Privacy Policy
Risk Leadership Network is a global membership network for risk managers.
Risk Leadership Network is operated by Gambit Media Limited. Gambit Media Limited’s company registration number is 12155167 and its registered office address is Jubilee House, 92 Lincoln Road, Peterborough, England, PE1 2SN.
Introduction
This privacy notice (Privacy Notice) sets out how Gambit Media Limited processes your personal data only within the scope of operating the Risk Leadership Network, your use of this website and the Risk Leadership Network services.
Personal data is information about individuals or information from which individuals can be identified (personal data).
Gambit Media Limited will be the controller of your personal data. "Controller" is a legal term which means that we determine the purposes for which and the ways in which your personal data is used. As a controller we have registered with the Information Commissioner's Office (ICO) in the UK and our registration number is ZA627791.
How does Gambit Media Limited collect your personal data?
We collect personal data directly from you when you provide it to us when signing up to our services. We also collect your personal data through third party service providers, for example, HubSpot, LinkedIn and Zoom. Finally, we also collect some personal data about you from payment processors (such as Integral2) for Membership payments.
What personal data does Gambit Media Limited collect?
We may collect the personal data listed in the Schedule at the end of this Privacy Notice.
We may also receive detailed information with regards to your behavioural patterns, including in connection with your email communications relevant to our services and your use of our services. For more information on this please visit https://knowledge.hubspot.com/contacts/hubspots-default-contact-properties.
We may also collect personal data about you that is available in the public domain.
How does Gambit Media Limited use your personal data?
The following is a list of the purposes for which we process your personal data, and the lawful basis on which we carry out such processing:
Purpose |
Lawful Basis |
To set-up, administer and manage your account with us |
Necessary for the performance of a contract |
To complete security checks |
Consent |
To take payment from you, fulfill orders and produce invoices for you |
Necessary for the performance of a contract |
To make event related information available to you |
Necessary for the performance of a contract |
To facilitate the sharing of knowledge and expertise within the Risk Leadership Network and the communication between its members |
Consent |
To track the location of your device to provide tailored recommendations |
Legitimate interests of ensuring our services and website are as useful as possible |
To seek your views on our products, services and events |
Consent |
To conduct market research |
Legitimate interests of better understanding our customers areas of interest and the services they find most useful |
To deliver personalised advertising communications to you |
Legitimate interests of promoting our offerings |
To send out marketing about our goods and services, including information about events |
Legitimate interests of promoting our offerings |
To respond to communications, including customer support queries |
Consent |
To record and analyse customer communications for training purposes |
Legitimate interests of improving our customer service |
To send you service messages and updates about our website and services |
Necessary for the performance of a contract |
To undertake profiling with a view to suggesting products or services that are relevant to you and understand the likelihood of you becoming a member |
Legitimate interests of understanding our customer basis |
To prepare and analyse statistics relating to the use of our website and services by you and other customers, to investigate complaints and to seek and analyse feedback |
Legitimate interests of ensuring our services and website are as enjoyable as possible |
To run our everyday operations, e.g. communications between employees in connection with the provision of our services |
Legitimate interests of running our business |
To administer and protect our business and the website including troubleshooting, data analysis and system testing |
Legitimate interests of running our business, provision of administration and IT services, including network security |
To administer a sale of the whole of or part of our business or the restructuring of our business |
Legitimate interests of completing any such transaction or restructuring |
To consider any job applications we may receive |
Consent |
We may also process your personal data (a) to comply with a legal obligation we are under; and (b) for additional purposes in the future, but only if such purposes are compatible with those listed above and if we believe that the same lawful basis applies.
We also collect cookies. More information on how we use cookies can be found at [www.riskleadershipnetwork.com/cookie-policy].
When does Gambit Media Limited disclose your personal data?
We may disclose your personal data to other parties. Such parties may include companies that process data in and/or are incorporated in territories outside of the EEA and which do not provide the same level of protection to personal data as countries subject to the GDPR (international processors).
Third party processors we may share your personal data with include:
- Integral2
- HubSpot
- Publish Interactive
- Zoom
When we transfer personal data to processors within the EU, we do so on the basis of Article 28, General Data Protection Regulation ((EU) 2016/679) (GDPR) compliant terms.
When we disclose your personal data to international processors, we do so on the basis of their registration with the Privacy Shield Framework (https://www.privacyshield.gov/welcome) or other appropriate safeguards for the purposes of the GDPR (https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-transfers/), including standard contractual clauses approved by the European Commission which can be found at: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
We may transfer your personal data to third parties in the context of a sale or possible sale of the whole of or part of our business or the restructuring of our business.
We may also disclose your personal data to law enforcement agencies in order to assist with any investigations, when we bring a claim or defend ourselves against a claim that requires the disclosure of the personal data, and when we engage professional advisors.
Except as specifically provided in this Privacy Notice, we will never sell or rent your personal data to third parties.
We will not share your personal data with third parties for marketing purposes without your consent.
How long does Gambit Media Limited keep your personal data?
We will retain your personal data for the following purposes and retention periods.
Purpose |
Retention period |
User profile |
After 3 years of being inactive |
Marketing |
After 3 years of being inactive |
Payment logs for the processing of subscription orders |
After 3 years of being inactive |
Future employment opportunities with us when a job application has been unsuccessful |
2 years |
Potential claims |
7 years |
If you unsubscribe from our marketing communications, we will maintain a record of your unsubscribe request and associate it with your email address to ensure you do not receive future communications.
Your communications preferences
We would love to stay in touch with you, but we completely understand if you do not want to receive communications from us via email. You are able to select your choices for communication when you sign up to our mailing list or purchase a product from us. Additionally, we always offer an unsubscribe option at the bottom of every email you receive from us and you’re welcome to use it to change your email preferences.
Your Rights
You have the following rights under data protection legislation. If you have any questions about your rights, or you wish to exercise any of these rights, please email tim.whitehouse@riskleadershipnetwork.com.
We may require you to provide forms of identity should you wish to exercise one of your rights below.
Access: You are entitled to confirmation that we process your personal data and a copy of such personal data.
Rectification: If the personal data we hold on you is incorrect, you have the right for this to be rectified. You may also update your personal data through your account settings.
Erasure: You can request us to erase your personal data where there is no compelling reason to continue processing.
Restriction: You may request a restriction on the processing we undertake on your personal data. This will only apply where we have no lawful basis to process your personal data, your personal data is inaccurate or to comply with an objection request (see below).
Objection: You may object to our processing of your personal data if our processing is carried out on the basis of legitimate interests. Please note, however, that should we determine that our interests are so compelling as to override your objection we may continue to process your personal data.
You may object to receiving direct marketing at any time.
Portability: You have the right to receive some of your personal data in machine readable format. This right extends to you being able to request that such data is sent to a third party controller.
Withdrawing consent: If the lawful basis we rely on to process your personal data is consent you have the right to withdraw this consent. Please email us at tim.whitehouse@riskleadershipnetwork.com to withdraw consent for the processing of your personal data.
Complaining to a supervisory authority: Further information about your rights can also be obtained from your national data protection regulator – in the UK, this is the ICO (https://ico.org.uk/). If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with your national data protection supervisory authority, although we would ask that you contact us in the first instance.
Your right to be informed: You can contact us to find out more or to ask any questions you may have about our use of your personal data.
Personal data we collect
Type of personal data |
Method of collection |
Salutation |
Directly from you or through third party services |
Full name |
Directly from you or through third party services |
Email address |
Directly from you or through third party services |
Email domain |
Third party services |
Password |
Directly from you |
Order ID |
Autogenerated |
Billing address |
Directly from you |
Phone numbers |
Directly from you or through third party services |
Fax number |
Third party services |
Preferred language |
Third party services |
City, state, region |
Directly from you or through third party services |
Country |
Directly from you or through third party services |
Postal code |
Third party services |
Job title |
Directly from you or through third party services |
Job function |
Directly from you or through third party services |
Seniority level |
Directly from you or through third party services |
Organisation |
Directly from you or through third party services |
Associated organisation |
Third party services |
Organisation type |
Directly from you or through third party services |
Organisation sector |
Directly from you or through third party services |
Number of employees of organisation |
Directly from you or through third party services |
Annual revenue of organisation |
Directly from you or through third party services |
Industry |
Third party services |
Area of risk expertise |
Third party services |
Area of risk interest |
Third party services |
Position as an influencer of purchase decisions or responsibility to make purchase decisions |
Third party services |
Subscriptions to information services |
Third party services |
Website URL |
Third party services |
Opt-in/opt-out of marketing updates |
Third party services |
IP address |
Third party services |
Fax number |
Third party services |
Location of device |
Third party services |
Device model and operating system |
Third party services |
Device ID |
Third party services |
Changes to this Privacy Notice
We keep this Privacy Notice under regular review. This Privacy Notice was last updated on 16 January 2020.