The Cicero Group (“we”) are committed to protecting your privacy.
The Cicero Group comprises Cicero Consulting Ltd, a company incorporated in England and Wales under registered number 04071207 with its registered office at Havas House, Hermitage Court, Hermitage Lane, Maidstone, Kent, ME16 9NT, United Kingdom, along with all of its group undertakings as defined in s1161(5) of the UK Companies Act 2006, wherever in the world they may be situated.
For the purposes of the Data Protection Act 1998 until 24 May 2018 and thereafter the General Data Protection Regulation (Regulation (EU 2016/679)) as amended or replaced from time to time (“Data Protection Law”), each operating company in the Cicero Group (i.e. excluding non-trading and dormant undertakings), may be a joint data controller in respect of data processed by each other operating undertaking. References to “we” in this notice are therefore references to the relevant member of the Cicero Group. According to Data Protection Law an individual may exercise his or her rights against each or any joint data controllers.
Our Data Protection Manager for the purpose of Data Protection Law is Judith Becker, Chief Operating Officer, contactable at the above address or via email.
1 Information collected about you
We will collect and process the following data about you:
1.1 Information you give us
This is information about you that you give us by filling in forms on our websites or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our websites, subscribe to our service, details from your email signature, register to receive Cicero analyses, register to trial Cicero services, and when you report a problem with our websites. The information you give us may include your name, address, telephone number, mobile number, email address, office address, job title and the organisation you work for, as necessary for us to do what we need to do. Other information that may be needed from time to time to process a request may also be collected, as indicated on our websites.
1.2 Information we collect about you
With regard to each of your visits to our websites we will automatically collect some or all of the following information:
1.3. Information we receive from other sources.
This is information we receive about you from sources other than directly from yourself, which may include partner organisations and Cicero clients. We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies).
2. IP Address Lookup
Our company uses third parties to provide information about visitors to our websites – see https://cicero-group.com/2023/06/12/cookie-policy/. When you visit our websites we will record your IP address. This address will be matched against public and proprietary IP address databases to provide us with information about your visit. This information may identify the organisation to whom the IP address is registered but not individuals. In some limited cases i.e. single person companies, it may be possible to identify personal data from publicly available ICANN data.
3. Website cookies and link tracking
Cookies allow us to provide important site functionality so you don’t have to re-enter lots of information. They also allow us to remember what links and pages have been clicked or viewed during a session. If you have provided us with personal data, completing a contact form for example, we may associate this personal data with other information. This will allow us to identify and record what is most relevant to you.
By using your browser controls, you are always in control of the cookies we store and access on your computer. More information on how to control cookies and limit personal data processing can be found at www.youronlinechoices.com/uk/five-top-tips
4. Purpose of processing
If you request information from us, by submitting your email address for the purpose of that request, we may send you appropriate and useful communications regarding Cicero, our services and other items we think may be of interest to you. This includes, but is not limited to; invitations to our industry leading events and webinars, our latest assets (whitepapers, guides, reports, infographics, videos and case studies) and promotional offers on software and services. We would also like to keep you abreast of the charity events and initiatives we partake in. We will also use your information to fulfil your original information request.
If you are a customer of Cicero Pulse, you will potentially receive daily email alerts relating to the preferences you have set up in the system dashboard. We also send a newsletter, sent approximately once a month, in addition to regular event invitations and pieces of informative analysis.
At any time, you can update your preferences for our marketing emails by clicking the link in any emails you receive from us. The link will always be in the footer of the email. You can also stop receiving emails from us using that same link. If you don’t have an email from us to hand and want to update your preferences, please email us requesting to be unsubscribed from Cicero marketing.
5. Disclosure of your information
5.1. We may share your personal information:
5.1.1. with any of our group undertakings, as defined in section 1161(5) of the UK Companies Act 2006, provided that they (a) are within the European Economic Area, or (b) are in a country that the European Union has decided has adequate data protection laws in place, or (c) have provided appropriate data protection safeguards of the sort approved by the European Union and provide effective rights and remedies for you. Any use by other group members of one group member’s personal data beyond administration will be subject to all the requirements of Data Protection Law.
5.1.2. with selected third parties where reasonably necessary for the purpose of carrying out our business, including:
5.2. Additionally, we may disclose your personal information to third parties:
5.2.1. In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
5.2.2. If we or a substantial part of our assets are acquired by a third party, in which case personal data held by us about our customers may be one of the transferred assets.
5.2.3. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the terms of any contract between us or any other agreements; or to protect the rights, property, or safety of the Cicero group, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
6. Legal basis of processing
6.1 Data Protection law requires us to meet at least one “legal ground” for processing, currently set out in Article 6 of the General Data Protection Regulation. The grounds applicable to the personal data to which this notice relates are as follows.
6.1.1. Where the processing is necessary for us to perform a contract that you are party to, or to take steps at your request prior to entering a contract, including where you request us to provide you with some information, that is the ground on which we are processing that data;
6.1.2. Where the processing is necessary for compliance with a legal obligation to which we are subject, that is the ground on which we are processing that data;
6.1.3. Where processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, that is the ground on which we are processing that data, provided that your fundamental rights and freedoms which require protection of your data override those legitimate interests (our legitimate interests comprise the management, marketing and promotion of our business, products and services, and those of our clients);
6.1.4. If you have given your consent to our processing the data, that is the basis on which we are processing that data.
If more than one of the above grounds apply to the processing of data in question, the applicable ground will be the one that is set out first above. If one of the above grounds ceases to apply to the processing of data in question, but other grounds continue to apply, we will be entitled to continue processing pursuant to the next applicable ground.
7. Special categories of personal data
If you provide us with any special categories of personal data (that is to say information as to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sex life or sexual orientation or genetic or biometric data) or personal data relating to criminal convictions and offences, it is a condition of us receiving that information that you expressly consent (and you hereby do) to us processing that personal data for the purposes set out in clause 4.
8. Where we store your personal data
8.1. We, or our contractors, will store your personal data in the European Economic Area save to the extent specified elsewhere in this notice.
8.2. All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites or services, you are responsible for keeping this password confidential, and for all use made of your account with such password. We ask you not to share a password with anyone.
8.3. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
9. Length of data storage
Our policy is to ensure that personal data is only stored for as long as is necessary for the purposes set out at section 4 above. This may vary according to the type of information and the specific applicable purpose(s). We have a detailed data retention and destruction policy which governs the length of time for which we hold your data in personally identifiable form. The timing of our retention, anonymisation and/or destruction of your personal data is determined according to the criteria set out in that policy. We can provide you with relevant details applicable to your data on request – please see section 10.2 below as to how to request this information.
10. Your rights
10.1. You have various rights under Data Protection Law. These include:
10.1.1. The right to ask us not to process your personal data for direct marketing purposes, even if you have given consent;
10.1.2. If our processing is based on your consent, the right to withdraw any consent you may have given for our processing of your data – if you exercise this right, we will be required to stop such processing if consent is the sole lawful ground on which we are processing that data;
10.1.3. The right to ask us for access to the data we hold about you (see section 10 below for further details);
10.1.4. The right to ask us to rectify any data that we hold about you that is inaccurate or incomplete;
10.1.5. The right to ask us to delete your data in certain circumstances;
10.1.6. The right to ask us to restrict our processing of your data in certain circumstances;
10.1.7. The right to object to our processing of your data in certain circumstances, including in respect of certain of the activities mentioned at section 3 above;
10.1.8. In certain circumstances, the right to require us to give you the data we hold about you in a structured, commonly used and machine-readable format so that you can provide the data to another data controller.
10.2. You can exercise any of the rights set out above, free of charge, by using any applicable methods set out in our communications with you, or by contacting us at email@example.com. In respect of certain of the rights referred to above, your right may be qualified by Data Protection Law (which we will discuss with you following your request) or we may need more information from you, which we will ask you for following your request. We may ask you to provide further information in order to confirm your identity. Please also note that if you submit unfounded or excessive (for example repetitive) requests to exercise any of these rights, we reserve the right to make a reasonable charge for providing the requested information or taking the requested action, or to decline your request.
10.3. You also have the right to lodge a complaint with the Information Commissioner’s Office (www.ico.org.uk) if you are concerned that we are not respecting your rights under Data Protection Law. The Information Commissioner’s Office is the authority in the UK which is responsible for overseeing the application of, and enforcing, Data Protection Law.
11. Accessing your data
To expand on the right to access your data referred to at section 9.1.3 above, you have the right to obtain from us:
11.1. Confirmation as to whether we are processing (including holding) personal data about you; and
11.2. If we are processing personal data about you, you are entitled to be provided with:
11.2.1. Information as to the purposes for which we process the data;
11.2.2. Information as to the categories of the data that we are processing;
11.2.3. Information as to the recipients or categories of recipients to whom the data has or will be disclosed;
11.2.4. Information as to the envisaged period for which we will store the data, or if the basis on which that period will be determined;
11.2.5. A copy of the data (further copies are available at a reasonable charge, which we will inform you of should you request further copies). Please note that this right is subject to the rights of others in relation to their own personal data, meaning that we may not be able to disclose data to you if it would involve disclosing data about someone else.
11.3. Please see section 9.2 above as to how to exercise your rights under this section 10. Section 10.2 applies in full to the exercise of these rights.
12. Other websites
Our websites may, from time to time, contain links to and from the websites of our partner networks, clients, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
We use a combination of both session and persistent cookies. Session cookies keep track of your current visit and how you navigate the site, persistent cookies enable our website to recognise you as a repeat visitor when you return. The session cookies will be deleted from your computer when you close your browser. Persistent cookies will be removed on a predetermined expiry date, or when deleted by you.
Most web browsers allow user privacy settings to block either all cookies, or third-party cookies. Blocking cookies will, however, have a negative impact upon the usability of many websites, including this one. Please visit www.aboutcookies.org for comprehensive information on how to change your cookie settings in a wide variety of different web browsers.
Google Analytics cookies
Google Analytics is a website monitoring tool that allows users to see volumes of website visitors, their source, and to analyse how the content of their website is viewed and navigated. This in turn allows optimisation of the content and pages on www.cicero-group.com and the marketing programmes that drive traffic to the website. Google Analytics does not store any personal information about website visitors, but does use persistent cookies to identify repeat visitors. You may universally opt-out of all Google Analytics tracking used by all websites by visiting the following URL – https://tools.google.com/dlpage/gaoptout
This information is used by Cicero to profile website visitors, in order to better understand the way in which our website content is viewed by different segments. It is also used to identify the types of organisations that might be interested in attending our exclusive events series or receiving our exclusive analyses.
Email Marketing Post-Click Tracking Cookies
These cookies are used to report on the pages of www.cicero-group.com that have been viewed by visitors to the site who have followed links from our email marketing campaigns. This analysis helps us to understand additional content that is viewed by the contacts in our database and therefore allows us to improve and tailor future campaigns to those contacts’ specific areas of interest.