OPI GDPR

We, Office Products International Ltd (OPI), use your personal data to provide our services to you. We have described how we collect, store and use your data in this Privacy Policy. We take seriously our responsibilities to look after your data and we are committed to protecting your privacy under the latest General Data Protection Regulation (EU) 2016/679. There are steps you can take to control what we do with your data and we have explained those steps in this Privacy Policy.

When we talk about data and personal data in this Privacy Policy, we mean personal data which identifies you or which could be used to identify you such as your name, email, address, etc. It may also include information about how you use our websites and mobile applications.

  • Who is responsible for your data?

Office Products International Ltd is responsible for your data. Our registered address is 112 Clerkenwell Road, EC1M 5SA. We are registered as a company in England and Wales under company number 2546641. We are the data controller of the data which we collect from you, and as such, we control the ways your personal data is collected and the purposes for which your personal data is used.

  • Personal data we collect about you

Depending on how you use our services and our website, we might collect the following kinds of information about you:

Your name and contact details (email address, telephone number, address)
  • When you create an account with us
  • When you book an event with us
  • When you buy one of our products
  • When you enter a competition
  • When you fill in forms on our website
  • When you subscribe to our newsletter
  • When you vote for OPI Awards
Communication we have with you (emails, letters, telephone calls, messages sent to us through our social media platforms)
  • When you get in touch with us
  • Reminders of your subscription details
  • Newsletters
  • Confirmations of your subscription
Information about you, your location and how you use our website, mobile application, information about your interests and preferences. See more information below under the heading ‘How we use your data to personalise the service we offer you’
  • When you use our website
  • When you accept our cookies placed on your device
  • When you update your account information
  • When you open our marketing emails
  • When you click on our banner adverts
  • When you fill in forms on our website
  • When you get in touch with us
  • When you opt in to receiving messages from us
Payment card details. Your card details are stored and protected in accordance with best industry practice
  • When facilitating payment by card

We don’t collect any sensitive personal data.

  • How we use your data

We can only use your personal data if we have a proper reason for doing so. According to the law, we can only use your data for one or more of these reasons:

  • To fulfil a contract we have with you
  • If we have a legal duty to use your data for a particular reason
  • When you consent to it
  • When it is in our legitimate interests

Reasons we use your personal data for:

  • To provide services to you, as requested
  • To keep our records up to date
  • To communicate with you and manage our relationship with you
  • To manage our relationship with you
  • To personalise and improve your customer experience
  • To fulfil our contracts, provide our services and fulfil our legal duties
  • To inform you about our news and offers that we think you might be interested in
  • To identify ways to improve the way we deliver information to you
  • To fulfil our administrative purposes including accounting, billing and audit

 

  • Marketing: How to manage the marketing messages you receive

We may send you marketing communications by email if you have indicated that you are happy to receive such emails or if you bought one of our products and you have not told us that you no longer wish to receive marketing emails. Our marketing communications include information about our new and existing products, special offers we think you might like and the services included in your membership.

If you have previously opted-in to receiving emails from us, you can opt out of receiving marketing emails by clicking on the unsubscribe link which we include in all our marketing emails or by emailing us at memberships@opi.net

Please note that if you ask us to stop sending marketing emails, we will keep a note of your personal information and your request so that we can make sure you are excluded from the emails when they are sent out.

  • How long we keep your data

We keep your data only for as long as we need it. How long we need data depends on what we are using it for, whether that is to provide services to you, for our own legitimate interests or so that we can comply with the law.

We actively review the information we hold and when there is no longer a customer, legal or business need for us to hold it, we will either delete it securely or in some cases anonymise it.

  • How we protect your data

We protect your personal data against unauthorised access, unlawful use, accidental loss, corruption or destruction.

We use technical measures such as encryption and password protection to protect your data and the systems they are held in. We also use operational measures to protect the data like limiting the number of people who have access to the databases in which our booking information is held, using anti-virus protection software, periodic scans etc.

We keep these security measures under review and refer to industry security standards to keep up to date with current best practice.

Unfortunately, the transmission of information via the internet is not completely secure.  Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to the site and any such transmission is at your own risk.  Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

  • Sharing your data

We share some of your personal data with, or obtain personal data from, the following categories of third parties:

Suppliers which provide services to us:

Mailchimp – Email marketing service provider – for sending out daily news https://mailchimp.com/legal/privacy/

Infusionsoft –  CRM – in order to keep your records https://www.infusionsoft.com/legal/gdpr

WordPress – Website platform – in order to be able to log in on the website https://wordpress.org/about/privacy/

Etouches – events platform – when you register for an event https://www.etouches.com/event-software/privacy-policy/

Shopify – payment processing platform https://help.shopify.com/manual/your-account/GDPR

Judgify – voting platform –  when you vote for our awards https://www.judgify.me/l/privacy

Xero – accountancy platform – in order to invoice clients https://www.xero.com/uk/about/terms/privacy/

All of our third-party providers are GDPR compliant.

Data analytics companies and advertisers:

Doubleclick – Google Advertising Platform

Google Analytics – Google

Both platforms use encrypted information that can’t identify our users.

Your credit and debit card information:

In order to process payments and prevent and detect fraud, we process payment card data through our payment card and fraud management services providers.

  • Sending data outside of the European Economic Area

We will only send data outside of the European Economic Area (‘EEA’) to work with our advisers who we use to deliver services to you or to comply with a legal duty. If we do transfer data outside the EEA, we will make sure that it is protected in the same way as if it were being used in the EEA. We will use one of the following safeguards to ensure that it is protected:

  • Transfer the data to a non-EEA country which has privacy laws at least as protective as those within the EEA
  • Put in place a contract with the recipient of the data which means the recipient must protect the data to the same standards as required within the EEA
  • Transfer it to organisations which are part of the Privacy Shield. The Privacy Shield is a framework which sets out the standards for data to be sent between the United States and European countries. The Privacy Shield ensures that data is protected to the same standards as used within the EEA.
  • Your rights

You are entitled to see copies of all personal data held by us and to amend, correct or delete such data. You can also limit, restrict or object to the processing of your data.

You can use the Manage Membership page in order to change your details, after logging into your account or you can message us at memberships@opi.net

To raise any objections or to exercise any of your rights, you can send an email to us at gdpr@opi.net or you can write to us at: Data Protection, Office Products International Ltd, 112 Clerkenwell Road, 2nd floor, London EC1M 5SA. You can also use the contact form at the end of the page.

When you get in touch, we will come back to you as soon as possible within one month after we verify your identity.

  • Complaints

If you have any complaints concerning OPI’s processing of your personal data please email us at gdpr@opi.net or write to us at: Office Products International Ltd, 112 Clerkenwell Road, 2nd floor, London EC1M 5SA

If you have any data breaches to report, please use the form at the end of the page.

Please note that you have the right to file a complaint with the supervisory authority which is responsible for the protection of personal data in the country where you live or work, or in which you think a breach of data protection laws might have taken place. You can do this by contacting the Information Commissioner’s Office by telephone on 0303 123 1113, or by using the live chat service which is available through the Information Commissioner’s website www.ico.org.uk.

  • Contact us

You can write to us at Data Protection, Office Products International Ltd, 112 Clerkenwell Road, 2nd floor, London EC1M 5SA, or you can send an email to us at gdpr@opi.net. Alternatively you can call us at  +44 20 7841 2950.

Additionally, you can use the forms below in order to report a data breach or to ask for your personal records.

Reporting Personal Data Breaches Form

Should you wish to report a Personal Data breach, please use the form below:








 

————————–

Request for access to personal data 

If you would like to receive detailed information about all personal date we process, please use the form below. We will get back to you to confirm your identity and afterwards provide you the requested information: