PSI GDPR & Privacy Statement
General Data Protection Regulation (UK GDPR & EU GDPR)
Public Sector Information Ltd (“PSI”) is committed to protecting and respecting personal data and privacy. We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).
At PSI, we do not simply view data as an asset. We see it as essential to delivering relevant, high-quality content, events, research and communications to our audiences and partners across the public sector and associated industries.
We are committed to handling personal data lawfully, fairly, transparently and securely.
If you have any questions regarding this statement or your personal data, please contact:
Data Protection Contact
Public Sector Information Ltd
226 High Road, Loughton, Essex, IG10 1ET
Email: Claire.sale@psigroupltd.co.uk
Telephone: 020 8532 0055
Transparency and Fair Processing
PSI is committed to being transparent about:
what personal data we collect;
why we collect it;
how we use it;
who we may share it with; and
the rights individuals have regarding their data.
We provide privacy notices across our websites, event registration forms, newsletter subscriptions, surveys and commercial agreements.
Any personal data we collect is used to:
provide content, events, products and services;
improve user experience;
support relevant commercial communications;
administer subscriptions and registrations;
facilitate legitimate business engagement between relevant organisations and professionals.
Lawful Basis for Processing
PSI processes personal data under one or more lawful bases under Article 6 UK GDPR/EU GDPR, including:
Consent
Contractual necessity
Legal obligation
Legitimate interests
Where we rely on legitimate interests, we carefully balance our interests against the rights and freedoms of the individual and ensure processing is proportionate, expected and minimally intrusive.
We maintain internal procedures and assessments to support our legitimate interest activities.
Types of Data We Process
Depending on the nature of our relationship with you, PSI may process:
name;
job title;
organisation;
Business email address;
business telephone number;
professional interests;
event attendance information;
newsletter preferences;
survey responses;
website usage data.
We generally process business contact data rather than personal consumer data.
PSI does not intentionally collect special category personal data unless specifically required and appropriately safeguarded.
Research and Data Verification
PSI maintains databases relating to organisations, public sector bodies, suppliers, industry professionals and associated stakeholders relevant to our publishing and events activities.
We make reasonable efforts to periodically verify and update organisational and contact information through:
publicly available sources;
official organisational websites;
direct communications with organisations;
responses from subscribers, delegates, advertisers and users.
Where information is provided to us by an organisational representative, PSI acts on the reasonable belief that the individual is authorised to provide such information on behalf of the organisation.
We regularly review data quality and relevance to ensure information remains accurate and up to date.
Data Sharing and Commercial Communications
PSI operates a portfolio of B2B media brands, events, webinars, round tables and conferences.
In certain circumstances, personal data may be shared with:
event sponsors;
exhibitors;
commercial partners;
service providers;
subcontractors acting on PSI’s behalf.
Where this occurs:
Individuals are informed at the point of collection;
sharing is relevant to the event, publication or service;
individuals are provided with clear opt-out mechanisms;
third parties are expected to process data lawfully and securely.
PSI does not sell personal data to third-party consumer marketers.
Email Marketing and Newsletters
PSI distributes newsletters and event communications relevant to professional roles and sectors served by our brands.
We may send communications:
where consent has been provided;
where permitted under PECR;
or where we believe there is a legitimate interest in doing so.
All marketing emails contain clear unsubscribe functionality.
We maintain suppression lists and honour unsubscribe requests promptly.
Individuals may also contact us directly to update communication preferences.
Events and Webinars
When registering for PSI events, webinars, conferences or awards:
registration data may be shared with relevant sponsors, exhibitors or speakers where clearly disclosed;
delegate badges or digital attendance systems may record participation;
event analytics may be collected to improve future services.
Event-specific terms and privacy notices are provided during registration.
Data Retention
PSI retains personal data only for as long as necessary for:
the purpose it was collected;
contractual obligations;
legitimate business requirements;
legal and regulatory obligations.
Data is periodically reviewed and securely deleted, anonymised or suppressed where no longer required.
Security Measures
PSI maintains appropriate technical and organisational measures designed to protect personal data against:
unauthorised access;
accidental loss;
destruction;
misuse;
disclosure;
alteration.
These measures include:
access controls;
password protection;
restricted user permissions;
secure hosting and cloud services;
staff confidentiality obligations;
regular system maintenance and monitoring.
Where third-party service providers process data on our behalf, we require them to maintain appropriate security standards.
Individual Rights
Under applicable data protection law, individuals may have rights including:
the right to access personal data;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to object to processing;
the right to data portability;
the right to withdraw consent.
Requests can be made via:
Claire.sale@psigroupltd.co.uk
PSI will respond in accordance with applicable legal requirements.
International Data Transfers
Where personal data is transferred outside the UK or EEA, PSI will ensure appropriate safeguards are in place, including:
adequacy regulations;
standard contractual clauses;
approved transfer mechanisms.
PSI Brands
PSI operates a portfolio of specialist B2B brands including:
GREENFLEET®
Government Business
Government Technology
Education Business
Health Business
Counter Terror Business
Each brand may operate dedicated websites, newsletters, events and registration systems.
Changes to this Statement
PSI may update this statement periodically to reflect legal, operational or regulatory changes.
The latest version will always be available via PSI websites.