WeAreLIT Limited

Last Updated: July 2021

1. Introduction

At WeAreLIT Ltd. (“we”, “us”) we take your privacy seriously.

This privacy notice explains how WeAreLIT collects and uses personal data, and describes the rights you have with respect to your personal data.

As a responsible organisation, we have implemented numerous technical and organisational measures to ensure the most complete protection of any personal data processed by us, in order to meet the requirements of the General Data Protection Regulation (“GDPR”), and in accordance with any country-specific data protection regulations.

WeAreLIT processes personal data for a variety of purposes. We collect this data directly from you, for example, if you engage us to provide services directly to you, or we may also obtain your personal data from publicly available sources (e.g. LinkedIn), or process your data in the context of providing services to your employer (as our customer).

This privacy notice is intended to cover all aspects and scenarios of how WeAreLIT processes personal data and it is further supplemented by more specific privacy notices, which are provided to you at the time your personal data is collected, where appropriate

2. Name and Address of the Data Controller

The data controller for the purposes of the GDPR, other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

WeAreLIT Ltd, 60 Grays Inn Road, Holborn, London, WC1X 8LU

Phone: 01628 243 057

Email: [email protected] (for Data Protection Enquiries)

Website: https://www.wearelit.uk/

As a data controller we are responsible for deciding how we hold, use and keep personal data secure. It also means we are responsible for responding to requests you make in relation to how your personal data is used. If you have any questions about the way your personal data is processed, you can contact us on these details:

Email: [email protected]

You may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.

3. Data Protection Representative

Article 27 of the EU General Data Protection Regulation (GDPR) requires organizations that are not established in the European Union (EU) to designate a representative in the EU if they are subject to the GDPR.

WEARELIT may undertake processing activities to which the GDPR applies. For that reason, WEARELIT has appointed a representative in accordance with the GDPR to act on their behalf if, and when, they undertake data processing activities to which article 3(2) of the GDPR applies. Such appointment is not intended to be an acknowledgement that the GDPR is applicable to any of their processing activities.

The Data Protection Representative of the Controller is:

WeAreLIT Ltd. registered office is at 19a Blackpool Gardens, Hayes, London, UB4 8DY.

Email: [email protected]

4. Personal data

This privacy notice covers any personal data processed by WEARELIT. “Personal data” means any information relating to an individual who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier. Personal data also refers to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of an individual.

It also includes sensitive personal data (special category data as referenced in the GDPR), including:

    • Racial or ethnic origin
    • Political opinions
    • Religious or philosophical beliefs
    • Membership of a trade union
    • Genetic data
    • Biometric data
    • Physical or mental health or condition
    • Sex life or sexual orientation

Sensitive personal data also includes personal data relating to criminal convictions and offenses.

5. What data is processed

We will collect personal data when you set up an account with us, purchase products or services from us, complete forms we provide to you, make a report or notification about our products or services, contact us by phone, email or communicate with us directly in some other way.

Below we define types of personal data processed by us depending on the circumstances in which personal data is collected. We collect the following types of personal data from you:

5.1. Visitors to our website

Personal data we collect about you when you visit our site falls into two categories.

  • Information provided directly by you

We collect personal data that you provide voluntarily through our site, for example, when completing online forms to contact us, subscribing to a newsletter, using one of our online, subscribing to receive marketing communications from us, participating in surveys or registering for events that we are organizing. The information we collect about you includes the following:

  • Name
  • Job title, job level or function, role
  • Company or organisation
  • Company data
  • Contact information, including primary email, email address and telephone numbers
  • Demographic information, such as industry, country, postcode, preferences and interests
  • Other information relevant to client surveys or similar research
  • Information pertinent to fulfilling our services to you
  • Any other personal data that you voluntarily choose to provide to us

We do not intentionally collect sensitive category data, unless you provide us with such data. While there may be free text boxes on the site where you are able to enter any information, we do not intend to process sensitive information and you should therefore refrain from providing any such data. If you choose to provide any sensitive personal information in this manner, you acknowledge you consent to the collection and processing of this sensitive information.

  • Automatically collected information

When you visit our site, we collect certain personal data automatically from your device, such as your IP address, device type, unique device identification number, browser type, broad geographic location (e.g., country or city-level location) and other technical information. We may also collect information on how you and your device interacted with the content on our site e.g. links clicked, information accessed. We collect this information to gain better understanding of the visitors to our site, where they come from and what content on our sites is of interest to them. This information may further be used for analytics and quality purposes. Further information on how WeAreLIT uses automatically collected data, including cookies and other similar tracking technology, is explained in our Cookie Policy.

Our site also uses various social media plugins, please refer to section 4.6 for further information on their use.

5.2 Clients

When you engage us to provide services to you, we collect and use personal data for valid business purposes in the context of providing services to you. As part of any such service, WeAreLIT may also process personal data of individuals who are not directly our clients (for example, employees, customers or suppliers of our clients).

The majority of the personal data we collect and use to provide our services is supplied voluntarily by our clients. Where such data may concern individuals who are not WeAreLIT’s direct clients, we obtain a confirmation from our client confirming they have the authority to pass the data to us for lawful onward processing.

We process the following types of personal data:

    • Basic information, such as your name, the company you work for, your position and your relationship to a person
    • Contact information, such as your postal address, email address and telephone numbers
    • Financial information, including any information to facilitate payments between the parties
    • Any other personal data relating to you or other third parties which you provide to us for the purpose of receiving our services

We process personal data about our business contacts (e.g. existing, former or prospective customers, including any individuals employed by them and other business contact) in our Client Relationship Management (CRM) systems.

Our CRM systems provide support to the business and facilitate our marketing operations. WeAreLIT uses the information recorded on such systems to share with contacts information about WeAreLIT products, marketing materials, surveys and invitations to events, and for general customer relationship administration purposes.

We process the following categories of personal data in our CRM systems:

    • Name, job title, address, email address, phone and fax numbers
    • Name of employer or organisation the individual is associated with
    • Marketing preferences
    • Invitation responses and event attendance confirmations
    • Any other information voluntarily provided by in the course of our business relationship

We do not intentionally collect sensitive category data, unless you provide us with such data (for example, special dietary requirements which reveal your religious affiliation or any food allergies), if you attend one of our events. Collection of any such data will be subject to specific privacy notices, relevant to the event your are attending.

We process personal data about participants in events organised by WeAreLIT including meetings, conferences, learning sessions and webinars. We may use various applications and online platforms to manage event registration processes. Please take note of their own privacy notices and read them carefully when you provide your personal data for the purposes of event participation.

We process the following categories of personal data (to the extent they apply a specific event):

  • Name, age or date of birth
  • Client personnel information (home, office and business information)
  • Customer information (home, office and business information)
  • Email address
  • Gender
  • Home or other physical address
  • Names of employers
  • Role (job title)
  • Passport number
  • Telephone

We do not intentionally collect sensitive category data, unless you provide us with such data (for example, special dietary requirements which reveal your religious affiliation or any food allergies or other data relating to your health necessary to provide support to participants and facilitate their attendance in WeAreLIT. WeAreLIT may take photographs and audio or video recordings in public areas of the WeAreLIT events. Following the event, recordings may be further edited before they are published or distributed for marketing purposes.

5.5 Individuals who use our platforms and applications

We provide external users, including our clients and their end users, access to various applications managed by us such as our partner portal service or our online training service (Academy). Any personal data collected via these applications (e.g. name, email address, data and time of registration) is captured to provide the individuals with this service, verify their identity and to provide them with a secure log in to a protected web environment. It also enables WeAreLIT to provide access or deny access due to misuse of service. Any third party applications provided by WeAreLIT are subject to their own privacy notices, please familiarise yourself with their content and read them carefully when you use our platforms and applications.

Social media Channels

WeAreLIT uses various social media platforms for recruitment, marketing and business development purposes. We use social media to advertise recruitment opportunities with WeAreLIT and to promote products, services and brand related content.

Please note that while WeAreLIT is responsible for the content it publishes using social media platforms, WeAreLIT will not be responsible for the management and administration of any social media platforms. You should always familiarise yourself and read carefully any legal and privacy terms imposed by these social media platforms. If you have any questions on how the social media platform uses your data, you should contact the platform provider directly.

In some circumstances, WeAreLIT may obtained aggregated data from these social media platform providers, e.g. number of “likes” in response to WeAreLIT published content and posts, number of visitors who engage with our posts or information on links clicked and downloaded content.

Social media widgets are also implemented on our site e.g. specific button or logo which enables the site to establish a direct connection with the relevant social media platform server. As a result of such direct connection, the social media provider will be informed of the relevant page on our site which triggered such link. If you wish to prevent such sharing, you should review your settings within your social media accounts prior to visiting our website as WeAreLIT has no influence on how the data is collected using social media sites.

Our site uses the following social media plugins, widgets:

  • Twitter
  • Facebook
  • Instagram

Functions of the Twitter service have been integrated into our site. When you use Twitter and the “retweet” function, the websites you visit are connected to your Twitter account and made known to other users. If you are not yet logged into your Twitter account, clicking a Twitter button will show you the Twitter login page for you to enter your login credentials. In doing so, data will also be transferred to Twitter. We would like to point out that we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information, see Twitter’s privacy policy.

  • Facebook

Our site includes plugins for the social network, Facebook. The Facebook plugins can be recognized by the Facebook logo or by the like button on our sites. For an overview of Facebook plugins, click here.

When you visit our site, a direct connection between your browser and the Facebook server is established via the plugin. This enables Facebook to receive information that you have visited our site from your IP address. If you click on the Facebook “like button” while you are logged into your Facebook account, you can link the content of our site to your Facebook profile. This allows Facebook to associate visits to our site with your user account. If you are not yet logged into your Facebook account, clicking a Facebook button will show you the Facebook login page for you to enter your login credentials. Please note that we have no knowledge of the content of the data transmitted to Facebook or of how Facebook uses these data. For more information, please see Facebook’s privacy policy.

  • Instagram

Functions of the Instagram services have been integrated into our site. If you are logged into your Instagram account, you can click the Instagram button to link the content of our pages with your Instagram profile. This means that Instagram can associate visits to our pages with your user account. If you are not yet logged into your Instagram account, clicking an Instagram button will show you the Instagram login page for you to enter your login credentials. We expressly point out that we receive no information on the content of the transmitted data or its use by Instagram. For more information, see Instagram’s privacy policy.

  • YouTube

Our site uses plugins from YouTube, which is operated by Google. If you visit one of our pages featuring a YouTube plugin, it is a connection to the YouTube servers. Here, the YouTube server is informed about which pages you have visited and the videos from WeAreLIT You Tube channel that you have watched or engaged with.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. If you are not yet logged in, clicking a YouTube button will show you the YouTube login page for you to enter your login credentials.

For more information, see Google’s privacy policy.

  • LinkedIn and LinkedIn Lead Gen Forms

WeAreLIT uses LinkedIn Lead Gen Forms for WeAreLIT sponsored content, and sponsored LinkedIn InMail’s for recruitment, business development and marketing campaigns. Once LinkedIn members click on WeAreLIT advertisement, they will see a form that is pre-filled with information from their LinkedIn profile, such as their name, contact information, company name, seniority, job title and location. As soon as a LinkedIn member submits a lead form, they will be connected to WeAreLIT. Please click here for LinkedIn’s privacy policy.

Plugins are a quick and easy way to drop LinkedIn functionality into your website. Use the tools below to automatically generate JavaScript snippets to copy and paste directly to your sites. You may see the three below instances that LinkedIn can allow users and companies to connect with corporate profiles and business professionals.

Share

Follow Company

LinkedIn AutoFill

  • Google Maps

Our site uses the Google Maps map service via an application programming interface (API).

To use Google Maps, it is necessary to save your IP address. This information is generally translated to a Google server in the United States and stored there. We have no influence on this data transfer. For more information, see Google’s privacy policy.

5.7 Individuals who correspond with WeAreLIT via email

WeAreLIT uses a variety of tools to maintain the security of our IT infrastructure, including our email facilities. Examples of such tools are:

  • Systems that scan incoming emails to WeAreLIT recipients for suspicious attachments and URLs, in order to prevent malware attacks
  • Tools that provide end-point threat detection to detect malicious attacks
  • Tools that block certain content or websites

If you correspond via email with a WeAreLIT recipient, your emails will be scanned by the tools WeAreLIT operates to maintain the security of its IT infrastructure, which could result in content being read by authorised WeAreLIT personnel other than the intended recipient.

We process personal data for recruitment purposes, to facilitate the administration of our available employment opportunities and to match your skills, experience and education with specific roles offered by WeAreLIT. Any such data may be collected directly from the candidate or from other third parties, about the candidate.

In general terms, we collect the following types of personal data:

  • CVs/resumes
  • identification documents
  • academic records
  • work history
  • employment information and references.

This information is passed to the relevant hiring managers and persons involved in the recruitment process to decide whether to invite you for an interview. WeAreLIT will collect further information if you are invited to the interview (or equivalent) stage and onward. Such information includes interview notes, assessment results, feedback and offer details.

As part of our recruitment process, we may also collect special category data from candidates where we have an employment law obligation to do so. This information is relevant to their future working environment at WeAreLIT or the future provision of employment benefits, or with the individual’s explicit consent, where collecting such information is permitted by law.

Our recruitment tools and websites contain their own privacy notices explaining why and how personal data is collected and processed by those applications. We encourage individuals using our recruitment tools and websites to refer to the privacy notices available on those tools and websites.

5.9 Suppliers

We process personal data about our suppliers (including subcontractors, and individuals associated with our suppliers) in order to manage our relationship and contract, and to receive services from our suppliers.

The personal data we process is generally limited to contact information (name, name of employer, phone, email and other contact details) and financial information, including payment-related information.

5.10 Visitors to WeAreLIT offices

When you visit a WeAreLIT office, we process your personal data in order to provide you with certain facilities (such as access to our buildings and conference rooms or Wi-Fi), to control access to our buildings, and to protect our offices, personnel, goods and confidential information (for example, by using CCTV).

The personal data we collect is generally limited to your name, contact information, location, and the time you enter and leave our office.

  • Visitor records and access badges

We require visitors to our offices to sign in at reception and we keep that record of visitors for a short period of time. Visitors to our offices are provided with a temporary access badge to access our offices. Our visitor records will be used to verify that access badges are returned, to look into a security incident and for emergency purposes (for example, if an office needs to be evacuated).

  • Wi-Fi

We monitor and log traffic on our Wi-Fi networks. This allows us to see limited information about a user’s network behaviour, but will also include being able to see at least the source and destination addresses the user is connecting from and to.

  • CCTV

WeAreLIT uses CCTV monitoring where permitted by law. CCTV images are securely stored and only accessible on a need-to-know basis (for example, to look into an incident).

6. Purposes and legal grounds for processing

We limit the collection of personal data to only that which is absolutely necessary to carry out our legal or business obligations. In some cases however the provision of personal data may be partly required by law (e.g. tax regulations), is needed as part of contractual negotiations, or as part of providing a service.

Below, we describe:

  • the purposes we collect your personal data for and;
  • the legal basis that allows us to process your personal data
Type of Data Purposes for processing
Legal grounds for processing 
1. Visitors to wearelit.uk
  • To administer and manage our site, including to confirm and authenticate your identity, and prevent unauthorised access to restricted areas of our site
  • To personalise and enrich your browsing experience by displaying content that is more likely to be relevant and of interest to you
  • To analyse the data of visitors to our site
  • To determine the company, organisation, institution or agency that you work for or with which you are otherwise associated
  • To develop our business and services
  • To provide you with marketing communications
  • To conduct benchmarking and data analysis (for example, regarding usage of our site and demographic analyses of visitors of our site)
  • To understand how visitors use the features and functions of our site
  • To monitor and enforce compliance with applicable terms of use
  • To conduct quality and risk management reviews
  • Any other purpose for which you provided information to WeAreLIT
  • Our legitimate interest in the effective delivery of information and services to you, and the effective and lawful operation of our businesses
  • Our legitimate interest in developing and improving our site, and your user experience
  • Explicit consent of the visitor
2. Clients
  • To provide services to you
  • To administer our relationship and maintain contractual relations
  • For accounting and tax purposes
  • For marketing and business development
  • To comply with our legal and regulatory obligations
  • To establish, exercise or defend legal rights
  • For historical and statistical purposes
  • Performance of a contract
  • Our legitimate interest in the effective delivery of information and services to you, and the effective and lawful operation of our businesses
  • Our legitimate interest in fulfilling a contract between you and WeAreLIT
3. Contacts in our CRM systems
  • To provide you with information about our products and services
  • For marketing and business development 
  • To administer our relationship and maintain contractual relations
  • Explicit consent of the business contact
  • Our legitimate interest in managing the relationship with our business contacts and providing information about WeAreLIT, our services and events we organise.
4. Participants in WEARELIT events
  • To provide you with information about our products and services
  • For marketing and business development
  • To administer the participation in the event and its facilitation
  • Explicit consent of the participant
  • Our legitimate interest in organizing events and managing the registration process for such events.
  • Our legitimate interest in protecting our people, assets and information, and to prevent unauthorized people gaining access to off-site WeAreLIT events.
  • Our legitimate interest in providing information about WeAreLIT, our services and events we organise
5. Individuals who use our platforms and applications 
  • To administer our relationship and maintain contractual relations
  • To facilitate access to our platforms and applications
  • Our legitimate interest in the effective delivery of information and services to you, and the effective and lawful operation of our businesses
  • Our legitimate interest in fulfilling a contract between you and WeAreLIT
  • Explicit consent of the platform/application end user
6. Individuals who visit our social media sites, social media plugins and tools
  • To provide you with information about our products and services
  • For marketing and business development
  • For recruitment and to promote the WeAreLIT brand
  • Our legitimate interest in promoting WeAreLIT services and brand
  • Our legitimate interest in attracting, identifying and sourcing talent
  • Our legitimate interest to improve your website experience and to optimise our services
7. Individuals who correspond with WEARELIT via email
  • To provide you with a resolution of your query or request
  • For information security purposes
  • Our legitimate interest in protecting our IT infrastructure against unauthorised access or data leakage
  • Our legitimate interest in analysing email traffic
8. Job applicants
  • For recruitment and talent sourcing purposes
  • To facilitate selection and onboarding of job candidates 
  • To comply with our legal and regulatory obligations
  • To establish, exercise or defend legal rights
  • To administer your account throughout the application process including performance of any background checks, where applicable
  • For statistical purposes
  • Explicit consent of the candidate
  • Our legitimate interest in attracting, identifying and sourcing talent
  • Our legitimate interest to process and manage applications for roles at WeAreLIT, including the screening and selecting of candidates
  • Our legitimate interest to hire and onboard candidates by making an offer to successful candidates, and carrying out pre-employment screening checks
  • Our legitimate interest to manage our career websites (including conducting statistical analyses)

Compliance with a legal or regulatory obligation (when carrying out background checks to warrant a candidate is eligible to work)

9. Suppliers 
  • For management of our relationship and contract including administration of payments and debt recovery
  • To comply with our legal and regulatory obligations
  • To establish, exercise or defend legal rights
  • Performance of a contract
  • Compliance with a legal or regulatory obligation
  • Our legitimate interest in managing payments, fees and charges, and to collect and recover money owed to WeAreLIT

Our legitimate interest in safeguarding against WeAreLIT inadvertently dealing with the proceeds of criminal activities or assist in any other unlawful or fraudulent activities 

10. Visitors to WEARELIT offices
  • For administration of visitor access to WeAreLIT premises 
  • For protecting and safeguarding our premises, employees and information
  • To comply with our legal and regulatory obligations
  • To establish, exercise or defend legal rights
  • Our legitimate interest in protecting our offices, personnel, goods and confidential information
  • Our legitimate interest in preventing and detecting crime, and establishing, exercising and defending legal claims

7. How we share your personal data

We share your personal information with the following:

  • Our staff: Your personal data will be accessed by our staff but only where this is necessary for their job role.
  • Companies in the same group of companies as us: For the purpose of providing a service to you.
  • Partners and Dealers: For the purpose of answering queries you have about products and services not directly provided by WeAreLIT.
  • External service providers: WeAreLIT use external service providers to assist with, for example, information technology and other administrative support services. Our service providers are contractually bound to maintain appropriate levels of security and data protection
  • Law enforcement and regulatory agencies: if we are required to disclose or share your Personal Data in order to comply with any legal obligation or any regulatory requirement

8. Changes of Business Ownership and Control

We may transfer, sell or assign any of the information described in this Privacy Policy to third parties as a result of a sale, merger, consolidation, change of control, transfer of assets or reorganisation of our business. Where we are involved in a merger, acquisition or sales of assets, we will always process your data in line with your rights and freedoms and subject to confidentiality agreements between the parties.

9. Transfers of personal data

WeAreLIT operate in various locations across the globe. Some parts of our internal infrastructure are centralised which includes provision of information technology services. We may also transfer personal data to third parties (and their affiliates) which provide the above mentioned ancillary services to WeAreLIT group companies.

Therefore, your personal data will sometimes be transferred outside of the jurisdiction in which it was collected and stored. This includes countries outside of the European Economic Area (EEA) and the United Kingdom (UK). Where such a transfer is required, we put in place appropriate security and legal measures to safeguard the safety and security of personal data. WEARELIT as a WeAreLIT group company has implemented appropriate intragroup data transfer agreements, providing for a legally binding and enforceable commitment to protect any personal data within the WeAreLIT company group. Where personal data is transferred to a third party service provider, we also ensure legally binding contractual protections are in place, consistent with the GDPR and any other applicable data protection laws.

10. Your rights

You have the following rights in relation to your personal data:

    • To access the personal data held by WeAreLIT about you
    • To have your personal data corrected, for example, if it is incomplete or incorrect
    • To opt out of receiving marketing communications at any time
    • To restrict or object to the processing of personal data or request erasing personal data (in certain circumstances and subject to applicable law)
    • To receive a copy of the personal data which you have provided to WeAreLIT, in a structured, commonly used and machine-readable format (known as “data portability”), subject to applicable laws
    • Where you have provided personal data voluntarily, or otherwise consented to its use, the right to withdraw your consent
    • The right to complain to a data protection authority

To exercise your rights to any of the above or to lodge a complaint about an alleged breach of data protection law, please contact us via [email protected]

11. Security

WeAreLIT has implemented appropriate organisational and technical controls to protect the confidentiality and security of information it obtains in the course of its business. Access to such information is limited, and policies and procedures are in place that are designed to safeguard the information from loss, misuse and improper disclosure.

12. Retention

Our policy is to retain personal data only for as long as it is needed for the purposes described in the section 5 of this Privacy Policy “Purposes and legal grounds for processing”. Note that retention periods vary in different jurisdictions and are set in accordance with local regulatory and professional retention requirements.

13. Updates to this Policy

We may update this privacy policy from time to time to reflect changes in the way we process personal data (e.g. if we implement new systems or processes that involve the new uses of personal data) or to clarify information we have provided in this notice. Our changes will be in accordance with applicable data protection laws.

We recommend that you check for updates to this notice from time to time but we will notify you directly about changes to this notice or the way we use your personal data when we are legally required to do so.