Privacy Policy

Risk Leadership Network is a global membership network for risk managers.

Risk Leadership Network is operated by Gambit Media Limited. Gambit Media Limited’s company registration number is 12155167 and its registered office address is Jubilee House, 92 Lincoln Road, Peterborough, England, PE1 2SN.

Introduction

This privacy notice (Privacy Notice) sets out how Gambit Media Limited processes your personal data only within the scope of operating the Risk Leadership Network, your use of this website and the Risk Leadership Network services.  

Personal data is information about individuals or information from which individuals can be identified (personal data). 

Gambit Media Limited will be the controller of your personal data. "Controller" is a legal term which means that we determine the purposes for which and the ways in which your personal data is used. As a controller we have registered with the Information Commissioner's Office (ICO) in the UK and our registration number is ZA627791.

How does Gambit Media Limited collect your personal data?

We collect personal data directly from you when you provide it to us when signing up to our services.  We also collect your personal data through third party service providers, for example, HubSpot, LinkedIn and Zoom.  Finally, we also collect some personal data about you from payment processors (such as Integral2) for Membership payments. 

What personal data does Gambit Media Limited collect?

We may collect the personal data listed in the Schedule at the end of this Privacy Notice. 

We may also receive detailed information with regards to your behavioural patterns, including in connection with your email communications relevant to our services and your use of our services. For more information on this please visit https://knowledge.hubspot.com/contacts/hubspots-default-contact-properties.  

We may also collect personal data about you that is available in the public domain. 

How does Gambit Media Limited use your personal data? 

The following is a list of the purposes for which we process your personal data, and the lawful basis on which we carry out such processing:

Purpose

Lawful Basis

To set-up, administer and manage your account with us

Necessary for the performance of a contract

To complete security checks 

Consent 

To take payment from you, fulfill orders and produce invoices for you

Necessary for the performance of a contract

To make event related information available to you

Necessary for the performance of a contract

To facilitate the sharing of knowledge and expertise within the Risk Leadership Network and the communication between its members 

Consent 

To track the location of your device to provide tailored recommendations

Legitimate interests of ensuring our services and website are as useful as possible

To seek your views on our products, services and events

Consent

To conduct market research 

Legitimate interests of better understanding our customers areas of interest and the services they find most useful

To deliver personalised advertising communications to you

Legitimate interests of promoting our offerings

To send out marketing about our goods and services, including information about events 

Legitimate interests of promoting our offerings

To respond to communications, including customer support queries 

Consent 

To record and analyse customer communications for training purposes 

Legitimate interests of improving our customer service 

To send you service messages and updates about our website and services 

Necessary for the performance of a contract

To undertake profiling with a view to suggesting products or services that are relevant to you and understand the likelihood of you becoming a member

Legitimate interests of understanding our customer basis 

To prepare and analyse statistics relating to the use of our website and services by you and other customers, to investigate complaints and to seek and analyse feedback 

Legitimate interests of ensuring our services and website are as enjoyable as possible

To run our everyday operations, e.g. communications between employees in connection with the provision of our services

Legitimate interests of running our business 

To administer and protect our business and the website including troubleshooting, data analysis and system testing

Legitimate interests of running our business, provision of administration and IT services, including network security

To administer a sale of the whole of or part of our business or the restructuring of our business

Legitimate interests of completing any such transaction or restructuring

To consider any job applications we may receive 

Consent


We may also process your personal data (a) to comply with a legal obligation we are under; and (b) for additional purposes in the future, but only if such purposes are compatible with those listed above and if we believe that the same lawful basis applies.

We also collect cookies. More information on how we use cookies can be found at [www.riskleadershipnetwork.com/cookie-policy]. 

When does Gambit Media Limited disclose your personal data? 

We may disclose your personal data to other parties. Such parties may include companies that process data in and/or are incorporated in territories outside of the EEA and which do not provide the same level of protection to personal data as countries subject to the GDPR (international processors).  

Third party processors we may share your personal data with include:

  • Integral2
  • HubSpot 
  • Publish Interactive 
  • Zoom

When we transfer personal data to processors within the EU, we do so on the basis of Article 28, General Data Protection Regulation ((EU) 2016/679) (GDPR) compliant terms. 

When we disclose your personal data to international processors, we do so on the basis of their registration with the Privacy Shield Framework (https://www.privacyshield.gov/welcome) or other appropriate safeguards for the purposes of the GDPR (https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-transfers/), including standard contractual clauses approved by the European Commission which can be found at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.

We may transfer your personal data to third parties in the context of a sale or possible sale of the whole of or part of our business or the restructuring of our business.

We may also disclose your personal data to law enforcement agencies in order to assist with any investigations, when we bring a claim or defend ourselves against a claim that requires the disclosure of the personal data, and when we engage professional advisors.  

Except as specifically provided in this Privacy Notice, we will never sell or rent your personal data to third parties.  

We will not share your personal data with third parties for marketing purposes without your consent.

How long does Gambit Media Limited keep your personal data?

We will retain your personal data for the following purposes and retention periods.

Purpose

Retention period 

User profile 

After 3 years of being inactive 

Marketing

After 3 years of being inactive

Payment logs for the processing of subscription orders

After 3 years of being inactive

Future employment opportunities with us when a job application has been unsuccessful

2 years

Potential claims

7 years


If you unsubscribe from our marketing communications, we will maintain a record of your unsubscribe request and associate it with your email address to ensure you do not receive future communications. 

Your communications preferences

We would love to stay in touch with you, but we completely understand if you do not want to receive communications from us via email. You are able to select your choices for communication when you sign up to our mailing list or purchase a product from us. Additionally, we always offer an unsubscribe option at the bottom of every email you receive from us and you’re welcome to use it to change your email preferences.

Your Rights

You have the following rights under data protection legislation. If you have any questions about your rights, or you wish to exercise any of these rights, please email tim.whitehouse@riskleadershipnetwork.com

We may require you to provide forms of identity should you wish to exercise one of your rights below.

Access: You are entitled to confirmation that we process your personal data and a copy of such personal data.  

Rectification: If the personal data we hold on you is incorrect, you have the right for this to be rectified. You may also update your personal data through your account settings. 

Erasure: You can request us to erase your personal data where there is no compelling reason to continue processing. 

Restriction: You may request a restriction on the processing we undertake on your personal data.  This will only apply where we have no lawful basis to process your personal data, your personal data is inaccurate or to comply with an objection request (see below).

Objection: You may object to our processing of your personal data if our processing is carried out on the basis of legitimate interests. Please note, however, that should we determine that our interests are so compelling as to override your objection we may continue to process your personal data.  

You may object to receiving direct marketing at any time.  

Portability: You have the right to receive some of your personal data in machine readable format.  This right extends to you being able to request that such data is sent to a third party controller.

Withdrawing consent: If the lawful basis we rely on to process your personal data is consent you have the right to withdraw this consent. Please email us at tim.whitehouse@riskleadershipnetwork.com to withdraw consent for the processing of your personal data. 

Complaining to a supervisory authority: Further information about your rights can also be obtained from your national data protection regulator – in the UK, this is the ICO (https://ico.org.uk/).  If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with your national data protection supervisory authority, although we would ask that you contact us in the first instance.  

Your right to be informed: You can contact us to find out more or to ask any questions you may have about our use of your personal data.

Personal data we collect

Type of personal data

Method of collection

Salutation 

Directly from you or through third party services 

Full name

Directly from you or through third party services 

Email address

Directly from you or through third party services 

Email domain

Third party services

Password

Directly from you 

Order ID

Autogenerated 

Billing address

Directly from you

Phone numbers 

Directly from you or through third party services

Fax number

Third party services

Preferred language

Third party services

City, state, region

Directly from you or through third party services

Country

Directly from you or through third party services

Postal code

Third party services

Job title

Directly from you or through third party services

Job function 

Directly from you or through third party services

Seniority level  

Directly from you or through third party services

Organisation

Directly from you or through third party services

Associated organisation

Third party services

Organisation type

Directly from you or through third party services

Organisation sector

Directly from you or through third party services

Number of employees of organisation

Directly from you or through third party services

Annual revenue of organisation

Directly from you or through third party services

Industry 

Third party services

Area of risk expertise

Third party services

Area of risk interest

Third party services

Position as an influencer of purchase decisions or responsibility to make purchase decisions 

Third party services

Subscriptions to information services

Third party services

Website URL

Third party services

Opt-in/opt-out of marketing updates

Third party services

IP address

Third party services

Fax number

Third party services

Location of device

Third party services

Device model and operating system

Third party services

Device ID

Third party services

Changes to this Privacy Notice

We keep this Privacy Notice under regular review. This Privacy Notice was last updated on 16 January 2020.