The Association of Circulation Executives (ACE) is a not-for-profit organisation trade association that has as our members professionals from the field of newspaper and magazine publishing, news wholesaling, distribution, services and retailing.
At ACE we host numerous events and educational programmes. Attendees at our events are usually a combination of ACE members and their guests, or non-member participants
We promise to respect your privacy and look after the personal data you share with us both directly and that which we may get from other organisations.
We will keep it safe and will not share it with third parties unless they are contracted to work for us to deliver a specific service for your benefit, we have your consent to do so, or we are required to do so by Law or Court Order. ACE are committed to protecting and respecting the confidentiality, integrity and security of personal information about individuals whose data we hold.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us, and how ACE complies with its responsibilities under applicable data protection laws.
For the purposes of the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679) (together, the data protection legislation), ACE is the data controller of your personal data.
What we collect
We may collect and process the following information about you:
Information from you
You may give us information about you by:
- registering on the ACE website
- attending events
- booking an event
- attending meetings
- participating in the ACE Empower (educational) programme
- entering an award
- giving your details for a prize draw at an event
- calling us on the phone
- writing to us
- giving us your business card
We may collect the following information from you:
- telephone number
- e mail address
- your employer
- a work biography
- if attending an event our official photographer may take an individual or group photograph
- if attending an event, any specific dietary requirements
- if attending an event, any specific access requirements
Photographs at events
When attending an ACE event our official photographer may take an individual or group photograph of attendees during the course of an event. In the case of our awards events, photographs of winners and entrants will be taken. These may be posed or non-posed photographs and will not be used out of context for the specific event.
We will notify attendees the identity of the photographer and how photographs will be used and that attendees should make themselves known if they do not want to appear in any photographs.
Photographs from events will be made available via this website.
Information from other sources
From time to time we may receive your name and contact information from a third-party source, including, but not restricted to, your employer, an existing member or board member. This is likely to be in those instances where you are being recommended for membership, i.e. you are a potential member
The third party may give us information about you using our online contact forms via the ACE website.
We will promptly notify anyone whose data we receive from third-parties that we are processing that data.
What we do with the information we collect
If you are a member, award entrant, member company booking contact or a delegate on the ACE Empower programme, we may use information you provide to us to:
- update you on organisational topics regarding Ace itself;
- provide you with access to our Flickr photograph album portfolio
- send you a copy of our email newsletter;
- inform you of networking events, lunches, education programmes and meeting opportunities;
- invite you to participate in and/or book places at ACE events
- invite you to submit entries for awards events
- invite you to enter competitions to win guest places at ACE events.
Furthermore, if you attend an ACE event we will:
- Share your name with the venue to allow an orderly seating plan to be operational;
- Share your specific dietary needs or access needs with a venue
- Share any specific access requirements with a venue
Our lawful basis for processing
For all ACE members, data is collected, stored and used on the basis of legitimate interests, to fulfil the reasonable expectations of the individuals and also the firms by whom they are employed.
Where you provide personal information to us, for example participating at an event, you will be asked if you consent to us adding you to our distribution list for our email newsletter. If you give your consent, our lawful basis for processing your personal information for that purpose is consent.
What rights you have over your data
By law you have a number of rights in relation to your personal data. Further information and guidance about your rights and how to exercise them can be obtained from the office of the Information Commissioner (ICO).
The right to be informed – You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this policy.
The right of access – If we are processing your personal data, you have a right to have access to what we hold.
You may request to view records held about you at any point by making a request in writing to us at firstname.lastname@example.org This request will be responded to within 30 working days. If we require more time to respond fully to any request, we will notify you in writing within the 30-day period referred to. Any additional copies of any information we provide to you may be subject to a reasonable fee.
The right to rectification – You have the right to have your information corrected if it is inaccurate or incomplete.
The right to erasure – This is also called the right to be forgotten. It enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep it. This is not a general right; there are exceptions.
The right to restrict processing – You have the right to block or supress further use of your information. When processing is restricted we can still store your information but may not use it further. We will keep a list of people who have asked for further use of their information to be blocked to make sure the restriction is respected.
The right to data portability – You have the right to obtain and reuse your personal data for your own purposes across different services.
The right to object – You have the right to object to certain types of processing, including where we process your data for direct marketing purposes.
Rights in relation to automated decision making and profiling – This relates to your rights in the event that your personal data is used to automatically profile you in some way. ACE do not undertake automated decision making or profiling.
In addition, even if you have given ACE consent to use your personal data you may withdraw that consent at any time by:
- contacting us via the contact form on ace.co.uk
- clicking the unsubscribe link at the bottom of any newsletter we send to you; or
- emailing us at email@example.com
- amending or updating your personal profile on ace.co.uk
Accuracy of personal data
ACE will aim to ensure that personal data we hold about you is accurate and kept up-to-date. If you believe that any information we are holding about you is inaccurate, out-of-date or incomplete, please notify us at firstname.lastname@example.org as soon as possible. We will correct or delete any information found to be incorrect without undue delay.
We have put in place what we consider to be appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where we store your personal data
Data held on our Website is located on secure servers in the United Kingdom.
As at the date of this policy, we hold some of your personal data on MailChimp and Survey Monkey. Both organisations are certified to the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield Framework.
Disclosure and sharing of your personal data
We may disclose personal data to third parties for the purposes of your attendance at an event, professional advice, portal development/support, or for any other purposes specifically permitted by the Data Protection Laws or for any other purpose which you may authorise.
We may also disclose personal data we hold to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
To the extent we transfer any personal data to any third party, we will only do so if that third party agrees to put in place appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, the personal data.
Transferring personal data outside the EEA
We may transfer personal data we hold about you to a country outside the European Economic Area (“EEA“) where we engage suppliers located in jurisdictions outside the EEA.
If we transfer any data to any other jurisdiction outside the EEA, we will provide you with details of the country to which data is being transferred, along with details of the measures we have put in place to protect it (which you may see a copy of, on request).
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe;
- where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Retention of personal data
ACE will destroy member or participants records two (2) years after they cease to be a member or participant.
ACE will retain records of potential members for 1 year, after which they will be destroyed.
We will take all reasonable steps to destroy, or erase from our systems, all personal data which is no longer required.
Please note that you may contact us at any time at email@example.com and ask for your details to be erased (please refer to the section headed “Your Rights” above). We may not be able to continue to provide you with our services in the event you request that your details are removed.
Changes to this policy
We may make changes to this data protection policy at any time. Any changes we make will be notified to you in writing.
If you have any queries about this policy or your data, or you wish to submit an access request or raise a complaint about the way your personal information has been handled, please do so in writing to Ace, 1 Shirley Cottages, Woodbury Park Road, Tunbridge Wells TN4 9NL, or, by email to firstname.lastname@example.org
If you are not satisfied with our response to any queries or complaints you raise with us or believe we are not processing your personal data not in accordance with the Data Protection Law’s you can complain to the Information Commissioner’s Office (https://ico.org.uk/).