We respect and are committed to protecting your privacy. This privacy notice explains what personal data we hold about you, how we collect it, and how we use and may share information about you. It also contains important information about your rights in relation to your personal data, and how to contact us or supervisory authorities in the event you have a complaint.
We may have other unique privacy notices that apply to certain specific situations, such as privacy notices for specific Products and Services in various specific circumstances or locations. To the extent you were provided with a different privacy notice, and the provisions of that privacy notice apply with regards to the specific relationship we have with you, that privacy notice will govern our interactions with you, not this one.
Please carefully review this privacy notice. To the extent permitted by applicable law, by providing us your personal data or otherwise interacting with us, you are agreeing to this privacy notice.
Generally, we will be a data processor for the services we provide to our clients, but in some cases, we may be a data controller.
Employees of Hanover Communications International Limited should, however, refer to the internal employee privacy notice which contains specific information for them.
Where you access our website as a potential candidate for a role within this organisation information specific to you as a candidate can be found here.
We are:
[Hanover Communications International Limited (“we” “us” “our”), Riverside House, 2A Southwark Bridge Rd, London SE1 9HA, company registration 03559699 is the data controller and responsible for your personal data (referred to as “we” “us” “our”) and is part of the Avenir Global Group of Companies. Hanover Communications International Limited is registered with the Information Commissioners Office registration reference ZA157021.]
Our Data Protection Officer is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact our Data Protection Officer at [email protected] or contact us at the address provided above.
In this privacy notice, the terms “personal data”, “processing”, “data controller” and “data processor” shall have the meaning ascribed to them in the UK General Data Protection Regulation 2018 (UK GDPR).
Personal Data we may collect
Most of the personal data we may process comes directly from you when you provide information to us, for example, when you complete the contact form. Other data may come from social media accounts, public sources and your device.
The personal data we may collect is the following:
personal details (e.g., name, occasionally age or date of birth);
contact details (e.g., phone number, email address, postal address or mobile number);
Job details (job role, employer or profession);
transactional details (e.g., the reason for the contact, what services are being provided, etc.);
financial information (e.g., bank account number, payments, financial history);
Political opinions, personal opinions published on public forum (e.g., where you have stated your opinion in a news article or on social media);
Complaints you make public or opinions you share publicly regarding our clients’ products or services.
· Technical information such as account username and password, and Internet Protocol address (commonly referred to as an “IP address”) browser type, browser language, device type, advertising IDs associated with your device (such as Apple’s Identifier for Advertising (“IDFA”) or Android’s Advertising ID (“AAID”)), the date and time you use our website, Uniform Resource Locators (“URLs”), i.e., website addresses, visited prior to arriving and after leaving our Products and Services, activity on our Products and Services and referring websites or applications, data collected from cookies or other similar technologies, and geolocation information.
If you do not provide personal data that we request, it may mean that we are unable to provide you with the services and/or perform all of our obligations to you.
We will also hold information we collect about you from other sources. We may collect this information on behalf of our clients or on our own behalf in order to build up our knowledge and provide a wider understanding of general trends and your views and opinions on particular subjects that you have already made public. This could include:
the way you are using our websites (see cookie policy for more details);
your interactions with us, for example through various media such as our websites, social media or other channels;
information about payments you make or receive, including the details of the payee or payer (e.g., payments to our suppliers);
our affiliate companies may provide information to us, for example if they refer you to us;
information from credit reference agencies;
publicly available information about you which is available online or otherwise;
organisations that provide their own data, or data from other third parties, to enable us to enhance the personal data we hold, for example Roxhill, Brandwatch, LinkedIn and OpenAlex;
employer information;
We also collect personal data automatically when you use the website and when you navigate through the website. Data collected automatically may include usage details, geo-location data, IP addresses and other data collected through cookies and other tracking technologies. For more information on our use of these technologies, see our Cookie Policy.
We may combine information we collect, whether Personal Data or not, with Personal Data that we may obtain from third parties, including social media sites.
If you give us personal data about other people, then you confirm that they are aware of the information in this privacy notice about how we will use their personal data.
We are committed to protecting the privacy of all our users, especially children. We do not knowingly collect, use, or disclose personal information from children. Our services are not directed at or intended for use by children.
How we use your personal data and the legal basis for doing so
We are can only process your personal data on a basis permitted by law. The legal basis will usually one of the following:
to allow us to take actions that are necessary in order to provide you with the service (to perform our contract with you); for example, to make and receive payments;
necessary for our or your legitimate interests; for example, to help us develop and improve our services;
where we have your consent to do so;
We have set out below, in a table format, a description of all the ways we use the various types of personal information and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data on more than one lawful basis depending on the specific purpose for which we are using your data. Where we are relying on a legitimate interest, these are also set out below:
Purpose/Activity
Lawful basis for processing including basis of legitimate interest
To register you as a new client or supplier. We may obtain the contact details of your representative(s) and directors in the course of undertaking our due diligence.
Necessary for our legitimate interests (to be able to provide services to you or receive services from you, and to protect our business interests).
To manage our relationship with you which will include:
(a) Communicating with you about the service and products we are providing to you or you are providing to us;
(b) To manage complaints, rectify problems and to resolve queries;
(c) Recording telephone calls.
Necessary for our legitimate interests (to keep our records updated, provide a high standard of service, to study how customers use our services, provide solutions to issues raised and to avoid complaints in the future).
To develop and improve products, services and events through assessment and analysis of the information, enhancement of the information through monitoring social data, market and product analysis, and market research.
(a) Necessary for our legitimate interests (to study how customers use our products/services and website, to develop them and grow our business, to increase our information relating to subjects our clients are interested in).
To manage our relationships with suppliers (using personal contact information they have provided); for example, to arrange servicing agreements; contacts and correspondence with suppliers; and to follow up invoice queries, issue escalations and resolutions in line with the agreed contractual terms and conditions. From time to time this supplier information may be used to invite supplier staff to meetings and events.
(a) Performance of a contract with you (the supplier where a sole trader or small partnership);
(b) Necessary for our legitimate interests (to maintain standards of service, run our business efficiently, protect our business interests).
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud
To use data analytics to improve our website, products/ services, events, marketing, customer relationships and experiences.
Necessary for our legitimate interests (to define types of customers/subscribers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).
To comply with regulatory and legal obligations to which we are subject and cooperate with regulators and law enforcement bodies.
(a) Necessary to comply with a legal obligation;
(b) Necessary for our legitimate interests (to protect our business);
(c) For the use of sensitive data, where it is in the substantial public interest.
To make suggestions and recommendations to you about products, services or events that may be of interest to you (unless you have opted out of marketing), including personalising marketing messages.
(a) Necessary for our and your legitimate interests (to develop our products/services or events, provide products of interest to you and grow our business);
(b) Where you are an individual, in relation to electronic marketing, where we have your consent to do so.
In producing audio or video recordings or otherwise obtaining statements from you , or collecting publicly available information that may include Special Category personal data (see below).
(a) Where we process Special Category personal data we will do so only with your consent.
Special categories of data
Some of the information we collect are special categories of personal data (also known as sensitive personal data).
In particular, we may process personal data that relates to your health (such as medical history, illness or ailments), when compiling video, audio recordings or obtaining statements/interviews from you. We may also obtain information about religious beliefs or political or trade union affiliation and political opinions.
Where we process such special category data, we will usually do so on the basis that we have your consent or it is necessary for reasons of substantial public interest. In any case, we will carry out the processing in accordance with applicable laws.
Automated Decision Making and AI
The way we analyse personal data in relation to our services may involve profiling, which is processing your personal data using software that is able to evaluate your personal aspects and determine your employment, interests and concerns as expressed by you or about you in various media . This may include the use of AI. We may also use profiling, or otherwise employ solely automated means, to identify when you have expressed views and opinions that we or our clients are interested in, such as.
Screening social media to identify where you have expressed an opinion relating to a client’s products, services or events;
Screening social media to identify where you have expressed dissatisfaction with a client’s product, services or events;
Identify you as a professional that may be interested in the products, services or events of our clients or ourselves;
Identify you as a professional that may be interested in attending role specific events related to your profession.
Marketing
We may send you messages (by telephone, post, text and email and other digital means) to invite you to events that we believe may be of interest to you and to keep you informed about features of the products and services you use or may be of interest to you. Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests.
Under the Privacy and Electronic Communications Regulations, we may send you marketing communications from us if (i) you have asked for information about our services or (ii) you agreed to receive marketing communications and, in each case, you have not opted out of receiving such communications since. Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However, you can still opt out of receiving marketing emails from us at any time.
Before we share your personal data with any third party for their own marketing purposes, we will get your express consent.
You can ask us or third parties to stop sending you marketing messages at any time logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences; by following the unsubscribe instructions in our marketing messages; contacting the DPO at [email protected] or by contacting us at the address provided above.
Sharing your personal data
We will treat all your personal information as private and confidential. We will not reveal your name, address or any details of your relationship with us to anyone including other companies in our own group, other than in the following cases:
Where another company within our group is providing assistance to enable us to provide you with products, services or events.
Our parent company Avenir Global Inc, based in Canada, requires certain information to provide us with assistance or to verify the continued provision of products, services or events to you.
Our third-party service providers. These may include for example:
those we engage to host and maintain the website and IT systems;
analytics and search engine service providers that assist us in the improvement and optimisation of this website;
payment processing service providers,;
those who produce marketing materials;
those who assist us with or partner with us in marketing campaigns;
those that provide video, audio or other photographic services.
Law enforcement bodies, Courts of law or as otherwise required or authorised by law.
Regulators, trade associations or government bodies for the purposes of resolving complaints or disputes both internally and externally or to comply with any investigation by one of those bodies.
We may also disclose personal data to third parties if we are under a duty to disclose or share personal data relating to you in order to comply with any legal obligation, or in order to enforce or apply our website Terms of Use and other agreements; or to protect the rights, property, or safety of us, our clients, or others.
Before we disclose personal data to a third party, we take steps to ensure that the third party will protect personal data in accordance with applicable privacy laws and in a manner consistent with this Notice. Third parties are required to restrict their use of this personal data to the purpose for which the data was provided.
Sometimes the third party will be outside the European Economic Area (EEA), in which case see below for more information.
Storage and Retention of your personal data
We will continue to process your Personal Data for as long as is reasonably necessary for us to comply with our contractual, legal obligations, or to pursue our legitimate interests. We will retain your Personal Data in accordance with our “Data Retention and Disposal Policy” document. For more information, please contact the Data Protection Officer at [email protected] or contact us at the address provided above.
When deciding what the appropriate time is to keep the data for, we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
In some cases, we may be required by law to retain certain information, which may include personal data, e.g., tax purposes.
In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
If you live in the EU, the personal data relating to you that we collect may be transferred to, and stored at, locations outside the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our service providers.
We may also share personal data relating to you with third parties who are located outside of the EEA, for business purposes and operational, support and continuity purposes, for example, when we use IT service providers or data storage services.
Countries where personal data relating to you may be stored and/or processed, or where recipients of personal data relating to you may be located, may have data protection laws which differ to the data protection laws in your country of residence. By submitting your personal data, you accept that personal data relating to you may be transferred, stored or processed in this way. We take measures to ensure that any international transfer of information is managed carefully and in accordance with data protection law to protect your rights and interests and in accordance with this privacy notice.
These measures include:
Transfers of your personal data to countries which are recognised as providing an adequate level of legal protection for personal data;
We have obtained the consent of data subjects to the international transfer of their personal data;
Transfers within the Avenir Global Group where we have entered into appropriate agreements that give specific contractual protections designed to ensure that your personal data receives an adequate and consistent level of protection wherever it is transferred within the Group;
Transfers to organisations where we are satisfied about their data privacy and security standards and protected by contractual commitments such as signing a UK International Data Transfer Agreement, Standard Contractual Clauses, including with a UK Addendum and, where available, further assurances such as certification schemes; and
The transfer will be to organisations that are part of either the US-EU Data Privacy Framework or the US-UK Data Bridge if transferred to the United States of America.
If none of the above safeguards are available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
You have the right to ask us for more information about our safeguards. Please contact the Data Protection Officer at [email protected] or contact us at the address provided above.
Security of your personal data
Unfortunately, the transmission of information and data via the internet is not completely secure. Although we will do our best to protect personal data relating to you, we cannot guarantee the security of such data transmitted to the website; any transmission is at your own risk. Once we have received personal data relating to you, we use strict procedures and security features to try to prevent unauthorised access. The security of personal data regarding you is a high priority. We take such steps as are reasonable securely to store personal data regarding you so that it is protected from unauthorised use or access, misuse, loss, modification or unauthorised disclosure. This includes both physical and electronic security measures. Examples include the use of passwords, locked storage cabinets and secured storage rooms. Other features include:
storing information on secured networks consistent with industry standards, which are only accessible by those employees who have special access rights to such systems;
using industry-standard encryption technologies when transferring or receiving personal data, such as SSL technology;
restrictions are placed on the electronic transfer of files;
our IT networks undergo regular necessary vulnerability testing to identify and remedy potential opportunities for unauthorised data access; and
robust management of boundary firewalls, access controls, malware protection and patch release processes towards protecting customer data.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
Your rights
You have certain rights regarding your personal data. These include the rights to:
The right to be informed about the collection and the use of your personal data (this privacy notice).
the right to access personal data and supplementary information (a Data Subject Access Request).
the right to have inaccurate personal data rectified, or completed if it is incomplete.
the right to erasure (to be forgotten) in certain circumstances.
the right to restrict processing in certain circumstances.
the right to data portability, which allows the data subject to obtain and reuse their personal data for their own purposes across different services.
the right to object to processing in certain circumstances.
rights in relation to automated decision making and profiling.
the right to withdraw consent at any time (where relevant).
the right to complain to the Information Commissioner.
Where we rely on our legitimate interests to obtain and use your personal data then you have the right to object if you believe your fundamental rights and freedoms outweigh our legitimate interests. Where processing is carried out based upon your consent, you have the right to withdraw that consent.
Your ability to exercise these rights will depend on a number of factors and in some instances, we will not be able to comply with your request e.g., because we have legitimate grounds for not doing so or where the right does not apply to the particular data we hold about you.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.
We ask that you contact us to update or correct your information if it changes or if the personal data we hold about you is inaccurate.
To exercise any of these rights and submit a Data Subject Access Request (DSAR), please contact the Data Protection Officer at [email protected] or contact us at the address provided above.
If you have a concern about the way we are collecting or using personal data relating to you, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office (ICO). The ICO is the UK’s regulator for data protection. Under data protection law you have the right to make a complaint to the ICO if you feel we have not complied with our data protection obligations. You can contact the ICO by:
· Visiting the ICO’s website
· Calling them on 0303 123 1113.
Changes to this Notice
We monitor and regularly update our policies and procedures to maintain the privacy of your personal information. As a result, our privacy notice may change from time to time. Any changes we make to this Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to this Notice. The new terms may be displayed on-screen, and you may be required to read and accept them to continue your use of the website.
Last updated: 9 April 2025.