Phaidon International Group - Privacy Policy
Policy Name:Online Privacy Policy
Organisation Name:Phaidon International Group
Date of Last Update:May 2018
This Privacy Policy sets out information about the online privacy practices of the Phaidon International Group, as described below (“Phaidon”), and the choices you can make about the way your information is collected by us, how it will be used and for what purposes.
The Phaidon International Group includes:
• Phaidon International (UK) Limited
• Phaidon Holdings Ltd
• Phaidon International USA Inc
• Phaidon International (Deutschland) GmbH
• Phaidon International (Schweiz) GmbH
• Phaidon International (PTY) Ltd Singapore
• Phaidon International (Hong Kong) Ltd
By submitting any information to us, or by otherwise accessing or using our website (www.phaidoninternational.com) (“Website”), you agree to the terms of this Privacy Policy and consent to the policies and practices described herein for Phaidon’s processing of personal data.
1. We process your personal data
This Privacy Policy covers the processing, including without limitation the collection, use, disclosure, transfer, storage and deletion, of all personal data that is collected by Phaidon through our Website.
We process your personal data in accordance with the requirements of the General Data Protection Regulation (GDPR). In particular, we process personal data solely for lawful purposes, either in connection with a contract we have with you, subject to your consent, or on another permitted basis. We only process the minimum amount of personal data that is required for the relevant processing purpose, and we limit our processing to specific limited purposes necessary to conduct our activities. We only store your personal data as long as it is necessary for the purpose of the specific processing activity it was collected for, or for any longer period of time that we may be obligated by law to retain it.
As defined in the GDPR, “personal data” is any information relating to an identified or identifiable natural person (a “data subject”), being a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Personal data collected on our Website
We have structured our Website so that, in general, you can visit Phaidon on the web without identifying yourself or revealing any personal data unless you actively choose to do so. We make this Privacy Policy and notice readily available on our Website.
Our Website may use “cookies” to enhance your experience. Please see our Cookies Policy, available at https://www.phaidoninternational.com/cookies-policy for further information about the cookies used on our Website and your rights in respect to same.
3. How we use your personal data
Phaidon uses personal data to better understand your needs and interests and to provide you with better service. Once you choose to provide us with personal data, whether through this Website or by other means in the course of our activities and interaction with you, you can be assured it will be used only as specifically detailed below, or as otherwise explicitly consented by you.
Phaidon collects, holds, and processes the following personal data on the Phaidon Website:
For further information on how we process your personal data, please contact privacy@phaidoninternational.com. The controller responsible for the processing of your data is Phaidon International (UK) Limited.
Where you have provided us with consent to process your personal data, you have the right to withdraw this consent at any time. This will however not affect the lawfulness of processing based on consent before its withdrawal. We provide multiple, simple methods for withdrawing your consent, including, where applicable, electronic unsubscribe mechanisms. In any event, you can always inform us that you wish to withdraw your consent in respect of a specific processing activity and related personal data by emailing us at privacy@phaidoninternational.com.
If you do so, please provide us with your full name, email address and sufficient details about the consent you provided, including the scope of the consent and the personal data the consent related to. We collect your name and email address in this context only for the purpose of identifying you in order to execute your consent withdrawal request.
We only retain your personal data for as long as it is necessary for the relevant processing activity, or as otherwise required by law. We also maintain detailed policies and procedures regarding how and how long we retain your personal data.
Although we use all reasonable means to ensure that the information you provide to us is not used by third parties for purposes other than those described in this Privacy Policy, Phaidon is not responsible for any improper use of your personal data that is beyond our reasonable control.
4. Who we share your personal data with
Phaidon will not sell, rent or lease your personal data to others. Phaidon will not share your personal data with third parties except in line with permitted uses, as set out in Section 3 of this Policy or as specifically consented to by you. Phaidon shares customer information across Phaidon-owned business entities and companies working on our behalf, but only as described in this Privacy Policy.
Certain Phaidon services may be linked with those from third-party companies, some which offer you the option to share personal data you provide with both Phaidon and the third party. Examples include to request communications from Phaidon marketing or solution partners. We will not share your personal data with third-party companies unless you make that choice.
Phaidon contracts with third-party service providers and suppliers to deliver complete products, services and customer solutions and benefits. Suppliers and service providers are required to keep confidential the information received on behalf of Phaidon consistent with this Privacy Policy and may not use it for any purpose other than to carry out the services they are performing for Phaidon.
Circumstances may arise where, whether for strategic or other business reasons, Phaidon decides to sell, buy, merge or otherwise reorganize businesses in some countries. Such a transaction may involve the disclosure of personal data to prospective or actual purchasers or receiving it from sellers. It is Phaidon’s practice to seek appropriate protection for information, including personal data, in these types of transactions.
Phaidon may share your personal data with third parties acting on behalf of Phaidon, which may be located in other jurisdictions. We ensure that such transfers are lawful, including by ensuring that they are to jurisdictions that are considered to have equivalent privacy protections, and/or ensuring that the third parties to whom we transfer your personal data are under contract to Phaidon and bound by appropriate data protection clauses or other approved safeguards, as applicable in each situation.
5. Your rights
You have certain specific rights with respect to how we process your data. Phaidon is committed to ensuring that your rights are protected. The GDPR sets out the following rights applicable to data subjects:
a) The right to be informed – We have provided this Privacy Policy to provide you with concise, transparent, intelligible and easily accessible information about how we use your personal data, including specific information depending on whether or not we have obtained your personal data directly from you.
b) The right of access – You have right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information:
(a) the purposes of the processing;
(b) the categories of personal data concerned;
(c) the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
(d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
(e) the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
(f) the right to lodge a complaint with a supervisory authority;
(g) where the personal data are not collected from the data subject, any available information as to their source;
(h) the existence of automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
(i) Where personal data are transferred to a third country or to an international organisation, we will inform you of the appropriate safeguards in place in relation to the transfer.
c) The right to rectification – We will rectify without undue delay any inaccurate personal data we hold concerning you, including completing any incomplete personal data.
d) The right to erasure (also known as the ‘right to be forgotten’) – You have the right to have us erase all personal data we hold concerning you, without undue delay, in one of the following circumstances:
(a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(b) you withdraw your consent on which the processing is based and there is no other legal ground for the processing;
(c) you object to the processing and there are no overriding legitimate grounds for the processing, or you objected to the processing in respect to direct marketing;
(d) the personal data have been unlawfully processed;
(e) the personal data have to be erased for compliance with a legal obligation in EU or member country law to which our organisation is subject; or
(f) the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).
We cannot execute your request if the personal data you are asking us to erase is necessary:
(a) for exercising the right of freedom of expression and information;
(b) to comply with a legal obligation which requires processing under EU or a member state’s law to which we are subject, or to perform a task in the public interest or in the exercise of official authority vested in us;
(c) for certain reasons of public interest in the area of public health;
(d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as erasing the personal data is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(e) to establish, exercise or defend legal claims.
e) The right to restrict processing – You have the right to request that we restrict specific processing of your personal data, and we will comply, where one of the following applies:
(a) you are contesting the accuracy of your personal data that we hold, while we verify the accuracy of your personal data;
(b) the way we are processing the personal data is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;
(c) we no longer need the personal data for the purposes of the processing, but you need the personal data to establish, exercise or defend legal claims; or
(d) you have objected to processing in the public interest or in relation to our legitimate interest, pending the verification whether any legitimate grounds we may have override your right.
While you have restricted its processing, we will only store your personal data in question, and may process it only with your consent or to establish, exercise or defend legal claims or protect the rights of another natural or legal person or for reasons of important
public interest. We will notify you before lifting the processing restriction.
f) The right to data portability – You have the right to receive from us your personal data that you have provided to us, in a structured, commonly used and machine-readable format, and you have the right to transmit those data to another controller without hindrance from us, where:
(a) the processing is based on consent or on a contract; and
(b) the processing is carried out by automated means.
Where technically feasible, we will transmit your personal data directly to the other controller.
g) The right to object – You have the right to object to Phaidon processing your personal data in connection with our legitimate interests in the context of our activities (including profiling), direct marketing (including profiling), and processing for scientific and/or historical research and statistics purposes, where applicable.
h) Rights with respect to automated decision-making and profiling – You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. You can object to your personal data being used in this way. We are permitted to use automated decision-making and profiling if the decision:
(a) is necessary for entering into, or performance of, a contract between you and us;
(b) is authorised by EU or a member state law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
(c) is based on your explicit consent.
Where we engage in automatic decision-making or profiling in connection with a contract between us or further to your explicit consent, we implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention from us in the course decision-making process, and the opportunity to express your point of view and to contest the decision.
i) Right to lodge a complaint with your data protection supervisory authority - In the event you believe that we are processing your personal data otherwise than in accordance with the provisions of the GDPR, you have the right to lodge a complaint with the data protection supervisory authority located in the EU jurisdiction where you reside. For the UK, the supervisory authority is the UK Information Commissioner’s Office.
6. Links to non-Phaidon websites
The Phaidon Website may provide links to third-party companies’ websites for your convenience and information. If you access those links, you will leave the Phaidon website. Phaidon does not control those sites, their content or their privacy practices, which may differ from Phaidon's. We do not endorse or make any representations about third-party websites. The personal data you choose to give to unrelated third parties is not covered by this Phaidon Privacy Policy. We encourage you to review the privacy policy of any company before submitting your personal data. Some third-party companies may choose to share their personal data with Phaidon; that sharing is governed by that third-party company's privacy policy.
7. Children's privacy
Phaidon is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children's online activities and interests. Phaidon does not knowingly collect information from children under the age of 16 and Phaidon does not target its Website or any of its services to children under the age of 16.
8. Keeping your personal data secure
Phaidon is committed to protecting the information you provide us. To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, Phaidon has in place appropriate technological and operational procedures to safeguard the information we collect.
If you believe Phaidon has handled your personal data in a manner that does not comply with this Privacy Policy, please contact us by the means specified below at Section 10 of this Privacy Policy.
9. Changes to this Privacy Policy
If there are updates to the terms this Privacy Policy, we will post those changes and update the revision date in this document, so you will always know what information we collect, how we use it, and what choices you have. For material changes to this Privacy Policy, Phaidon will actively notify affected individuals.
10. Contacting us
We value your opinions. If you have comments or questions about our Privacy Policy – as well as if you have any requests or questions regarding our processing of your personal data, please contact the below:
Email the DPO: privacy@phaidoninternational.com
Call us: +44 (0) 20 3758 8800
Reach us in person or by mail: 21 Lombard Street, London, EC3V 9AH