Privacy and Cookie Policy

Privacy Notice

Experience North East England Privacy Notice

About This Notice

This privacy notice explains what happens with any personal data we gather from you. This may be in your capacity as a supplier to us, as a contact to whom we send information about our events and activities, or as a recipient of any service we provide.

The notice deals with how we use your data in relation to:

  • Any business relationship between us
  • Enabling you to attend our events and use our services
  • Notifying you of events and our marketing activities to you
  • Your use of our website

We recognise our obligations under data protection legislation and are strongly committed to keeping your personal data safe and secure. We reserve the right to amend this privacy notice from time to time. Where we make material changes, we will notify you directly rather than relying solely on a website update.

If you visit a website operated by a third party through a hyperlink on our website, your information may be used differently by the operator of that linked website.

Who We Are

Experience North East England is a new legal entity and the data controller responsible for your personal data.

Our registered address:

Neville Hall

Westgate Road

Newcastle upon Tyne

NE1 1SE

Registration number with the Information Commissioner's Office: Z6329568

If you have any questions regarding this notice or how we process personal data, please contact our Data Protection Representative:

Email: dataprotection.representative@experiencenee.co.uk

Address: Experience North East England, Neville Hall, Westgate Road, Newcastle upon Tyne, NE1 1SE

Telephone: +44 (0)191 440 5720

What Data Do We Gather About You?

In connection with our dealings with you, we will gather the following information:

  • Contact details including name, email address, telephone number and postal address
  • IP address and device information
  • Records of any correspondence with you if you contact us
  • Survey responses if we ask you to complete surveys for research purposes (you do not have to respond)
  • Details of transactions you carry out with us (including through our website) and the fulfilment of orders
  • Details of your visits to our website, including traffic data, location data, weblogs and other communication data, and the resources you access
  • Professional information where you engage with us as a representative of a partner organisation

  • Details of other dealings we have with you

We do not routinely collect special category data (such as health, ethnicity or religious information). Where we do (for example, if you tell us about a disability to enable reasonable adjustments), we will handle it with additional care and seek your explicit consent. We do not knowingly collect personal data from children under 13.

How Do We Collect Your Data?

We collect data about you from the following sources:

  • Information you provide via our website, including through online forms or by visiting the website
  • Information you provide when attending events organised by us, including in person, via video call or via webinar platforms
  • Professional information you provide as a representative of a partner organisation
  • Information you provide through other interactions with Experience North East England
  • Information you provide for research purposes such as event surveys or market research (with informed consent only)
  • Information we generate through our observation of our interactions with you
  • Information you provide as a volunteer for an Experience North East England or partner-led event

  • Data collected automatically through cookies, analytics tools and advertising pixels on our website (see the 'IP Addresses and Cookies' section below)

How Do We Store Your Data and Keep It Secure?

The security of your data is very important to us. We use strict and up-to-date security methods to keep your personal data secure and to prevent unauthorised or unlawful access, and against accidental loss of or damage to personal data. All information you provide is stored on secure servers and in secure filing systems.

We have in place policies, procedures and technologies to maintain the security of all personal data from collection through to destruction. We ensure your personal data is only accessible by those who need it for their specific role and who have agreed to keep it confidential. We will only transfer personal data to a third party if that party agrees to comply with our procedures and policies, or implements adequate technical and organisational measures themselves.

In the event of a personal data breach, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware of it, where required by law. Where a breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

How and Why Will We Use Your Data?

We will usually only process your personal data where you have given your consent or where processing is necessary:

  • For the purposes of a contract we have with you
  • To comply with our legal obligations

  • To pursue our legitimate interests, such as: operating our business effectively; promoting and improving our business; and maintaining network and information security

Where we process your data on the basis of legitimate interests, we have carried out a Legitimate Interests Assessment (LIA). You may request a copy of any relevant LIA by contacting us at the address below. You also have the right to object to processing based on legitimate interests. If you do so, we must cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or that processing is required for legal claims.

If you are volunteering, we may use your data for accreditation, scheduling, notifying you of shifts, and contacting an emergency contact you have provided if necessary. This information may also be shared with delivery partners when required.

Consent-Based Processing

We may rely on your consent in certain circumstances, including:

  • To send you marketing materials by email, text or social media. We will only send marketing communications if you have given your consent. Every communication will include an unsubscribe option.
  • For some marketing-related purposes, for example using an image taken of you at one of our events
  • To process sensitive data if you tell us about a disability or health condition, so we can make reasonable adjustments at our events or venues
  • For surveys we send relating to our events, webinars or market research projects

  • For cookies and similar technologies, including analytics and advertising pixels. See our Cookie Policy for full details. Our cookie banner provides equally prominent options to accept or reject non-essential cookies, with no pre-ticked boxes or dark patterns.

If you have given consent to processing your personal data, you have the right to withdraw that consent at any time. To do so, contact us using the details in the 'Who We Are' section above.

How We Use Your Data 

We use the data we collect to help us operate efficiently and deliver our services. This may include:

  • Ensuring content from our website is presented effectively for you
  • Managing any account you open through our website
  • Providing you with information, products or services that you request or which we feel may interest you, where you have consented
  • Informing you about events, briefings and webinars, and contacting you regarding dealings between us
  • Allowing you to participate in interactive features of our website
  • Notifying you about changes to our websites, products or services

We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregated, anonymised information about our website users. We may use data we have collected to enable us to display relevant advertising to target audiences.

If you visit our website but do not complete any forms, we will not make routine use of your personal data other than in statistical, anonymised form through Google Analytics. Unless you complete a form, we cannot generally identify you as an individual. Please note we currently use Google Analytics in its standard configuration. If you wish to opt out of analytics tracking, you can use the Google Analytics Opt-out Browser Add-on or adjust your cookie preferences via our cookie banner.

How We Keep Your Data Accurate 

We will keep the personal data we store about you accurate and up to date, and take every reasonable step to erase or rectify inaccurate data without delay. Please tell us if your personal details change or if you become aware of any inaccuracies in the data we hold about you.

How Long Will We Keep Your Data? 

We will not keep your personal data for longer than is necessary for the purposes for which we process it. The table below sets out our standard retention periods by data category:

Data Category

Data Category
Retention Period
Why we keep it this long
Marketing contact data
2 years from the last engagement
Legitimate interests: kept while interest is reasonably current; deleted after 2 years of no engagement
Event attendee data
12 months after the event
Contractual obligation and legitimate interests: retained for post-event follow-up and dispute resolution
Enquiry and correspondence records
3 years
Legitimate interests: retained to handle follow-up queries and potential complaints
Supplier and partner records
7 years after contract ends
Legal obligation: financial records required under HMRC guidance
Volunteer records
Duration of engagement plus 1 year
Contractual and legitimate interests: retained for reference and accreditation purposes
Website analytics data (anonymised)
26 months
Legitimate interests: standard Google Analytics data retention window
Cookie consent records
1 year from consent
Legal obligation: to demonstrate valid consent was obtained

Data will be securely destroyed or erased from our systems at the end of the applicable retention period. If you have a question about retention of a specific category of data, contact us using the details in the 'Who We Are' section.

Your Rights in Respect of Your Personal Data 

Under UK GDPR you have the right to:

  • Request access to any personal data we hold about you (subject access request). We will respond within one calendar month. You must provide sufficient evidence of your identity and sufficient details to enable us to locate the data.
  • Ask us to remove you from a mailing list. An unsubscribe option is included in all direct marketing communications.
  • Correct any errors in information we hold about you
  • Have incomplete personal data completed
  • Have personal data erased (the 'right to be forgotten'). Note that this right is not absolute and may not apply where we have a legal obligation or legitimate interest to retain data.
  • Have the processing of your personal data restricted
  • Receive the personal data you have supplied to us in a portable, machine-readable format
  • Object to processing based on legitimate interests, automated processing (including profiling), or processing for direct marketing purposes
  • Not be subject to a decision based solely on automated processing that produces a legal or similarly significant effect.

To exercise any of the above rights, please make your request in writing to the address in the 'Who We Are' section. We will respond within one calendar month. Some rights are restricted in certain circumstances, and we will explain any such restriction when we respond.

Who Will Have Access to the Data We Hold? 

Our employees who need to access your data will do so in order to provide services to you. All employees receive annual data protection training and understand the requirement to keep your information confidential.

We also use third-party service providers (sub-processors) who may process personal data on our behalf. We carry out due diligence on all service providers and ensure we have a Data Processing Agreement (DPA) in place with each one. A full list of our current sub-processors is set out in the 'Third-Party Processors and International Transfers' section below.

Other than to employees and our sub-processors, we will not disclose your personal data to a third party without your consent, unless we are satisfied that they are legally entitled to the data.

We may disclose your personal data to third parties:

  • If we or substantially all of our assets are acquired by a third party, personal data held by us may be one of the transferred assets
  • If we are under a legal duty to disclose or share your personal data, or to protect the rights, property or safety of Experience North East England, our customers, suppliers or other employees. This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction.
  • If you are volunteering on an event, your information will also be used by the lead delivery partner for that event

You are entitled to request details of the recipients of your personal data or the categories of recipients.

Third-Party Processors and International Transfers 

Following the UK's departure from the EU, data transfers are now governed by the UK GDPR and the Data Protection Act 2018. We will not transfer your personal data outside the UK unless the transfer complies with the law, specifically unless:

  • The UK Secretary of State has issued an adequacy regulation confirming adequate protection in the destination country
  • The transfer is subject to appropriate safeguards, such as the ICO's International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses
  • We are otherwise lawfully permitted to do so

The table below lists all third-party processors we currently use, the purpose of processing, the location of their servers, and a link to their own privacy policy. Where processors are based in the USA, transfers take place under the ICO's IDTA or equivalent approved safeguards.

Third-Party Processors and International Transfers

Processor
Purpose
Location
Further Information
Mailchimp (Intuit Inc.)
Email marketing and mailing list management
USA
https://mailchimp.com/legal/privacy/
Nimble CRM
Customer relationship management and contact data storage
USA
https://www.nimble.com/company/privacy/
Eventbrite
Event registration and ticketing
USA
https://www.eventbrite.co.uk/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy
Cvent
Research surveys and event management
USA
https://www.cvent.com/en/privacy-policy
Meta Pixel (Facebook/Instagram)
Social media advertising measurement and remarketing
USA
https://www.facebook.com/privacy/policy/
LinkedIn Insight Tag
Professional audience advertising measurement and remarketing
USA
https://www.linkedin.com/legal/privacy-policy
AWS: Cloud hosting provider
Secure storage of website and system data
USA
https://aws.amazon.com/privacy/
Google Analytics (GA4)
Website analytics and visitor measurement
USA
https://policies.google.com/privacy
Google Ads / Marketing Pixels
Digital advertising measurement and remarketing
USA
https://policies.google.com/privacy

Some personal data is also stored on cloud systems whose servers may be based outside the UK. We ensure all such arrangements include appropriate transfer safeguards. This list is reviewed and updated at least annually.

IP Addresses and Cookies 

We may collect information about your device, including your IP address (where available), operating system and browser type, for system administration and to compile aggregated, anonymised statistics. This data does not identify any individual.

Our site uses cookies and similar tracking technologies. A cookie is a small file placed on your device that helps us distinguish you from other users, improve your browsing experience, and deliver a more personalised service.

We use the following categories of cookies and tracking technologies:

  • Essential cookies: necessary for the website to function. These cannot be switched off.
  • Analytical cookies (Google Analytics GA4): used to count visitors and understand how users navigate the site. These require your consent.
  • Marketing and advertising pixels: we use Google Ads conversion tracking, the Meta (Facebook/Instagram) Pixel and the LinkedIn Insight Tag to measure the effectiveness of our digital advertising campaigns and to serve relevant ads. These require your consent.
  • Session cookies (temporary): to maintain your session with the server. Deleted when you close your browser.
  • Persistent cookies: remain on your device for a set period or until deleted, used for specific functions such as remembering your preferences.

Our cookie banner gives you equally prominent options to accept or decline non-essential cookies. You can change your preferences at any time by revisiting the cookie settings on our website. Blocking some types of cookie may affect your experience of the site.

Website Analytics 

In addition to information you provide when registering, we collect the following through our website analytics:

  • Details about which of our services you use
  • Information about each visit to our website and the pages you visit
  • Information from forms you complete

  • Information from content you download

Website analytics data is collected via Google Analytics (GA4) and is anonymised before processing. We retain this data for 26 months in line with Google's standard retention settings. You can opt out at any time using the Google Analytics Opt-out Browser Add-on or by adjusting your cookie preferences.

Embedded Content from Other Websites 

Pages on our website may include embedded content from third-party platforms such as YouTube, Vimeo, or social media channels. Embedded content behaves in the same way as if you had visited those other websites directly, and those websites may collect data about you, use cookies, embed additional tracking, and monitor your interaction with the content.

Where possible, we use privacy-enhanced embed options (such as YouTube's youtube-nocookie.com domain) to limit data collection. Please refer to the privacy policies of each third-party platform for details of how they handle your data.

Your Right to Make a Complaint 

Any complaints about our handling of personal information should be sent in the first instance to our Data Protection Representative using the contact details in the 'Who We Are' section. If your complaint relates to data held by an organisation with which we share information, please let us know.

We aim to respond to your complaint within 20 working days of receiving it. You have a right of appeal against any decision we make, which we will explain in our response. We review our policies and procedures in light of all justified complaints.

If you are not satisfied with our response, or you have concerns about our processing of your personal data, you have the right to complain to the Information Commissioner's Office (ICO):

  • Telephone: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
  • Online: ico.org.uk/make-a-complaint

Be the first to know

Discover new experiences, events, industry insights and opportunities direct to your inbox. Keep connected and inspired.

Subscribe to our newsletter
1025810 199