Privacy Policy

At Lexington, we are committed to protecting and respecting your privacy and safeguarding any personal data that you give to us.  We are transparent about the processing of your personal data and this notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

We are a joint controller under the UK GDPR and the Data Protection Act 2018 for the processing of your personal data with Global Diabetes Advocacy Network (GDAN).

We are:

Lexington Ltd
The Connection
198 High Holborn
London
WC1V 7BD

Tel: 0207 025 2300

Email: contact@lexcomm.co.uk

What kind of personal data do we collect and process when you provide feedback?

When you provide your details, we need your name, phone number and email to send you our regular newsletter and respond to your queries.

We will use your data to:

  • Send your queries and personal data to GDAN to ensure we can respond to your questions and share the regular newsletter.
  • Contact you to ask about the queries you’ve made.

What is our legal basis to use your personal data?

Our legal basis at the start of the newsletter sign up and query process is consent, as you voluntarily submit your details.   

We will ask you on the form if you consent to the following:

  • Send you updates about the work of GDAN in the form of a newsletter [by email]
  • Contact you to ask about your queries
  • Contact you to respond to your queries

Who do we share your data with?

We share data with our client, GDAN.

We share your personal data with our service providers, insurers, legal and other advisors, if required.  All parties are required to continue to adequately safeguard your personal data.

How long do we keep your data?

We hold your data and any other correspondence under legitimate interest as we need to keep a record of all queries and newsletter sign ups. We keep your data for the email queries for one year and hold newsletter sign up data until the user unsubscribes.

What security procedures do we use?

We have procedures in place to prevent unauthorised access to, and the misuse of, personal data.

We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorised personnel are permitted to access personal data in the course of their work.

Do we transfer data internationally?

GDAN is an international body which operates all over the world. To deliver the newsletter and process queries, there is a requirement for the organisation to access this data across the world.

Some service providers who are based outside of the UK.  Several of these providers are based in countries that are adequate for data transfer; for countries that are not, we use approved Standard Contractual Clauses as our data transfer safeguard.

What are your rights regarding your personal data?

You have the right:

  • To access to your personal data and information about our processing of it. You also have the right to request a copy of your personal data (but we will need to remove information about other people).
  • To rectify incorrect personal data that we are processing.
  • To request that we erase your personal data if:
  • we no longer need it;
  • if we are processing your personal data by consent and you withdraw that consent;
  • if we no longer have a legitimate ground to process your personal data; or
  • we are processing your personal data unlawfully
  • To object to our processing if it is by legitimate interest.
  • To restrict our processing if it was by legitimate interest.
  • To request that your personal data be transferred from us to another company if we were processing your data under a contract or with your consent and the processing is carried out by automated.

If you want to exercise any of these rights, please contact us.

If you have a concern about the way we are collecting or using your personal data, please raise your concern with us in the first instance.  You may also contact the Information Commissioner’s Office at https://ico.org.uk/concerns/.