Privacy Policy

Introduction and contents  

This privacy policy explains how we (Guardian News & Media Limited) collect, use and share your personal data when you work with us as a business client for advertising, including recruitment purposes, via our services at Guardian Advertising, including Guardian Display, Guardian Labs and/or Guardian Jobs  through their associated websites (‘our sites’).

Our values guide everything that we do . We are strongly committed to keeping your personal data safe. This commitment exists throughout the lifecycle of your personal data, from the design of our sites which uses personal data to the deletion of that data.

 

The Sites covered by this privacy policy are:

The services covered by this privacy policy are what are referred throughout the policy as ‘B2B Client Advertising Services’ which includes Recruitment Advertising  and ‘B2B Recruitment Services’ which refers to our Recruiter Services Site, and include: 

  • Guardian Jobs, including Guardian Jobs Recruiter Services; Display Advertising online (jobs.theguardian.com; theguardian.com); Programmatic Advertising; Branded Content; Display advertising in Print (The Guardian, The Observer, The Guardian Weekly), Online, Audio and Video advertising; Events (live and online);

  • Display advertising services including Programmatic Advertising; Branded Content; Display advertising in Print (The Guardian, The Observer, The Guardian Weekly); Digital, Audio and Video advertising; Events (live and online);

This is separate to how we use personal information collected via theguardian.com website. For information on how personal data is used on theguardian.com website, please read the privacy policy here and the cookie policy here.

We think carefully about our use of personal data, and below you can find the details of what we do to protect your privacy. This policy covers, among other topics:

  • Information about your rights, the choices available to you, and our obligations in the European Union, in California, in Australia, and elsewhere

  • Transparency about how we collect and use your personal data, including when and how it is shared

  • Information on how we protect your personal data

  • Information on how we will facilitate your rights and respond to your questions

 

Find out more about how we manage your personal data below:

  1. Introduction and contents

  2. About this privacy policy

  3. Who we are and how to contact us

  4. The types of personal data we collect about you

  5. How we collect personal data

  6. How we use your personal data

  7. Personal data that we receive about you from other organisations

  8. Using children’s personal data

  9. Security of your personal data

  10. When we share or sell your personal data

  11. International data transfers

  12. How long we keep your personal data

  13. How we may contact you

  14. Cookies and similar technologies

  15. Your privacy and data protection rights with regard to the personal data that we hold about you

  16. Your California privacy rights

  17. Your rights under the Australian Privacy Act

  18. Contact us for information about how we use your personal data

  19. Changes to this privacy policy

 

About this privacy policy

This privacy policy explains how we collect, use, share, and transfer, your personal data when you use the services provided on our sites or interact with us; and your data privacy rights. 

Personal data is any information about you by which you are identified or could be identified. This can include information such as:

  • your name, email address (including your work email address where your true name is used), company name, postal address, phone number, mobile number, job title

  • information about your device (such as the IP address, which is a numerical code to identify your device that can provide information about the country, region or city where you are based); and

  • information relating to how you use our sites and services

Some of our other sites provide additional privacy information. You can read that information using these links:

Sometimes our site may contain links to sites and services that are not part of the Guardian family of offerings. These sites and services have their own privacy policies. If you follow a link to these non-Guardian sites and apps, you should read the privacy policy shown on their site.

 

Who we are and how to contact us 

Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU is the data controller in respect of your personal data . This means that we are responsible for deciding how and why we hold and use your personal data when we collaborate with you in relation to our B2B Client Advertising Services.

If you want to contact us, you can do so via your Guardian account manager or you can find our contact details in the “How to contact us” section below.

 

The types of personal data we collect about you 

We collect personal data when you use our sites . Your personal data is used to provide our services, sell advertising space on the site and to analyse how visitors use our sites.  We will only collect your personal data in line with applicable laws. We collect your personal data in various ways:

  • Directly from you, when you sign up for our services, contact us and when you browse our sites

  • personal data we generate about you, e.g. personal data we use to authenticate you, or personal data in the form of your IP address or your preferences

  • personal data we collect from third parties, e.g. personal data that helps us to combat fraud or which we collect, with your permission, when you interact with your social media accounts

More detail about these three categories of personal data are provided below.

The personal data we collect when you use our sites may include:  

  • your name

  • your email address

  • your organisation including details such as business type and industry sector, as well as billing and mailing addresses

  • your job title and details about your role

  • your telephone number (mobile and landline)

  • your company reporting lines and information about other people in your company who you work with 

  • information relating to the services you are using or have purchased

  • information relating to the services you may be interested in

  • Email, contact and conversation history

  • webinar engagement history 

When you log in, you have the option to change and update your personal data.   When we contact you you also have the option to opt out of further communications and be removed from our contact records.  

Personal data we generate about you

We use the personal data collected from you in relation to your interaction with us for B2B Advertising Services and  B2B Recruitment Services for the following purposes: 

  • To set up a contact record and a client account for the services in which you and your organisation may be interested and related internal administrative purposes (such as those we need for accounting and reporting) and to make you aware of any changes to our services

  • Provide the B2B Advertising Services that you register for, including 

    • To send you targeted marketing emails and also, for example, to invite you to our events

    • Sending service emails and updates

    • Sending you marketing communications unless you have opted out, or when permitted by law

  • To generate business leads

  • To improve our services, we use a similar technology to cookies to confirm whether you have opened an email or clicked on a link in the email. We also analyse what services you have purchased or what services you have shown interest in. 

  • Personalising our B2B Advertising Services for you (for example, so you can log in), recognising you when you log into your account on different devices and tailoring your emails

  • For statistical purposes, such as analysing the performance of our site and to understand how visitors use them

  • To respond to your queries and resolve complaints

  • When you register with us for any of our services, you, and your company, are assigned identifiers which could be on a number of platforms (for example on our Recruiters’ Site, or in our CRM and Marketing tools or our finance system) and are used to track activity across the site and for billing purposes. 

  • To provide you with access to marketing tools and jobs boards, and advertising through Jobs, Display, Sponsorship, Births Deaths and Marriages, Classified.  This may include some B2C advertisers

  • For security and fraud prevention and to ensure that our sites are safe, secure and used in line with our terms of use, for example, to comply with applicable laws and regulations

 

How we collect personal data 

We collect personal data about you when you sign up for our services and when you browse our site. This information is used to promote and provide our advertising services covered by this Privacy Policy and analyse how visitors use our site.

We collect personal data when you:

  • set up a Login

  • provide personal data to us when you contact us to enquire about our services or to purchase our services, either via our sites or via telephone or email or when you use the live chat function on our sites to communicate with us

  • register for events, webinars, sign up to receive marketing information or register to download content

  • access our site, through cookies and other similar technology

  • contact members of our sales teams 

 

How we use your personal data

We use personal data collected through our site or when you contact us only when we have a valid reason and the legal grounds to do so. We determine the legal grounds based on the purposes for which we have collected your personal data. 

Legal grounds for using your personal data

The legal ground may be one of the following:

  • Consent: For example, where you have provided your consent to receive email communications and newsletters from us. You can withdraw your consent at any time by replying to the email or by clicking the ‘manage your preferences’ link on the bottom of the email

  • Performance of a contract with you or in order to take steps prior to entering into a contract with you as a representative of your organisation. For example, where you have purchased B2B Advertising Services from us and we need to use your contact details in order to process the order and deliver the service, and manage your account and your order/s

  • Our legitimate interests: Where it is necessary for us to understand our customers, promote our services and operate our site efficiently for the provision of our services. For example, we will rely on our legitimate interest when we carry out marketing analysis to understand our customers to determine what marketing communications may be relevant to them. It is also in our legitimate interest to analyse what content has been viewed on our site and apps, so that we can understand how they are used.

  • Compliance with law: In some cases, we may have a legal obligation to use or keep your personal data.

 

Personal data that we receive about you from other organisations

Adding to or combining the personal data you provide to us

When you sign up to our services we may add to the personal data you give us by combining it with other personal data shared with us by other trusted organisations. 

We also use personal data based on the content you have viewed on our sites and your interaction with the content, so that we can make services more relevant. Sometimes we use data about your interests or demographics that some of our global third parties have collected from you online to add you to these groups, such as Freshdesk and Lead Forensics. Please refer to our cookie policy for more information on how we use cookies.

 

Using children’s personal data

We do not aim any of our products or services directly at children under the age of 13 and we do not knowingly collect personal data about children under 13. 

 

Security of your personal data

We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing and against accidental loss, damage or destruction. You are responsible for choosing a secure password when we ask you to set up a password to access parts of our sites or apps. You should keep this password confidential and you should choose a password that you do not use on any other site. You should not share your password with anyone else, including anyone who works for us. Unfortunately, sending any information, including personal data, via the internet is not completely secure. Although we will do our best to protect your personal data once with us, we cannot guarantee the security of any personal data sent to our site while still in transit and so you provide it at your own risk.

 

When we share or sell your personal data

Within the Guardian group of companies 

Depending on where you live, we may share your personal data within the Guardian group of companies in the UK, US, or Australia. We may share it in order to perform a contract with you, for administrative purposes, or when we have a legitimate interest in doing so. For example:

  • If you are going to one of our events hosted by an event partner, we may share your personal data with that partner for event administration purposes

  • Sometimes we may receive a letter, email or another form of communication from you that we consider to be significant to the history of the Guardian. We may decide to share this with the Guardian Archive run by the Guardian Foundation for historic and archiving purposes

  • We may share your data to understand how you interact across our group products or to tailor and offer relevant services  to you.

With external organisations

We share your personal data with other organisations that are not directly linked to us under the following circumstances:

Service providers - We may share your data with other organisations that provide services on our behalf. We may do this to perform a contract we have entered into with you, where it is in our legitimate interests or with your consent. Examples of when we may share your data with service providers include sharing with:

  • website hosting providers, such as Madgex and Visible Dots

  • fraud management providers that help us to identify and prevent online fraud

  • internet and cloud hosting services providers, such as Amazon Web Services (AWS)

  • software service providers such as Salesforce and Pardot that assist us with our relationship management

  • communications services providers, such as our podcast service provider called Acast

  • error tracking software providers, such as Sentry and Google Firebase, to help us diagnose and fix errors and optimise the performance of our website and apps

  • service providers that help us carry out analytics, facilitate audience creation and segmentation and to measure our audience engagement. For example, Permutive provides us with data management platform services

  • service providers that help provide us with insights and analytics that help us to improve our products and services. For example, we use Google Analytics to understand how visitors engage with our sites or apps . If you don’t want Google Analytics to be used in your browser, you can install the ‘Google Analytics Opt-Out Browser Add-On’, provided by Google

  • data management companies, such as Freshdesk, that help us collect data via online forms, surveys and chat and Lead Forensics to identify potential business leads.

  • Webinars hosting for example through Zoom 

Advertising partners - We may also share your data collected through our sites with our advertising partners, as set out in our cookie policy. These partners help us deliver relevant advertising across our site. For example, we use Google Ad Manager to assist us with the delivery of relevant ads. We may also share your email (in hashed, pseudonymous form) with our partner LiveRamp. LiveRamp uses this information to create an online identification code for the purpose of recognizing you on your device to be used for online and cross-channel advertising. It may be shared with our  advertising partners and other third party advertising companies globally for the purpose of enabling interest-based content or targeted advertising throughout your online experience (e.g. web, email, connected devices, and in-app, etc).

Agencies and authorities if required by law - We may reveal your personal data to any law enforcement agency, court, regulator, government authority, or in connection with any legal action if we are required to do so to meet a legal or regulatory obligation, where the request is proportionate, or otherwise to protect our rights or the rights of anyone else (for example, in response to valid and properly served legal process such as subpoena or warrant). We will attempt to notify you prior to disclosing your data unless (i) prohibited by applicable law from doing so, or (ii) there are clear indications of unlawful conduct in connection with your use of GNM services.

Event sponsors and partners - we may share your personal data with sponsors of Guardian events and partners who we hold events with for marketing purposes when you have given your permission for us to do so.

Social media organisations - We may share your personal data with other organisations when our web pages use social plug-ins from these organisations (such as the “Facebook Recommend” function, Twitter’s retweet function, Google+ function). These other organisations may receive and use personal data about your visit to our site. If you browse the Jobs  site, personal data they collect may be connected to your account on their site. For more information on how these organisations use personal data, please read their privacy policies.

Organisations/s that buy any of the Guardian group companies - We may share your personal data to any other organisation that buys, or to which we transfer all, or substantially all, of our assets and business. If this sale or transfer takes place, we will use reasonable efforts to try to make sure that the organisation we transfer your personal data to uses it in line with our privacy policy.

Any organisations that access your personal data in the course of providing services on our behalf will be governed by strict contractual restrictions to make sure they protect your personal data and keep to all privacy laws that apply. We may also independently audit these service providers to make sure that they meet our standards.

 

International data transfers

Data we collect may be transferred to, stored and processed in any country or territory where one or more of our Guardian group companies or service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this privacy policy.

Whenever we transfer your personal data out of the United Kingdom and the European Economic Area (EEA), we ensure similar protection and put in place at least one of these safeguards:

  • We will only transfer your personal data to countries that have been found to provide an adequate level of protection for personal data.

  • We may also use specific approved contracts that use Standard Contractual Clauses for the protection of personal data where appropriate, with our service providers that are based in countries outside the UK and EEA, including those based in the US and Australia. These contracts give your personal data the same protection it has in the UK and EEA.

You can contact us for further information about the relevant safeguards and standard data protection clauses for international  transfers.  

 

How long we keep your personal data

Data  will  only be kept for  as long as we need to. How long we need your personal data depends on what we are using it for,  as set out in this privacy policy. For example, we may need to use it to answer your queries about a product or service and as a result may keep personal data while you are still using our product or services. If we no longer need your data, we will delete it or make it anonymous by removing all details that identify you. If we have asked for your permission to process your personal data and we have no other lawful grounds to continue with that processing, and you withdraw your permission, we will delete your personal data. 

You can also request the erasure of your personal data and your account by contacting your Guardian Account Manager and by emailing dataprotection@theguardian.com

However, when you unsubscribe from marketing communications, we will keep your email address to ensure that we do not send you any marketing communications in future.

 

How we may contact you 

Service communications

From time to time we may send you service emails,  for example, sending you an invoice or information about your purchase and our delivery of services to you. We may also contact you for the same or similar reasons by phone.

Marketing communications

Where you have provided us with your details in relation to our sites, then we will send you emails that relate to the products and services that you originally contacted us about or currently purchase from us. You can unsubscribe from these emails at any time by clicking the ‘manage your preferences’ link on the bottom of the email.

Market research - Guardian Recruiter Services

If you have opted in for marketing communications, we may also sometimes contact you for market research purposes, for example about a survey.   If you opt out of receiving requests for marketing communications you will also be opted out of market research.

Responding to your queries or complaints

If you have raised a query or a complaint with us, we may contact you to answer your query or to resolve your complaint.

 

Cookies and similar technologies

When you visit our site, we may collect personal data from you automatically using cookies or similar technologies. A cookie is a small file that can be placed on your device that allows us to recognise and remember you.

This privacy policy includes our cookie policy, where you can find details of our key advertising partners.

 

Your privacy and data protection rights with regard to the personal data that we hold about you 

You have a number of rights with regard to the personal data that we hold about you and you can contact us with regard to the following rights in relation to your personal data:

  • You have the right to receive  a copy of the personal data that we hold about you 

  • You have the right to correct the personal data we hold about you

  • Where applicable, you may also have a right to receive a machine-readable copy of your personal data

  • You also have the right to ask us to delete your personal data or restrict how it is used, consistent with the GDPR. There may be exceptions to the right to erasure for specific legal reasons which, if applicable, we will set out for you in response to your request

  • Where applicable, you have the right to object to processing of your personal data for certain purposes

  • Where you have provided us with consent to use your personal data, you can withdraw this at any time

  • If you would like to exercise any of your rights specified above, please email dataprotection@theguardian.com or write to the Data Protection Officer at Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU. We will deal with requests within one month.

We may need to request specific information from you to help us confirm your identity. If your request is complicated or if you have made a large number of requests, it may take us longer. We will let you know if we need longer than one month to respond. You will not have to pay a fee to obtain a copy of your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

 

Your California privacy rights

Under the California Consumer Privacy Act, California Civil Code Section 1798.100, if you are a resident of California you may contact us with regard to the following rights in relation to your personal data:

  • Right of Access: You have a right to request access to the personal data we may hold on you for the past twelve (12) months. You may submit up to two (2) requests per year of access to your personal data.

  • Right to Opt-In/Opt-Out of Sale of Personal Data: For individuals sixteen (16) years or older, you have the right to opt-out of sale of personal data we may hold on you. You can exercise this right at any time by pressing the “California resident - Do not sell” link in the footer of every page. Right to Deletion: You also have the right to ask us to delete personal data we may hold on you or restrict how it is used. There may be exceptions to the right to deletion for specific legal reasons which, if applicable, we will set out for you in response to your request.

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your California Consumer Privacy Act rights.

If you want to make any of these requests, please contact dataprotection@theguardian.com or by calling our designated toll-free number (888) 777-6069. We will deal with requests for access to your personal data within forty-five (45) days for California-specific requests.

To help us respond as you expect, please specify that you are making a request under the California Consumer Privacy Act. We may need to request specific information from you to help us confirm your identity.

 

Your rights under the Australian Privacy Act

The Australian privacy Act has rules around how we handle your personal information that may be different to rules in other regions. These rules are set out in the Australian Privacy Principles in force under the Privacy Act 1988 (Cth) (the Australian privacy Act). We are required to treat your personal information in line with those principles, including to disclose to you what personal information we collect and how we use it, to store your information securely and to support you in exercising your rights.

Personal information we collect and use
When we refer to “personal data” throughout this policy, we are also referencing “personal information,” as it is defined under Australian law, which you can read about here.

Details about the personal information that we collect, use and disclose is set out throughout this privacy policy. You can navigate these relevant sections by going to the contents section at the top of the page.

 

Your rights
Your rights to privacy are also protected by the Australian Privacy Act, including your:

  • Right of access to the personal information held about you; and

  • Right of correction to correct your information when it is incorrect.

These principles and rights are reflected throughout this privacy policy.

Opt out of personalised advertising
Under the Australian Privacy Act, you have the right to opt out of the use of your personal information for the purpose of direct marketing, including in relation to personalised advertising. You can opt out of personalised advertising across our site at any time by going to Privacy Settings at the bottom of the page. You will still see non-personalised advertising.

We and our partners use cookies and similar technologies to collect information about your use of the site to help create reports and statistics on the performance of the site. Analytics cookies such as Google Analytics collect information such as your IP address, device type and operating system, referring URLs, location and pages visited. If you don’t want Google Analytics to be used in your browser, you can install the ‘Google Analytics Opt-Out Browser Add-On’, provided by Google.

For a complete description of our use of cookies and similar technologies globally, please see our cookie policy.

If you have contacted us at dataprotection@theguardian.com with a privacy related complaint and you are not satisfied with our handling of that complaint, you may refer that complaint to the Office of the Australian Information Commissioner:

GPO BOX 5218, Sydney NSW 2001
T 1300 363 992
E enquiries@oaic.gov.au

 

Contact us for information about how we use your personal data 

For individuals based outside the European Union, Australia or U.S.:

If you have any questions about how we use your personal data or if you have a concern about how your personal data is used, please contact the Data Protection Officer at Guardian News & Media Limited, Kings Place, 90 York Way, London N1 9GU. Or, email dataprotection@theguardian.com.

Complaints will be dealt with by the Data Protection Officer, and will be responded to within 30 days.

If you are not satisfied with the way your concern has been handled, you can refer your complaint to the Information Commissioner’s Office.

If you have a question about anything else, please see our Contact us page here.

For individuals based in the European Union:

Since we do not have an establishment in the European Union, we have appointed an EU based representative to serve as a direct contact for data protection authorities and individuals on our behalf, who can be contacted at theguardian@mcf.ie or MCF Legal Technology Solutions Limited, Riverside One, Sir John Rogerson's Quay, Dublin 2, Ireland.


Changes to this Privacy policy 

If we decide to change our privacy policy we will post the changes here. If the changes are significant, we may also choose to email all our registered users with the new details. If required by law, we will get your permission or give you the opportunity to opt out of any new uses of your personal data.

Changes to this privacy policy to date

The most recent changes to this privacy policy were made on:

  • May 2018 Updated to reflect changes resulting from the General Data Protection Regulation and the Data Protection Act 2018

  • March 2020: Updated to include further information about the Sites and Services covered by this Privacy Policy 

  • November 2020: Updated to include further information about the Sites and Services covered by this Privacy Policy.

  • September 2021: Updated to apply specifically to services for  Guardian Advertising, including  Guardian Display, Guardian Labs and/or Guardian Jobs  through their associated websites (‘our sites’).