This Privacy Notice describes how Landmark Public Affairs (“we”) handles, collects, protects and stores personal information connected with the services we provide when we are a data controller as defined in the EU General Data Protection Regulation (GDPR). This broadly means when we take decisions about which personal information to process and how.
This notice does not apply when we process personal information as a data processor as defined in the GDPR. This broadly means when we process information only on the basis of instructions from our clients. When this is the case, you should contact the client on whose behalf we are processing data, since they will either be the data controller or be able to tell you who the data controller is.
This notice also does not apply to the processing of personal information of our employees.
You can use the following links to jump to different sections of the notice.
Name: Landmark Public Affairs
(This is the trading name of Landmark Public Policy Advisers Europe Limited, a company registered in England with a Belgian branch.)
We collect personal information:
We currently collect and process the following types of information:
The GDPR defines and prohibits the processing of “special category personal data”, except under one of several exemptions. This is sensitive personal data which reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership; as well as genetic data, biometric data which is processed for the purpose of uniquely identifying you; and also data concerning your sex life or sexual orientation.
The only special category data which we process are those about people’s political opinions. When we do so, we rely on the exemption in Article 9(2)(e) which allows us to process such data which is manifestly made public by the data subject. This reasonably includes publicly-available information about political affiliations, as well as equivalent information provided by you at events and meetings, for example. For the avoidance of doubt, we do not include within the term “political opinions” your views about public policy, including your views on policy responses such as proposals for legislation or regulation.
We process your personal information for one or more of the following reasons:
Under the GDPR, all processing of your personal information must have a “lawful basis”. The lawful bases we rely on for processing your personal data are:
We may share personal information to the extent that this is necessary to meet the purposes for which we collect the information. This means we may share some information with our clients (other than job applicant information). We may also share information with relevant suppliers who provide services on our behalf, including IT, banking, accounting and HR (payroll) services.
We may also sometimes be required to disclose information by law, for example in response to requests or orders from law enforcement, regulators or courts.
Information is stored securely in electronic form on our servers or cloud-based servers located in the European Union and in paper form as part of a filing system in our premises in the UK and Belgium. We take security measures to ensure that personal information is held securely, whether electronically or in paper form.
We usually keep personal information for the period of your, or the relevant client’s, contract with us, plus a further period which is based on the time after that during which legal claims may be made. We may be required by law to keep some information for longer (for example, tax or regulatory information). In the case of job applications, we retain the personal information of unsuccessful applicants only until our recruitment is complete.
We dispose of information by deleting all electronic records and disposing securely of all paper-based records.
We do not apply automated decision-making including profiling to the personal information we collect.
Under data protection law, you have rights including:
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at the addresses above if you wish to make a request.
You can also complain to the relevant Data Protection Authority (regulator) if you are unhappy with how we have used your data.
If you are in the European Union, the relevant Data Protection Authority for us is the Information Commissioner’s Office (ICO) in the United Kingdom. You can contact them at:
Information Commissioner’s OfficeAddress: Wycliffe House, Water Lane Wilmslow, Cheshire, SK9 5AF, UK Helpline number: +44 303 123 1113