BIP NYC NEWS

collapse
Close menu
×
Home / Daily News Analysis / Data Protection / Privacy Policy

Data Protection / Privacy Policy

May 14, 2026  Twila Rosenbaum  4 views
Data Protection / Privacy Policy

InfraXmedia (Holdings) Ltd, the parent company of a group of media and event businesses, has released an updated Data Protection and Privacy Policy, effective from 25 April 2025. The new policy reinforces the company's commitment to complying with strict data protection laws in the UK, European Economic Area, USA, Canada, and Latin America. It replaces previous versions and aims to provide transparent information about how personal data is processed across all group companies.

Scope of the Policy

The policy applies to all companies within the InfraXmedia group. It covers the collection and processing of personal data from customers, business partners, marketing and event registrants, website visitors, and employees or contractors. The company states that it processes data only when there is a lawful basis, such as fulfilling contractual obligations, pursuing legitimate business interests, or obtaining explicit consent where required.

Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, InfraXmedia must ensure that individuals are informed about what data is collected, how it is used, and how they can exercise their rights. The updated policy addresses these requirements in detail.

Types of Personal Information Collected

The policy identifies several categories of personal data. For customers and business partners, InfraXmedia collects names, email addresses, phone numbers, job titles, company names, countries, business addresses, and in some jurisdictions copies of passports or residence cards. For marketing and event registrants, similar contact details are gathered along with preferences and professional interests. Website visitors may have their IP addresses, browser types, device information, and cookies recorded. Employees and contractors provide data relevant to employment or contractual obligations.

The company emphasizes that by entering details in any of its forms, users enable InfraXmedia to provide the services they select. The policy also notes that websites contain hyperlinks to third-party sites, and the group accepts no responsibility for those sites' privacy practices.

How Information Is Used

Personal data is processed for several purposes: fulfilling contractual obligations, pursuing legitimate interests (such as marketing, event management, media services, and analytics), and processing based on consent where required. The policy defines “legitimate interest” as the interest of the company in conducting its business to provide the best services and secure experience. It states that when processing for legitimate interests, the company carefully balances any potential impact on individuals.

Specific uses include contacting users for service-related reasons (e.g., subscription changes, password reminders), inviting participation in research studies, sending operational information for events, tracking website traffic to improve usability, fulfilling subscription orders, providing online community features, determining effectiveness of promotional campaigns, planning business activities through aggregated analysis, and managing images and video from events for promotional purposes.

Marketing Communications and Opt-Out

A significant portion of the policy addresses marketing. InfraXmedia states that it may contact staff members of limited companies, public limited companies, incorporated partnerships, trusts, foundations, local authorities, and government institutions via business email addresses and other electronic communications under the legitimate interest basis. The company asserts that it does not need consent if processing is legitimate and there is no disproportionate impact on the data subject.

However, the policy provides every opportunity for individuals to opt out of marketing communications. An unsubscribe link is included in all marketing and product emails, and users can email the data team at [email protected] to stop receiving messages. The policy also notes that if a person is registered with the Telephone Preference Service (TPS) or Mailing Preference Service (MPS), submitting personal data via an InfraXmedia website may be interpreted as consent for the time being. The policy stresses that users may opt out at any time.

Data Sharing with Third Parties

InfraXmedia may share personal data with other companies within its group, including the holding company and subsidiaries. It may also disclose data where compelled by law, for prevention or detection of crime, or for assessment of tax or duty. In the event of a sale or purchase of business assets, data may be disclosed to prospective sellers or buyers on a confidential basis.

As part of its terms, the company informs event attendees, webinar participants, and digital download users that it will pass personal data to sponsoring third parties for their marketing communications, and to speakers who receive questions during digital broadcasts. A list of sponsoring third parties is available on the company's website. The policy stresses that only data from registrations at the time of registration are shared with listed sponsors, and data is not sold or shared outside this condition.

International Data Transfers

Given the global nature of its operations, InfraXmedia may transfer personal data to countries outside the UK and European Economic Area. The policy outlines safeguards: adequacy decisions by the UK or EU for countries with adequate data protection laws; Standard Contractual Clauses (SCCs) where required; self-certification under the U.S. Data Privacy Framework (DPF) for US-based business; and separate data protection agreements with parties to maintain adequate standards.

InfraXmedia also compiles and shares anonymized statistics about website use, such as traffic and user numbers, without personally identifying information. The company uses third-party services that collect behavioral metrics, heatmaps, and session replay to improve its services. These services capture IP addresses (de-identified after session), device screen size, browser information, geographic location (country only), and preferred language. The information is stored in pseudonymized profiles, and the third parties are contractually prohibited from selling the data.

Rights of Access and Data Subject Rights

Under UK GDPR, individuals have the right to access their personal data and verify the lawfulness of processing. A subject access request must be verified by reasonable means, and the request will be free of charge. If requests are manifestly unfounded or excessive, InfraXmedia may charge a reasonable fee or refuse to respond. Information will be provided within one month, extendable to two months for complex requests with an explanation.

Individuals can request correction of inaccurate personal data by contacting the data team. The policy also outlines other rights, such as the right to erasure, restriction of processing, data portability, and objection to processing, though these are not detailed explicitly in the policy text.

Data Storage, Security, and Retention

Data collected may be transferred and stored outside the UK and EEA. By submitting personal data, users agree to this transfer, storing, and processing. The company takes steps to ensure data is treated securely in accordance with the policy. All information is stored on secure servers provided by IT system suppliers. However, the policy notes that internet transmission is not completely secure, and transmission is at the user's own risk.

Security procedures and technical and organizational measures are in place to safeguard personal information. Access to internal servers is limited to specialist IT systems suppliers and personnel. Personal data is not kept longer than necessary for the purposes for which it was collected. For audit and tax purposes, data may be held for up to six years or longer if required by legislation.

IP Addresses and Cookies

The policy mentions that information about computers, including IP addresses, operating systems, and browser types, may be collected for system administration and to report aggregate information to advertisers. Cookies are used to provide a personalized browsing experience. The policy refers users to a separate Cookies Policy for more details.

Contact and Complaints

For questions or comments about privacy, individuals can email the data team or write to the Data Controller at InfraXmedia's London address. The policy also provides contact details for the UK Information Commissioner's Office (ICO) for complaints. The ICO can be reached by phone, email, live chat, or post at its Wilmslow office.

The policy concludes with a note that it was last updated on 25 April 2025. InfraXmedia reserves the right to update the policy at any time, with changes posted immediately on its websites. Users are deemed to have accepted the terms on first use after alterations.

The updated policy reflects the company's ongoing efforts to align with evolving data protection regulations and to maintain high standards of privacy practice across its international operations.


Source: Datacenterdynamics News


Share:

Related posts
Your experience on this site will be improved by allowing cookies Cookie Policy

These cookies are essential for the website to function properly.

These cookies help us understand how visitors interact with the website.

These cookies are used to deliver personalized advertisements.