Construction Equipment Events Limited is a limited company registered in England and Wales (Company Number 07662426) further information about the company can be found at Companies House (https://www.gov.uk/government/organisations/companies-house)
CEE acts as Data Controller in respect of the information it collects from you and is registered with the ICO as Data Controller for the purposes of the Data Protection ACT 1998 (Registration number:Z9140072).
It is important to us that you understand what personal information we collect about you and how we use it. We have done our utmost to ensure this Policy is clear and understandable. But if you have any further questions please don't hesitate to contact our Data Protection Officer.
Our Data Protection Officer and data protection representatives can be contacted directly here: firstname.lastname@example.org
Who is this for?
We collect and process your Personal Data in accordance with all applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) ('GDPR'), together with other applicable UK and EU laws that regulate the collection, processing and privacy of your Personal Data (together, 'Data Protection Law').
In order to carry out processing requirements, some data must be shared with third party organisations.
You can view the list of processors we engage with, the processing that they undertake, and their privacy policies, in our Processor list. You can request a copy of our processor list by contacting email@example.com
How will we collect your data?
In order to fulfil our requirements to you, we may need to process certain elements of your personal data.
If this is required, we may collect the data in one of the following ways:
- Through you inputting the information into a form on one of our websites/social media networks/apps/badge scanners/electric devices
- Data provided verbally/digitally to the CEE/PlantWorx/RailWorx team
- Third party sources sharing the data with your consent
- Trade shows/networking events
On occasions, we may process information obtained from other organisations or publicly available sources. All organisations that we engage with are listed within our Processor List, and your data will not be processed without your consent.
What data do we need?
The data that we require could vary, depending on how you wish to interact with us. The data we require could include:
- Email address
- Phone number
- Personal profile information: nature of employment, job title, employer
- Accessibility requirements: nature of physical disability (if any additional assistance is required), dietary requirements
- Demographic information: preferences, interests
- Payment information
- Communication preferences: feedback about event/exhibitors/partners, contact with customer support/sales
- Business requirements
How we will use your data
The way that we use your data could vary, depending on how you wish to interact with us, and the level of consent you choose. We may use your data to:
- Activate and manage your account
- Provide details of the event
- Notify of changes/announcements to event
- Provide support: deliver customer support, manage technical issues, answer questions/queries via phone/email/written correspondence
- Ensure safety and security of event
- Enhance and improve service, and develop new products, benefits and services
- Deliver customised products and associated content, depending on your preferences
- Deliver targeted marketing campaigns about associated products, events and offers, including from media partners and sponsors
- Analyse visitor data, to determine success of event, marketing, individual campaigns, and deliver anonymised reports to stakeholders
- Resolve disputes using anonymised data
Your rights as a data subject
While we are in possession of, or processing your personal data, you (the data subject), have the following rights:
- You have the right to be informed about the collection and use of your personal data.
- You have the right to request access to and a copy of the information that we hold about you. You can do this via a Subject Access Request.
- You have the right to correct the personal data that we hold about you that is inaccurate or incomplete.
- In certain circumstances you can ask for the data we hold about you to be erased from our records if it is no longer necessary to provide you with our products and services.
- Where certain conditions apply, you have a right to restrict the processing.
- You have the right to have your personal data moved, copied or transferred (data portability) to another organisation.
- You have the right to object to certain types of processing such as direct marketing.
- You also have the right not to be subject to legal effects based on automated processing or profiling.
If you have any questions, queries or wish any action to be taken against your data, please contact the Data Protection Officer at firstname.lastname@example.org.In order to process a request, we may require you to verify your identity.
In the event that we refuse your request under rights of access, we will provide you with a reason as to why. All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
You can find more information about your general rights as a data subject here: https://ico.org.uk/your-data-matters/
Legal bases for processing your data
In order to process your data correctly, we will do so under one of the six legal bases outlined in GDPR. These are:
Consent: If you give clear consent for process your data to be processed. It will be made completely clear to you what you are consenting to, and your data will not be subject to any additional processing other that that which you have consented to. Consent may be withdrawn at any point.
Legitimate interest: If processing is necessary for the purposes of the legitimate interests pursued by us - the data controller -, any interested third parties, except when those interest are overridden by the interests or fundamental rights and freedoms of the you, the data subject.
Contract: If processing is necessary to complete terms of a contract with you, or because you have asked us to take specific steps before entering into a legal contract.
Legal obligation: If processing is necessary for us to comply with the law or our statutory obligations (not including contractual obligations).
Vital interests: Processing will be carried out if the processing is necessary to protect someone’s life.
Public task: The processing is necessary for a task to be performed in the ‘exercise of official authority’, covering public functions and powers that are set out in law; or to perform a specific task in the public interest that is set out in law.
Storage and security
All data is stored digitally on a cloud based-password protected system, within a secure facility which has limited access. The IT system is accessible only by employees who require the information in order to perform a specific job role. Every care will be taken to protect your personal data from being subject to loss, theft, misuse, unauthorised access or alteration.
We will retain your information for as long as is necessary to provide the service, or for other vital services, such as complying with legal requirements, upholding business and financial records, or any further requirements that we must comply with by law.
Managing your data preferences
You have the right to control what happens to your data, and have full control over how you are contacted.
We keep contact information (such as mailing list information) until a user unsubscribes or requests that we delete that information. If you choose to unsubscribe from a mailing list, you will be deleted completely and will not receive any marketing correspondence from us, unless you choose to re-register.
Where we are legally required to obtain explicit consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.
If you register for any live events or into any subscriptions, you will receive important emails known as solicited marketing. These emails may include key information about the event you plan to attend, such as directions, or how to download your ticket. These are important for you to receive.
If you want to unsubscribe from mailing lists or any subscriptions, clear instructions on how to do so will be provided within the body of the email, or you can contact the Data Protection Officer directly at email@example.com request that communications cease. If at any point you wish to reactivate communications, the Data Protection Officer is also able to assist.
Procedures are in place to oversee the containment and recovery of data, assessment of ongoing risk, notification of the breach (the Information Commissioners Office (ICO) and/or individual if necessary) and an ongoing procedure assessment.
In line with the requirements of the ICO, we would report a data breach to the ICO if it was likely to result in a risk to the rights or freedoms of individuals.
In the event that you wish to make a complaint about how your personal data is being processed by us (or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and our data protection representatives.
The details for each of these contacts are:
Supervisory Authority contact details
Data Protection Officer (DPO) contact details
Information Commissioners Officer (ICO)
Data Protection Officer
Information Commissioners House, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Unit 19, Omega Business Village, Thurston Road, Northallerton, North Yorkshire DL6 2NJ
0303 123 1113 (local rate) / 01625 545 745 (national rate)
020 8253 4517
Changes to the policy