Privacy Notice

British Interactive Media Association Limited (“BIMA”, “we”, “us” or “our”) is a company registered in England and Wales with company number 01963224 whose registered address is at 2nd Floor Dagnall House, Lower Dagnall Street, St Albans, Hertfordshire AL3 4PA.

BIMA is committed to protecting and respecting the privacy of its members and users of its website (“you” or “your”).

When you visit the website of BIMA at www.bima.co.uk (“Website”) or become a BIMA member, we will collect, store and process certain of your personal data (which has the meaning as set out in the Data Protection Act 1998 and, following 25 May 2018, the General Data Protection Regulation (the “Data Protection Laws”)). This privacy notice (“Privacy Notice”) sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand how we will use your personal data. For the purpose of Data Protection Laws in the UK, we are the controller of your personal data.

1.                 What personal data do we collect and process?
1.1               When you visit the Website or become a BIMA member, you may provide us with the following types of personal data, and we may collect and process such personal data in accordance with in this Privacy Notice, as follows:

1.1.1                   Contact details data: This may include name, job title, email address, phone number, organisation name and address, and LinkedIn and Twitter account names. This information will be collected by us if you communicate with us, for example if you use the ‘contact’ links on our website or communicate with us via email. Emails and telephone calls may also be logged through BIMA’s CRM system.

1.1.2                   Session data: This includes your IP address, your device’s unique identifier details, browser details including version, device operating system, time zone setting and time/date of access requests, the amount of data transmitted and the requesting provider. We may also capture other information about visits to the Website such as pages viewed and traffic patterns.

1.1.3                   Cookie data: Cookies are small files which are downloaded to your device when accessing the Website. Most web browsers automatically accept cookies. Please refer to paragraph 3 below for full details about our use of cookies.

2.                       How do we use your personal data?
2.1               We may collect data and use or process personal data in the following ways:

2.1.1                   to enable us to develop and champion the digital and interactive media industry and provide services to our members and users of the Website;

2.1.2                   for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; we have a legitimate interest to process the personal data of our members and the users of the Website for our internal operations;

2.1.3                   to administer membership records, maintain our own accounts and records; we have a legitimate interest to process the personal data of our members in order to provide products and services, administer member accounts and run our business;

2.1.4                   to promote the interests of BIMA; we may also use personal data to send direct marketing to you in order to promote the interests of BIMA where we are legally permitted to do so or where you have consented to receiving direct marketing from us (and where we process your information for direct marketing, we are relying on your consent as a means to process your information where legally required to do so). Individuals may be contacted by post, email, telephone or such other means as we regard as appropriate and as legally permitted;

2.1.5                   to acknowledge and respond to communications; we have a legitimate interest to process this personal data in order to respond to enquiries, requests, complaints or comments that users of the Website or members submit to us;

2.1.6                   as part of our efforts to keep the Website and our members secure; we have a legitimate interest to process the personal data of our members and the users of the Website to keep the Website and members secure;

2.1.7                   to administer, maintain and improve the Website; we have a legitimate interest to process the personal data of the users of the Website in order to administer, maintain and improve the Website (please see paragraph 3 below) for more detail; and

2.1.8                   to meet legal or regulatory requirements; we are required to comply with certain legal and regulatory requirements when providing our products and services and we may process personal data in order to comply with those requirements, which may include monitoring and recording communications. Occasionally, we may be asked to provide certain information to regulators or law enforcement agencies and we will comply with these requests where legally required or permitted. This processing is necessary for compliance with a legal obligation to which we, our customers or the regulator/law enforcement agency are subject.

3.                       Cookies
3.1               The Website may use the following categories of cookies:

3.1.1                   Strictly necessary cookies: These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to load webpages.

3.1.2                   Analytical/performance cookies: These cookies allow us to recognise and count the number of visitors to the Website and to see how visitors move around the Website. This helps us to improve the way the Website works, for example, by ensuring that visitors are finding what they are looking for easily.

3.1.3                   Functionality cookies. These are used to recognise you when you return to the Website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

3.2               Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control.

3.3               You may block cookies by updating the relevant settings on your device or browser to allow you to refuse the setting of some or all types of cookies. However, if you use your browser settings to block all cookies (including strictly necessary cookies) you may not be able to access all or parts of the Website.

4.                       Who do we share your personal data with?
We may need to share your personal data with selected third parties in the following limited circumstances:

4.1               Our members: Where specifically agreed with the relevant members, we may make introductions between members which requires us passing on certain personal data in order to facilitate the introduction. Data you submit to us may also be accessible by other BIMA members who participate in our councils or think-tank groups.

4.2               Third party service providers: This may include providers of certain systems and services that we use to host, administer and maintain the Website, including for example the servers used to host the Website.

4.3               Third party service providers for marketing purposes: If you explicitly consent to any marketing from us, certain personal data may be shared with third party service providers we use to help us carry out marketing including, for example, third party marketing email platforms.

4.4               To comply with legal or regulatory requests: If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation, we may share your personal data with a regulator or law enforcement agency.

5.                       Practices regarding extra-EEA transfers of personal data
5.1               We will not transfer your personal data outside of the EEA, except to selected third party service providers as set out in paragraph 4 above, for example if we utilise cloud-based platforms to store personal data, which may involve use of geographically distributed data centres, or to providers and developers of certain systems and services that we use to host, administer and maintain the Website who are based outside of the EEA.

5.2               In the case of these extra-EEA transfers, where the transfers are not to countries that provide an adequate level of protection (for example, relying on a Privacy Shield certification where the transfer contains a US entity), we will use reasonable efforts to put in place appropriate safeguards to cover transfers of personal data including, for example, signing standard contractual clauses and/or data protection clauses adopted by the European Commission.

5.3               If there are any other circumstances which would require us to transfer personal data outside of the UK, we will seek your consent to transfer your personal data outside of the UK. In the event of such a transfer, where applicable, we will put appropriate safeguards in place to cover transfers of your personal data including, for example, signing standard contractual clauses/data protection clauses adopted by the European Commission, or where applicable, relying on a Privacy Shield certification where the transfer contains a US entity.

6.                       Third party websites
The Website may contain links to third party websites. If you follow a link to a third party website, please note that this Privacy Notice does not apply to those websites. We are not responsible or liable for the privacy policies or practices of those websites, so please check their policies before you submit any personal data to those websites.

7.                       Security
We take data security seriously. We implement appropriate and resilient security systems and protocols to protect the personal data we store.

However, BIMA reminds you that transmission of data via the internet is never 100% secure. We cannot guarantee the security of information transmitted to or from our servers, and any such transmission is at your own risk. In particular, please keep in mind that if you voluntarily

disclose your personal information online in a non-protected environment, that information could theoretically be collected and used by other members and would be outside of BIMA’s control.

BIMA members should take precaution to protect the security of their devices and data online. More information can be found at the following website: https://www.cyberaware.gov.uk/

8.                       Accessing your personal data and your rights
As a result of us collecting and processing your personal data, you have the following legal rights:

8.1               to access personal data we hold on you;

8.2               to request us to make any changes to your personal data if it is inaccurate or incomplete;

8.3               to request your personal data is erased where we do not have a compelling reason to continue to process such personal data in certain circumstances;

8.4               to receive your personal data provided to us as a data controller in a structured, commonly used and machine-readable format where our processing of the personal data is based on: (i) your consent; (ii) our necessity for performance of a contract to which you are a party to; or (iii) steps taken at your request prior to entering into a contract with us and the processing is carried out by automated means;

8.5               to object to, or restrict, our processing of your personal data in certain circumstances;

8.6               if we use your personal data for direct marketing, you can ask us to stop and we will comply with your request;

8.7               if we use your personal data on the basis of having a legitimate interest, you can object to our use of it for those purposes, giving an explanation of your particular situation, and we will consider your objection;

8.8               to object to, and not be subject to a decision which is based solely on, automated processing (including profiling), which produces legal effects or could significantly affect you; and

8.9               to lodge a complaint with a data protection supervisory body, which at present, is the Information

Commissioner’s Office.

9.                       Contacting us and changes to your personal data
If you have any questions or comments about this Privacy Notice or your personal data, or if you want to exercise any of your rights, including as set out in paragraph 7 above, or you wish to withdraw your consent where we have stated we are processing your personal data based on your consent, then please contact Anna Doyle at BIMA:

9.1               email us at: web@bima.co.uk; or

 

9.2               write to us at: BIMA, 49 Greek Street London, W1D 4EG.

 

10.                  Changes to this Privacy Notice
10.1           Any changes we may make to this Privacy Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back regularly to keep informed of updates or changes to this Privacy Notice.

10.2           This Privacy Notice was last updated in May 2018.