Twenty-First Century Fox, Inc. (“Company” or “we”), which can be contacted at the email address [email protected], wants to inform you about how we collect, use and disclose personal data from and about you, through this website, www.21CF-Offer-For-Sky.com (the “Site”).
The Company is the data controller of the personal data we collect from and about you through the Site.
2. What kind of personal data do we collect about you?
The Company might collect data from and about you.
More specifically, the Company collects (1) contact information, and (2) activity data.
However, we do not collect either financial information or sensitive data relating to you.
3. Why do we collect your personal data?
The main reason why we collect data about you is to provide you with the Site and to allow you to interact with its functionality.
4. On what legal bases do we process your personal data?
Your personal data is mainly collected in order to provide you with the Site.
Your personal data is also necessarily collected in connection with the legitimate interest of the Company.
Failure to provide such data will make it impossible to offer you the Site.
5. How do we process your personal data?
The security of your data is a priority for us. For this purpose, the Company has implemented adequate administrative, technical and physical measures designed to safeguard your personal data against loss, theft and unauthorized use, disclosure or modification.
6. Who has access to your personal data?
The Company might share your personal data with (i) service providers, (ii) our affiliated companies and (iii) national authorities, when allowed by the applicable laws.
7. Is your personal data transferred abroad?
Your personal data might be transferred to other countries within or outside the European Economic Area. In any case, we always make sure that appropriate and suitable safeguards compliant with applicable laws are in place to protect your personal data.
8. What are your rights with regard to your personal data?
You have, among others, the right to access, complete, update, amend and delete your personal data.
9. What is going to happen on May 25, 2018?
The EU General Data Protection Regulation 2016/679 becomes effective on May 25, 2018, introducing, among others, additional rights for individuals.
11. How can I contact you with regard to the processing of my personal data?
You can contact us at the following email address [email protected].
The Company collects (1) contact information, when you provide it, and (2) activity data when you access and interact with the Company Site. More in particular, the Company collects the following types of data from and about you:
We do not collect:
• Financial information.
• Sensitive information: we ask that you do not send us, and you do not disclose, any sensitive personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Site or otherwise.
Do Not Track Signals. At this time we do not respond to browser‘Do Not Track’ signals, as we await the work of interested stakeholders and others to develop standards for how such signals should be interpreted.
We use the personal data we collect from and about you to:
a) Provide the Site and associated functionality to you;
b) Measure and improve the Site and its features;
c) Respond to your inquiries;
e) Comply with the law or to respond to requests from public and government authorities;
f) Complete a corporate transaction, such as a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of Company business, assets or stock (including in connection with any bankruptcy or similar proceedings). For example, if the Company is involved in a merger or transfer of all or a material part of its business, the Company may transfer your information to the party or parties involved in the transaction as part of that transaction.
We may use anonymized personal data or information that no longer identifies you personally, even indirectly (e.g. statistics), for additional purposes or share it with third parties.
The processing of your personal data for the purposes of:
With regard to the above mentioned purposes, the data is processed through both electronic and manual means, and is protected through adequate security measures, taking into account the state of art, the costs of implementation and the nature, scope, context and purpose of processing as well as the risk of varying likelihood and severity for the rights and freedoms of individuals. With this regards, the Company uses appropriate administrative, technical, personnel and physical measures to safeguard personal data in its possession against loss, theft and unauthorized use, disclosure or modification.
Third party service providers entrusted with processing activities and duly appointed as processors when required by applicable laws, e.g. cloud service providers, other entities of the group, providers of services instrumental to or supporting the Site - and thus, by way of example and without limitation, companies that provide IT services, experts, consultants and lawyers;
Companies resulting from corporate transactions, such as through possible mergers, demergers, or other transformations;
Company Affiliates, in their capacity of data controllers or data processors; a Company Affiliates list is available here: www.21cf.com; and
Competent national authorities in order to comply with applicable laws.
Your personal data may be transferred to countries within and outside the European Economic Area, in particular the United States. Some non EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards designed to protect your personal data and the transfer of your personal data in compliance with applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679 (the “Privacy Regulation”).
You have the right, at any given time, to:
a) Obtain confirmation as to whether or not your personal data exist and to be informed of its content and source, verify its accuracy or request rectification, update or amendments;
b) Request the deletion, conversion to an anonymous form or restriction of any personal dataprocessed in breach of applicable law;
c) Oppose its processing, in all cases, for legitimate reasons.
Remember that even after you ask us to delete your personal data, copies of some information may remain viewable in some circumstances where, for example, you have shared information with other services or, for example, when retention of such copies is necessary to comply with legal obligation or legal defense. Because of the nature of caching technology, your data may not be instantly inaccessible to others. We may also retain backup information on our servers for some time after your request for deletion, to comply with applicable law.
In all the above cases, we may contact you and ask you for more information, that is necessary to properly handle your request.
Also, the additional rights outlined in Section 9 below will be effective from May 25, 2018.
On 25 May 2018, the Privacy Regulation becomes effective and the following provisions will apply:
A. Retention period applying to your personal data
At the end of the retention period your personal data will be either cancelled, anonymized or aggregated.
B. Additional rights
a) Request to Company to limit the processing of your personal data where:
• You contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
• The processing is unlawful but you do not want us to erase the data;
• We no longer need the personal data for the purposes of the processing, but you require the personal data for the establishment, exercise or defense of legal claims; or
• Where you have objected to processing justified on legitimate interests grounds pending verification as to whether the Company has compelling legitimate grounds to continue processing.
b) Object to the processing of your personal data;
c) Request the erasure of your personal data without undue delay;
d) Receive an electronic copy of your personal data, that you have provided to us, if you would like to port your personal data to yourself or a different provider (“data portability”), when the personal data is processed by automatic means and the processing is either (i) based upon your consent or (ii) the fact that the processing is necessary for the provision of the Company Site; and
e) Lodge a complaint with the relevant supervisory authority. The UK supervisory authority for data protection issues is the Information Commissioner's Office (www.ico.org.uk).