Last Revised: 02 August 2021 

Version: 1.0

This is the Privacy Policy for Continuity Strategy Limited and its affiliates ("Continuity Strategy"). This Privacy Policy was last updated in August 2021. 

Continuity Strategy is the controller of any personal data collected through the Site and will process such information in accordance with applicable data protection law including the EU General Data Protection Regulation ("GDPR") (in force from 25 May 2018). Any enquiries relating to data protection issues should be sent to our data protection officer at dpo@continuitystrategy.com.

Continuity Strategy understands that your privacy is important. We are committed to protecting your privacy and personal information you provide or as you access and use materials on continuitystrategy.com (the "Site"), including the Site subscription pages or other websites or apps that post a link to this Privacy Policy. In addition, information that you submit to Continuity Strategy in response to an email request for information or other outreach from Continuity Strategy, or through Continuity Strategy’s employment application processes, will be treated in accordance with this Privacy Policy.

Continuity Strategy may, at its discretion, amend this Privacy Policy from time to time. To ensure you are able to remain informed about the information we collect and how we use it, material changes to our Policy will be reflected here. This Site may contain links to external sites which are not governed by this Privacy Policy. Continuity Strategy does not take responsibility for the privacy practices of any third party sites to which we link. We encourage you to review the privacy policies of any such sites before you submit information there.

This policy sets out Continuity Strategy’s approach to the collection, storage, usage and transfer or disclosure of information you provide to us and information we collect in the course of operating our business or in connection with this Site. It also includes a description of your data protection rights which, in some instances, will include a right to object to the processing we carry out. 

To that end, please note that you have the right to object:

(a) at any time to Continuity Strategy’s use of your personal information for direct marketing purposes; and

(b) to Continuity Strategy's processing of your personal information where it is based on our legitimate interests, unless we have compelling legitimate grounds to process the information, or we need to do so in relation to legal claims.

Further information on exercising these rights is set out in the Users' Rights section below.

Please read this Privacy Policy carefully. By browsing our website and expressly consenting where required you agree to be bound by this Privacy Policy.

What information do we collect?

Continuity Strategy collects information from you when you create your account for the Site, request copies of publications, subscribe for email newsletters and press releases, seek additional information regarding our services or employment opportunities, databases, or register for conferences and other Continuity Strategy sponsored events. If you do not provide such information, you will not be able to create an account for the Site, request copies of publications, subscribe for email newsletters and press releases, seek additional information regarding our services or employment opportunities.

Personal information that we collect includes: names, addresses, e-mail addresses, phone numbers, unique personal identifiers, financial information, subject areas of interest and/or demographic information.

In addition, we sometimes aggregate demographic information and the types of systems and browsers of users Continuity Strategy also may conduct user surveys on the Web or use technologies to provide Continuity Strategy with information on a number of areas, such as user identity, user viewing habits, whether or not users found what they were searching for, whether the Site content is relevant to user needs, and the like.

How do we use personal information?

The purposes and uses of your personal information will depend on the use of the Site and the personal information provided. We process your personal information:

(i) for the purposes of safeguarding the legitimate interests pursued by Continuity Strategy. This includes:

· Informing you about updates to the service and notifying you about other products and services offered by Continuity Strategy that may be of interest to you, including information regarding publications and events

· Tailoring your experience at the Site with relevant Continuity Strategy materials

· Understanding the Site’s user population, identifying subject areas of interest, and determining whether the Site is designed to work with the computer settings of a majority of our visitors

· Measuring and improving the effectiveness of Continuity Strategy marketing programs across different channels.

· Improving our web content and navigation.

(ii) on the basis of your consent. Insofar as you have granted us consent to the processing of personal information for specific purposes (for example, in relation to the provision of our services to you and our activities to maintain our business relationship, or your application form for employment with Continuity Strategy), the lawfulness of such processing is based on your consent. You may withdraw your consent at any time.

(iii) for compliance with a legal obligation. This includes anti-fraud and anti-money laundering measures as well as tax and social security requirements.

We will not sell, share, or rent or otherwise make available your personal information to other parties, except that we may disclose the information to third parties who perform services on our behalf and have a need to access the information in connection with those services. Any third parties will only process this information to the extent to which and within the limits that Continuity Strategy itself is permitted to process that data. In addition, Continuity Strategy may disclose your contact information in response to enquiries by bona-fide rights owners in connection with allegations of infringement of copyright or other proprietary rights arising from information that you have posted on the Site or otherwise provided to Continuity Strategy.

The third parties with whom we may need to share personal information to help us provide services and products to you and to run our Website include:

· our subsidiaries or affiliates;

· our advisors;

· our third party service providers who process information on our behalf to help run some of our internal business operations including email distribution, IT services and marketing and events services;

· our business partners for publications and events co-organised by Continuity Strategy and them;

· law enforcement bodies in order to comply with any legal obligation or court order

Under the GDPR, and where applicable under analogous data protection laws, the main grounds that Continuity Strategy relies upon in order to process your personal information are the following:  

a) Necessary for entering into, or performing, a contract – in order to perform obligations that we undertake in providing service(s) to you, or in order to take steps at your request to enter into a contract with us, it will be necessary for us to process your personal data;  

b) Necessary for compliance with a legal obligation – we are subject to certain legal requirements which may require us to process your personal data.   We may also be obliged by law or for national security reasons to disclose your personal data to a regulatory body, government agency, court of competent jurisdiction, regulatory body or law enforcement agency in response to a lawful request submitted by court order, subpoena, warrant, or similar legal mechanism that carries equal weight;

c) Necessary for the purposes of legitimate interests - either we, or a third party, will need to process your personal data for the purposes of our (or a third party's) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data protected.  Our legitimate interests include responding to requests and enquiries from you or a third party, optimising our website and customer experience, informing you about our services and ensuring that our operations are conducted in an appropriate and efficient manner;

d) Consent – in some circumstances, we may ask for your consent to process your personal data in a particular way. To the extent that we are processing your personal information based on your consent, you will have the right to withdraw your consent at any time. You can do this by contacting us using the details in the Contact section at the bottom of this page. 

Continuity Strategy retains your personal information for so long as is necessary to fulfil the purpose for which it was collected. We may retain your personal information for longer if they may be the subject of a legal claim, or may otherwise be relevant for future litigation.

If, at any time, you prefer not to receive further communications from us in any or all forms you will have the ability to unsubscribe from such communications by means of a link provided in every e-mail that is sent to you by us. When subscribing to Continuity Strategy e-mail newsletters, you are given the opportunity to select which promotions, news, and information you would like to receive at the time of sign up, and you will have the opportunity to unsubscribe from such communications.

Continuity Strategy may use cookies on this Site and in our communications with you to keep track of your visit to our Site and our communications with you.  We may track website engagement using Google Analytics.

Continuity Strategy has in place appropriate technological and operational security processes designed to protect personally identifiable information from loss, misuse, alteration or destruction. Only authorised employees and contractors will have access to any data provided by you, and that access is limited by need. Each employee or contractor having access to any personally-identifiable information is obligated to maintain its confidentiality. Although we take steps that are generally accepted as industry standard to protect your personally-identifiable information, Continuity Strategy cannot guarantee that your personally-identifiable information will not become accessible to unauthorised persons and Continuity Strategy cannot be responsible for any actions resulting from a breach of security when information is supplied over the internet or any public computer network.

This website contains links to other websites not operated by Continuity Strategy.

Continuity Strategy is not responsible for the privacy practices or the content of any non-Continuity Strategy websites to which we link from the Site. We are not responsible for the protection and privacy of any information you provide whilst visiting other websites and sites not governed by our Privacy Policy. We cannot control the content or security of such websites. We cannot be held responsible for any loss or damage incurred by a user as a result of visiting such websites. No links are intended to be, nor should be construed as, an endorsement of any kind by us of that other website.

Continuity Strategy complies with all applicable privacy laws and regulations. Continuity Strategy may be compelled to surrender personal user or customer information to legal authorities if presented with a court subpoena or similar legal or administrative order, or as required or permitted by the laws, rules and regulations of any nation, state or other applicable jurisdiction. Also, in the event of a violation of the terms and conditions of use of the Site or a violation of any restrictions on use of materials provided in or through the Site, we may disclose personal user information to our affected business partners or legal authorities.

You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request.

Right of Access
You have the right at any time to ask us for a copy of your personal information that we hold.  Where we have good reason, and if the GDPR or other applicable data protection law permits, we can refuse your request for a copy of your personal information, or certain elements of the request (for example, if we would also be disclosing third party personal data). If we refuse your request or any element of it, we will provide you with our reasons for doing so.

Right of Correction or Completion
If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed. Therefore, please advise us of any changes to your information. You can let us know by contacting us using the details in the Contact section at the bottom of this page.

Right of Erasure
In certain circumstances, you have the right to request that personal information we hold about you is erased e.g. if the information is no longer necessary for the purposes for which it was collected or processed or our processing of the information is based on your consent (which you wish to withdraw) and there are no other legal grounds on which we may process the information.

Right to Object to or Restrict Processing
In certain circumstances, you have the right to object to our processing of your personal information by contacting us using the details in the Contact section at the bottom of this page. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You also have the right to object to use of your personal information for direct marketing purposes.

You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.

Right of Data Portability
In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format. 

You can ask us to transmit that information to you or directly to a third party organisation. 

The above right exists only in respect of personal information that:

you have provided to us previously; and

is processed by us using automated means.

While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organisation’s systems. Also, we may be unable to comply with requests that relate to personal information of others without their consent.  

You can exercise any of the above rights by contacting us using any of the methods in the Contact section at the bottom of this page.

Most of the above rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights. 

Continuity Strategy understands the importance of protecting children's privacy, particularly in their online interactions. This Site is not designed for and does not intentionally target or solicit to children 18 years of age and younger.

If you are unhappy about our use of your personal information, you can contact us using the details in the Contact section at the bottom of this page. You are also entitled to lodge a complaint with the UK Information Commissioner's Office using any of the below contact methods:

Telephone: +44 (0) 303 123 1113

Website: https://ico.org.uk/concerns/ 

Post: Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
 

If you live or work outside the UK or you have a complaint concerning our activities outside the UK, you may prefer to lodge a complaint with a different supervisory authority. A list of relevant authorities in the EEA and the European Free Trade Area can be accessed here.

For further questions you may contact the appropriate data protection point of contact:

Data Protection Officer
Continuity Strategy Limited

dpo@continuitystrategy.com