Privacy Policy

This privacy notice is subject to ongoing review and change.
Last updated: 1 August 2018

If you have any questions about this privacy notice, including if you wish to exercise any of your rights, please contact info@censis.org.uk.

Or write to: Marketing Team, CENSIS. 3rd floor, The Inovo Building, 121 George Street, Glasgow G1 1RD

This privacy notice sets out how The University Court of the University of Glasgow, a charity registered in Scotland under charity registration number SC004401, with principle offices at University Avenue, Glasgow G12 8QQ, acting through the innovation centre known as ‘CENSIS’ which has offices at the Inovo Building, 121 George, Street, Glasgow G1 1RD,  (“we”, “our” and “us”) uses and protects personal information that you give CENSIS when you visit or use CENSIS websites and other services, including events, that refer or link to this privacy notice. This also applies to introductions in a business context and share contact information. This privacy notice may be supplemented by additional privacy statements, terms or notices provided to you.

We are committed to preserving your privacy.

How we collect your personal data

General: We may collect your personal data in the following ways:

  • From you directly, following meetings in a business context (face to face, attendance at CENSIS events, email, mail or telephone)
  • From data that you provide online via CENSIS online forms (such as your name, contact details, e-mail address etc.), online forms on CENSIS event sites, online surveys you reply to or requests by email or by website sign up form to subscribe to the CENSIS newsletter
  • From your interaction with and use of online services including the CENSIS website, Twitter and LinkedIn feeds

If you contact CENSIS, we may keep a record of that correspondence


Events: All delegates at CENSIS events will give their CONSENT to attend.

We will never use pre-ticked boxes or automatic opt-ins within any event registration tools.  Delegates wishing to attend CENSIS-organised events will request a delegate place in one of the following ways:

  • Eventbrite
    The delegate will submit their information via Eventbrite, an automated tool used by CENSIS for event management.
    Security and Compliance: Information downloaded from Eventbrite will be held in EVENT files on a password-protected network accessible to CENSIS staff only.
    Eventbrite Privacy Policy and GDPR statement
  • Email
    Some specialised events ask for interested delegates to email to request a place.
    Security and Compliance: These emails will be held on the password-protected CENSIS CRM system accessible to CENSIS staff only, and in EVENT files on a password-protected network accessible to CENSIS staff only. 

What information we collect

General: We may collect the following information:

  • Name and job title
  • Organisation or academic institution you are associated with
  • Contact information such as an email address, postal address or telephone number
  • Demographic information such as address, postcode, preferences and interests
  • Your interaction with CENSIS including, but not limited to, frequency and timing of visits to the CENSIS website and your engagement with CENSIS newsletters
  • Financial details if payments are required (e.g., payment for event exhibition stands or tickets)
  • Details of your visits to the CENSIS website including, but not limited to, traffic data, location data, weblogs and other communication data

Events: If an individual attends or requests to attend an event or training course organised by CENSIS, the following data will be collected:

The delegate’s name, job title, company name, company website, email address and any dietary and physical access requests.

  • Name and job title
  • Organisation or academic institution you are associated with
  • Contact information such as an email address, postal address or telephone number
  • Demographic information such as address, postcode, preferences and interests
  • Financial details if payments are required (e.g., payment for event exhibition stands or tickets)
  • Photographs and video footage of the event which may show attendees

How we use your information

General: We use your information to:

  • Keep internal records
  • Store your information on the CENSIS CRM database
  • Send you details of news, events or training courses that we feel may be of interest to you
  • Enable us to perform and improve the services you have requested
  • Respond to any queries submitted via the website, email, mail or telephone
  • Ensure that content from the CENSIS website is presented in the most effective manner for you and for your computer
  • Analyse the information we collect so that we can administer, support, improve and develop the website and our services
  • Satisfy internal record keeping
  • Contact you from time to time for research purposes in relation to our services, projects or work themes. We may contact you by email, phone or mail
  • Provide you with information or services that you request from us or which we feel may interest you, unless you have indicated otherwise
  • Notify you about changes to our service
  • Create activity reports. As a Scottish Innovation Centre, CENSIS has statutory reporting duties to the Scottish Funding Council, Scottish Government, Scottish Enterprise and/or Highlands and Islands Enterprise.

Events: The data relating to a specific event will be used as follows:

  • The delegate’s name and company will be included on a printed delegate list which will be circulated to all attendees and speakers at the specific event.
  • The delegate’s name and company will be included on a name badge to be worn at the event.
  • The data provided by the individual will be stored by CENSIS in a password-protected network accessible only by CENSIS staff.
  • If CENSIS intends to share this data with a third party, (for example, when holding a joint event with another organisation), this will be clearly stated on the event registration details.
  • Photos and video footage from events attended by individuals may be used in CENSIS publicity eg on the CENSIS website, in CENSIS email marketing and on future printed materials publicising CENSIS.

Who we share your data with

General and Events: We will not share your data with any third parties for the purposes of direct marketing.

As a Scottish Innovation Centre, CENSIS has statutory reporting duties to the Scottish Funding Council, Scottish Government, Scottish Enterprise and/or Highlands and Islands Enterprise.

Also, in order to carry out our services, we may share your personal data with one or more of the following data processors who provide elements of services for CENSIS:

  • Constant Contact

This is an online software package CENSIS uses for email marketing.

Constant Contact Privacy Policy Constant Contact statement on GDPR:
Information submitted to Constant Contact is transferred outside the EEA and stored on servers in the USA.  USA is not subject to an adequacy decision by the European Commission.
Constant Contact Safeguard: Constant Contact has self-certified its compliance with the EU-US Privacy Shield

  • Sales Agility CRM

This is the database CENSIS uses for Customer Relationship Management

Sales Agility Privacy Policy
Sales Agility Safeguard: All data is stored and hosted in London or Edinburgh.

  • Eventbrite

This online events platform is used by CENSIS to enable delegates to sign up for events.  Eventbrite is based in the United States of America.
Eventbrite Privacy Policy
Information submitted to Eventbrite is transferred outside the EEA and stored on servers in the USA.  USA is not subject to an adequacy decision by the European Commission.
Eventbrite Safeguard: Eventbrite and EU Data Protection

  • Survey Monkey

CENSIS uses online platform Survey Monkey to carry out surveys and share the results of these surveys with our staff and management team.

Survey Monkey Privacy Policy

Information submitted to Survey Monkey may be processed on servers located outside EEA.

Survey Monkey Safeguard:  Survey Monkey has certified its compliance with the EU-US Privacy Shield.

Note:  EU-US Privacy Shield

The EU-US Privacy Shield is an approved certification mechanism under Article 42 of the General Data Protection Regulation which is permitted under Article 46 (2) (f) of the General Data Protection Regulation.  Refer also to the European Commission decision and the statement by the Data Protection Network.

Legal Grounds for Processing

We will only collect, use and otherwise handle your personal data when we have legal grounds for doing so. The common grounds will be:

Legitimate Interest

We may process your personal information for our legitimate business interests. You have the right to object to this processing.  When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws.  Our legitimate business interests do not automatically override your interests – we will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law)

The information we process under legitimate interests are the CENSIS CRM and Academic Database.

These legitimate interests are (i) Reasonable expectation and (ii) Relevant and appropriate relationship

We have completed Legitimate Interest Assessments for each of the following:

  • CRM

The CENSIS Customer Relationship Management System holds details of individuals who have an existing relevant and appropriate relationship with CENSIS.    This includes:

  • Existing clients
  • Individuals who are already communicating with CENSIS about becoming potential clients
  • Individuals who are in the service of CENSIS
  • Stakeholders who have already communicated with CENSIS
  • Academic Database

CENSIS holds an academic database of the specialisms, areas of expertise, research papers published and contact details of academic professionals in Scottish HEIs who have specific expertise in sensor and imaging systems and the Internet of Things.

Consent

  • Email marketing

If you wish to receive the CENSIS email newsletter, you must either sign up at the CENSIS website or give permission by email.  This permission will be recorded and stored. By subscribing through the website or requesting the email newsletter by email, you consent to the collection, storage, use and transfer of your data by us in accordance with the terms of this Privacy Policy.

You can withdraw your consent at any point by clicking on the ‘unsubscribe’ link provided in CENSIS emails or by contacting CENSIS directly.

Visitors to the CENSIS website

·       Analytics

When you visit www.censis.org.uk, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out such things as the number of visitors to the various parts of the site. This information is only processed in a way that does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

If we do collect personal data through our website, we’ll be upfront about this. We’ll make it clear when we collect personal information and we’ll explain what we intend to do with it.

  • Cookies

    We use a cookies tool on our website. More information about our Cookie Policy can be found here.

Links to Third Party Websites

As we want your experience of the CENSIS website and newsletters to be as informative and useful as possible, we provide a number of links to websites operated by third parties.

Please be aware that we do not have any control over third party websites and that such third-party websites may send their own cookies to users, or otherwise collect data or solicit personal information.

We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such third-party websites and so these are not governed by this privacy notice. We encourage you to review each third-party website’s privacy policy/notice before browsing and interacting with the website in question.

Retention of your information

We will retain your personal data for as long as we reasonably require in light of the purpose(s) for which we are holding it and all relevant legal, commercial and operational considerations.

As a Scottish Innovation Centre, CENSIS may have to comply with statutory retention periods as required by the Scottish Funding Council.

Personal data is stored on our servers and will remain within the UK/EEA.

Disclosure of your information

We will not share, sell or distribute any of the information you provide to us without your consent, except where disclosure is:

  • Necessary to enforce our rights
  • Required or permitted by law
  • As a Scottish Innovation Centre, CENSIS has statutory reporting duties to the Scottish Funding Council, Scottish Government, Scottish Enterprise and/or Highlands and Islands Enterprise.

Your rights under data protection laws

All individuals have a number of rights under data protection laws. However, they do not apply in all circumstances. Rights include:

  • Your right of access: You have the right to ask us for copies of your personal information.
  • Your right of rectification: You have the right to ask us to rectify information you think is inaccurate.
  • Your right to erasure: You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing: You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Your right to object to processing: You have the right to object to processing if we are able to process your information because the process forms part of our public tasks, or is in our legitimate interests.
  • Your right to data portability: This only applies to data you have given us. You have the right to ask that we transfer the information you gave us from one organisation to another, or give it to you.  The right only applies if we are processing information based on your consent or under, or in talks about entering into a contract and the processing is automated.
  • You can read more about all of these rights here.
  • At all times, you have the right to complain to the Information Commissioner’s Office which enforces data protection laws: https://ico.org.uk/.

If you wish to exercise any of these, please email info@censis.org.uk and we will explain at that time if they are applicable or not. We will inform you in writing following receipt of your written request and if necessary, seek additional information from you about your request, including proof of identity.

Security

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted online or through the website. Any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.

Changes to our Privacy Notice

We may amend this Privacy Notice from time to time to take account of changes to our processing and regulatory changes. We encourage you to review it from time to time. If we make any substantial changes we will notify you by posting a notice on our website.

Your contact details

Please help us keep our records updated by informing CENSIS of any changes to your e-mail address and other contact details. info@censis.org.uk with the subject line “Change of details”

Queries and concerns

If you have any queries or concerns about our processing of your personal data, please contact us at info@censis.org.uk with the subject line “Privacy Notice”.

×