This Privacy Policy explains what information that Construction Equipment Events Ltd (trading as PlantWorx/RailWorx), gathers about you, what we use that information for, and who we give that information to.

Construction Equipment Events Limited is a limited company registered in England and Wales (Company Number 07662426) further information about the company can be found at Companies House (https://www.gov.uk/government/organisations/companies-house)

CEE acts as Data Controller in respect of the information it collects from you and is registered with the ICO as Data Controller for the purposes of the Data Protection ACT 1998 (Registration number: Z9140072).

This Privacy Policy also sets out your rights in relation to your information and who you can contact for more information or queries.

It is important to us that you understand what personal information we collect about you and how we use it. We have done our utmost to ensure this Policy is clear and understandable. But if you have any further questions please don't hesitate to contact our Data Protection Officer.

Our Data Protection Officer and data protection representatives can be contacted directly here: data@worx.co.uk

Who is this for?

This Privacy Policy is relevant for all customers whose personal data is collected because of the use of our products and services. By personal data, we are referring to any information which can be used to identify you.

We collect and process your Personal Data in accordance with all applicable laws that regulate data protection and privacy. This includes, without limitation, the EU General Data Protection Regulation (2016/679) ('GDPR'), together with other applicable UK and EU laws that regulate the collection, processing and privacy of your Personal Data (together, 'Data Protection Law').

Processor list

In order to carry out processing requirements, some data must be shared with third party organisations.

You can view the list of processors we engage with, the processing that they undertake, and their privacy policies, in our Processor list. You can request a copy of our processor list by contacting data@worx.co.uk

We may update the list of third parties referred to with our privacy policy above every six months (January 1st and July 1st). You should review the list after the dates stated above. If you do not object to your data being disclosed to any additional Processors within 30 days after the publication of the updated list, you are deemed to have accepted the changes to the list and to this Privacy Policy. If you do not agree with the changes and wish to stop any element of the processing of your data, you can contact the Data Protection Officer at data@worx.co.uk.

How will we collect your data?

In order to fulfil our requirements to you, we may need to process certain elements of your personal data.

If this is required, we may collect the data in one of the following ways:

• Through you inputting the information into a form on one of our websites/social media networks/apps/badge scanners/electric devices
• Data provided verbally/digitally to the CEE/PlantWorx/RailWorx team
• Third party sources sharing the data with your consent
• Trade shows/networking events

On occasions, we may process information obtained from other organisations or publicly available sources. All organisations that we engage with are listed within our Processor List, and your data will not be processed without your consent.

What data do we need?

The data that we require could vary, depending on how you wish to interact with us. The data we require could include:

• Name
• Gender
• Address
• Email address
• Phone number
• Personal profile information: nature of employment, job title, employer
• Accessibility requirements: nature of physical disability (if any additional assistance is required), dietary requirements
• Demographic information: preferences, interests
• Payment information
• Communication preferences: feedback about event/exhibitors/partners, contact with customer support/sales
• Business requirements

How we will use your data

The way that we use your data could vary, depending on how you wish to interact with us, and the level of consent you choose. We may use your data to:

• Activate and manage your account
• Provide details of the event
• Notify of changes/announcements to event
• Provide support: deliver customer support, manage technical issues, answer questions/queries via phone/email/written correspondence
• Ensure safety and security of event
• Enhance and improve service, and develop new products, benefits and services
• Deliver customised products and associated content, depending on your preferences
• Deliver targeted marketing campaigns about associated products, events and offers, including from media partners and sponsors
• Analyse visitor data, to determine success of event, marketing, individual campaigns, and deliver anonymised reports to stakeholders
• Resolve disputes using anonymised data

Your rights as a data subject

While we are in possession of, or processing your personal data, you (the data subject), have the following rights:

• You have the right to be informed about the collection and use of your personal data.
• You have the right to request access to and a copy of the information that we hold about you. You can do this via a Subject Access Request.
• You have the right to correct the personal data that we hold about you that is inaccurate or incomplete.
• In certain circumstances you can ask for the data we hold about you to be erased from our records if it is no longer necessary to provide you with our products and services.
• Where certain conditions apply, you have a right to restrict the processing.
• You have the right to have your personal data moved, copied or transferred (data portability) to another organisation.
• You have the right to object to certain types of processing such as direct marketing.
• You also have the right not to be subject to legal effects based on automated processing or profiling.

If you have any questions, queries or wish any action to be taken against your data, please contact the Data Protection Officer at data@worx.co.uk. In order to process a request, we may require you to verify your identity.

In the event that we refuse your request under rights of access, we will provide you with a reason as to why. All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.

You can find more information about your general rights as a data subject here: https://ico.org.uk/your-data-matters/

Legal bases for processing your data

In order to process your data correctly, we will do so under one of the six legal bases outlined in GDPR. These are:

Consent: If you give clear consent for process your data to be processed. It will be made completely clear to you what you are consenting to, and your data will not be subject to any additional processing other that that which you have consented to. Consent may be withdrawn at any point.

Legitimate interest: If processing is necessary for the purposes of the legitimate interests pursued by us - the data controller -, any interested third parties, except when those interest are overridden by the interests or fundamental rights and freedoms of the you, the data subject.

Contract: If processing is necessary to complete terms of a contract with you, or because you have asked us to take specific steps before entering into a legal contract.

Legal obligation: If processing is necessary for us to comply with the law or our statutory obligations (not including contractual obligations).

Vital interests: Processing will be carried out if the processing is necessary to protect someone’s life.

Public task: The processing is necessary for a task to be performed in the ‘exercise of official authority’, covering public functions and powers that are set out in law; or to perform a specific task in the public interest that is set out in law.

Storage and security

All data is stored digitally on a cloud based-password protected system, within a secure facility which has limited access. The IT system is accessible only by employees who require the information in order to perform a specific job role. Every care will be taken to protect your personal data from being subject to loss, theft, misuse, unauthorised access or alteration.

We will retain your information for as long as is necessary to provide the service, or for other vital services, such as complying with legal requirements, upholding business and financial records, or any further requirements that we must comply with by law.

Managing your data preferences

You have the right to control what happens to your data, and have full control over how you are contacted.

We keep contact information (such as mailing list information) until a user unsubscribes or requests that we delete that information. If you choose to unsubscribe from a mailing list, you will be deleted completely and will not receive any marketing correspondence from us, unless you choose to re-register.

Where we are legally required to obtain explicit consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.

If you register for any live events or into any subscriptions, you will receive important emails known as solicited marketing. These emails may include key information about the event you plan to attend, such as directions, or how to download your ticket. These are important for you to receive.

If you want to unsubscribe from mailing lists or any subscriptions, clear instructions on how to do so will be provided within the body of the email, or you can contact the Data Protection Officer directly at data@worx.co.uk and request that communications cease. If at any point you wish to reactivate communications, the Data Protection Officer is also able to assist.

Complaints/Data Breaches

Procedures are in place to oversee the containment and recovery of data, assessment of ongoing risk, notification of the breach (the Information Commissioners Office (ICO) and/or individual if necessary) and an ongoing procedure assessment.

In line with the requirements of the ICO, we would report a data breach to the ICO if it was likely to result in a risk to the rights or freedoms of individuals.

In the event that you wish to make a complaint about how your personal data is being processed by us (or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and our data protection representatives.

The details for each of these contacts are:

Changes to the policy 

We reserve the right to keep our Privacy Policy under regular review, and we will place any updates on this page. Your continued use of the all CEE/PlantWorx/RailWorx websites subsequent to such changes will be deemed to be your acceptance of such revisions.  If you do not accept any such changes you should cease to use this Website or contact data@worx.co.uk.

This Privacy Policy was last updated on the 19th July 2018.