Lightcast Discovery Ltd ('Company', 'we', 'us' or 'our') is committed to protecting the privacy of anyone who visits this website or engages with us in other ways, for example if we deliver services to you as a commercial, research or academic customer under a contract, engage in marketing activities or if you attend one of our events. Collectively, we'll refer to these as our 'Services'.
We need certain information from you when you're interacting with our Services and this Privacy Notice applies to all personal data about you collected by us. We recognise the need to respect information that is disclosed to us and we want to let you know how we use this, as well as inform you of the rights and options you have in respect of your personal data.
WHO WE ARE
We are Lightcast Discovery Ltd, a limited company registered in England with company number 11830666, whose registered address is Broers Building, 21 JJ Thomson Avenue, Cambridge, CB3 0FA.
We will treat all personal data we process about you in accordance with current Data Protection legislation (including the EU General Data Protection Regulation (where applicable) and the UK General Data Protection Regulation, together the 'GDPR').
For the purposes of the GDPR, we are an independent controller of your personal data. This means that we are responsible for deciding how and why your personal data is used.
If you are engaging our Services from a country outside of the UK and EEA, we will still process your personal data in line with the organisational and security requirements set out under the GDPR. If you are a data subject from North America, please note that we are in the process of updating this Privacy Notice to explain the specific steps we take to protect your personal data as per the requirements of your jurisdiction.
HOW TO CONTACT US
If you have any questions about this policy or the information we hold about you, please contact our Data Protection Officer ('DPO'), by email at firstname.lastname@example.org or contact us by post at the registered address set out above.
THE INFORMATION WE COLLECT
Personal Data refers to any information that can be used to identify a living individual directly or indirectly. This does not include data where the identity has been removed (anonymous data).
We collect and process information relating to you as an individual when you engage in our Services.
The personal data we collect from you directly includes:
- Email address;
- Contact number;and
- Job title.
We're also interested in finding out about your specific areas of commercial, research or academic interest which, although not personal data by itself, combined with other data we collect about you, may become personal data.
HOW WE USE YOUR PERSONAL DATA
As a controller, we always need a lawful basis for processing your personal data. Our legal basis for collecting and using your personal data will depend on the personal information concerned and the specific context of how we use it. However, we will normally only collect and process your personal information for the following processing activities and on the following legal basis:
Contacting you when you join our mailing list
Legitimate interests (to provide you with updates on our product developments and send you details about our Services)
Responding to you when you contact us via email, telephone or via post
Legitimate interests (to respond to your email, telephone call or postal general enquiry)
Delivering and facilitating delivery of Services
Legitimate interests (to provide you with the requested Service); or Contract (to provide you with the requested service)
Responding to user enquiries/offer support to users
Legitimate interests (to solve potential issues you might have with the requested service)
Sending administrative information to you
Legitimate interests (to send you details about our products and services, changes to our terms and policies and other similar information); or
Contract (to update our contractual terms); or
To comply with a legal obligation (to notify you of updates to our terms and policies)
To request feedback
Legitimate interests (to improve our Services)
To send you marketing and promotional communications, including early access details and information on collaborations
Legitimate interests (you have subscribed to our marketing service and we want to keep you updated about our products and Services)
To contact you when we have obtained your personal data from SciLeads
Legitimate interests (based on your research or academic area of interest, we would like to inform you of our products and services)
To deliver targeted advertising to you
Legitimate interests (to ensure advertising is tailored to your interests, location and more)
To identify usage trends and common research areas
Legitimate interests (to better understand how our Services are being used so that we can improve them)
To determine the effectiveness of our marketing and promotional campaigns
Legitimate interests (to ensure we understand what marketing and promotional campaigns are most relevant to you).
Where we have relied on the legal basis of 'legitimate interests' in order to process your personal data, we have considered the impact on your interests and rights, and have put in place appropriate safeguards to ensure that intrusion on your privacy is reduced by as much as possible.
WHO WILL HAVE ACCESS TO YOUR PERSONAL DATA?
We may share your personal data with, service providers (such as marketing agents) or contractors 'third parties') who perform services for us or on our behalf and require access to such information to do that work.
We have contracts in place with our third parties, which are designed to help safeguard your personal data and third parties will only process this information on our instructions.
We may also need to share your personal data in the following situations:
- Business Transfers: we may share or transfer your personal data in connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company;
- Business Partners: we may share your information with our business partners so that we can invite you to joint seminars that may be of interest to you or to offer you certain promotions, products or services that we may be co-marketing, where you have consented to us doing so.
TRANSFERS OF DATA OUT OF THE UK AND EEA
We may transfer your personal data outside of the UK and EEA. When we do so, we will ensure that appropriate safeguards and technical measures are in place to protect your rights and freedoms as a data subject in relation to the processing of that personal data, and we will only transfer your personal data pursuant to the applicable legal mechanisms set out in the Data Protection legislation.
HOW DO WE PROTECT YOUR DATA?
We use appropriate technical and organisational measures to safeguard the personal data we collect and process about you. The measures we use are designed to provide a level off security appropriate to the risk of processing your personal information.
We take care to allow access to personal information only to those who require such access to perform their tasks and duties, and to third parties who provide services to us or otherwise have a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures ensure the information is used in a manner consistent with this Privacy Notice and that the security and confidentiality is maintained.
While we use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the integrity and security of any personal data that are transferred from you or to you via the internet. You should only access the Services within a secure environment.
We will only keep your personal data for as long as it is necessary for the purposes for which we collected it unless a longer retention period is required or permitted by law.
When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymise it or, if this isn't possible (for example, because it has been stored in backup archives) then we will securely store your personal data and isolate it from any further processing until deletion is possible.
YOUR DATA PROTECTION RIGHTS
As a data subject, you have rights under the Data Protection legislation in relation to your personal data, which you can exercise free of charge, by contacting our DPO. We will respond to any rights that you exercise within a month of receiving the request, unless the request is particularly complex, in which case we will respond within three months.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Your data protection rights are:
- the right of access to personal data relating to you - there are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. You are entitled to see the personal data held about you. If you wish to do this, please contact our DPO;
- the right to correct any mistakes in your information;
- the right to ask us to stop contacting you with direct marketing (you can do this at any time by visiting the Subscription Centre);
- the right to restrict or prevent your personal data being processed;
- the right to have your personal data ported to another data controller;
- the right to erasure – you have the right to ask us to erase your personal data when the personal data is no longer necessary for the purposes for which it was collected or when (for example) your personal data has been unlawfully processed;
- the right to withdraw consent – where consent has been relied on to process your personal data.
WHAT WILL HAPPEN IF YOUR RIGHTS ARE BREACHED:
If you don't think that we have processed your data in accordance with this policy, you should let us know as soon as possible.
Similarly, you may complain to the Information Commissioner's Office. Information about how to do this is available on its website at https://ico.org.uk.
You may be entitled to compensation for damage caused by contravention of the Data Protection legislation.
Our Services are not intended for use by minors under the age of 18. By engaging in the Services, you represent that you are at least 18 years of age or that you are the parent or guardian of such a minor and consent to that individual's use of the Services. If you become aware of any data that we may have collected from a minor, please contact our DPO.
INFORMATION FROM THIRD PARTY SOURCES
We use a third party online solution, SciLeads, to access publicly available information from a scientific leads database for marketing and sales purposes. We have confirmed with SciLeads that they are legally permitted to disclose this personal data to us.
SENSITIVE PERSONAL DATA
We don't process any information which would be considered 'special category data' (that is any information which, for example, reveals your ethnic or racial origin, political affiliations or health data.)
PERSONAL DATA ABOUT OTHER INDIVIDUALS
If you give us information on behalf of someone else, you must confirm that the other person has given their consent.
UPDATES TO THIS PRIVACY NOTICE
We will update this Privacy Notice from time to time when necessary to reflect your feedback and in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you. You should check this Privacy Notice occasionally to ensure you are aware of the most recent version that will apply each time you access our Services.
HOW TO CONTACT US
If you have any questions or comments about this Privacy Notice, please contact our DPO via email or post:
Data Protection Officer
Lightcast Discovery Ltd
Broers Building, Hauser Forum
21 JJ Thomson Avenue,