Data Privacy Notive

This Privacy Notice applies to personal data processing under MAiNSAiL Ltd and and of our brands. y o. Each ‘brand’ may have a supplemental privacy notice which provides additional information regarding brand specific personal data processing and is provided at the point of data collection and should be read in conjunction with this Mainsail Ltd Privacy Notice. Brands include:

• The Hive Network
• RetailJam
• CMX
• FOF

We periodically update all our policies, if we make a significant change we will let you know.

MAiNSAiL Ltd (herein ‘we’ or ‘us’ or ‘our’) gathers and processes personal information in accordance with this privacy notice, and any supplemental privacy notices, and in compliance with the relevant United Kingdom data protection laws. This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why, and when we process your personal data.

We provide a range of products and services that deliver our content to professionals across intelligence solutions, events, and marketing solutions.  Our role is to deliver events, content, and digital experiences—primarily in the financial and retail sectors, but not limited to them—where professionals can connect, exchange knowledge, explore industry trends, discover innovations, build relationships, advance their careers, and drive business growth.

This Privacy Policy applies to personal data collected through:

• Registration forms and surveys
• Online learning tools and competition entries
• Events (including awards)
• Direct contact (online, post, telephone, or social media)
• Course of providing our services
• Through working with suppliers, contractors, employees and associates

We take your privacy seriously and will securely store and process any personal data you provide to us. This notice explains:

• How we collect, manage, use and protect your personal data
• Your rights and our obligations
• How, why, and when we process your data
• How long long we keep your data for
• Who we share your data with

MAiNSAiL Ltd’s registered office is at 52 High Street, Pinner, Middlesex, HA5 5PW. We are:

• Registered in England and Wales (company number 09545849)
• Registered with the Information Commissioner’s Office (registration number ZB304956)

We have an Appointed Person, Stephen Dodds, with responsibility for the oversight and of, and compliance with, data protection law, and they can be contacted by post at The Hive Network, Warnford Court, 29 Throgmorton Street, London, EC2N 2AT, or via email using dataprivacy@thehive-network.com, or by phone using +44 (0) 20 3948 1623 and asking for Stephen Dodds, our Appointed Person.

Information that we collect

We process your personal information to meet our legal, statutory, and contractual obligations, and to provide you with our products and services, or when you are applying to us about employment. We will never collect any unnecessary personal data from you and do not process your information in any way, other than as specified in this notice or a brand specific supplementary notice.

The personal data that we may collect and process, include and may not be limited to:

• Identity Details: Name, date of birth, user IDs, IP addresses, and cookie identifiers.
• Contact Details: Email address, phone number, and postal address.
• Demographic Details: Job title, industry sector, company information, preferences, information about your organisation and the industry that you work in
• Transactional Details: Purchase history, registration details, and payment information.
• Online Activity Details: Pages visited, interactions with marketing emails, and cookie usage.
• Employment Details: CVs, job applications, and interview notes.
• Permission Details: Marketing preferences and consent records.

You may provide personal information to us through the Services we provide — for example, when you sign up for, order, subscribe to, or make use of any of our Services, consult with our team, or communicate with us in any way.

We may also collect personal information, such as your contact and professional details, when you attend our events, take part in surveys, or through other business or marketing interactions we may have with you. You may choose to provide additional information when you communicate with us or otherwise interact with us.

Event-Specific Information

Event information we collect includes:

• Dietary and special access requirements or provisions
• Basic registration data such as your name, job title, company, email address, phone number, social media profiles and company type
• Your interest in various conference topics, speaking opportunities, sponsorship, exhibiting and competitions
• Your event attendance preferences (e.g. your choices for attending workshops, meetings, seminars, content streams, dinners, breakfasts, lunches and other optional private events)
• Your wish to access content provided to us by partners (typically name, job title, email and telephone number)
• Information about your visit to our events such as the meetings, sessions, seminars, workshops, exhibitors, breakfasts, lunches, dinners, parties and other receptions you attended or wish to attend
• Event filming and photography: We may photograph, film, broadcast or record our events in which case we may process information such as your voice, likeness and image if you are identifiable from such photograph, film, broadcast or recording.

Methods of Collection

• Via online enquiry forms on our website
• Via emailed enquiries
• Career applications
• General correspondence
• Via telephone enquiries
• Via use of our Apps

Information from Third Parties

We obtain data relating to business professionals from third party data providers. This includes data concerning job role and business contact information. We use this information to contact people in their professional capacity about events, webinars, reports and content that we and our clients and sponsors are participating in that we believe will be of interest to them. We will only contact you where you allow us to do so and will update your preferences accordingly.  We complete legitimate interest assessments for this activity and these are regularly reviewed.

We use this information in your professional capacity to:

• Contact you about events, webinars, reports and content that we, our clients and sponsors are participating in that we believe will be of interest to you
• Enhance our ability to provide relevant marketing and content
• Develop and provide you with more relevant products, features, and services

We may use this data alone or in combination with other information (including personal information we collect) to better tailor our services and communications to your professional interests.

Purposes of Processing

We use your personal data for the following purposes:

• Service Provision: Enabling app functionality, processing transactions, and delivering services such as event registrations, subscriptions, and newsletters.
• Marketing: Sending tailored email campaigns, promotional materials, and event invitations based on your preferences.
• User Interaction: Supporting networking features within apps, such as messaging and user connections.
• Analytics: Understanding user behaviour, improving products and services, and personalising your experience.
• Legal Compliance: Meeting legal and regulatory obligations, including tax filings and responding to lawful requests.

Specific Processing Activities

We will collect your personal data in connection with activities including but not limited to:

• Event updates such as speaker announcements, ticket offers, VIP passes, and sponsorship, exhibition and speaking opportunities
• Newsletter requests
• Product purchases such as tickets, sponsorship and exhibition
• Registration information for tickets, VIP passes, sponsorship and exhibition
• Competition entries
• Awards entries
• Registration to use tools and services such as our event information and networking app
• Feedback on your event experience
• Providing essential event information via SMS and notifications to pre-registered attendees
• Event attendance preferences (e.g. dietary information, workshops, seminars and other private events)
• Providing access to our social media groups and accessing presentations
• Distribution of partner content such as but not limited to white papers and reports
• Providing access to our networking and information app

Legal Bases for Processing

Sometimes, with your consent, we will process your personal data to provide you with information about our events, product launches, editorial insights, research, initiatives, awards and partner activities.

We will also process your data when it is in our legitimate interest to do so and when these interests do not override your rights. Such legitimate interests include providing you with information on our events, services, speaking opportunities, exhibition opportunities, sponsorship opportunities, tickets, VIP passes, campaigns, initiatives, registration, event attendance preferences, invitations to ancillary and private events, customer surveys, dietary requirements, topical interests, awards, competitions, feedback, newsletters, mobile apps and other activities and those of carefully selected organisations.

We can reasonably expect that practitioners in the finance, retail and other related industries may have a genuine interest in the speakers, networking, workshops and business development opportunities we provide.

Our legitimate interests include:

• Direct marketing activities
• Distribution of insights and reports
• Access to event content
• Improving event experiences
• Business development opportunities
• Personalisation of services
• Analytics and research
• Due diligence activities

Examples of legitimate interest usage:

• Direct marketing: Updates about events, opportunities, and content
• Event management: Collection of dietary preferences and attendance choices
• Personalisation: Gathering preferences to improve user experience
• Partner content: Providing access to industry insights and reports
• Analytics: Improving our services and understanding user needs

We also rely on contractual obligation where we provide services to our partners and members or pay our suppliers.

How we use your personal data

We take your data privacy very seriously and will never disclose, share, or sell your data without your consent, unless required to do so by law. We only retain your data for as long as is necessary and for the purpose(s) specified in this notice.

We collect and store your personal data when responding to your enquiry via our website, through social media, applications, the telephone or in person.

• We collect and store your personal data in providing our products and/or services and when responding to enquiries relating to these.
• This includes processing your personal data within any App to which you will have subscribed and use.
• This may include processing personal data within the App in communications between other members of that App.
• Legitimate Interests: For personalising content, improving services, conducting surveys, and ensuring security.
• We collect and store your personal data as part of fulfilling a contract with you
• We collect and store your personal data as part of our legal obligation for business accounting and taxation purposes.
• We may occasionally send you marketing information where we have assessed that it is beneficial to you as a client and in our interests. Such information will be non-intrusive and is processed on the grounds of legitimate interests, you can opt out at any time by contacting us at dataprivacy@thehive-network.com
• Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw this consent at any time.

We manage your consent preferences through:

• Granting Consent: Obtained via opt-in mechanisms for marketing, cookies, and sensitive data collection.
• Withdrawing Consent: Options include:
  • “Unsubscribe” links in emails.
  • Cookie management tools on our website.
  • Direct contact at [insert contact details].
  • Push notification settings in mobile apps

We regularly conduct data flows and a data inventory or data audit which looks at all aspects of the personal data that we process, including the legal basis for processing and any special requirements that the data needs.  Any risk assessments (DPIAs) requirements are identified and completed paying particular attention to privacy risks associated with each processing activity: storage, collection, transmission, access and deletion.

We regularly complete Legitimate Interest Assessments to ensure that our marketing activities are considered, appropriate and are in accordance with all relevant legislation.

We will never knowingly collect data from or on children below 13 years old.

Your rights:

GDPR provides the following rights for individuals:

Data Subject Access Requests

You have the right to access any personal information that we process about you and to request information about:

• What personal data we hold about you.
• The purposes of the processing.
• The categories of personal data concerned.
• The recipients to whom the personal data has/will be disclosed.
• How long we intend to store your personal data for.
• Where we did not collect the data directly from you, information about the source of that data.

If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information and the right to be informed about any automated decision-making we may use.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.  We will respond to your request within one month of receiving a request and will provide your personal data if we are able to.  If your request is more complex this may be extended for a further two months, but we will inform you if we need this extra time.

Sharing and Disclosing Your Personal Information

We do not share or disclose any of your personal information without your consent other than for the purposes specified in this notice or where there is a legal requirement.

Service Providers

We use third parties to provide services that enable us to deliver our services to you, including:

• IT hosting and app development
• Payment processing
• Marketing platforms
• Analytics providers
• Virtual event platforms
• Badge and registration systems
• Catering and security services
• Photography/videography

Ways We Share Your Information

Group Companies

We may share your personal data with other companies in our group for internal efficiencies and the purposes described in this notice (based on legitimate interests).

Non Event Specific Data Sharing

We do not share or disclose any of your personal information without your consent other than for the purposes specified in this notice or where there is a legal requirement. We use some third parties to provide the services to our business functions that enable us to deliver our services to you.  For example, we share payment details with processors to complete transactions or dietary preferences with venues for event needs.

We share personal data only as necessary and in line with data protection laws.

All third-party processors acting on our behalf only process or access your data in accordance with instructions from us and comply fully with this privacy notice, data protection laws and any other appropriate confidentiality and security measures.

These third parties may include:,

• Service Providers: For IT hosting, app development, and operational support.
• Payment Processors: To securely complete transactions.
• Marketing Platforms: For email campaigns and targeted communications.
• Analytics Providers: To monitor and improve website performance.
• Business Partners and Sponsors: To deliver co-branded services, sponsored content, or event follow-ups (with your consent).
• Legal and Accounting Advisors: To fulfil legal, financial, and compliance obligations.
• Event venue management.
• Virtual event platforms.
• Badge and registration systems.
• Catering and security services.
• Photography/videography.

Where these parties are required to access personal data, they will do so under a legal contract or an agreement known as a Data Processing Agreement, depending upon their status.

When using one of our Apps, as an example: The Hive Network, others who you have permitted to connect with you, may see some or all of your personal data and how much they see, is controlled by you within your profile settings.

Event Information Sharing

For events we organise (including conferences, awards and round tables):

1. Attendee Information: Where you are attending an event organised by us, we may share your name, job title and company with other attendees (including making this information available via the event app, on social media sites and in our event guide). Generally we will ask for your consent to share this information, but for some of our events, such as our workshops and round table events (and any other events which we inform you of) we rely on legitimate interests to share this information because it is a fundamental part of such events (for example, for table plans and networking purposes).

1. Virtual Events: Where you are attending a virtual event, we may use a third party technology service provider to help facilitate this, meaning the information you provide to us may also be shared with them (for the purpose of administering the event).

1. Awards Participation: If you enter one of our awards and are short-listed, your name and organisation details will be included in the award lists and materials used and distributed in relation to the award (legitimate interests: of us and other entrants and attendees of the awards, to allow other entrants and those attending the awards to see who is in the running).

1. Sponsor Information: We will share your registration and attendance information with the sponsors of our events who may contact you for marketing purposes (legitimate interests: of us, to attract the most appropriate sponsors for the event and of our sponsors, to facilitate business-to-business communications between them and our registrants before, during and after our events). We or our sponsors may contact you ahead of our events to inquire whether you’d like to set up a meeting with our sponsors at the relevant event.

1. Future Events: We may make available your job title and company to potential attendees of the following year’s event, as part of marketing and promotion of such event (legitimate interests: of us, to attract the most appropriate delegates for the event).

1. Third-Party Seminars: Where you register to attend certain seminars or presentations at our events hosted by a third party, we may share your registration information with such third party (legitimate interests: of our hosts, so they know who has attended their events and so they can contact attendees about their goods and services).

1. Exhibitor Interactions: Where you indicate that you want us to share your details with sponsors and/or exhibitors at events (for example, by scanning your event badge at an exhibitor’s stand or by using a designated app) we share your information with those exhibitors who may contact you about their goods and services (consent).

1. Badge Scanning:Used for attendance verification, session tracking, or sponsor follow-ups. The information includes name, job title, company, and contact details.  You can decline badge scanning or opt-out of follow-up communications.

1. We may share allergy information, dietary requirements or access requirements with our venues to ensure that we meet your needs.

Event Media

For event filming and photography, we process your personal data comprised in the film, photograph, broadcast or recording of the event for the following legitimate interests:

• Internal purposes such as training (legitimate interests: to train our staff and help us better understand how best to run future events)
• Creating marketing content for future events promotion (legitimate interests: to encourage future sponsorship, attendance and awards entries)
• Supplementing editorial content on an event (legitimate interests: to provide fuller and more engaging content)
• Sharing with future sponsors (legitimate interests: to show potential sponsors what the event is like and to encourage sponsorship)
• Sharing with existing sponsors and clients (legitimate interests: of us and our sponsors and clients, to share potential marketing material with our sponsors and clients so that they can promote their involvement in the event)
• No personal data will be added to any photos so that people remain unidentified. If you prefer us not to take your photo please let the event staff know

Sponsored Content

Where you sign up for a sponsored webinar or to access sponsored content such as whitepapers, we share your sign-up details with that sponsor who may contact you (legitimate interests: of us, to enable us to offer our users premium business content free of charge, and of our sponsors, to facilitate business-to-business relationships). We use third party technology service providers to help facilitate this. If you do not wish for your details to be shared with a sponsor we usually offer an alternative means of accessing this content and you can opt out at any time with us or the Sponsor as you wish.

Surveys

For survey responses:

• Answers are typically aggregated and anonymised
• If you provide identifying information (e.g., name, job title), responses may be linked to you
• Used for research and analysis purposes

Business Sale Provisions

In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s advisers and will be passed to the new owners of the business.

Safeguarding Measures

We take your data privacy seriously and take every reasonable measure and precaution to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure, or destruction and have several layers of information security measures in place, including but not limited to:

• SSL, TLS, encryptions, pseudonymisation, restricted access, network authentication, firewalls, anti-virus/malware etc.
• Data is encrypted at rest and in transit.

Transfers outside the United Kingdom

Personal data of United Kingdom data subjects is protected by the United Kingdom General Data Protection Regulation (UK GDPR) but some other countries may not necessarily have the same high standard of protection for your personal data.

We do not process personal data outside of the United Kingdom and our application servers are located in the United Kingdom.  Some of our third parties may use data storage outside the UK and we will do our best to ensure that all appropriate transfer methods are in place.

International users and subscribers to any of our Apps, may be able to see information relating to another user and that data visibility is controlled by the users directly. Users choose what to share with others.

Consequences of Not Providing Your Data

You are not obligated to provide your personal information to us however, as this information is required for us to provide you with our products/services or respond to your enquiries, we will not be able to offer some or all

How Long we Keep your Data

We only retain personal information for as long as is necessary and we have strict review and retention policies in place to meet these obligations. Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent.

Your personal data within the Apps, is retained until such time as you choose to close your account and/or delete your data. It is possible that some limited personal data may be retained after you close your account on an App for a limited period, where required under a specific lawful basis such as, fulfilling a legal obligation, and this will be retained for no longer than is required for that purpose.

• Active Customers: Retained for the duration of the relationship.
• Inactive Customers: Retained for up to 6 years from the last interaction.
• Job Applications: Retained for up to 2 years for unsuccessful candidates.
• Cookies: Retained for a maximum of 13 months.
• Legal Obligations: Retained for durations required by applicable laws.

Data Breaches

We have procedures in place to deal with any suspected personal data breach and will notify you and any supervisory body of a breach if we are legally required to.

Lodging A Complaint

We only process your personal information in compliance with this privacy notice and in accordance with the relevant data protection laws. If, however, you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO).

To contact MAiNSAiL Ltd

• Data Protection Appointed Person: Stephen Dodds
• Postal contact: The Hive Network, Warnford Court, 29 Throgmorton Street, London, EC2N 2AT
• Telephone: +44 (0) 20 3948 1623
• Email: dataprivacy@thehive-network.com

To contact the Information Commissioner’s Office

• Postal contact: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
• Telephone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number
• Fax: 01625 524 510
• Website Complaint Submission: https://ico.org.uk/concerns/handling/

Changes to the Privacy Policy

We will update this policy to reflect changes in legal or business practices. Significant updates will be communicated via email or our website.

Cookies

How we use cookies

A ‘cookie’ is a small piece of data sent from a website and stored on the user’s computer or terminal device, by the user’s web browser while the user is browsing. When you visit a site that uses cookies for the first time, a cookie is downloaded onto your computer/terminal device so that the next time you visit that site, your device will remember useful information such as items added in a shopping cart, visited pages or logging in options.

Cookies are widely used in order to make websites work, or to work more efficiently, and our site relies on cookies to optimise user experience and for features and services to function properly.

Most web browsers allow some control to restrict or block cookies through the browser settings, however if you disable cookies at browser level, you may find this affects your ability to use certain parts of our website or services, and the websites of other organisations. For more information about cookies visit https://www.aboutcookies.org

List of Cookies