How we process your personal data
Havas UK respects the rights of each individual to have their privacy and personal data protected. Havas UK will observe the following principles when processing your personal data:
What data is collected?
In general, your personal data is collected directly from you, but it may also be collected from third parties.
To accommodate your visit to our offices we will process the following categories of personal information:
When you visit our offices, we will use your personal information to register you at the reception of our building who will log entry and exit times as part of building security measures.
It is likely that our building services team and/or the individual or department you are visiting will also log your contact details in a database or digital calendar so we can monitor and manage your visit.
You will also be captured on CCTV cameras during your visit which is also for security and monitoring purposes.
Purpose, Legal Basis and Data Retention Period
| Purposes | Legal basis | Retention period |
| To provide a security service, access control logs, security passes, out of hours records | Legitimate interestsPublic task (for the safety and security of our employees, contractors, agents and visitors of our building) | Applicable limitation periods |
| To ensure where there is a risk to life, injury, or other medical emergency, help and assistance can be provided as appropriate and without delay | Vital interestSchedule 1 Part 2 Paragraph 18 of the Data Protection Act 2018. | Applicable limitation periods |
| Application management | Legitimate interest | 2 years |
| Product and institutional communication management (website and social networks) | Legitimate interest | Duration of the communication plus applicable limitation periods |
| Administrative and legal formalities and the fight against fraud | Legal and regulatory obligation | Duration of applicable legal requirements |
| Management and follow-up of contact requests | Legitimate interest | Time required to process the request |
| Exercising your personal data rights | Legal and regulatory obligation | 1 year or 6 years from the request to exercise the right, according to the right exercised |
| Participation in any of our events and/or programmes | Legitimate interest ConsentPerformance of the contract | Duration of the event/programme and related marketing activitiesplus applicable limitation periods |
In the event of litigation/proceedings, particularly legal proceedings, initiated before the end of the above periods and which require the retention of personal data, particularly with a view to the establishment, exercise or defence of rights, such personal data shall be retained for the duration of said proceedings and until the exhaustion of the legal remedies.
Who Are the Recipients of Your Data?
Your personal information will be limited to those who you would expect to know of your visit and where you voluntarily interact with our staff, or other office or building attendees.
We may share your personal information with our suppliers, business partners and service providers where they are helping to provide services to you.
For example, where you participate in an event/programme, we may share your personal data with the promotor/sponsor of the event/programme. In other cases and more generally, we may share your personal data with hosting providers of our websites, our auditors and statutory auditors, our legal advisers, our insurers, our duly authorized partners, service providers and subcontractors which we may use to carry out our activities, tax and social security bodies, public authorities, court officers and ministerial officers where applicable.
Data Transfer
Your personal data collected and processed for the purposes described above may in certain cases be transmitted to companies outside of the UK, including countries, which have less strict, or no data protection laws, when compared to those in the EEA or the UK.
Whenever we transfer your information as described in the paragraph above, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this privacy notice. In these cases, we rely on approved data transfer mechanisms (such as standard contractual clauses) to ensure your information is subject to adequate safeguards in the recipient country. If you are located in the UK or the EEA, you may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances.
Your data protection rights
You have certain rights in relation to your personal information, as listed below. We will handle any request to exercise your rights in accordance with applicable law and any relevant legal exemptions.
Right of access
As data subjects you may inquire as to the nature of the personal data Havas UK holds about you. You will be provided access to your personal data regardless of the location of the data processing and storage.
Right to rectification
If your personal data is inaccurate or incomplete, you may request that the data is amended.
Right to object
You have the right to object at any time to the processing of your personal data by Havas UK.
Right to erasure
You can ask for the deletion of your personal data when it is allowed by applicable laws and regulations.
Right to restriction of processing
You have the right to request the processing of your personal data to be restricted when it is permitted by applicable laws and regulations.
Right to data portability
If you meet the conditions settled by the applicable laws and regulations, you have the right to receive a subset of your personal data and to transmit it from Havas UK to another data controller.
Right to lodge a complaint
You have the right to lodge a complaint with the competent supervisory authority. All requests for aforementioned rights, and any questions regarding this Data Protection Policy, may be sent to: Havas Data Protection Officer [email protected]
How we process your personal data
Havas UK respects the rights of each individual to have their privacy and personal data protected. Havas UK will observe the following principles when processing your personal data:
What data is collected?
In general, your personal data is collected directly from you, but it may also be collected from third parties.
To accommodate your visit to our offices we will process the following categories of personal information:
When you visit our offices, we will use your personal information to register you at the reception of our building who will log entry and exit times as part of building security measures.
It is likely that our building services team and/or the individual or department you are visiting will also log your contact details in a database or digital calendar so we can monitor and manage your visit.
You will also be captured on CCTV cameras during your visit which is also for security and monitoring purposes.
Purpose, Legal Basis and Data Retention Period
| Purposes | Legal basis | Retention period |
| To provide a security service, access control logs, security passes, out of hours records | Legitimate interestsPublic task (for the safety and security of our employees, contractors, agents and visitors of our building) | Applicable limitation periods |
| To ensure where there is a risk to life, injury, or other medical emergency, help and assistance can be provided as appropriate and without delay | Vital interestSchedule 1 Part 2 Paragraph 18 of the Data Protection Act 2018. | Applicable limitation periods |
| Application management | Legitimate interest | 2 years |
| Product and institutional communication management (website and social networks) | Legitimate interest | Duration of the communication plus applicable limitation periods |
| Administrative and legal formalities and the fight against fraud | Legal and regulatory obligation | Duration of applicable legal requirements |
| Management and follow-up of contact requests | Legitimate interest | Time required to process the request |
| Exercising your personal data rights | Legal and regulatory obligation | 1 year or 6 years from the request to exercise the right, according to the right exercised |
| Participation in any of our events and/or programmes | Legitimate interest ConsentPerformance of the contract | Duration of the event/programme and related marketing activitiesplus applicable limitation periods |
In the event of litigation/proceedings, particularly legal proceedings, initiated before the end of the above periods and which require the retention of personal data, particularly with a view to the establishment, exercise or defence of rights, such personal data shall be retained for the duration of said proceedings and until the exhaustion of the legal remedies.
Who Are the Recipients of Your Data?
Your personal information will be limited to those who you would expect to know of your visit and where you voluntarily interact with our staff, or other office or building attendees.
We may share your personal information with our suppliers, business partners and service providers where they are helping to provide services to you.
For example, where you participate in an event/programme, we may share your personal data with the promotor/sponsor of the event/programme. In other cases and more generally, we may share your personal data with hosting providers of our websites, our auditors and statutory auditors, our legal advisers, our insurers, our duly authorized partners, service providers and subcontractors which we may use to carry out our activities, tax and social security bodies, public authorities, court officers and ministerial officers where applicable.
Data Transfer
Your personal data collected and processed for the purposes described above may in certain cases be transmitted to companies outside of the UK, including countries, which have less strict, or no data protection laws, when compared to those in the EEA or the UK.
Whenever we transfer your information as described in the paragraph above, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal information and to make sure it is treated securely and in accordance with this privacy notice. In these cases, we rely on approved data transfer mechanisms (such as standard contractual clauses) to ensure your information is subject to adequate safeguards in the recipient country. If you are located in the UK or the EEA, you may contact us for a copy of the safeguards which we have put in place to protect your personal information and privacy rights in these circumstances.
Your data protection rights
You have certain rights in relation to your personal information, as listed below. We will handle any request to exercise your rights in accordance with applicable law and any relevant legal exemptions.
Right of access
As data subjects you may inquire as to the nature of the personal data Havas UK holds about you. You will be provided access to your personal data regardless of the location of the data processing and storage.
Right to rectification
If your personal data is inaccurate or incomplete, you may request that the data is amended.
Right to object
You have the right to object at any time to the processing of your personal data by Havas UK.
Right to erasure
You can ask for the deletion of your personal data when it is allowed by applicable laws and regulations.
Right to restriction of processing
You have the right to request the processing of your personal data to be restricted when it is permitted by applicable laws and regulations.
Right to data portability
If you meet the conditions settled by the applicable laws and regulations, you have the right to receive a subset of your personal data and to transmit it from Havas UK to another data controller.
Right to lodge a complaint
You have the right to lodge a complaint with the competent supervisory authority. All requests for aforementioned rights, and any questions regarding this Data Protection Policy, may be sent to: Havas Data Protection Officer [email protected]