The EU General Data Protection Regulation (GDPR), which is enforceable from 25 May 2018, provides new rights to individuals and requires organisations to provide information about their processing in a clear and transparent way. We have published this updated Privacy Statement to take into account new requirements and to explain how we collect, store and use personal data.
At Panacea Publishing International, we make every effort to protect and respect your privacy. We aim to maintain consistently high standards in our use and storage of your personal data and have procedures in place to comply with the Data Protection Act 1998, the EU General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 (amended) and other relevant legislation. This privacy notice aims to clearly inform you of how we use your personal data, how we ensure it is kept secure and your choices about its use. This is to help you make informed decisions when using our websites and the other services we provide. In this Notice, references to "we", "us" and "our" refer to Panacea Publishing International. Personal data, as defined by the GDPR, means any information which can directly or indirectly identify a living individual. For example your name, email address, postal address and telephone number. We will review and update this notice regularly, so please check this page occasionally to ensure that you are happy with any changes. In addition to this Notice, each service offered by us may have additional privacy provisions that are specific to the particular service. You will always be informed of these supplemental provisions at the time you provide your personal data.
- Links to other websites
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third party site.
- About us
Our site is owned and operated by Panacea Media, a limited company registered in England under company number 05422576 whose registered address is whose registered address is 10 John Street, London WC1N 2EB and whose main trading address is 41-43 Maddox Street, London, W1S 2PD. Our VAT number is GB 228 2273 16.
- How to contact us:
- Our events include but are not limited to:
Business Travel Awards
BBT editor’s lunch
BBT Wine Tasting
- Collection of your personal data
Personal data you provide directly to us
We collect personal data from you when you inquire about or request a product or service directly from us. For example when you;
- Register on one of our websites
- Subscribe to a magazine
- Sign up for a digital product or service
- Register to attend a conference, an exhibition, an award or forum event
- Request a newsletter/bulletin
- Enter a competition or prize draw
The information we collect will include your contact details (e.g. name, email address, phone number and postal address).
When you register to attend one of our events, we may also collect details about your dietary and accessibility requirements. We only collect this information with your explicit consent and will only use it for the purposes of your attendance at the event.
When you visit our websites
From other organisations or publicly available sources
We sometimes combine information we have collected from our websites or other sources, with information received from other organisations. This is used to:
- Verify the personal data we hold for you (e.g. to check your postal address is correct)
- Enhance the content and relevance of the advertising we provide to you.
To learn more please see Personalised website content and our Cookie Notice.
We may also research publicly available sources (e.g. websites and LinkedIn) and use external suppliers who do the same, to identify business contacts who are likely to be interested in the products and services we have to offer. We will collect the minimum amount of information required for this purpose (e.g. name, job title, company and contact details) and when we contact you we will provide you with a simple way to object to further contact from us.
- The Lawful Bases for Processing your data
Under GDPR there are six lawful bases under which organisations can collect, use and store personal data. We have identified four which we rely upon for our business activities:
In many circumstances we rely on the lawful basis of "performance of a contract", this enables us to respond to you when you express an interest in our products and services and to execute any sales.
In some circumstances, we rely on your specific consent, whereby you actively agree and "opt-in". We will always make it clear how you can withdraw your consent at any time.
There will be circumstances where we are legally obliged to hold your personal data or to disclose it to a third party. Examples of this are informing HMRC of an employee's tax liability or passing information to the police as part of a criminal investigation. You cannot object to this lawful basis, but we will always verify the source prior to any disclosure.
For some of our activities, we rely on our legitimate business interest to collect and use your personal data. In such cases, we have balanced our interests with yours and do not believe these activities will have a negative impact on your privacy rights and freedoms. We specifically rely on Legitimate Interest to:
- Manage specific aspects of our events.
- Send you marketing communications about our products and services.
- Send you marketing communications related to other companies' products and services (in a business-to-business context).
- Personalise the marketing content we provide you.
- Share your contact details with a named sponsor, when you access specific sponsored content.
- Undertake business sales and advertising activities
- Research publicly available business contact details.
- Customise the content you see on our websites.
For details of the assessments we made, by market sector, to back up our reliance on legitimate interest please contact us. For further information about Legitimate Interest please see the ICO guidance on Legitimate Interest.
You can always object to our marketing messages, please see How to stop receiving marketing communications.
If you wish to object to our reliance on Legitimate Interests for purposes other than direct marketing then please contact us.
- How we use your personal data
Fulfilment of a service
We will use your personal data for the purposes of fulfilling a product or service you have requested, which includes:
- Responding to your enquiries about our products and services
- Fulfilling your requests and delivery of a product or service. For example when you:
- subscribe to a magazine
- register to attend an event
- register to access online content
- register to access site functionality
- Administering your account
- Sending you specific service or transactional communications about a product or service
- Fulfilling prize draws and competitions
- Delivering customer services
We use essential and functional cookies to ensure our websites function properly. To learn more please see our Cookie Notice.
Please find below information about how your personal data will be used when you register to attend one of our conferences.
If you are making a group booking please ensure you have permission from others to share their name and contact details with us.
We will share your details (name, job title and company name ONLY) with events sponsors, to ensure that any content and activity on the day is tailored specifically to the audience attending. If you would prefer us not to do this please contact us. We will share the delegate list with the venue for fire regulation and catering purposes.
Exhibitors at stands or seminar hosts/sponsors may ask to scan your badge at the event to gain your consent to contact you in future for their direct marketing purposes. If you would prefer your contact details are not shared, you can choose not to have your visitor pass scanned at any stand or seminar.
Please note that photographs and video footage may be taken at our events and used in post-event publicity. If you have any objection to this please contact us.
Please find below information about how your personal data may be used when you register to attend one of our Awards.
If you are making a group booking please ensure you have permission from others to share their name and contact details with us.
We will share your details (full name & company name ONLY) with the Award sponsors and with other attendees via an Award brochure, an attendee list, table plan and/or screen presentation. Please contact us if you would prefer your name not to appear.
We will also share the attendee list with the venue for fire regulation and catering purposes.
Please note that photographs and video footage may be taken at this event for use in post-event publicity. If you have any objection to this please contact us.
Please find below information about how your personal data may be used when you register to attend one of our BBT Forums.
These events are specifically designed to invite delegates to meet and network with service suppliers. We believe it is in everyone's interests for business contact details to be shared between delegates and suppliers. You will always be informed of this. We will also need to share basic details to facilitate your travel and accommodation.
Please note that photographs and video footage may be taken at this event for use in post-event publicity.
If you have any queries or concerns please contact us.
We provide sponsored content, such as webinars, expert reports, whitepapers, surveys or events.
We will share the details you provide to access this specific content with the named sponsor. However, this is always your choice and you will be provided with a clear opportunity to indicate if you would prefer us not to share this information.
When we collect your personal data we will include a specific notice to inform you and give you choices about future direct marketing communications from us.
We will only send you direct marketing communications when you have either:
- provided your consent (e.g. ticked a box or clicked a "button" to submit a form)
- where we believe we can demonstrate a legitimate business interest and have balanced this with your interests and privacy.
It is always your choice and you can stop receiving direct marketing communications from us at any time. We will provide a clear and easy way to do this on any communication you receive. To learn more please see How to stop marketing communications.
Personalised marketing content
We want to ensure our marketing communications are of interest to you. We, therefore, use the information we know about you to tailor our messages to be more relevant. We will use details such as your gender, age, geographical location, and previous transactional history to try and do this. You have the right to object to this profiling. To learn more please see How to stop marketing communications.
Personalised website content
How to stop receiving marketing communications
We don't want to send you marketing communications if you do not want to receive them. You can object to these messages from us at any time.
Emails: There will always be an unsubscribe link on any marketing email you receive from us. Some of our brands, where relevant, provide a level of granularity to the types of emails you can unsubscribe from.
Post: We will inform you in any postal communication how you can stop receiving direct mail in future.
Phone: If you receive a marketing call from us, please let the call operator know if you don't want to receive calls again.
If you wish to specify which brands you want to receive marketing communication from please contact us including the brands you are interested in and your personal details (Name, Company name, address, email and telephone number).
If you wish to stop ALL marketing communications from Panacea Publishing International please email contact us with the subject header "Stop Marketing" (remember this will stop all marketing communications from all of our brands). Please include your personal details (Name, Company name, address, email and telephone number) so we can make sure that we do not contact you again. Please note that this process will only stop marketing to the individual named in the email and not your company or organisation as a whole.
If you wish to speak to us directly about marketing communications you are receiving, please use one of the contact details below:
By post: Data Protection Officer, Panacea Publishing International, 41-43 Maddox Street, London, W1S 2PD
By telephone: +44 (0)20 7821 2700
By email: firstname.lastname@example.org
- Sharing your personal data
We may share your personal data with other organisations, as specifically approved by you or under the circumstances described below.
We may share limited personal data about you with event sponsors, other delegates and venues. To learn more please see:
Business Travel Awards
BBT editor’s lunch
BBT Wine Tasting
We will always make it clear and provide you with choices if another organisation wishes to use your personal data for their own marketing purposes.
Our service suppliers
We use a number of companies to help us in providing a professional service to our customers. For example, stand contractors and cloud software suppliers. These companies only act under strict contractual instruction from us. We limit the personal data we share with our suppliers to only those necessary to fulfil the specific service they provide to us.
Audit and verification
We may share your personal data with the auditing organisation, ABC (Audit Bureau of Circulations Ltd). This is only so ABC can verify aggregated statistics about circulation and usage of our products or review our policies, processes and procedures for compliance with relevant standards.
We may need to disclose your personal data to comply with any legal obligation. These requests will be verified before we share your details.
Changes to our company
In the event we go through a business transition such as a merger or acquisition by another company, or sale of all or a portion of our assets, your personal data may be among the assets transferred.
All of our brands are aimed at adults and are not designed for use by children. However, we accept that on occasion children may visit our websites. Where we believe any of our brands may attract children under the age of 16, we will clearly provide information notices to try and deter children from providing their personal data.
We clearly stipulate that entry into any of our competitions is only available to over 18s.
We do not knowingly send marketing communications to children.
We actively encourage all our staff, whenever they are implementing new promotions, offers or events to assess whether these might be attractive to children and if so, will ensure clear information is provided to try and deter children from providing their personal data.
If you are a parent or guardian and are concerned that we may be processing personal data related to your child, please contact us.
- Your rights
Under data protection law you have a number of rights. These are intended to give you control over how we manage your personal data. If you are unhappy with any aspect of our handling of your personal data please email us.
If you are concerned with the manner in which we have handled your personal data, you have the right to complain to a supervisory authority. In the UK this is the Information Commissioner's Office.
Right to be Informed
You have the right to know what data we hold on you and what we will do with it. This privacy notice is the way in which we communicate this to you.
Right to Access
You can request a copy of the personal data we hold relating to you and our reasons for processing it. This is known as a Subject Access Request. In responding to such a request we may ask for proof of your identity, to ensure we do not inadvertently send your personal data to another person. We will endeavour to respond to any such requests as soon as possible but within one calendar month.
Right to Rectification
If you discover or believe the personal data we hold for you is out of date or incorrect please let us know and we will rectify this as soon as possible.
Right to Erasure (to be forgotten)
If you wish for your personal data to be deleted we will assess any such request on a case-by-case basis. We will respond to you as soon as possible but within one calendar month of receiving your request.
Right to Restrict Processing
If you wish you can request to restrict or suppress the processing of your personal data. This means that we will continue to store your data but will not process it. You may choose to do this instead of asking for your data to be deleted because we can then make sure that we do not collect your data again.
Right to Data Portability
You can ask us to provide all the data we hold on you in a machine-readable format. We will generally do this as a CSV file within one month.
Right to Object
You have the right to object to the processing of your data. You have an absolute right to object to direct marketing but we may have to continue processing data for other purposes if we have a compelling reason. In those circumstances, we will inform you of our reasons and give you details of how you can raise a complaint with the ICO. Please see How to stop receiving marketing communications for further information.
Rights related to automated decision making
You have the right to object to any automated decision made by us regarding you. We do not presently undertake automated decision making but will monitor our business practices and update this section if this changes.
If you wish to exercise any of your rights or for more information please contact us. Alternatively, you can review the ICO guidance on Individual Rights.
- Keeping your data secure
Where we store your personal data
Ensuring your personal data is stored and transferred securely is of the highest importance to us.
We hold your personal data on our secure systems, mainly based within the UK and the European Economic Area (EEA). Where we employ service providers, we have appropriate agreements in place to ensure your personal data is protected. Your personal data may be transferred to a country outside the European Economic Area (EEA). This may be required for the purposes of our staff based outside the EEA or where a supplier of a service is based outside the EEA. We will take all reasonable steps necessary to ensure your personal data is treated securely. This includes the use of Binding Corporate Rules and Model Contractual Arrangements as approved by the European Commission and the EU-US Privacy Shield.
How we keep your personal data secure
We are committed to protecting the security of the personal data we hold. We deploy appropriate technical and organisational measures to ensure your personal data is kept securely and to prevent any unauthorised access. We have robust procedures and features in place to prevent such unauthorised access. We also require any parties to whom we transfer personal data to ensure they have appropriate security measures in place.
How long do we keep your personal data
We hold personal data for a variety of different purposes and the length of time we keep your information for will vary depending on the products and services we are providing to you. We will only keep your personal data for a reasonable period of time and we base this on the purpose for which we are using it. There will be circumstances in which we keep a strictly minimal amount of information about you, for example, to ensure we can honour an objection to receiving direct marketing. We will also, in specific circumstances, be required to retain personal data for a longer period of time for contractual or legal reasons. Please contact us for further details of our retention policy.
Reporting security vulnerabilities
We are committed to the privacy, safety and security of our customers. If you discover a potential security vulnerability, please let us know as soon as you can so that we can take appropriate action.
- Cookie Notice
The aim of our Cookie Notice is to provide you with a summary of the tracking technologies we use and how you can control what is set and when. We keep our Cookie Notice under regular review to best reflect the technology we use on our sites.
Cookies and tracking technologies we use
Where Panacea Publishing International talk about cookies and tracking technology on our websites
A local shared object, sometimes called a "Flash cookie," is a data file that can be created on your computer by the websites you visit. They are most often used to enhance your web-browsing experience. Adobe's website provides details regarding Flash Cookies
To help us better manage content we employ web beacons in emails that we send to our subscribers. Web beacons are tiny graphics with a unique identifier and are used to track the online movements of internet users. Unlike cookies, which are stored on a user's computer hard drive, web beacons are embedded invisibly on websites. We use them in our HTML-based emails to learn which emails have been opened by recipients enabling us to gauge the effectiveness of our marketing campaigns.
A pixel refers to the code that is placed on your computer in order to trigger a cookie. We sometimes use this methodology to allow us to deliver more relevant messages to you.
We use log files to record events that occur on our websites. This may include, though not exclusively, the type, content or time of transaction made via your device. These audit trails allow us to analyse the activities on our websites.
Types of Cookies and how they are set
There are two types of cookies:
- "Session Cookies" - Stored temporarily in your computer's memory while you are visiting a website and are deleted when you close your browser.
- "Persistent Cookies" - Stored for a set period on your computer and used to determine whether there has been any contact between us and your computer in the past.
There are two ways cookies set can be on our websites:
- "1st Party Cookies" - cookies that are set by the website domain (or belonging to a sub domain) of the website.
- "3rd Party Cookies" - cookies that are set by another website domain. (e.g. by one of our main technology partners or by an external web service).
We are categorising cookies set on the site by ourselves and our main technology partners into the following categories:
Category 1: Strictly necessary cookies
These cookies are essential, as they enable you to move around a website and use its features, such as accessing secure areas. Without these cookies, services you've asked for (such as access to secure areas) can't be provided. These cookies don't gather information about you that can be used for marketing or remembering where you've been on the internet.
Category 2: Performance cookies
These cookies collect information about how you use a website, for example, which pages you go to most often and if you get any error messages from certain pages. These cookies don't gather information that can identify you. All information these cookies collect is anonymous and is only used to improve how our website works. These cookies are not used to target you with online advertising. Without these cookies, we can't learn how our website is performing and make relevant improvements that could better your browsing experience.
Category 3: Functionality cookies
These cookies allow a website to remember choices you make (such as your user name, language or the region you're in) and tailor the website to provide enhanced features and content for you. For instance, they can be used to remember log-in details, changes you've made to text size, font and other parts of pages that you can customise. They may also be used to provide services you've asked for such as watching a video or commenting on a blog. These cookies may be used to ensure that all our services and communications are relevant to you. The information these cookies collect cannot track your browsing activity on other websites. Without these cookies, a website cannot remember choices you've previously made or personalise your browsing experience.
Category 4: Targeting and advertising cookies
We use these to provide adverts on our sites that we believe are more relevant to you. Without these cookies, online adverts you encounter will be less relevant to you and your interests. We also enable some advertising partners to set cookies specifically to enable them to analyse advertising campaign performance.
Our main technology partners
We work directly with a number of technology partners to maintain and enhance our websites. We will update the following listing when cookies are added or removed.
We use Google DoubleClick for the delivery and measurement of advertising campaigns.
We use Google AdWords to promote our products and services through Google's advertising opportunities.
We use Google Analytics to provide insight into how visitors find and use our web pages so that we can evaluate and develop them.
We use Facebook to promote our products and services.
External web services
We use a number of web services to display external content, e.g. YouTube. These could set cookies or track your activity anonymously – for full information you should read the privacy policies of these sites.
We may set cookies on certain third party sites that we advertise on to identify you as having visited that site if you later visit our website, and will serve targeted advertising based on this information.
Your control options
Managing your cookies
You can choose to disable your web browser's ability to accept cookies. Please note that if you choose to do this, you may not be able to access or take advantage of many features of the service and some parts of the website may not work properly.
You can control how cookies are set within your browser settings. Each browser is different so check the ‘Help’ menu of your particular browser to learn how to change your cookie preferences, please see:
If you want to learn more about cookies, or how to control or delete them, you can visit: www.allaboutcookies.org. You can also review the guidance provided by the Information Commissioner's Office.