Last updated 23 May 2018
This statement is to reassure you that at Prizeology we take privacy seriously and do all we can to respect the right to privacy of anyone using our site and services. We treat any information that you provide us with as confidential and do all we can to protect your personal information.
We want to tell you straight up that if you should have a query or complaint, our data protection manager is Sarah Burns. She can be contacted via firstname.lastname@example.org or on 020 7856 0402.
Compliance is the cornerstone of our business, so we ensure we comply with the Data Protection Act 1998, Privacy and Electronic Communications Regulations 2003 (amended 2011), and the European Union (EU) General Data Protection Regulation, which came into force from 25 May 2018.
Collecting your personal data
We’re a prize promotions agency and we run prize draws, competitions and other promotions on behalf of our clients. We primarily collect personal data from members of the public so that we can administer those prize promotions. For example, we collect personal data to conduct prize draws, judge competitions, notify winners, deliver prizes and publish winners’ lists.
We also collect personal data from our clients, so that we can work with them on current projects and market our services to them. We may also collect personal data so that we can communicate with potential clients to market our services and generate new business.
Prize promotions entrants
If you enter a prize promotion we’re running on behalf one of our clients, we will collect your personal data so that we can, for example, liaise with you to check information, notify you that you’re a winner or ensure you receive your prize.
The ways in which we collect your personal data include online via the Prizeology website or a prize draw or competition microsite managed by us or by a third party, via email, by phone including text, in writing when you enter a promotion by post or occasionally face to face.
The type of data we routinely collect from entrants to prize promotions can include:
- Phone number
- Email address
- Postal address
If it’s relevant to a specific promotion, we may collect other data from you.
We make sure we process and store your personal information safely and securely. If we do need to share your personal information with a business we work with, for example our client or a company that is handling the delivery of a prize, we will only do that via a secure FTP site.
We don’t routinely ask for your date of birth, but we may need to request it, for example to check your eligibility for a prize or to book a holiday prize. Likewise, we don’t routinely ask for bank card or payment information, but may need to request it if, for example, we need to make a bank transfer to you as part of a prize.
We treat any written notes we take during a phone call or meeting in the same way as we treat other personal information.
We don’t keep your data for any longer than we need to. Any personal data we collect for a prize promotion will routinely be deleted three months after we receive it. However, if the prize promotion has a longer duration or claim timeframe, any personal data will be deleted once all prizes have been fulfilled and the winners’ list has been published.
You have a number of legal rights related to what we do with your personal information. For example, you have the right to see any personal data we may hold about you and you can ask us to correct any inaccuracies.
When you participate in one of our prize promotions, we ask you to actively consent to Prizeology using your data in relation to that prize promotion, but you have the right to withdraw your consent at any time. If you are a business contact, you have the right to withdraw your consent at any time, too.
You also have a right to be forgotten, which means you can ask us to delete or remove any information we hold on you. We will do this, but if, for example, you were to ask us to do this before we’ve conducted the draw you’ve entered, it would not be possible to include you in the draw. We’re sure you’ll understand why.
Likewise, if you were to ask us to do this before your prize had been delivered, it would not be possible to deliver the prize and the winner would be redrawn. Again, we’re sure you’ll understand the logic of this.
Making a winners’ list available is a regulatory requirement and would be referenced in the terms and conditions of any prize promotion. If, having received your prize, you were to exercise your right to be forgotten before a winners’ list had been made available, we would only delete or remove any information we hold on you once the winners’ list had been published.
To request a copy of the data we may hold about you, please send a written request by email to email@example.com or by post to Prizeology Limited, 115 Mare Street, London E8 4RU. We will respond within 30 days. To correct any inaccuracies, please email or call us on 020 7856 0402.
If you are a client, work for another agency or are a general business contact, we collect your personal data so that we can work effectively with you. The ways in which we collect it include online, via email, by phone, in writing or face to face.
The type of data we routinely collect can include:
- Phone number
- Email address
- Company address
We treat any written notes we take during a phone call or meeting in the same way as we treat other personal information. We don’t routinely ask for bank card or payment information, but may need to request it, for example for business payments.
Any personal data we collect via the newsletter sign-up form on our website will only be used for the purpose of sending you the Prizeologist, our monthly newsletter.
Business contacts also have the right to see any personal data we may hold about them, can ask us to correct any inaccuracies and can exercise the right to be forgotten. Please contact us with a written request by email to firstname.lastname@example.org or by post to Prizeology Limited, 115 Mare Street, London E8 4RU. You can call us on 020 7856 0402.
Data for marketing
Any personal data we collect via the newsletter sign-up form on our website will only be used for the purpose of sending you the Prizeologist, our monthly newsletter. We will process this data securely and keep it safe in the exactly the same way as we keep all other data safe.
We ask you to actively consent to receiving the Prizeologist, but you have the right to withdraw your consent at any time. You can do this via either of the buttons at the bottom of the newsletter which say ‘Unsubscribe from this list’ and ‘Update subscription preferences’.
We may also want to send you relevant marketing information via email. Where we do this, we would first carry out a legitimate interest assessment, which would enable us to determine whether our plans are legitimate. If we went ahead, we would make it clear how we planned to use the data and we would give people an easy way to opt out of our marketing communications.
Just to be clear, we might also collect and process information under legitimate interest because we were buying or selling a business or assets, but again we would first carry out a legitimate interest assessment, and we would collect and process information in a reasonable and secure way.
Storing and transferring your data
Any paper files, for example paper entries for a draw or notes taken where a winner has claimed a prize and confirmed details over the phone, are stored in locked filing cabinets. Only one member of staff holds the key to each specific cabinet, relating to the specific files they are individually working on. Any paper files which are no longer required are securely shredded.
All personal data we hold electronically is stored on a secure encrypted server, which is hosted in the EU. As well as this encryption, all files containing personal data are password-protected, and the passwords contain a mixture of upper- and lower-case letters, numbers and special characters. All computers used by Prizeology have strong anti-virus protection which is updated regularly.
If we do need to transfer personal information outside the European Economic Area, the transfer will be overseen by our data protection manager and we will ensure the transfer is legal and your data is secure.
We do endeavour to take all reasonable steps to protect your personal information. However, we cannot guarantee the security of any data that you disclose and we will not be responsible for any breach of security unless it is due to our negligence or wilful default.
If we were to collect and process information under legitimate interests, for example in the form of surveys or newsletters, it would be done in the commercial interests of the business or because we were buying or selling a business or assets. We would carry out a legitimate interest assessment and collect and process information in a reasonable way.
All members of staff have received training in data protection and information security. Any further training will be provided where there are any significant changes to the law or our procedures. Any new member of staff will receive compulsory data protection training.
We hope the above is all clear, but we understand it’s all fairly legalistic so if you need any further information you can contact us by phoning 020 7856 0402, emailing email@example.com or writing to us at Prizeology Limited, 115 Mare Street, London E8 4RU.
Finally, if we fall short in the way we handle your data and we are unable to resolve the issue, you also have the right to make a complaint to the Information Commissioner’s Office (ICO), which you can contact via https://ico.org.uk/global/contact-us/
Some of our cookies are used to simply collect information about how visitors use our website. These types of cookies collect the information in an anonymous form.
However, if you do delete and block all cookies from our website, parts of this site may not then work. This is because some of the cookies we use are essential for parts of our website to operate.
If you don’t wish to accept cookies from our website, please leave it at once and then delete and block all cookies from this site.