The General Data Protection Regulation (GDPR)
Public Policy Projects Ltd, Company Registration Number 05401243, Registered Address 1-3 College Yard, Worcester, England, WR1 2LB, with a head office of 10 Rose and Crown Yard, London, SW1Y 6RE and sales office of County House, St Mary’s Street, Worcester, WR1 1HB. Dorson Group is the parent company that hosts Public Policy Projects (PPP) a policy advisory and development company as well as the publishing business including two titles Accountable Care Journal (ACJ) and Hospital Times (HT). For over 20 years the various divisions of the company have provided news, insight and analysis to the health, care and local government sectors. Public Policy Projects is part of the Dorson Group of companies which include Dorson Transform.
The General Data Protection Regulation (GDPR)
The GDPR is a new European regulation for the protection of personal data that will come into force on 25 May 2018 and will be put into UK law through the Data Protection Bill which was unveiled by the government in August 2017. Before 25 May 2018, the 1998 and 2003 Data Protection Acts apply.
GDPR Privacy Notice
What personal information does Public Policy Projects hold?
Where provided, we have the names, work addresses and email addresses of post holders working for companies and organisations in the health, care and local government sectors. These include post holders working in the NHS, care, local authorities, commissioning, third sector, private health, primary care and mental health. In addition, we hold information relating to post holders in suppliers and advisors (e.g. lawyers, accountants, financial advisors, management consultants) to the health, care and local government sectors.
What does Public Policy Projects do with the data?
We use the data we collect in the following ways:
- We are a publisher and policy advisory/development company for the health, care and local government sectors and produce a range of policy papers. We rely on having good, up-to-date data to ensure we reach the right people.
- We use the data for direct marketing purposes. We use data to also communicate news to readers. Any communications that we send clearly include an ‘unsubscribe’ option.
- We license data to third parties who may use it for publishing purposes. It is important to note that we do not sell data – it is licensed to publishers on a time and use restricted basis following copywrite regulations.
- We use data for the processing of sales and the delivery of products to clients.
How we collect information
We collect data in the following ways:
- From public websites which publish contact information.
- Through our sales process during which we require client’s details to invoice them and send them the products they order.
- From subscriptions to our publications.
- From partner companies including LaingBuisson and Cratus Communications.
Public Policy Projects data is held in the following places:
- Our password-protected CRM system which is only accessible to selected staff.
- Our password-protected email systems which is only accessible to selected staff.
If you do not wish us to use your data ourselves, you can:
- Request to unsubscribe via any of the direct marketing communications that we send.
- Write to our Managing Director at 10 Rose and Crown Yard, London, SW1Y 6RE or firstname.lastname@example.org
- For readers of Accountable Care Journal, Hospital Times and Public Policy Projects ‘Unsubscribe from all’ by emailing email@example.com.
What marketing channels and on what basis can Public Policy Projects data be used after 25 May 2018?
Our communications are ‘business to business’ (B2B) and as a result we are processing data on the legal basis of ‘legitimate interest’.
- Postal Communication/Marketing – this will remain on an ‘opt-out’ channel (subject to the Mailing Preference Service (MPS) where appropriate).
- Telephone Communication/Marketing – all telephone numbers must be screened against the TPS and CTPS (Telephone/Corporate Telephone Preference Scheme) prior to being used for marketing purposes. Beyond which, this will remain an ‘opt-out’ channel.
- Email Communication/Marketing – the rules for e-mailing employees of Public Bodies and Companies are governed by the PECR (Privacy and Electronic Communication Regulations) which will be replaced by the forthcoming e-Privacy Regulations (tbc). This will remain an ‘opt-out’ channel. Private individuals are asked to opt-in to receive electronic communication and marketing from us.
What restrictions are there on the use of Public Policy Projects data for marketing?
- All communications must be relevant and proportionate.
- All communications must contain a clear opportunity to opt-out from future correspondence.
- All requests to opt-out are honoured.
- Data used for marketing must be recently downloaded (i.e. within the past month) to ensure it is as up to date as possible
We process data on the basis of ‘legitimate interest’ and can make legitimate interest assessments available for viewing as required. Any party who purchases a data license from us must establish their own legal basis for processing.
Public Policy Projects and GDPR
Public Policy projects offers a range of publications, product and services. Much of the data we hold relates to post holders in companies and organisations as described above and may be used by us for marketing and readership purposes.
Public Policy Projects is the legal data processor. We only host information on other platforms and remain the data controller.
Public Policy Projects’ websites and your privacy
There is information about your computer hardware and software that is automatically collected by Public Policy Projects. This information can include: your IP address, browser type, domain names, access times and referring website addresses. This information is used by Public Policy Projects for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of Public Policy Projects websites. Public Policy Projects is not responsible for the content on websites outside of the Public Policy Projects and the Dorson Group of websites.
The Public Policy Projects website uses “cookies” to help you personalise your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you personalise Public Policy Projects pages, or register with a Public Policy Projects site or services, a cookie helps Public Policy Projects to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same Public Policy Projects website, the information you previously provided can be retrieved, so you can easily use the Public Policy Projects features that you customised.
You can accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Public Policy Projects services or websites you visit.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Security of your Personal Information
Public Policy Projects secures your personal information from unauthorised access, use or disclosure. Public Policy Projects secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure. When personal information is transmitted to other websites, it is protected through the use of encryption.
What are your rights
Under data protection laws you have a number of important rights free of charge. In summary, those include the right to:
- access to your personal information and to certain other supplementary information this Privacy notice is designed to address;
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that information to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- otherwise restrict our processing of your personal information in certain circumstances.
- For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
- If you would like to exercise any of those rights, please:
• write to us (either by post or email) at Public Policy Projects, 10 Rose and Crown Yard, London, SW1Y 6RE or firstname.lastname@example.org;
• let us have enough information to identify you
• let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill;
• let us know the information to which your request relates; and
• we will aim to respond to you within a one-month period.
Changes to this Statement
Public Policy Projects will occasionally update this Statement of Privacy to reflect company and customer feedback. Public Policy Projects encourages you to periodically review this Statement to be informed of how Public Policy Projects is protecting your information.
Dorson West welcomes your comments regarding this Statement of Privacy. If you believe that Public Policy Projects has not adhered to this Statement, please contact Public Policy Projects at email@example.com. We will use commercially reasonable efforts to promptly determine and remedy the problem.