For a printable version of this Privacy Notice please click here.
We are the data controller which means we decide how your data is used and protected. We take your privacy and our responsibility to protect your information seriously. Read our privacy notice to understand:
- Who we are
- What information we collect about you
- How we use information we collect about you
- Who can see your information
- When we share your information
- How we look after your information
- How long we keep your information
- International Transfers of your information
- Rights and choices
WHO WE ARE
Hachette UK Limited is a company registered in England under company number 2020173, with its registered address as set out below. Hachette Group UK is made up of several publishing companies including Group Company List
You can contact us as follows:
- FAO: Legal Department (GDPR)
- Address: Carmelite House, 50 Victoria Embankment, London EC4Y 0DZ, UK
- Email: email@example.com
Websites of our companies publishing children’s books and that may be attractive to children, will contain parental consent procedures if we are processing information from children under 13. Where our websites are not directed at children they are intended for adults.
WHAT INFORMATION WE COLLECT ABOUT YOU
Information you provide:
The information you provide to us might include: your name, postal address, email address, phone number, gender and date of birth. If you’re creating an account you will provide a password and if you are ordering books you will provide your payment details. If you are submitting a manuscript or job application you will provide additional information about your academic and work history, references and any other information you choose to supply. Your information includes anything which identifies you so if you contribute to a blog or provide other user generated content to us it may include personal information.
If you provide us with more sensitive information this is known as Special Category (“Sensitive”) information and may include details about a person’s racial or ethnic origin, political opinions, religious, philosophical or similar beliefs, trade union membership, genetics, biometrics, health, sexual life, sexual orientation or about criminal offences or proceedings. This type of information will be treated differently and we will explain why we are collecting it and it will only be used with your explicit consent.
We collect your information when you:
- Interact or correspond with us in letters, by phone, SMS, email or via our website;
- attend events we hold or interact with us in person;
- create an account on our website;
- subscribe to our mailing lists;
- complete one of our surveys;
- use our mobile device or website applications (apps);
- submit manuscripts to us by post, email or via our website;
- enter into a contract with us;
- submit an application to a job vacancy;
- order books or other products from our website;
- enter a competition or prize draw;
- provide us with biographical information about you (e.g. by completing an author questionnaire)
Information about how you use our website and apps:
Our website may include links to third party websites, plug-ins and applications. By clicking on those links or enabling these connections you may allow third parties to collect or share data about you. We do not control these websites and are not responsible for their privacy notices. Please ensure that you read the privacy notices on any such external websites.
Information we receive from third parties:
In certain circumstances, we will receive information about you from third parties. For example,
- if you choose to register for a website user account you may choose to link this account to your social media account (such as Twitter or Facebook). By providing your social media account details you are authorising that third-party provider to share with us certain information about you;
- we use third party providers to verify information provided by you in connection with any manuscript you submit to us for publication. For example, we will use third-party databases or websites to confirm your publication history;
- we will receive information about you from third parties if they are referring you to us for publication. For example, if you are the co-author of a manuscript, your co-author will be required to provide us with information about you. Or if you have a literary agent making submissions on your behalf, your agent will provide us with information about you;
- if you are a job applicant we may contact your referees to provide information about you;
- if you give permission for us to contact you to a bookseller or other third party running a competition or other event involving one of our books or authors;
- publishers for whom we provide distribution services;
- when we acquire rights from other publishers.
HOW WE USE INFORMATION ABOUT YOU
We use your information lawfully. We do not sell your information to third parties. However we may share your information as set out in the section When we share your information. The details of how we use your information and the legal bases for our use are set out below:
When we have your consent to contact you, we may use your information to:
- to keep in contact with you and provide you with marketing communications about our news, events, authors or books and those of other Hachette UK companies that we believe may interest you;
- tell you about new website features or services;
- send you newsletters;
- share your information with third parties such as authors, co-publishers or marketing partners so that they can contact you with information that might interest you (as described in the section When we share your information)
In the following circumstances we will use your information to carry out our contract with you:
- to process your requests to purchase our products from our website;
- to provide customer service and support;
- if you are an author, illustrator or other licensor to administer your publishing contract including receipt, review, editing, production, marketing of your manuscript and payment of your royalties;
Sometimes we will use your information on the basis of our ‘legitimate business interests’ (legitimate interests). This means our legitimate interests in conducting and managing our business and our relationship with you.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing you have rights and choices which include the right to object (please see the section headed Your Rights and Choices.
We may use your information for the purposes listed below on the basis of our legitimate interests:
- to contact you about products you bought from us;
- to contact you about submissions you made or content you provided to us;
- to respond to your queries and correspondence;
- to administer your account with us;
- to process any job applications you submit to us;
- to deal with enquiries or complaints about the website as necessary to provide customer support in providing the correct products and services to our website users;
- to carry out aggregated and anonymised research about general engagement with our website in providing the right kinds of products and services to our website users;
- to operate a safe and lawful business or where we have a legal obligation;
- to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees;
- to measure or understand the effectiveness of advertising;
- to deliver relevant advertising and make relevant recommendations and suggestions to you about our products and services;
- to analyse your use of our websites and apps and your responses to our communications;
- to personalise, enhance, modify or otherwise improve the services and/or communications that we provide to you;
- To detect and prevent fraud and unauthorised access or illegal activity;
- To improve security and optimisation of our network sites and services including trouble shooting, testing and software development and support;
- To work with our third party recruitment agency to process any job applications you submit to us;
WHO CAN SEE YOUR INFORMATION
Your information may be processed by our staff or by the staff of third parties we work with to deliver our business. Processing can mean any activity that involves the use of information about someone that can identify them. All uses, for example, obtaining, recording, storing, disclosing, organising, retrieving, deleting and destroying are types of data processing. We take measures to ensure that third parties processing your information on our behalf are acting lawfully in accordance with our instructions and are subject to appropriate confidentiality requirements. We also have adequate technical and organisational safeguards in place in our company and with third party processors to protect your information. Third party processors of your information include:
- our website hosts and operators, IT support providers, database operators, site analytics providers and software developers;
- our marketing or publicity services providers;
- our editorial and production service providers, peer-reviewers, third-party manuscript readers
- our royalty system software provider;
- our financial services and payment service provider;
- our warehousing and delivery service providers;
- our auditors, technical consultants and legal advisors;
- our fraud detection services;
We share your information within the companies that make up the Hachette UK group of companies Group Company List as well as with our parent company and their parent company. Where we share your information outside our group of companies you will be asked to consent to a third party sharing your information and if you choose to give your permission any interaction you have with a third party is governed by their privacy terms. The third party becomes a joint data controller of your information with us. This means that the third party can make decisions about how to use your information. Before we share your information we require third parties to enter into a data sharing agreement which stipulates that they must maintain appropriate security to protect your information from unauthorised access, processing or use.
We will share your information with the following third parties:
- selected publishing partners and authors;
- selected marketing partners;
- any prospective seller or buyer of businesses or assets, only in the event that we decide to acquire, transfer or sell any business or assets;
- any other third parties (including legal or other advisors, regulatory authorities, courts and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law or where we have a legal obligation to do so.
HOW WE LOOK AFTER YOUR INFORMATION
We look for opportunities to minimise the amount of personal information we hold about you. Where appropriate we anonymise and pseudonymise your information. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
- ensuring the physical security of our offices, warehouses or other sites;
- ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption;
- maintaining a data protection policy for, and delivering data protection training to, our employees;
- limiting access to your personal information to those in our company who need to use it in the course of their work.
HOW LONG WE KEEP IT FOR
We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our legitimate interests, such as for the purposes of exercising our legal rights or where we are permitted to do so for purposes of academic, literary expression and research purposes. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
- we archive our email and paper correspondence regularly and destroy unnecessary information;
- We operate a best practice email retention policy requiring password protected folders and departmental shared drives to provide restricted access to information;
- Deleted emails are auto-deleted periodically;
- We conduct regular access reviews to keep access profiles and policies up to date;
- We conduct periodic review and purge cycles of documents in accordance with our document retention policy;
- we retain information relating to orders, refunds and customer queries for approximately 7 years;
- we retain information relating to commercial contracts for approximately 7 years after expiration or termination whichever is the sooner;
- we maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. So that we can comply with their wishes we must store this information permanently;
- we delete information collected through marketing channels 2 years after our last interaction with you;
- we destroy CVs and related information from job applicants who have not been shortlisted for interview once the recruitment process is complete. The shortlisted candidates’ CVs and related information is kept until after the successful candidate’s probation period, which can be 6 months from their start date.
INTERNATIONAL TRANSFERS OF YOUR INFORMATION
Our company is located in the UK.Whenever we transfer your personal information out of the European Economic Area (EEA) we will take all steps necessary to ensure that it is adequately protected and processed in accordance with this Privacy Notice by using all appropriate cross-border transfer safeguards such as:
- by entering into the European Commission’s Standard Contractual Clauses with the provider which give personal data the same protection it has in the EEA; and
- where the provider is in the US, the EU-US Privacy Shield if the provider is part of the EU-US Privacy Shield Framework.
Please contact us if you would like additional information on the specific means used by us when transferring your personal data outside of the EEA.
YOUR RIGHTS AND CHOICES
You have the right to object to our using your information for direct marketing and on the basis of our legitimate interests.
You have the right to withdraw your consent for our use of your information in reliance of your consent.
You also have other choices and rights in respect of the information that we hold about you, including:
- the right to request access to the information that we hold about you to check that we are acting lawfully;
- the right to receive a copy of any information we hold about you in a structured, commonly-used, machine readable format or in another format of your choice;
- the right to request that we transfer your information to another service provider in a structured, commonly used, machine-readable format;
- the right to ask us to correct information we hold about you if it is inaccurate or incomplete;
- the right to ask us, in certain circumstances, to delete information we hold about you;
- the right to ask us, in certain circumstances, to restrict processing of your information.
You may exercise your rights and choices by contacting us.
You can also prevent processing for marketing activities by checking certain boxes on forms that we use to collect your data to tell us that you don’t want to be involved in marketing.
Your Right to Complain
Please contact us if you have any questions or are unhappy about the way your information is used. We hope we will be able to resolve any problems or issues you may.
You also have the right to lodge a complaint about us and our use of your information to the UK Information Commissioner’s Office (https://ico.org.uk/) or the relevant authority in your country of work or residence.
CHANGES TO THIS PRIVACY NOTICE
We may make changes to this Privacy Notice from time to time. We will post any changes to our site.
This Privacy Notice was updated on 23 April 2018.
For a printable version of this Privacy Notice please click here.