CPM United Kingdom Limited, CPM Group and our CPM branded partners including Axis, Hyphen, Shopt and TPN (“we”, “us” or “our”) respect your privacy. We are committed to safeguarding your privacy and protecting your information against unauthorized use.
1 WHO PROCESSES YOUR PERSONAL DATA?
This Policy applies to the processing of personal data by CPM United Kingdom Limited, CPM France, CPM Ireland, CPM Italy, CPM Benelux, CPM International Contact Centre, CPM Germany, CPM Switzerland, *Shopt, Hyphen and Axis and to the extent any other non-European CPM entities that are subject to the GDPR.
For the purpose of this Policy and the GDPR, to the extent any of the above entities process your personal data in connection with use cases identified in this Policy, each will be considered a “data controller” of your personal data. Please note that in some cases we may carry out the activities referred to in this Policy in our capacity as a data processor acting on behalf of our clients. We have made this distinction clear in the Policy.
2 PURPOSE OF THIS POLICY
This Policy explains our approach to any personal data that we might collect from you using this website (the “Site”) and any personal data about you we might collect/process in other situations or interactions with us, and the purposes for which we process your personal data.
This Policy also sets out your rights in respect of our processing of your personal data.
This Policy will inform you of the nature of the personal data about you that is processed by us and how you can request that we delete, update, transfer and/or provide you with access to it or otherwise object to our processing of it for a specific purpose. This Policy is intended to assist you in making informed decisions when using the Site or otherwise providing personal data to us or in other situations where we may process your personal data.
3 HOW TO CONTACT US?
4 TYPE OF PERSONAL DATA WE COLLECT/PROCESS
When we talk about personal data we mean any information which relates to an identified or identifiable living individual. Individuals might be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address) or to other factors that are specific to them, such as their physical appearance. Categories of personal data we may collect and process about you include:
5 HOW WE USE PERSONAL DATA?
Our primary goal in collecting personal information from you is to:
We set out in more detail below the specific ways in which we may use your personal data
All Service Enquiries. For more information click here
Client Administration. For more information click here
Recruitment. For more information click here
Marketing communications. For more information click here
Contact Databases click here
Business administration and legal compliance. For more information click here
Visiting our premises. For more information click here
6 SHARING YOUR PERSONAL DATA
Please note, the types of third parties we share your personal data with set out above is non-exhaustive and there may be circumstances where we need to share personal information with other third parties in order to operate our Sites and to provide our services.
We may share your personal information with any of our group affiliates, or with our agents, partners, clients, contractors, professional advisors or government or regulatory bodies for the following purposes: (a) provide our services to clients or otherwise receive assistance in processing transactions; (b) fulfilment of requests for information, receiving and sending communications, updating marketing lists, analysing data; (c) provision of IT and other support services; (d) to facilitate the operation and effective management of our group of businesses; (e) comply with a legal obligation or in connection with a legal claim or dispute or to otherwise protect our legal rights; (f) assistance in other ancillary to the operation of tasks, from time to time. Our agents, partners and contractors will use your information to the extent necessary to perform their functions.
We will not sell your personal information to other companies and we will not share it with other companies for them to use without your consent, except in the circumstances listed above or in connection with the sale or merger of CPM United Kingdom Limited or the division or office responsible for the services.
We will notify you of any other circumstances where we would share your information on a case by case basis.
7 DATA TRANSFERS OUTSIDE OF THE EEA
We may transmit personal data outside the EEA to certain categories of third parties (as listed above in HOW WE USE PERSONAL DATA and more specifically to our Parent Company Omnicom in the US or in other locations globally.
In particular when transferring your personal data outside the EEA, we will ensure that, where required by applicable law, at least one of the following safeguards is implemented: (1) we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; (2) where we use certain service providers, we may use specific contracts approved by the European Commission referred to as the “model clauses” which give personal data the same protection it has in Europe; or (3) where we have partners or suppliers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
8 HOW DO WE OBTAIN YOUR CONSENT?
Where our use of your personal information requires your consent, you can provide such consent:
Where our use of your personal information requires your consent, you can provide such consent:
Every time a user visits our Site, web analytics software provided by a third party generates an anonymous analytical cookie. These cookies can tell us whether or not you have visited the Site before. Your browser will tell us if you have these cookies, and if you don’t, we generate new ones. This allows us to track how many individual unique users we have, and how often they visit the Site. Unless you have previously downloaded content or subscribed to one of our newsletters on our Site, these cookies cannot be used to identify individuals, they are used for statistical purposes only. If you have previously subscribed or downloaded content from our site, we will know the details you gave us for this, such as name and email address.
Cookies used include:
The expiration date is varying on different analytics tools between 1 and 3 years
User data tied to cookies and advertising IDs is also used to detect and prevent ad fraud and ensure that users don’t see ads that they’ve blocked in the past. In these cases, or in cases where Google stores this data on behalf of its customers (e.g. in Google Analytics), data may be stored for periods longer than those specified above.
SOCIAL MEDIA COOKIES
Social Media providers use electronic tools including ‘Cookies’, ‘Social Plugins’ and ‘Tracking Pixels’ to track your browsing habits, likes and social interactions across the internet in order to build up a profile about you. We enable these on our site to facilitate social sharing.
The expiry date for Twitter and LinkedIn cookies is 30 days and 90 days for Facebook cookies.
11 OPT OUT AND UNWANTED COMMUNICATIONS
To opt-out of any future promotional or marketing communications or any other commercial communications from us, you should send a request to us at the contact information in the section entitled contact details.
12 THIRD PARTY LINKS AND SERVICES
13 HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION FOR?
We hold your personal information only as long as we have a valid legal reason to do so, which includes providing you with the services you have requested, meeting our legal and regulatory obligations, resolving disputes and enforcing our agreements.
The length of time for which we keep different types of personal information can vary, depending on why we originally obtained them, the reason we process them and the legal requirements that apply to them.
If any personal data is only useful for a short period (e.g. for a specific marketing campaign or in relation to recruitment), we will delete it at the end of that period. Please note that if you are an unsuccessful candidate we may keep your information for a short period.
If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list so that we know not to send you further marketing communications in the future.
14 CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL INFORMATION
We are committed to keeping the personal information you provide to us secure and we will take reasonable precautions to protect your personal information from loss, misuse or alteration. For more information click here
15 HOW TO ACCESS YOUR INFORMATION AND YOUR OTHER RIGHTS?
You have the following rights in relation to the personal information we hold about you:
Your right of access. For more information click here
Your right to rectification. For more information click here
Your right to erasure. For more information click here
Your right to restrict processing. For more information click here
Your right to data portability. For more information click here
Your right to object. For more information click here
Your rights in relation to automated decision-making and profiling. For more information click here
Your right to withdraw consent. For more information click here
Your right to lodge a complaint with the supervisory authority. For more information click here
16 ENFORCEMENT RIGHTS AND MECHANISMS
We will ensure that this Policy is observed and duly implemented. Violations of the applicable data protection legislation in the EEA may lead to penalties and/or claims for damages.
If at any time you believe that your personal data has been processed in violation of this Policy, or if you have any inquiries or complaints about the use or limitation of use of your personal data, you may contact the relevant individuals in CONTACT DETAILS section:
Please note that if you have a complaint about our privacy practices, you may contact your local EU Data Protection Authority (“DPA”). We are committed to cooperating with DPAs and to comply with their dispute resolution procedures in cases of complaints. We are also committed to complying with any regulations or guidelines that DPAs may issue from time to time in accordance with EEA and Member State data protection legislation. We undertake to register and/or keep our registration updated as a data controller and/or processor in all jurisdictions where we maintain entities in the EEA.