Specifically, please note that:
- We do not sell lists or usage information;
- We do not accept any advertisements on our website and therefore have no information reporting requirements to any third party.
- The provision of some types of your personal data, such as name, email address, job title, company and business phone number are mandatory for us to be able to provide our products and services to you. The provision of other types of personal data is voluntary and dependent on the type of product or service provided, but if you do not provide your data, you may not be able to enjoy certain features or benefits, which will be indicated to you.
Who Processes Your Data?
For all matters related to privacy and the collection, processing, use and storage of your personal data, or to exercise your rights in relation to your personal data, please contact IDC’s Privacy Compliance Officer at firstname.lastname@example.org.
For more information about IDC, please refer to here.
What Data Do We Collect, Process, Use, and Store When Providing Our Products and Services?
Depending on the product or/and service involved, IDC may collect various data types for distinct purposes. Below, you will find more information on the data collected, processed, used, and stored related to the products and services IDC provides:
Syndicated Research: IDC may use your name and email address, business phone number, information about your organization, your job title, and other information provided by you at the time of registering with idc.com to deliver the Syndicated Research services and products ordered by you or your organization as part of a corporate account. We may also use your contact details to communicate with you when producing reports and other Syndicated Research services and products. In addition, we may log your IP address for security purposes.
In order to enhance our services and in particular, to improve user experience, prevent misuse of IDC services and user accounts, or to provide feedback and usage statistics to our clients, we may track your usage of our services (such as search history). Corporate administrators (hereinafter as "Corporate Administrators") at our client organizations have access to usage statistics for their organization’s account base. If your user account, including personal data, is part of a corporate account, then a Corporate Administrator at your organization may request your user data containing personal data and usage information. Corporate Administrators can access user information only for individuals within their organization’s corporate profile.
Custom Solution Services: IDC may use your name and email address, business phone number, information about your organization, and your job title to provide Custom Solution Services (e.g. consulting and advisory services) ordered by you or your organization. In some cases, IDC may collect additional personal data such as age, gender, race, city of residency, estimated annual income, spending on IT products and services, preferred brands, and vendors, IT and telecommunications vendor used, purchase behavior, etc, for the purposes of understanding market behavior, if mandatory due to the nature of the Custom Solution project.
Events Organization: When organizing conferences, webcasts, networking events, and other events, we may collect the name, email address, job title, company, and business phone number of each participant during the registration process. Alternatively, event participants may be asked to register through the idc.com general registration form as described in Section 2.1(a) above. In addition, we may collect details pertaining to professional profiles, including photos and information from social media profiles, as well as the names and email addresses of contacts from event partners (including sponsors). We may also collect any feedback or information that participants, speakers, and/or partners have volunteered to provide to us via questionnaires submitted prior to, during or after events. We will use such data to organize and market such events, manage event participation, and present details about speakers and sponsors in the programs and/or promotional materials of such events, as well as on our website and via social media. We may share information on participants and speakers other than their contact details with our event partners, as listed on the event website, to prepare, improve, and organize the event, including the collection and review of event statistics, and to ensure that the event's content is relevant to and customized for the event audience.
Some public IDC events may be recorded by means of photographs, audio recordings, and/or videos. Such photographs and recordings may subsequently appear on the respective event website, other relevant website, on social media, in the press, or in promotional materials (such as IDC promotional videos or program guides). All events to be thus documented will be clearly indicated as such. IDC may separately seek your consent prior to recording if you are to feature predominantly in the planned recording (e.g. speakers and participants in interviews).
Based on participants' and speakers’ consent, we may share their contact details with our event partners, as listed on the event website, for follow-up communication, including marketing. We may ask you for such consent during your event registration and/or during the course of the event. The consent you grant to IDC to share your contact details with event partners is unrelated to any consent that you may grant directly to any event partner during event networking, including by allowing an event partner to scan your electronic business card.
Certain Events Organization services may be provided in cooperation with IDC’s parent company, International Data Group (IDG) and your data may be shared with an IDG company to provide the services to you.
If you request us to arrange additional event-related services for you, such as booking accommodation and/or flight tickets, we will also use your personal data to secure the requested arrangements.
Networking tools at events: IDC may provide specific tools during the event to enhance your networking opportunities — in particular, a networking application and electronic business cards, as described below.
Mobile application: An event mobile app may include your name, company, and job title (along with your photo, profile, and social media information, as provided by you) and may be visible to all other event participants. Opting for "private mode” will ensure that your name and contact details do not appear in the application.
Ancillary Services: To provide services related to updates on industry developments, IDC may use your name and email address to deliver these updates to you or your organization. Such services may include newsletters, market updates, market snapshots, and other value-added services or features provided by IDC, whether for remuneration or free of charge.
Irrespective of whether IDC provides its services to you or your organization, we may also process your name and email address and personal data that you provide to us when we ask for your insight in relation to a specific industry or topic (e.g. when you fill out a survey form that we sent to you).
For How Long Do We Store Your Data?
- We will store your personal data for as long as is necessary to provide you with the products and/or services requested by you or your organization; for as long as is reasonably required to store such information for our lawful business purposes, such as exercising our legal rights, or for as long as we are legally obligated to store such information.
- We will store photographs and video and audio recordings from each event for a period of 3 years from the end of the respective event.
- If you consent to us collecting, processing, using, and storing your personal data, we will do so for the duration of such consent — in other words, until such consent expires or is withdrawn. You have the right to withdraw your consent at any time. For more details on the withdrawal of your consent, please see the Your Rights section below.
On What Legal Basis Do We Process, Use, and Store Your Data?
- We process, use, and store your data primarily to perform our obligations under the contracts we have concluded with you or your organization.
- In certain instances, we may also process your personal data based on our legitimate interests. IDC’s legitimate interests include offering and delivering our products and services to business customers, enhancing our customer base, exchanging professional knowledge about the industry, exercising our legal rights, preventing fraud or imminent harm, and ensuring the security and operability of our network and services.
- In specific cases, we process your data based on consent.
Cookies; web analytics
- We may contact you to inform you about IDC news, services, features, and special offers and to invite you to our events that we believe may be of interest to you on the basis of our legitimate interest, including the provision of marketing communications within the limits prescribed by law.
- Your marketing communication preferences may be changed at any time. If you would like to unsubscribe from receiving marketing emails, please follow the "unsubscribe" link and/or instructions which is placed at the foot of every IDC email.
- Please note, however, that we may occasionally send you important information (including via email) about the IDC services you are using or have used, including changes to applicable terms and conditions, and/or other communication or notifications, as may be required to fulfil our legal and contractual obligations. Such communication is not affected by your marketing communication preferences.
How Do We Secure Your Data When It Is Collected, Processed, Used, and Stored by Our Suppliers and Affiliates?
- To comply with legal processes;
- To enforce or defend the legal rights of IDC in connection with corporate restructuring, such as a merger or business acquisition, or in connection with an insolvency situation;
- To prevent fraud or imminent harm; and/or
- To ensure the security and operability of our network and services.
- We share your data with our trusted business partners, who process your data as our vendors and data processors on our behalf and pursuant to our instructions. We strive to select our vendors carefully and ensure they are able to provide adequate data protection and security safeguards.
- When such processors reside in the EU we comply with Article 28 of the GDPR. If such processors reside outside of the European Economic Area, all data transfers are conducted in accordance with Chapter V. of GDPR — in particular, in accordance with adequacy decisions issued by the European Commission or standard contractual clauses (Model Clauses), as applicable.
In relation to the above, we may share your data with the following third parties:
- Suppliers that provide IT support to IDC;
- Suppliers that support our marketing activities;
- Other professional services providers.
What Are Your Rights?
As a data subject under GDPR, you have the following rights:
The Right to Access: Upon your request, we will provide you with access to the personal data on you that we process, and we will send you a copy of that data.
The Right to Receive Information: You may contact us at any time with a request to receive more information regarding the following:
- the purposes for which we use your personal data;
- how we categorize your personal data;
- the recipients of your personal data;
- the length of time we store your personal data; and
- your rights as a data subject.
The Right to Portability: As applicable under Article 20 of GDPR, you have the right to receive a copy of your personal data from us in a structured and commonly used machine-readable format. You may also request us to transfer such data to another data controller.
The Right to Erasure: You may request us to erase your personal data from our records.
The Right to the Restriction of Use: You may ask us to restrict our use of your personal data so that we can only use your personal data in ways stipulated by you. If you have obtained the right to restrict the use of your personal data, you will be informed beforehand should this right become invalid for any reason.
The Right to Object: In cases in which we rely on our legitimate interest to use your personal data, we must consider and acknowledge the interests and rights that you have under data protection law. Your privacy rights are always protected by appropriate safeguards and balanced with your freedoms and other rights. You have the right to submit an objection at any time to our use of your personal data based on our legitimate interest.
The Right to Withdraw Consent: You have the right to withdraw your consent at any time to our use of your personal data. Please note that a withdrawal of your consent does not affect the legality of the use of your personal data prior to your consent being withdrawn.
- Additionally, you have the right to lodge a complaint with the competent Data Protection Authority if you believe your rights regarding our use of your personal data have been violated.
- As a data subject in Hong Kong, you have the right to access personal data that we hold concerning you (Paragraph 8.2(a)) and to request the correction of such data if it is inaccurate (Paragraph 8.2(e)).
- IDC strives to ensure its security measures are in line with the industry’s best practices to prevent the loss, misuse, or alteration of the information in our possession. We strive to ensure the ongoing confidentiality, integrity, availability, and resilience of our processing systems and services and will aim to restore the availability of personal data and access thereto in a timely manner in the event of a physical or technical incident. We employ various security measures to protect the information we collect, as appropriate to the type of information, including encryption, firewalls, and access controls. IDC further ensures that all individuals who have access to your data and are involved in the collection, processing, use, and/or storage thereof are bound by appropriate confidentiality obligations and have appropriate training.
- You are responsible for keeping confidential any passwords that we give you (or you choose) that enable you to access certain parts of our website. For security reasons, such passwords must not be shared with anyone.
Links to Other Sites
- We may provide references and/or links to other companies, organizations, and/or public institutions on our website that enable you to access their websites directly from ours. The websites of these entities are governed by the entities' own privacy policies. Please note that we are not responsible for the content of such websites and cannot accept responsibility for any issues arising in connection with such third parties' use of your personal data. If you have any queries concerning the way your personal data is processed, used, or stored by such entities, we recommend referring to the privacy policies on the relevant websites.
For all matters related to privacy and the collection, processing, use and storage of your personal data, please contact IDC’s Privacy Compliance Officer at email@example.com.