Last Updated July 18, 2018
- About this policy notice
- Personal data and personal information
- Who we are
- Lawful bases for processing
- What kinds of personal data we collect and hold
- Your obligation to provide your personal data
- How we collect and hold personal data
- Why we collect, hold, use and disclose personal data
- Where we store your personal data
- How you may access, correct or enquire about your personal data
- How you may complain to us regarding your personal data
- Our sharing of your personal data overseas
- How long we keep your personal data
- Privacy contacts
About this policy notice
The CEO Magazine is committed to complying with privacy laws applying both to you and to The CEO Magazine’s businesses and which set out standards for the processing of personal data. Privacy laws applying to you may give you the right to be informed about The CEO Magazine’s collection and use of your personal data. This policy notice is to give you that information.
Such privacy laws may give you important privacy rights in respect of your personal data which are in addition to your rights referred to in this policy notice. Links to the websites of several countries’ privacy regulators are at the privacy contact details below – your country’s regulator may be able to give you additional information.
We may have additional terms relevant to The CEO Magazine’s collection and use of your personal data. These are important. They may provide for certain contract commitments and consents from you to The CEO Magazine and other legitimate bases for The CEO Magazine’s personal data processing, depending on the nature of your dealings.
The CEO Magazine has separate policies concerning The CEO Magazine’s employees – this policy does not apply to the personal data of employees in their capacity as such.
Personal data and personal information
This policy notice refers to “personal data”. In some places, the law refers to this as “personal information”. These terms are used interchangeably and have the meaning of the term for personally identifying information about individuals under the privacy law applicable to you in your country (the relevant country’s laws being referred to as “your privacy law”) for example, “personal data” under the UK Data Protection Act 1998 (UK Act) and the EU General Data Protection Regulation (GDPR) and “personal information” under the Australian Privacy Act 1988 (Cth) (Australian Act).
For the purpose of a provision in your privacy law which requires you to be made aware of the controller of your personal data, this is Bean Media Group Pty Ltd ACN 126 697 747.
Who we are
In this policy notice Bean Media Group Pty Ltd ACN 126 697 747 and its subsidiaries and related group entities are separately and together referred to as “The CEO Magazine”, “us”, “our” or “we”. You can find out more about us by visiting www.theceomagazine.com/about. The CEO Magazine’s contact details are at the privacy contact details below.
Lawful bases for processing
In collecting, holding and using your personal data, The CEO Magazine generally relies on one or more of consent, contract and legitimate interests. Under “Why we collect, hold, use and disclose personal data” details of these bases are given. These are referred to in the UK Acts and GDPR as “lawful bases”.
Important information about consent: In some cases, your privacy law may require The CEO Magazine to obtain consent before it can process personal data. Explicit consent may be required in some cases, for example, in relation to health information and may be required from a child’s parent or guardian in respect of children’s personal data. Some privacy laws also require consent for the use of certain personal data for direct marketing.
Where we require such consent, the media through the personal relevant data is collected will generally include a mechanism for your consent. For example, we only authorise use of The CEO Magazine’s online sites subject to our Cookies Policy (a link to which is www.theceomagazine.com/cookie-policy and other terms which are notified via such site.
What kinds of personal data we collect and hold
The personal data we collect and hold is what we consider reasonably necessary for our business functions and activities. When we collect and hold personal data, it is generally of the kind we ask for in order to provide our goods and services and what arises from that. Specifically, we collect
- full name
- telephone numbers
- communication preferences
- what is provided to us with consent. See “Important information about consent” in this policy notice
- what is collected by us via cookies and which is described in our cookies policy. Our cookies policy is at www.theceomagazine.com/cookie-policy
- what is provided to us pursuant to a contract with us
- automatically collected information from visits to our online sites. This is generally the identifier of the device you are using (for example the Internet protocol (IP) address); login information; browser type and version; location and time zone settings; browser plug-in types and versions; operating system and platform and information about visits to the site. Examples of this are the uniform resource locator is (URLs) of locations visited through and from The CEO Magazine’ sites (including date and time), what was viewed or searched for, response times, download errors, length of visits to certain pages and page interaction information (such as scrolling and clicks)
- metrics required by the analytics service providers we engage, such as Google Analytics, for example sex, age, interests and general location
Your obligation to provide your personal data
You generally have the option of not identifying yourself or of using a pseudonym when dealing with us, except where this is impractical, you have consented or agreed or where the law or a court order provides otherwise.
Collecting your personal data from others
We may collect your personal data other than from you directly. These sources are generally those in respect of whom we have a reasonable expectation of their lawful ability to provide us with the relevant personal data. Examples are those who support our data analytics activities and who may have a contract with you, and those who support our business operations.
Examples of third party sources with whom we may have relationships from time to time are:
- fulfilment entities including Salesforce, SOS, DG3, WHSmith, Newslink, Apple, Kindle, Magzter, OptinMonster, Schedugr.am, Social Drift, Sprout Social and Eurostar
- advertising technology companies including Google, Facebook, Instagram, LinkedIn Twitter and Amazon.
We collect personal data via cookies. For detailed information on the cookies we use see our Cookies Policy at https://www.theceomagazine.com/cookie-policy.
How we collect and hold personal data
Collection of the personal data: When we collect personal data about you, we do so by making a record of it. We do this when:
- you communicate with us online
- you subscribe to our newsletters
- you subscribe to our magazines or other media;
- you express an interest in taking part in our events;
- you take part in any trade promotions, testimonials, surveys, focus groups and research we are involved in
- you deal with us in other ways involving a need for personal data to be provided, such as when you make contact with us or seek assistance from our customer services.
We may also collect personal data by accessing personal or other data from the other sources referred to at “Collecting your personal data from others” above then analysing that data together with the information we already hold about you for the purposes outlined under “Why we collect, hold, use and disclose personal data” below.
Holding of personal data: Personal data we hold is generally stored in computer systems. These may be operated by us or by our service providers.
Why we collect, hold, use and disclose personal data
For your personal data sourced from you, third parties or from us, we have a range of processing purposes. These purposes may apply to any or all of the personal data we collect, hold, use and disclose. These are generally as follows:
- marketing to you: This may be direct marketing to you by ourselves or by third parties we select. This may promote our goods or services or those of third parties. It may take a variety of forms, for example electronic communications (such as email and SMS), telephone or regular mail. It may take the form of advertising which has been facilitated by cookies used when you are visiting our, or third parties' online sites. Our Cookies Policy is at www.theceomagazine.com/cookie-policy
- responding to requests or enquiries regarding our goods and services
- sending newsletters
- conducting events
- administering our sites, for example troubleshooting, data analytics, testing, research, statistical and survey activities
- improving our online sites to present content in an effective manner
- facilitating participation in any interactive features of our services
- measuring and understanding the effectiveness of our marketing and to deliver relevant marketing
- making suggestions and recommendations about goods or services that may be of interest
- combining some of the personal data we hold with other personal data about you sourced from others and using the combined information for the above purposes
- communicating with actual or prospective sellers or buyers of businesses or assets in which we have an interest. In the event of a sale, the personal data we hold about you may be included in the transferred assets
- complying with any legal obligations
- enforcing or applying contract terms
- protecting the rights, property or safety of our businesses, customers or others. This may include exchanging information with others for the purposes of fraud protection and credit risk reduction.
Important information about your opt out rights for direct marketing: Regardless of our source of your personal data and of the basis on which we collect or hold it, it is our policy to observe your rights under your privacy law to opt out of our direct marketing to you. Our direct marketing materials will generally tell you how to do this, but if you are not sure, a member of our privacy team will help you. Contact details for our privacy team are below.
Where we store your personal data
In respect of your personal data of which we are the controller, we hold this on our servers or those of our third party processing service providers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access parts of our online sites, you are responsible for keeping this confidential. We ask you not to share a password with anyone. The transmission of information, electronically, is not secure and we cannot guarantee the security of your personal data transmitted to or from any of our sites. Please bear this in mind when deciding whether or not to allow your personal data to be processed by us.
How you may access, correct or enquire about your personal data
Access: We will provide you with access to any of your personal data we hold (except in limited circumstances recognised by law). Before we provide you with access to your personal data we may require some proof of identity.
Correction: if you need to correct personal data we hold, please contact one of our privacy team – see contact details below.
Enquiries: please direct any enquiries you may have about our processing of your personal data to the privacy team whose contact details are below. Where your privacy law includes the California Civil Code, Section §1798.83 of that Code permits users of our sites that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an email to our privacy team – see contact details below.
How you may complain to us regarding your personal data
If you wish to complain about our processing of your personal data, you may contact our privacy team – see contact details below. We may ask you to put your complaint in writing and to provide details about it. We may discuss your complaint with our personnel and our service providers and others as appropriate. Our privacy team will investigate the matter and attempt to resolve it in a timely way. A privacy team will inform you in writing about the outcome of the investigation. If our privacy team does not resolve your complaint to your satisfaction and no other complaint resolution procedures are agreed or required by law, our privacy team will inform you that your complaint may be referred to a privacy regulator for further investigation. Links to some privacy regulators’ websites are under our privacy contact details below.
Our sharing of your personal data overseas
- where we have made a business decision to store our data with a trusted service provider who is in the business of providing data storage and processing services. Examples are those who store and process our email and mobile application data. These services commonly involve diverse geographic locations which change from time to time for reasons which include data protection and processing efficiency. Where these services are used by us, it is not practical for us to notify you of which country your personal data may be located in
- for disclosures between our group companies. Our main business location is in Australia but we do business in a number of countries and some of our group companies may be based in other countries from time to time; and
- when our business which collected your personal data is in a different country to your location.
How long we keep your personal data
We will hold your personal information on our systems only for as long as required to provide you with the goods or services you have requested or as we consider reasonably appropriate having regard to the purpose of our processing. See also the above “Why we collect, hold, use and disclose personal data”.
Contact details of our privacy team are:
Postal: The Privacy Team, Bean Media Group Pty Ltd Level 1, 7 Grosvenor Place, Brookvale, NSW, 2100 Australia
Some countries’ privacy regulators may provide you with other information on request regarding your privacy rights. Samples of some regulators’ websites are:
Australian Information Commissioner
There is no single, comprehensive federal (national) law regulating the collection and use of personal data but various agencies administer various aspects of US privacy law, for example the Federal Trade Commission enforces the Children's Online Privacy Protection Act (COPPA) (15 U.S.C. §§6501-6506) and the Self-Regulatory Principles for Behavioural Advertising.
The Personal Information Protection Commission
Personal Data Protection Commission