Privacy Policy

(Updated November 2020)

Introduction

This policy covers the processing of personal data by Future plc, whose registered address is at Quay House, The Ambury, Bath, BA1 1UA, and its associated group companies (“Future”, “we” or “us”). Future is committed to protecting the privacy of your personal information whilst striving to provide the very best user experience. We want our websites to be safe and enjoyable for everyone.

Under the General Data Protection Regulation (GDPR) and related laws, we have a legal duty to protect the personal information we collect from you. GDPR says that ‘personal data’ is any information relating to a living individual who can be identified, either directly or indirectly, from that information. This could include your name, email address, postal address or telephone number, or information collected online and used to identify you.

For the purposes of GDPR, the ‘Data Controller’ for all Future services based in the UK is Future Publishing Limited. For all services based in the United States, the Data Controller is Future US, Inc, and in Australia it is Future Publishing (Overseas) Limited. As Data Controller we are responsible for, and control, the processing of your personal data for the purposes of Future’s services.
We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any comments, concerns or questions, including any requests to exercise your legal rights, you can contact our DPO.

We encourage you to read this policy in full but please click on the links below for a shortcut to the following sections:
Contact details
What data do we collect and how do we use it?
What lawful bases do we rely on for processing?
Who may we share your data with?
What data is collected on our websites?
Links to other websites
Storage and retention of data
Security
Protecting children’s privacy
Your rights
California Privacy Rights
Website notifications (pop-ups) and opt out instructions
Policy changes
Further information

Contact details

Future’s Data Protection Officer can be contacted:
By email: DPO@futurenet.com
By telephone: +44 (0)1225 442244
By post: Data Protection Enquiries, Future Publishing Limited, Quay House, The Ambury, Bath, BA1 1UA

What data do we collect and how do we use it?

Information you provide to us When you participate in, access, purchase or sign up to any of our services, activities or online content, such as magazine subscriptions, newsletters, surveys, competitions or events, we receive personal information about you which we use to provide these services. This may consist of data such as your name, email address, postal address and telephone number. You will be able to select how we use your information for marketing purposes and you can update your marketing preferences at any time.
Ordering a product
or service from us
If you order a product or service from us, you will need to provide certain personal details, including payment information, so the order can be fulfilled. In some cases, we will use or direct you to a third party which will collect this information from you and fulfill your order. For example, if you order a subscription to our publications, you may be able to access those products through a digital newsstand such as Apple Newsstand.
Attending an event If you attend one of our events, awards or conferences we may receive personal information about you, including your name and contact details and any dietary and accessibility requirements.
Content you share with us When you choose to share comments, photos, videos and other content with, us we may receive personal information about you.
Information
collected online
We may collect information about how you use our websites or other content online, and the device you use to access the services. Please see What data is collected on our websites? and our Cookies Policy for further details about how we use this data and information on opting out.
 

eCommerce

Some of our websites contain links to products and services offered by third party websites. If you click on those links we will use data collected about your activity on our site to direct you to the third party site. We and the third party may collect data to show us that you have clicked on the link and whether you purchased any products and services. We may receive a commission from the third party if you link to their site from a Future site and purchase goods and services from them.
Email communications We use web beacons in our emails to track the success of our marketing campaigns. If you open an email from us, we can see which of the pages of our website you visited. Our web beacons don’t store any information on your computer but, by communicating with our cookies on your computer, they can tell us when you have opened an email from us. We may keep track of the emails that we send you. We also keep a record of what communications you have selected to receive or not to receive. If you would like to opt out of receiving such emails you can unsubscribe at any time or contact our DPO.
Information from other sources We may receive information about you from other sources (for example, missing information about your postal or email addresses) and add it to the personal information we hold about you. We may also receive data from other sources, such as our business partners, and social media platforms.
Information which allows us to recognise you or your device When you log into our website, we may share information that we collect from you, such as your email (in hashed, pseudonymous form), IP address, or information about your browser or operating system, with our partner LiveRamp. LiveRamp uses this information to create an online identification code for the purpose of recognising you on your device. This code does not contain any of your identifiable personal data and cannot be used to re-identify you. We place this code in our cookie and allow it to be used for online and cross-channel advertising. It may be shared with our advertising partners and other third party advertising companies globally for the purpose of enabling interest-based content or targeted advertising throughout your online experience (e.g. web, email, connected devices, and in-app, etc). These third parties may in turn use this code to link demographic or interest-based information you have provided in your interactions with them. You have the right to express a choice regarding our sharing of this data with LiveRamp for the above purposes, of the creation of this code, or of our sharing of the code with our advertising partners.

What lawful bases do we rely on for processing?

In order to process your personal data, we must have a lawful reason for doing so. GDPR sets out six lawful bases under which organisations can collect, use and store personal data. We rely on four of the lawful bases:

Necessary for the performance of a contract
If you are our customer, for example a subscriber of a magazine or an attendee at one of our events, we will process your personal data on the basis that it is necessary for us to provide our products and services to you.

Consent
In some instances we rely on your specific consent to process your personal information. This is where you have actively agreed and ‘opted-in’, for example to receive marketing communications from us, and you have the right to withdraw your consent at any time.

Compliance with laws
We may have to process and share your personal data in order to comply with our legal obligations, or to protect our rights or the rights of others. For example, we are required to collect certain information from you when processing your subscription payment for tax or financial reporting reasons.

Legitimate interests
In some situations we rely on our legitimate business interests in order to collect and use your personal data. In these situations, we have conducted a balancing test to carefully consider the impact of the processing on your interests, rights and freedoms. We will only undertake the processing if we are satisfied there is no negative impact on you. We rely on Legitimate Interests for the following activities:

  • providing, maintaining, improving and developing our products and services;
  • sending direct marketing communications about our products and services to customers;
  • sending marketing communications related to the products and services of carefully selected companies in a business-to-business context;
  • managing suppression and unsubscribe requests;
  • researching publicly available business contact details;

  • managing certain aspects of our events;
  • analysing the use of our products and services;
  • using analytics to identify usage trends and determining the effectiveness of campaigns;
  • allowing you to comment on on our sites;
  • dealing with queries and complaints;
  • personalising your experience on our sites;
  • identifying fraudulent behaviour and ensuring our websites and systems are secure.

If you object to our reliance on Legitimate Interests for any purpose please contact our DPO.

Who may we share your data with?

Agents
We use third parties to perform certain functions on our behalf including fulfilling orders, sending emails, organising and managing events, running competitions and promotions, conducting surveys or polls, removing repetitive information from customer lists, comment hosting, website analysis, data analysis and processing credit card payments. They will have access to your personal information if necessary to perform their function but they cannot use it or disclose it for any other purpose, unless you have specifically given them consent to do so.

Aggregate information
We may share aggregated, non-personally identifiable information, such as demographics and website usage statistics, with advertisers, sponsors and other organisations.

Option to receive marketing information from associated third parties
Throughout the website you may be given the opportunity to receive marketing information which may be of interest to you from associated third parties. Only if you elect to receive such information, will we share your personal information with our associated third parties and they are only permitted by us to use it for the purpose of providing you with the marketing information you have requested. The use of your personal information by such third parties will be subject to their own privacy policy and practices. We are not responsible for the privacy policy or practices of any such third party. If you do not want to receive marketing information from associated companies you can notify us of this as part of the registration process. You can stop receiving this information at any time by following the unsubscribe instructions on the correspondence you receive, by amending your marketing preferences, or by emailing our DPO at DPO@futurenet.com giving your email address and details of the information you no longer wish to receive.

Products or services offered in partnership with third parties
Certain products or services available through this website may be provided to you in partnership with a third party. That third party may require you to disclose personal information to them in order to receive such products or services. If you request a product or service offered in partnership with a third party, the identity of the third party will be disclosed to you and your personal information will be transferred to that third party. The use of your personal information by that third party is subject to its privacy policy and practices and we are not responsible for this.

Group Companies
We only share your personal information with our group companies if you have elected to receive marketing information from them which may be of interest to you. They are only permitted by us to use it for the purpose of providing you with the marketing information you have requested. If you do not want to receive marketing information from our group companies you can notify us and you can stop receiving this information at any time by following the unsubscribe instructions on the correspondence you receive or by emailing our DPO at DPO@futurenet.com, giving your email address and details of the information you no longer wish to receive.

Third-Party Ad Serving and Audience and Traffic Measurement Services

We may use a third-party network advertiser to serve the advertisements on this website or we may use an audience or traffic measurement service to analyse the traffic on this website. Network advertisers are third parties that display advertisements based on your visits to this website and other websites you have visited. Third-party ad serving enables us to target advertisements to you for products or websites you might be interested in. Audience and traffic measurement services allow us to collect traffic and behavioural information from the website by monitoring anonymous visitor activity. This website’s advertisers, sponsors and/or traffic measurement services may themselves set and access their own cookies on your computer if you choose to have your cookies enabled in your browser. Please see What data is collected on our websites? and our Cookies Policy for further details and information on opting out.

Auditing organisations
We may share your personal data with the Audit Bureau of Circulations, a third-party auditing organisation. This is so they can verify aggregated statistics about circulation and usage of our products, or review our policies, processes and procedures for compliance with relevant standards. You can view their privacy policy by following this link: www.abc.org.uk/privacy-policy

What data is collected on our websites?

‘Cookies’ are small data files which are sent to your computer, mobile phone or other device so that the website can remember information about your browsing activity. We use cookies on our websites for a variety of purposes:

Information storage and access
The storage of information, or access to information that is already stored, on your device such as advertising identifiers, device identifiers, cookies, and similar technologies.

Content selection, delivery, reporting
The collection of information, and combination with previously collected information, to select and deliver content for you, and to measure the delivery and effectiveness of such content. This includes using previously collected information about your interests to select content, processing data about what content was shown, how often or how long it was shown, when and where it was shown, and whether the you took any action related to the content, including for example clicking on content. This does not include personalisation, which is the collection and processing of information about your use of this service to subsequently personalise content and/or advertising for you in other contexts, such as websites or apps, over time.

Measurement
The collection of information about your use of the content, and combination with previously collected information, used to measure, understand, and report on your usage of the service. This does not include personalisation, the collection of information about your use of this service to subsequently personalise content and/or advertising for you in other contexts, i.e. on other service, such as websites or apps, over time.

Personalisation
The collection and processing of information about your use of this service to subsequently personalise advertising and/or content for you in other contexts, such as on other websites or apps, over time. Typically, the content of the site or app is used to make inferences about your interests, which inform future selection of advertising and/or content.

Ad selection, delivery, reporting

The collection of information, and combination with previously collected information, to select and deliver advertisements for you, and to measure the delivery and effectiveness of such advertisements. This includes using previously collected information about your interests to select ads, processing data about what advertisements were shown, how often they were shown, when and where they were shown, and whether you took any action related to the advertisement, including for example clicking an ad or making a purchase. This does not include personalisation, which is the collection and processing of information about your use of this service to subsequently personalise advertising and/or content for you in other contexts, such as websites or apps, over time.

Please see our Cookies Policy for more information.

Links to other websites

Our websites may include links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and, when you leave our website, we encourage you to read the privacy notice of every website you visit. We may monetise some of these links through the use of third party affiliate programmes. Notwithstanding such affiliate programmes, we are not responsible for the content or privacy policies of these websites or for third party advertisers, nor for the way in which they use information they collect about you.

Storage and retention of data

Your information is collected and stored on our secure systems, mainly based in the UK and European Economic Area (EEA). Where we use third party service providers to store data, we have appropriate agreements in place to ensure that your personal data is protected. Your personal data may be transferred to a country outside the EEA if, for example, a supplier or service is based outside the EEA. We will take all steps reasonably necessary to ensure your data is treated securely, including ensuring the location has been granted ‘adequacy status’ by the European Commission, or using our agreement with the supplier contains model contractual clauses approved by the European Commission, or ensuring the company we are transferring the data to is certified under the EU-US Privacy Shield.

We hold personal data for a variety of different purposes and the length of time we keep your data will vary depending on the services or products we are providing. We will only keep your data for a reasonable period of time, which is based on the purpose for which we are using your data. Once that purpose has been fulfilled, we will securely delete that data or anonymise your information (so that we, or anyone else, can no longer tell that data relates to you) unless we are required to retain the data longer for legal, tax or accounting reasons.

Security

We are committed to protecting the personal data we hold. In accordance with GDPR, we adopt appropriate technical and organisational measures to help prevent unauthorised access to your information and ensure data is held securely. We also require any third parties to whom we may transfer personal data to have appropriate security measures in place. We ask third parties to complete Data Security Questionnaires so we can be sure they are a safe place for your data.

Protecting children’s privacy

Our products and services are for a general audience and not aimed at children. However, we recognise that some of our publications, for example in our Knowledge and Gaming portfolios, may appeal to a younger audience. We do not knowingly collect any personal information from children under the age of sixteen or send any marketing communications to children. If we are running a competition which might be of interest to children, our competition rules specify that a parent or guardian must consent to entry. If, in the future, we collect personally identifiable information from children in connection with our products and services, we will do so in compliance with all relevant laws and regulations including, without limitation, obtaining parental consent where necessary. The Internet offers children wonderful educational and entertainment resources. Your guidance and involvement are essential to help ensure that children have a safe and rewarding online experience. We encourage you to visit https://www.google.co.uk/intl/en/safetycenter/families/start/ for more information about keeping your family safe online. If you are a parent or guardian and are concerned that we may be processing personal data related to your child, please contact our DPO.

Your rights

You have the right to request:

  • Access to the personal data we hold about you.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • The erasure of your personal data.
  • That we stop using your personal data for direct marketing if you object to it.
  • That we stop any consent-based processing of your personal data after you withdraw that consent.
  • The right to request a transfer of your data to another service provider.

Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.

Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request. Remember, you can always stop direct marketing messages by clicking on an unsubscribe link in any of our emails or getting in touch with us.

Exercising your rights
If you wish to exercise any of your rights please contact the Data Protection Officer:
By post: Future Publishing Limited, Quay House, The Ambury, Bath BA1 1UA; or
By email: DPO@futurenet.com.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. If this is case, we will notify you and keep you updated.

No fee usually required
You will not usually have to pay a fee to access your personal data (or to exercise any of the rights), however, we may charge a reasonable fee if your request is unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. If we choose not to action your request we will explain to you the reasons for our refusal.

Information Commissioner’s Office
If you feel you need to, you also have the right to make a complaint at any time to the ICO, the UK data protection supervisory authority (www.ico.org.uk).

Important Information for California Residents

This section applies only to California residents.  It describes how we collect, use and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information.  For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA. 

Your California privacy rights.
As a California resident, you have the rights listed below. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law. 

  • Information.  You can request the following information about how we have collected and used your Personal Information during the past 12 months:
    • The categories of Personal Information that we have collected.
    • The categories of sources from which we collected Personal Information.
    • The business or commercial purpose for collecting and/or selling Personal Information.
    • The categories of third parties with whom we share Personal Information.
    • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.
    • Whether we’ve sold your Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.  
  • Access.  You can request a copy of the Personal Information that we have collected about you during the past 12 months. 
  • Deletion.  You can ask us to delete the Personal Information that we have collected from you.
  • Opt-out of sales.  If we sell your Personal Information, you can opt-out. In addition, if you direct us not to sell your Personal Information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes. We share your Personal Information with third parties in the following circumstances, which California law classifies as a “sale” of your Personal Information:
    • supplying your data to third parties with your express consent (e.g. where you opt in to receive third party marketing or where you have requested to be contacted by a third party);
    • supplying your data to list brokers (but only where you have consented to be contacted by third parties);
    •  supplying attendee data to third parties who provide services in connection with our events, and sending your data to suppliers of certain products and services (where you have consented to hear from such third parties); 
    • like many companies, we use services that help deliver interest-based ads, content and services to you.  California law classifies our use of these services as a “sale” of your Personal Information to the companies that provide the services. This is because we allow them to collect information from our website users (e.g., online identifiers and browsing activity) so they can help serve ads, content and services  more likely to interest you. 
  • Opt-in.  If we know that you are younger than 16 years old, we will ask for your permission (or if you are younger than 13 years old, your parent’s or guardian’s permission) to sell your Personal Information before we do so.
  • Nondiscrimination.  You are entitled to exercise the rights described above free from discrimination. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.  

How to exercise your right to information, access, deletion or your right to opt-out of the “sale” of your Personal Information
You may exercise your California privacy rights by submitting a request form or emailing dpo@futurenet.com quoting ‘California Privacy Rights’ in the subject header.

We will need to confirm your identity and California residency to process your requests to exercise your information, access or deletion rights.  We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.

Personal information that we collect, use and share
The chart below summarizes how we collect, use and share Personal Information by reference to the statutory categories specified in the CCPA, and describes our practices during the 12 months preceding the effective date of this Privacy Policy. 

Statutory category of personal information (PI)
(click for details)
Source of the PI Purpose for collection Categories of third parties to whom we “disclose” the PI for a business purpose Categories of third parties to whom we “sell” the PI
Identifiers
  • You
  • Public sources
  • Business partners
  • Our clients
  • Service delivery
  • Research & development
  • Marketing
  • Compliance & Operations
  • Affiliates
  • Advertising partners
  • Service-related third parties
  • Professional advisors
  • Authorities and others
  • Business transferees
  • for business and commercial purposes as defined in the section above entitled ‘Opt-out of sales
Commercial Information
  • You
  • Our clients
  • Service delivery
  • Research & development
  • Marketing
  • Compliance & Operations
  • Affiliates
  • Service-related third parties
  • Professional advisors
  • Authorities and others
  • Business transferees
None
Financial Information
  • You
  • Service delivery, i.e. to fulfill your subscriptions and orders, and any refund requests
Online Identifiers
  • You
  • Our clients
  • Service delivery
  • Research & development
  • Marketing
  • Compliance & Operations
  • Affiliates
  • Service-related third parties
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Advertising partners (to facilitate online advertising)
  • Third Party Partners (for business and commercial purposes as defined in the section above entitled ‘Opt-out of sales)
Internet or Network Information
  • You
  • Automatic collection
  • Service delivery
  • Research & development
  • Marketing
  • Compliance & Operations
  • Affiliates
  • Service-related third parties
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Third Party Partners (for business and commercial purposes as defined in the section above entitled ‘Opt-out of sales)
Geolocation Data
  • You
  • Public sources
  • Business partners
  • Our clients
  • Service delivery
  • Research & development
  • Marketing
  • Compliance & Operations
  • Affiliates
  • Service-related third parties
  • Professional advisors
  • Authorities and others
  • Business transferees
  • Third Party Partners (for business and commercial purposes as defined in the section above entitled ‘Opt-out of sales)

Website notifications (pop ups).

We provide news and updates about our sites via push notification messages or ‘pop-ups’. This is a free service. The notifications are only sent to you if you have clicked on a button to allow it (you may have accidentally selected to receive notifications).

We have no control over your subscription to notifications as it is controlled by your browser and device.  We do not store any recognisable data about you or your device in connection with the push notification service.

If you wish to unsubscribe from receiving notifications please follow the instructions here:

https://documentation.onesignal.com/docs/unsubscribe-from-notifications

If you need additional assistance in relation to push notifications, please contact the team at push.notifications@futurenet.com.

Policy changes

We may amend this Privacy Policy from time to time, so we encourage you to check it periodically. If we make material changes we will endeavour to provide you with appropriate notice before such changes take effect.

Further information

General information about data protection may be found at the Information Commissioner’s website: https://ico.org.uk/

For more information about cookies please visit http://www.allaboutcookies.org/ and for more information about how to manage cookies please refer to our Cookies Policy.

Information about direct marketing may be found at the Direct Marketing Association’s website: https://dma.org.uk/

To unsubscribe from all emails contact: DPO@futurenet.com