Privacy Policy
This privacy notice governs the collection, storage, use, disclosure and disposal of personal information collected by us, Digital Topics Ltd, trading as DPA. It provides details about the personal information that we collect from you, how we use your personal information, your rights regarding the personal information that we hold about you and how to contact us or make a complaint.

For any questions please contact: dpa@digitalpolicyalliance.org.

About us
The DPA informs policy and decision-makers to encourage fair competition, inclusivity, sustainability and resilience of digital technology in the fast-evolving Digital world. We do this by being Independent, Informed and Inclusive.

DPA is a ‘data controller’ in respect of the personal information that it processes.

What personal information do we collect about you?

We only collect a minimal amount of personal information  about individuals who are (or are employed by) stakeholders, sponsors, donors and suppliers including name, job title, organisation, and contact information (e-mail, phone number, address and postcode). We also collect financial information from our supporters and suppliers relevant to sponsorship and the provision of goods and services.

We collect this information by a number of means including:

• Directly from the individuals themselves;
• From desk-based research into stakeholders with an interest in topics relevant to DPA aims using public sources such as websites;
• Recommendations from  other stakeholders;
• Recommendations from members of DPA
• We also collect personal information about stakeholders when they sign up to receive our newsletter.

Why do we process personal information?

We process your personal information for the following purposes:

• Receiving and processing sponsorship and maintaining relationships;
• The provision of goods and services;
• Organising events;
• Updating stakeholders on relevant policy events and reports.

What is the legal basis for the processing?

We process personal information for the purposes described on the basis that it is in our and your

legitimate interests, that you would reasonably expect this processing and that it does not materially impact your rights, freedoms or interests.

Where we have a contractual relationship with you, we may process your personal information as necessary for the performance of that contract or prior to entering into it.

What do we do with your data?
We do not carry out any automated decision making which is likely to have a legal or similar effect on you. All our staff are subject to an obligation of confidentiality and are aware of our data protection obligations.

We take appropriate technical and organisational measures to safeguard the personal information that you provide to us.

How do we share your personal information and who do we share it with?

We only share your personal information with the following third parties and under the following circumstances:

Sponsors: we share the names, organisations and job titles of prospective and actual attendees and speakers at events with event sponsors to allow them to tailor their input to the event, to evaluate the success of an event and to make decisions regarding future sponsorship of events. 
They agree that this information will be used by them only for these purposes and will not be used for marketing purposes. 

Think-party service providers: we share information with third-party service companies to facilitate or to provide certain services on our behalf. This will include IT infrastructure companies that facilitate our provision of Reform's services to you; and IT support service providers (these companies are authorised to use your personal information only as necessary to provide these services to us). 

Law enforcement or other authorities: we will share personal information if required by applicable law.

Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, like and dislikes by gathering and remembering information about your preferences.

Links to other websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

How long do we keep your data?

We keep member personal information for the duration of our relationship with you.

Where we have a contractual relationship with you and/or hold financial information, we are required to retain this information for seven years.

Under data protection laws you have a number of important rights free of charge. In summary, those include the right to:

• Access to your personal information and to certain other supplementary information this Privacy notice is designed to address;
• Require us to correct any mistakes in your information which we hold;
• Require the erasure of personal information concerning you in certain situations;
• Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that information to a third party in certain situations;
• Object at any time to processing of personal information concerning you for direct marketing;
• Otherwise restrict our processing of your personal information in certain circumstances.

 For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights or raise a complaint, please:

• Email us at dpa@digitalpolicyalliance.org.
• Let us have enough information to identify you
• Let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill);
• Let us know the information to which your request relates; and
• We will aim to respond to you within a one-month period.

If you are not satisfied with our response or believe we are not processing your personal information in accordance with the law you can complain to the Information Commissioner’s Office (https://ico.org.uk)