you;
- To send you service communications about matters relevant to your use of our Service such as changes to our terms and conditions;
- To communicate with you if you have asked us a question or made a complaint with us;
- To send you marketing and promotional material about our products or Services in accordance with direct marketing laws; and
- To contact you for feedback on our Services.
- To use references and testimonials as provided by our client's employees as business development materials (with that employee's express permission); and
- To use third party data sources such as Companies House to verify company director/shareholder details.
Website Interactions
- To respond to your enquiry if you contact our customer service team on our Website
- To register you for one of our events on our Website
- To enable you to download content from our Website
- To contact you with details of our services if you request them on our Website
Complying with Legal and Regulatory Requirements
- To comply with certain legal and regulatory requirements to which we or regulators or law enforcement agencies are subject.
- To establish, exercise or defend legal claims.
3.1.3 What is our lawful basis for processing data given to us by you?
The lawful basis for processing data given to us by you includes:
- To perform our contract with you or to take necessary steps at your request prior to entering into a contract with you;
- To satisfy our legitimate interests (to run and operate our Services and the Website, understanding you better to provide a better service to you, run our business and maintain our records);
- To comply with our legal duties;
- Your express consent (where legally required to do so);
- Your explicit consent when processing any special category data.
If you are a business customer or have previously purchased products and/or services from us, we will assume you are happy to receive relevant marketing communications unless you have previously opted out of such communications. This is based on our legitimate interests in promoting our business and to provide you with offers for relevant products/services. If you change your mind about this, you can withdraw your consent at any time.
The law treats some types of personal data about you as "special" and such data requires more protection because of its sensitive nature. We will only collect or use this type of personal data with your explicit consent or if the law requires us to do so.
We will only use your personal data for the reasons we have set out above. If we need to use your personal data for any other reason, we will let you know and tell you the reason along with the relevant lawful basis, unless the law prevents us from doing so.
3.2 Data collected automatically (from Data providers and cookies)
What personal data do we process?
- Technical Data: we may automatically collect data regarding general technical use of the Website, such as your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also receive technical data about you if you visit other websites through the Website using our cookies. For more information about cookies, please see section 8, below.
- Usage Data: we may generate information about how you navigate and engage with our Website and download materials and online activity data such as clickstream data, page interaction information, your preferences (including country and language) and methods used to browse away from our content or Website.
- Location: we can identify the country that you are located in based on your IP address.
Why do we process this personal data?
- To use data analytics to improve our Services, Website, marketing, user and customer relationships and experiences
- To identify any problems, defects or issues with the Website
- To optimise the performance of the Website
- To improve future versions of the Website
- To monitor operations, user activity and networks for fraud prevention and crime detection
What is our lawful basis for processing data collected automatically?
To satisfy our legitimate interest (to detect and prevent fraud and illegal conduct, understand you better to provide a better service to you, enable you to use the Website most effectively, improve the usability of the Website and make any necessary modifications and updates to the Website).
Necessary for compliance with a legal obligation to which we are subject.
5. Keeping data secure
We use technical and organisational measures to safeguard your Data to make sure it is not lost, used or accessed in any unauthorised way. However, we cannot guarantee your personal data will be free from every security risk that may be possible when your information is sent to and from the Website.
We have certain measures in place to keep your data secure:
- We store your Data on secure servers;
- We will not sell, rent, or lease mailing lists or other customer Data to others and we will not make your personal information available to any unaffiliated third parties;
- We limit access to your Personal Data to employees and partner third parties. They will only process your Data on our instructions and they are also bound by security and confidentiality.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
The Website may include links to third-party websites which may collect your personal data. We have no control over what these websites do with your personal data. Please check the policies on these websites which will tell you what they do with your personal data.
5.1 Storing your personal data
We will not transfer or store your personal data outside of the European Economic Area (EEA) (or the UK to the extent the UK is no longer part of the EU), except to selected third parties that we have instructed to help us provide the services to you.
If we do transfer or store your personal data outside of the EEA, we will ensure we have put adequate measures in place in order to protect your personal data to an equivalent data protection standard as in the UK and the EEA.
We will only share your personal data with countries and organisations that:
- The European Commission has deemed as having equivalent data protection laws as in the EEA; or
- We have entered into a contract with and which include certain requirements to make sure your personal data is protected to equivalent standards as in the EEA and the UK.
If there are any other circumstances that would require us to transfer your personal data outside of the EEA (or the UK to the extent the UK is no longer part of the EU), we will seek your consent to transfer your personal data outside of the EEA.
You can ask us for more information about where we may transfer or store your personal data and how we will take steps to ensure your personal data is protected by using the contact details in section 2 of this Notice.
6. Retention of Data
Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period necessary to fulfill the purposes outlined in this privacy policy.
Generally, we will keep your personal data for as long as you are a client of our Services. After this, we may keep your personal data for up to 6 years (or longer where the law requires) so that we can communicate with you about any questions you may have after you have stopped being a client of our Services or to comply with the rules on accounting, reporting or any other law. If you are a prospective client, we will keep your personal data for as long as you continue interacting with us. In all other scenarios, we store your personal data in line with legal, regulatory, financial and good-practice requirements.
7. Third-party applications
We will respect and protect your privacy as set out in this Privacy Policy. We will share your personal data with third parties only in the ways that are described in this Privacy Policy – and do not and will not sell your personal data.
Halifax Digital Festival Limited shares your personal data with third parties, in particular non-Halifax Digital Festival parties, only with your express consent or under another lawful basis for processing under the applicable law.
Categories of non-Halifax Digital Festival parties with which we share your personal data include vendors such as host and cloud service providers, marketing and mailing agencies, and sub-contractors involved in the fulfillment of our contractual obligations towards our clients. The legal basis for this processing is Art. 6(1)(f) GDPR.
7.1: Google Analytics
We use Google Analytics to analyse the use of this Website, including information about your computer and about your visits to and use of this Website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, and Website navigation). Google Analytics generates statistical and other information about Website use by means of cookies, which are stored on users' computers. The information generated relating to our Website is used to create reports about the use of the Website. The information generated by these cookies is transmitted to Google's location in the US and stored there.
Google may also transfer this information to third parties where required to do so by law or where such third parties process this data on Google's behalf. Google states that it will never associate your IP address with other data held by Google. You can prevent cookies from being installed by adjusting the settings on your browser software accordingly. You should be aware, however, that by doing so you may not be able to make full use of all the functions of our website.
Google's privacy policy is available here.
7.2 Google Tag Manager
Google Tag Manager ("GTM") is a tag management system to manage JavaScript and HTML tags used for tracking and analytics on websites. Tags are small code elements that, among other things, are used to measure traffic and visitor behaviour: to understand the effect of online advertising and social channels; to set up remarketing and orientation towards target groups; and to test and optimize websites. GTM makes it easier for us to integrate and manage our tags. We use GTM on our website to include the following tracking tools (as in described in detail this Section 7):
- Google Analytics
- Google Ads Conversion Tracking
- Eventbrite
- LinkedIn Insights
- HotJar
For more information about GTM's privacy practices can be found at https://policies.google.com/privacy?hl=en and terms of use at https://www.google.com/analytics/tag-manager/use-policy/.
7.3: HubSpot
We use third-party marketing software provided by HubSpot, Inc. 25 First Street, 2nd Floor, Cambridge, MA 02141 USA ("HubSpot"), to store marketing information data, send emails and analyse website performance further.
HubSpot stores all marketing contact information that you provide to us, so that we can integrate its email and automation features to send you communications about our services where you have directly consented or we believe serves our legitimate interests. HubSpot also collects website data similar to Google Analytics such as referrer, pages you've viewed on our site and the actions you have taken. All browsing data is anonymous unless you directly submit your personal details to one of our contact forms on the website.
HubSpot also collects anonymised data on the actions users take in any email they receive from us, including which links in the email they have clicked, time spent viewing the email, and email client they use to open the email.
7.5 HotJar
We use Hotjar in order to better understand our users' needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users' experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don't like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users' behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
For further details, please see the ‘about Hotjar' section of Hotjar's support site.
7.6 Ticket Tailor
We use Ticket Tailor of Unit 219, Mare Street Studios, 203-213 Mare Street, London, E8 3LY, ("Ticket Tailor"), to advertise events we host online and in-person.
When you register for an event, sign up for communications, enter a contest, or otherwise input your Personal Data (such as through a web form) to communicate with us or participate in an event hosted by us, we will receive that information. We may then send you marketing or other communications based on the event and other services we believe serve our legitimate interests.
9. Your Rights
As a result of us collecting and processing your personal data, you may have the following legal rights:
- To access the personal data we hold about you and request a copy of it;
- To ask us to correct your personal data if it inaccurate or incomplete;
- To ask us to delete your personal data where we do not have a compelling reason to continue to process your personal data in such circumstances;
- To ask us to stop using your personal data in certain circumstances where there is no need for us to continue processing it in certain circumstances;
- To ask us to only use your personal data for certain things if: it is not accurate; it has been used unlawfully; or it is not relevant for the purposes it was initially collected for; and/or
- To ask us to stop using your personal data to send you marketing emails.
If you want to exercise any of the rights listed above at any time, please contact us using the details in section 2 of this policy.
We will respond to all requests that we receive from users in accordance with applicable data protection laws. We may ask you to provide proof of identity before we can answer the above requests. In some cases, we may reject requests for certain reasons (for example, if the request is unlawful).
10. Making a Complaint
You also have the right to make a complaint about how we have used your personal data to:
- Us – by contacting us by email using the details in section 2 of this policy and we will always try to help you with your problem in the first instance.
If you're still not happy with how we have dealt with your complaint, you can contact:
- A data protection regulator; or
- The national courts – to seek a remedy if you think that your rights in relation to your personal data have been breached.
11. Changes to This Privacy Policy
We may need to change this Privacy Notice as our Services or Website is developed or if the law changes. We will let you know if any important changes are made, otherwise, we will always display the latest version on our Website.