The Senate Privacy Statement published July 2019
Your privacy and trust are important to us. This Statement explains how the Senate group of companies (“The Senate,” “we”, “us” or “our”) collect, handle, store and protect personal information about you in the context of our services. It also provides information about your rights and about how you can contact us if you have questions about how we handle your information.
Who this statement applies to and what it covers
This Statement applies to individuals who use any website, application, including mobile application (“app”), product, software or service of ours (we call these our “Services”).
The Senate provides information solutions for professionals and our Services are generally not aimed at children.
Depending on the Service, we may provide additional or different privacy statements or notices for specific interactions you have with us or to highlight how we use your personal information for specific Services. Where we do this, it will be clear which statements apply to which interactions and Services.
Within our Services, there may be links to third-party websites or applications. We are not responsible for the content or privacy compliance of third party websites or applications. You should check those websites or applications for their privacy statements and terms that apply to them.
Who we are
The Senate is a global company that is incorporated in England & Wales under the name Senate Holdings Ltd. The Senate is a data controller for some data and a data processor for others. We are responsible for this website and the provision of our Services and the personal information collected therefrom. Where we act as a data processor on behalf of our customers when providing our Services, we will only use personal information as instructed by our customers.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent where this is required or permitted by law.
Disclosures of your personal information
We may share your personal information with the parties set out below for the purposes set out in this Statement:
- service providers who perform services and functions on our behalf in connection with the operation of our business such as software and application service providers, third parties who host, store and manage data or provide programming or technical support, etc;
- professional advisers including our accountants, insurers and brokers, etc;
- analytics partners to analyse website traffic and understand customer needs and trends;
- marketing service providers to help us to communicate with you;
- if we are required to do so by law, or if we believe that such action is necessary to: (a) fulfil a government, or regulatory authority request; (b) conform with the requirements of the law or legal process; (c) protect or defend our legal rights or property, our websites or customers;
- those to whom we may sell, transfer, or merge parts of our business with, or where we acquire other businesses or merge with them. If such a change happens then any new owners may use your personal data in the same way as set out in this Statement
- We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will disclose personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to:
- comply with legislation or legal process served on us;
- protect and defend our rights and/or property; and
- to protect personal safety
Use of Publicly Available Data within Our Services
Many professionals and third parties rely on the use of publicly available information in order to carry out analysis and research. We may make available information obtained from publicly available sources like public websites, open government databases or other data in the public domain. The Senate takes privacy seriously and has put in place measures designed to ensure that we process personal information in a proportionate way and in compliance with data protection laws.
Where we process non-sensitive personal information within our Services, it is normally processed because it is in our or a third parties’ legitimate interests to do so. In the limited circumstances where we process sensitive personal information, we normally do so where:
- necessary in relation to obligations under employment, social security and social protection law
- personal information has been manifestly made public by the person to whom it relates
- necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
- processing is necessary for reasons of substantial public interest, on the basis of applicable law
Sources of personal information
We collect personal information about you from your interactions with us and from certain third parties and other sources (such as your employer or the subscriber providing access to our Services or from publicly available sources where permissible).
We obtain personal information from you:
- through your interactions with us and our Services, such as, when you purchase or use our Services, register for an event, request information or call us for support (please note that we may record or monitor our telephone calls for compliance and quality assurance purposes)
- through your system/device and use of our Services. Our servers, logs and other technologies automatically collect system/device and usage information to help us administer, protect and improve our Services, analyse usage and improve users’ experience through cookies and similar technologies included on our Services. More information relating to cookies, and how to control their use can be found in our Cookies Policy
We also collect personal information about you from third parties such as:
- the person(s) arranging for you to access our Services (e.g., your employer or our subscriber) in order to set up a user account
- partners and service providers who work with us in relation to your Service
- publicly available sources such as public websites, open government databases or other data in the public domain, to help us maintain data accuracy and provide and enhance the Services
What types of personal information we collect
The type of personal information we collect depends on how you are interacting with us and which Services you are purchasing or using.
In many cases, you can choose whether or not to provide us with personal information, but if you choose not to, you may not get full functionality from the Services.
The personal information we collect consists of the following, which we have grouped together as follows:
- identity data and contact data: name and contact data, such as, first and last name, email address, postal address, phone number, and other similar contact data
- profile data: account credentials, such as, passwords and other security information for authentication and access, your interests, preferences, feedback and survey responses
- user content: such as, communications and files provided by you in relation to your use of the Services
- technical data: device information, such as, information about your device, such as IP address, location or provider
- usage data: information and browsing history, such as, information about how you navigate within our Services, your browsing history and which elements of our Services you use the most
- location data: for Services with location-enhanced features. If we need your consent to collect geo-location data, we will collect this separately
- transaction data: includes details about payments to and from you and other details of products and services you have purchased from us
- financial data: includes bank account and payment card details
- marketing and communications data: includes your preferences in receiving marketing from us and our third parties and your communication preferences
Personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We also collect, use and share ‘Aggregated Data’ such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal information but is not considered personal information in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal information so that it can directly or indirectly identify you, we treat the combined data as personal information which will be used in accordance with this Statement.
We do not collect any Special Categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you fail to provide personal information where we need to collect personal information by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you the Services). In this case, we may have to cancel a Service you have with us but we will notify you if this is the case at the time
How we use personal information
This section includes details of the purposes for which we use personal information and also the different legal grounds upon which we process that personal information. We use personal information to provide and improve Services and for other purposes that are in our legitimate interests, as well as for compliance purposes. Further information is set out below
Some laws require us to explain our lawful reason for processing your personal information. We process personal information about you on the basis that it is:
- necessary for the performance of a contract: where we have a contract with you, we will process your personal information in order to fulfil that contract (i.e., to provide you with Services)
- in our or a third parties’ legitimate interests: details of those legitimate interests are set out in more detail below (e.g., provision of Services that we are contractually obliged by a third party, such as your employer or our subscriber, to deliver to you)
- where you give us your consent: we only ask for your consent in relation to specific uses of personal information where we need to and, if we need it, we will collect it separately and make it clear that we are asking for consent
- for compliance with a legal obligation: e.g., to respond to a court order or a regulator
You are welcome to contact us for further information on the legal grounds that we rely on in relation to any specific processing of your personal information.
We use personal information for a number of legitimate interests, including to provide and improve Services, administer our relationship with you and our business, for marketing and in order to exercise our rights and responsibilities. More detailed information about these legitimate interests is set out below.
- to set up and administer your account, provide technical and customer support and training, verify your identity, and send important account, subscription and Service information
- to administer our relationship with you, our business and our third-party providers (e.g., to send invoices)
- to deliver and suggest tailored content such as news, research, reports and business information. We analyse the way you use our Services to make suggestions to you for features or Services that we believe you will also be interested in, and so that we can make our Services more user-friendly
- to personalise your experience with our Services. We may retain your browsing and usage information to make your searches within our Services more relevant. We may sometimes share your personal information across our Services so that we can make all of the Services we deliver to you more intuitive (e.g., rather than requiring you to enter the same data many times)
- to contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyse the data collected for market research purposes
- to display information you choose to post, share, upload or make available in chat rooms, messaging services, and community and event forums (including in community and event profiles) and for related collaboration, peer connection, games and information exchange
- to provide any third party, who has made our Services available to you (e.g., your employer or our subscriber), insights about use of the Services
- for internal research and development purposes and to improve, test and enhance the features and functions of our Services
- to provide you with marketing as permitted by law
- to meet our internal and external audit requirements, including our information security obligations (and if your employer or our subscriber provides for your access to our Services, to meet their internal and external audit requirements)
- to enforce our terms and conditions
- to protect our rights, privacy, safety, networks, systems and property, or those of other persons
- for the prevention, detection or investigation of a crime or other breach of law or requirement, loss prevention or fraud
- to comply with requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, including where they are outside your country of residence
- in order to exercise our rights, and to defend ourselves from claims and to comply with laws and regulations that apply to us or third parties with whom we work
- in order to participate in, or be the subject of, any sale, merger, acquisition, restructure, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings)
Where we rely on legitimate interests as a lawful ground for processing your personal information, we balance those interests against your interests, fundamental rights and freedoms.
We deliver marketing and event communications to you across various platforms such as email, telephone, text messaging, direct mail and online. Where required by law, we will ask you to explicitly opt in to receive marketing from us. If we send you a marketing communication it will include instructions on how to opt out of receiving these communications in the future.
Honouring your marketing preferences is important to us. You have the right to opt out of receiving direct marketing and targeted online advertising.
How to Opt Out of Email Marketing
Where we send marketing emails, we provide unsubscribe options for your use within our emails.
Even if you opt out of receiving marketing communications by email, we may still send you service communications or important transactional information related to your accounts and subscriptions (for purposes such as providing customer support).
We strive to provide you with choices regarding certain personal information uses, particularly around marketing. We have established the following personal information control mechanisms:
Promotional offers, newsletters or marketing communications from us
We may use your data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing)
You will receive marketing communications, newsletters, and other news and information about our services from us if you have requested information from us or purchased services from us or if you provided us with your details when you contacted or registered with us unless you told us you did not want to receive such information.
We may send the following commercial communications by email to a targeted selection of individuals from our marketing database: invitations to industry events we are hosting or attending; newsletters; industry updates; updates about our agency and the services we offer; other information that we reasonably think may be of interested to our contacts.
We may also inform you of products or services available from carefully selected partners. We may also contact you via surveys to conduct research about your opinion of our services.
We do not give or provide in any other way customer lists to third parties
Our marketing database includes data of: staff members of our clients; individuals who have requested us to send marketing information by completing a form on our website, sending us an email or via a phone call; individuals we have met at events or via online public forums or social media who have asked us to send marketing information.
You may, at any time opt-out of receiving such communications from us by contacting us (as set out above) or selecting the “unsubscribe” option in any e-communication from us.
How we share personal information
We share personal information within the Senate Group, with our business partners and third party service providers, the person providing for your access to our Services (if that is not you) and in accordance with law. Our third-party service providers are not permitted to share or use personal information we make available to them for any purpose other than to provide services to us.
We share your information for the purposes set out in this Statement, with the following categories of recipients:
- The Senate Group companies
- the person providing your access to our Services (e.g., your employer or our subscriber)
- business partners with whom we deliver co-branded Services, provide content, or to host events, conferences and seminars
- third parties that help us deliver Services or act on our behalf
- third parties where we have a duty to or are permitted to disclose your personal information by law (e.g., government agencies, law enforcement, courts and other public authorities)
- third parties in order to participate in, or be the subject of, any sale, merger, acquisition, restructure, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings), in which case we may disclose your personal information to prospective buyers, sellers, advisers or partners and your data may be a transferred asset in a business sale
- third parties where reasonably required to protect our rights, users, systems and Services (e.g., legal counsel and information security professionals)
- any person you have asked us to share information with (e.g., if you upload information into a public forum it is shared publicly)
The Senate is a global organisation and your personal information may be stored and processed outside of your home country, including in countries that may not offer the same level of protection for your personal information as your home country. We have measures in place to ensure that when your personal information is transferred internationally, it is subject to appropriate safeguards in accordance with data protection laws. Often, these include contractual safeguards
The Senate has networks, databases, servers, systems, support and helpdesks around the world. We collaborate with third parties like cloud hosting services, suppliers and technology support located around the world to serve the needs of our business, workforce and customers.
We take appropriate steps to ensure that personal information is processed, secured and transferred according to applicable law. In some cases, we may need to disclose or transfer your personal information within The Senate or to third parties in areas outside of your home country, including to countries that have not been declared adequate for the purposes of data protection by the European Commission.
The areas in which these recipients are located will vary from time to time, but may include the United States, Europe, Canada, Asia (including Australia and India), and other countries where contributors may be based.
When we transfer personal information internationally, we put in place safeguards in accordance with applicable law (including Articles 44 to 50 of the EU General Data Protection Regulation).
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We calculate retention periods for your personal information in accordance with the following criteria:
- the length of time necessary to fulfil the purposes we collected it for
- when you or your employer (or other subscriber providing for your access to our Services) cease to use our Services
- the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations
- any limitation periods within which claims might be made
- any retention periods prescribed by law or recommended by regulators, professional bodies or associations
- the existence of any relevant proceedings
In some circumstances you can ask us to delete your data: see your rights below for further information. In some circumstances we will anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
You may have rights under European and other laws to have access to your personal information and to ask us to rectify, erase and restrict use of, your personal information. You may also have rights to object to your personal information being used, to ask for the transfer of personal information you have made available to us and to withdraw consent to the use of your personal information. Further information on how to exercise your rights is set out below.
We will honour your rights under applicable data protection laws. You have the following rights under European laws, and may have similar rights under the laws of other countries.
- right of subject access: The right to make a written request for details of your personal information and a copy of that personal information
- right to rectification: The right to have inaccurate information about you corrected or removed
- right to erasure ('right to be forgotten'): The right to have certain personal information about you erased
- right to restriction of processing: The right to request that your personal information is only used for restricted purposes
- right to opt out of marketing: You can manage your marketing preferences by unsubscribe links found in the communications you receive from us
- right to object: The right to object to processing of your personal information in cases where our processing is based on the performance of a task carried out in the public interest or we have let you know the processing is necessary for our or a third party’s legitimate interests
- right to data portability: The right to ask for the personal information you have made available to us to be transferred to you or a third party in machine-readable format
- right to withdraw consent: The right to withdraw any consent you have previously given us to handle your personal information. If you withdraw your consent, this will not affect the lawfulness of our use of your personal information prior to the withdrawal of your consent
These rights are not absolute and they do not always apply in all cases
In response to a request, we will ask you to verify your identity if we need to, and to provide information that helps us to understand your request better. If we do not comply with your request, whether in whole or in part, we will explain why.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
In order to exercise your rights please contact us at Privacy@senate2sense.com.
Cookies and similar technologies
Connecting via social networks
Some of our Services may include social networking features and interactive mini-programs. Additionally, you may choose to use your own social networking logins from, for example, LinkedIn®, to log into some of our Services. If you choose to connect using a social networking or similar service, we may receive and store authentication information from that service to enable you to log in and other information that you may choose to share when you connect with these Services. These Services may collect information such as the web pages you visited and IP addresses, and may set cookies to enable features to function properly. We are not responsible for the security or privacy of any information collected by these third parties. You should review the privacy statements or policies applicable to the third-party services you connect to, use, or access. If you do not want your personal information shared with your social media account provider or other users of the social media service, please do not connect your social media account with your account for the Services and do not participate in social sharing on the Services.
Legal Products and Services
Our business provides research and business management and efficiency tools to the legal profession, often processing personal information that users input into the platform. For example, if a law firm uses our Services, they may record personal information when using those Services and they may ask us to hold or access it on their behalf (e.g., to provide support).
Senate ExpertsTM and Senate Data suite of products are made up of data aggregated from Senate contributors. These products are available only to authorized businesses and government organizations for their legitimate internal business uses and subject to applicable law.
For more information about how your legal professionals handle your personal information, please contact them directly.
The Senate recognises and respects that many of its customers and users of our Services may be subject to ethical obligations to protect confidences with their clients. Where we act as a service provider in regard to the personal or confidential information that our customers or users input into the Senate Products, we do so in accordance with permissible law and we do not use any such information other than to provide, administer and improve our Services, provide user support or to meet our legal obligations.
How to contact us
If you have any questions, comments, complaints or suggestions in relation to data protection or this Statement, or any other concerns about the way in which we process information about you, please contact us at Privacy@senate2sense.com
Filing a Complaint. If you are not content with how the Senate manages your personal information, you can lodge a complaint with a privacy supervisory authority. In the European Economic Area, the relevant supervisory authority is the one in the country or territory where:
- you are resident
- you work, or
- the alleged infringement took place
A list of National Data Protection Authorities in the European Economic Area can be found here:
Updates to this statement
This Statement may be subject to updates. Any material future changes or additions to the processing of personal information as described in this Statement affecting you will be communicated to you through an appropriate channel. For example, we may place a prominent notice on our site or email you to let you know of an updated Statement.