GDPR Policy Statement

Diversified Business Communications UK Ltd GDPR Policy Statement

Diversified Business Communications UK Ltd aims to always show transparency and fairness in the collection and use of data, and to let individuals know for what purpose their data will be used.   We aim to:

  1. Make it clear to individuals who register for our events, websites or publication subscriptions, for what purpose the information is held and that they can unsubscribe at any point.
  2. We will only hold data for a given period. If we have had no transaction or activity with a contact on our database, it will be deleted after a maximum period of 3 years – or 5 years for biannual events.  This applies to all data, including: customers, staff, job candidates, and any other information we hold on individuals.  (Due to HMRC rules, information held on customers with whom financial transactions have taken place, must be kept for 6 years).
  3. Information held is confidential and will be used only for the purpose it is intended and for which permission has been granted (i.e. no access to data to third parties unless permission has been granted).
  4. We must be able to show where we obtained our data from.
  5. All registration forms must explain that due to the rules, we need consent that our customers are happy to be contacted about directly relevant events, to be mailed a magazine, or to be contacted by email, post or phone. Individuals who register with us must be told that they can withdraw consent at any time.
  6. Visitors to events will, in addition, be informed via a sign at the entrance and a notice in the show guide, that by allowing an exhibitor or sponsor to scan their badge, or in any other way providing details, they are giving consent for that exhibitor or sponsor to contact them about their services. They may at any time contact the exhibitor or sponsor to withdraw consent.
  7. Individuals will at any time have the right to information about the data being held and processed about themselves through a Data Subject Access Request (DSAR) and Diversified Business Communications UK Ltd must respond to such a request within 28 days.
  8. We will only collect or process data where we believe there is a legitimate interest.
  9. All staff are trained to understand their obligations.

This policy is under regular review and may be adapted pending legislative changes.

 

Data Subject Access Request (DSAR)

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have the right to request access to the personal data we hold about you. This is known as a Data Subject Access Request (DSAR).

What is a DSAR?

A DSAR allows you to:

  • Confirm whether we process your personal data.
  • Access a copy of the personal data we hold about you.
  • Understand how we use and process your information.

How to Submit a DSAR

To submit a DSAR, please complete our Data Subject Access Request Form by clicking the button below:

SUBMIT DSAR
Alternatively, you can make a request by:
  1. Emaildata@divcom.co.uk
  2. Post   Diversified UK & Europe
    Ground Floor, The Brinell Building, 30 Station Street, Brighton. BN1 4RB

When making a request, please provide:

  • First name & Surname
  • Company Name
  • Company Address (including postcode)
  • Business Email Address

If relevant:

  • Personal Address (including postcode)
  • Personal Email Address

Details of the information you are requesting (to help us locate the relevant data).
Proof of identity (if necessary, for security reasons).

Timeframe and Response

We will respond to your DSAR within 28 days of receiving your request. In some cases, if the request is complex or there are multiple requests, we may extend this period by up to two additional months. If this occurs, we will notify you.

Your Privacy Matters

We take your privacy seriously. Your DSAR will be handled securely and in accordance with our Privacy Policy.

For further information on how we process your personal data, please review our Privacy Policy.

Right to Be Forgotten (RTBF)

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have the Right to Be Forgotten (also known as the Right to Erasure). This allows you to request the deletion of your personal data from our records under certain circumstances.

When Can You Request Erasure

You have the right to request that we delete your personal data if:

  • Your personal data is no longer necessary for the purpose it was originally collected.
  • You withdraw your consent (if data processing was based on consent).
  • You object to the processing, and there is no overriding legitimate interest for us to continue.
  • Your data was unlawfully processed.
  • Your data must be erased to comply with a legal obligation.

Exceptions to the Right to Be Forgotten

In some cases, we may not be able to delete your data if we are required to retain it for:

  • Legal compliance: To meet legal or regulatory obligations.
  • Contractual purposes: To fulfil contractual obligations.
  • Freedom of expression: Where the processing is necessary for journalistic, academic, or public interest reasons.
  • Legal claims: If your data is needed to establish, exercise, or defend legal claims.

How to Submit a Right to Be Forgotten Request

To request the deletion of your personal data, please:

Complete our Right to Be Forgotten Request Form by clicking the button below:

SUBMIT RTBF
 

Alternatively, you can make a request by:

  1. Emaildata@divcom.co.uk
  2. Post:    Diversified UK & Europe
    Ground Floor, The Brinell Building, 30 Station Street, Brighton. BN1 4RB

Timeframe and Response

We will respond to your request within 28 days of receiving it. In complex cases, we may extend this period by up to two additional months, but we will inform you if this is necessary.

Your Privacy Matters

We take your privacy seriously. All requests are handled securely and in accordance with our Privacy Policy.