We Value Your Privacy
Specifically, please note that:
- We do not accept any advertisements on our website and therefore have no information reporting requirements to any third party; and/or
If you are a Californian resident, please refer to our CCPA statement for further details about your rights.
Who Processes Your Data?
- Within the meaning of Article 4 (16) of the GDPR, IDC’s main establishment in the EU is in the Czech Republic.
Where required, IDC has designated a representative in the EU:IDC CEMA s.r.o.
Malé náměstí 459/11
110 00 Praha 1
- For all matters related to privacy and the collection, processing, use and storage of your personal data, please contact IDC’s Privacy Compliance Officer at firstname.lastname@example.org.
For more information about IDC, please refer to here.
What Data Do We Collect, Process, Use, and Store When Providing Our Products and Services?
Depending on the product or/and service involved, IDC may collect various data types for distinct purposes. Below, you will find more information on the data collected, processed, used, and stored related to the products and services IDC provides:
Syndicated Research and Data Products: IDC may use your name and email address, business phone number, information about your organization, your job title, and other information provided by you at the time of registering your user account on the IDC website to deliver the Syndicated Research services and/or Data Products ordered by you or your organization as part of a corporate account. We may also use your contact details to communicate with you when producing reports and other Syndicated Research services and Data Products. In addition, we may log your IP address for security purposes.
In order to enhance our services and in particular, to improve user experience, prevent misuse of IDC services and user accounts, or to provide feedback and usage statistics to our clients, we may track your usage of our services (such as search history). Corporate administrators (hereinafter as "Corporate Administrators") at our client organizations have access to usage statistics for their organization’s account base. If your user account, including personal data, is part of a corporate account, then a Corporate Administrator at your organization may request your user data containing personal data and usage information. Corporate Administrators can access user information only for individuals within their organization’s corporate profile.
Custom Solution Services: IDC may use your name and email address, business phone number, information about your organization, your job title, and other information shared by you or your organization, if required due to the nature of the Custom Solution project, to provide Custom Solution Services (e.g. consulting and advisory services) ordered by you or your organization.
Events Organization: When organizing conferences, webcasts, networking events, and other events, we may collect the name, email address, job title, company, and business phone number of each participant during the registration process. Alternatively, event participants may be asked to register through the idc.com general registration form as described in Section 2.1(a) above. In addition, we may collect details pertaining to professional profiles, including photos and information from social media profiles, as well as the names and email addresses of contacts from event partners (including sponsors). We may also collect any feedback or information that participants, speakers, and/or partners have volunteered to provide to us via questionnaires submitted prior to, during or after events. We will use such data to organize and market such events, manage event participation, and present details about speakers and sponsors in the programs and/or promotional materials of such events, as well as on our website and via social media. We may share information on participants and speakers other than their contact details with our event partners, as listed on the event website, to prepare, improve, and organize the event, including the collection and review of event statistics, and to ensure that the event's content is relevant to and customized for the event audience.
Some public IDC events may be recorded by means of photographs, audio recordings, and/or videos. Such photographs and recordings may subsequently appear on the respective event website, other relevant website, on social media, in the press, or in promotional materials (such as IDC promotional videos or program guides). All events to be thus documented will be clearly indicated as such. IDC may separately seek your consent prior to recording if you are to feature predominantly in the planned recording (e.g. speakers and participants in interviews).
Based on participants' and speakers’ consent, we may share their contact details with our event partners, as listed on the event website, for follow-up communication, including marketing. We may ask you for such consent during your event registration and/or during the course of the event. The consent you grant to IDC to share your contact details with event partners is unrelated to any consent that you may grant directly to any event partner during event networking, including by allowing an event partner to scan your electronic business card.
If you request us to arrange additional event-related services for you, such as booking accommodation and/or flight tickets, we will also use your personal data to secure the requested arrangements.
Networking tools at events: IDC may provide specific tools during the event to enhance your networking opportunities — in particular, a networking application and electronic business cards, as described below.
Mobile application: An event mobile app may include your name, company, and job title (along with your photo, profile, and social media information, as provided by you) and may be visible to all other event participants. Opting for "private mode” will ensure that your name and contact details do not appear in the application.
Awards and Competitions: When organizing awards or competitions, we may collect the name, email address, job title, company, and other details provided by each participant in the application form. Alternatively, such details may also be obtained from third parties who nominate the respective participant via a specific nomination form, in which case the nominating person has informed the participant and obtained necessary permissions to share the participant’s personal data with IDC.
We will use such data to organize the awards or competitions and manage participation. We may share information on participants with members of our jury, which may consist of both internal and external parties bound by a confidentiality obligation, to evaluate applications and select winners of all award/competition categories.
Based on participants’ consent, we may share their contact details with the partners of the awards or competitions, as listed on the respective websites, for follow-up communication, including marketing. We may ask you for such consent during your registration and/or while interacting with you during the award or competition process.
Ancillary Services: To provide services related to updates on industry developments, IDC may use your name and email address to deliver these updates to you or your organization. Such services may include newsletters, market updates, market snapshots, and other value-added services or features provided by IDC, whether for remuneration or free of charge.
Irrespective of whether IDC provides its services to you or your organization, we may also process your name and email address and personal data that you provide to us when we ask for your insight in relation to a specific industry or topic (e.g. when you fill out a survey form that we sent to you).
In addition, regardless of the product and/or service involved, IDC may also process your name and email address, business phone number, information about your organization, and your job title for the purpose of management of business relationship with you or your organization.
IDC does not process any special categories of personal data (as defined under the GDPR and the UK GDPR).
For How Long Do We Store Your Data?
- We will store your personal data for as long as is necessary to provide you with the products and/or services requested by you or your organization; for as long as is reasonably required to store such information for our lawful business purposes, such as exercising our legal rights, or for as long as we are legally obligated to store such information.
- We will store photographs and video and audio recordings from each event for a period of 3 years from the end of the respective event.
- If you consent to us collecting, processing, using, and storing your personal data, we will do so for the duration of such consent — in other words, until such consent expires or is withdrawn. You have the right to withdraw your consent at any time. For more details on the withdrawal of your consent, please see the Your Rights section below.
On What Legal Basis Do We Process, Use, and Store Your Data?
- We process, use, and store your data primarily to perform our obligations under the contracts we have concluded with you or your organization.
- In certain instances, we may also process your personal data based on our legitimate interests. IDC’s legitimate interests include offering and delivering our products and services to business customers, enhancing our customer base, management of the customer relationships, exchanging professional knowledge about the industry, exercising our legal rights, preventing fraud or imminent harm, and ensuring the security and operability of our network and services.
- In specific cases, we process your data based on consent.
Cookies; web analytics
- We may contact you to inform you about IDC news, services, features, and special offers and to invite you to our events that we believe may be of interest to you, including the provision of marketing communication within the limits prescribed by law. Where required, we will request your consent prior to sending any such communication.
- Your marketing communication preferences may be changed at any time. If you would like to unsubscribe from receiving marketing emails, please follow the "unsubscribe" link and/or instructions which are placed at the foot of every IDC email.
- Please note, however, that we may occasionally send you important information (including via email) about the IDC services you are using or have used, including changes to applicable terms and conditions, and/or other communication or notifications, as may be required to fulfil our legal and contractual obligations. Such communication is not affected by your marketing communication preferences.
How Do We Secure Your Data When It Is Collected, Processed, Used, and Stored by Our Suppliers and Affiliates?
- To comply with legal processes;
- To enforce or defend the legal rights of IDC in connection with corporate restructuring, such as a merger or business acquisition, or in connection with an insolvency situation;
- To prevent fraud or imminent harm; and/or
- To ensure the security and operability of our network and services.
- We share your data with our trusted business partners, who process your data as our vendors and data processors on our behalf and pursuant to our instructions. We strive to select our vendors carefully and ensure they are able to provide adequate data protection and security safeguards.
- When such processors reside in the EU (or the UK), we comply with Article 28 of the GDPR (or the UK GDPR, as applicable). If such processors reside outside of the European Economic Area or the United Kingdom, all data transfers are conducted in accordance with Chapter V. of GDPR (or the UK GDPR, as applicable) — in particular, in accordance with adequacy decisions issued by the European Commission or standard contractual clauses (Model Clauses), as applicable.
In relation to the above, we may share your data with the following third parties:
- Suppliers that provide IT support to IDC;
- Suppliers that support our marketing activities;
- Other professional services providers.
What Are Your Rights?
As a data subject under GDPR or UK GDPR, you have the following rights:
The Right to Access: Upon your request, we will provide you with access to the personal data on you that we process, and we will send you a copy of that data.
The Right to Receive Information: You may contact us at any time with a request to receive more information regarding the following:
- the purposes for which we use your personal data;
- how we categorize your personal data;
- the recipients of your personal data;
- the length of time we store your personal data; and
- your rights as a data subject.
The Right to Portability: You have the right to receive a copy of your personal data from us in a structured and commonly used machine-readable format. You may also request us to transfer such data to another data controller.
The Right to Erasure: You may request us to erase your personal data from our records.
The Right to the Restriction of Use: You may ask us to restrict our use of your personal data so that we can only use your personal data in ways stipulated by you. If you have obtained the right to restrict the use of your personal data, you will be informed beforehand should this right become invalid for any reason.
The Right to Object: In cases in which we rely on our legitimate interest to use your personal data, we must consider and acknowledge the interests and rights that you have under data protection law. Your privacy rights are always protected by appropriate safeguards and balanced with your freedoms and other rights. You have the right to submit an objection at any time to our use of your personal data based on our legitimate interest.
The Right to Withdraw Consent: You have the right to withdraw your consent at any time to our use of your personal data. Please note that a withdrawal of your consent does not affect the legality of the use of your personal data prior to your consent being withdrawn.
Additionally, you have the right to lodge a complaint with the competent Data Protection Authority if you believe your rights regarding our use of your personal data have been violated.
- For all processing of personal data carried out by IDC subject to the GDPR, the competent Data Protection Authority is the Czech Office for the Protection of Personal Data (in Czech: Úřad pro ochranu osobních údajů), with registered office at Pplk. Sochora 27, 170 00 Praha 7, Czech Republic, as the lead Data Protection Authority of IDC.
- For all processing of personal data carried out by IDC subject to the UK GDPR, the competent Data Protection Authority is the Information Commissioner's Office, with registered office at Wycliffe House, Water Lane, Wilmslow SK9 5AF, United Kingdom.
- IDC strives to ensure its security measures are in line with the industry’s best practices to prevent the loss, misuse, or alteration of the information in our possession. We strive to ensure the ongoing confidentiality, integrity, availability, and resilience of our processing systems and services and will aim to restore the availability of personal data and access thereto in a timely manner in the event of a physical or technical incident. We employ various security measures to protect the information we collect, as appropriate to the type of information, including encryption, firewalls, and access controls. IDC further ensures that all individuals who have access to your data and are involved in the collection, processing, use, and/or storage thereof are bound by appropriate confidentiality obligations and have appropriate training.
- You are responsible for keeping confidential any passwords that we give you (or you choose) that enable you to access certain parts of our website. For security reasons, such passwords must not be shared with anyone.
Links to Other Sites
- We may provide references and/or links to other companies, organizations, and/or public institutions on our website that enable you to access their websites directly from ours. The websites of these entities are governed by the entities' own privacy policies. Please note that we are not responsible for the content of such websites and cannot accept responsibility for any issues arising in connection with such third parties' use of your personal data. If you have any queries concerning the way your personal data is processed, used, or stored by such entities, we recommend referring to the privacy policies on the relevant websites.
For all matters related to privacy and the collection, processing, use and storage of your personal data, please contact IDC’s Privacy Compliance Officer at email@example.com.