Introduction

This Privacy Policy outlines how the Consumer Duty Leadership Awards Website ("we," "us," or "our" collects, uses, shares, and protects personal information obtained through our website in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

We collect personal information directly from you when you interact with our website, such as when you submit an awards application or contact us. This information may include but is not limited to your name, email address, phone number, job title, company name, and any other information you voluntarily provide.

We may also automatically collect certain information when you visit our website, such as your IP address, browser type, device information, and usage data through cookies and similar tracking technologies. You can control cookies through your browser settings.

Use of personal information

We use the personal information we collect for the following purposes:

• To process awards applications and administer the awards program.
• To communicate with you about your application, event details, updates, and other relevant information.
• To send you further communications if you have opted in to receive them.
• To comply with legal obligations and enforce our terms of service.

Lawful basis for processing

We only process personal information where we have a lawful basis for doing so, such as the following:

• Consent: Processing is based on your consent, which you may withdraw at any time.
• Legitimate interests: Processing is necessary for our legitimate interests, such as to operate and improve our website, provide customer support, and protect against fraud and security risks. We take due care to balance our interests against your right to privacy.
• Legal compliance: Processing is necessary to comply with applicable laws and regulations.
• Contractual necessity: This is where we have to process personal information to meet our contractual obligations.

Sharing of personal information

We may share your personal information with third-party service providers who assist us in operating our website, conducting our business, or servicing you, such as hosting providers and marketing platforms. We require these service providers to maintain the confidentiality and security of your personal data and to only use it for the purposes we specify.

We may also disclose your personal information to comply with legal requirements, enforce our policies, respond to legal requests, protect our rights, or protect the rights, property, or safety of others.

We also share aggregated, non-identifiable information with third parties. Before sharing this information, we ensure that it cannot identify you as an individual.

Storing and transfer of personal information

There will be limited situations where the data that we collect from you may be transferred to, and stored at, a destination outside the UK and European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or business partners. When we transfer personal data outside the EEA, we implement appropriate safeguards to ensure that your data is protected in accordance with applicable data protection laws.

Retention of personal information

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include the nature of the data, the purposes for which it was collected, legal requirements, and business needs.

Security

We implement appropriate technical and organisational measures to protect the security and confidentiality of your personal information against unauthorised access, disclosure, alteration, or destruction. Any employees and affiliates of the Awards who will handle personal data have been trained accordingly. We regard breaches of your privacy very seriously.

Your rights

You have certain rights regarding your personal information under applicable data protection laws, including the right to:

• Access and receive a copy of your personal data.
• Rectify inaccurate or incomplete personal data.
• Erase your personal data under certain circumstances.
• Restrict the processing of your personal data under certain circumstances.
• Object to the processing of your personal data under certain circumstances.
• Withdraw consent at any time if processing is based on consent.

To exercise your rights or if you have any questions or concerns about our privacy practices, please contact us using the information provided at the end of this Privacy Policy.

If you have a complaint related to any aspect of our privacy practices, please contact partnerships@deriskly.com. If you are unsatisfied with our response to your complaint, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) in the UK. You can find details about how to do this on the ICO website at https://ico.org.uk/concerns/

How to contact us

If you have any questions, concerns, or complaints about our privacy practices or this Privacy Policy, or if you would like to exercise your rights, please contact the Awards' Privacy Officer at jane.edwards@deriskly.com.

Updates to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. We will notify you of any material changes by posting the updated Privacy Policy on our website.