Privacy Policy

Digital Rights Group Limited (DRG, we, us or our) is the data controller in respect of your personal data and is committed to protecting and respecting your privacy and personal integrity when you are using our services or browsing through our website (our Services).

This Privacy Policy will help you understand what personal data we collect about you, why it is collected and how it is used by us. It will also clarify how you can exercise your rights when you are trusting us to handle your personal data for you. We ask that you take a moment to read this Privacy Policy carefully and familiarize yourself with its content. If you have any questions, you are welcome to contact us by using the contact information provided at the end of this Privacy Policy.

Please note that our Services may contain links to and from websites that can be held by our network partners, advertisers and affiliates. If you follow a link to any of these websites or use third party services, you should be aware that they have their own privacy policies and that we do not assume any liability for their processing of your personal data. Therefore, please make sure to read their privacy policies before providing your personal data to them.

MINORS

We take the protection and safety and privacy of children online and we do not knowingly market to or solicit personal data from children under the age of 18.

WHAT PERSONAL DATA DO WE COLLECT FROM YOU?

When you access, connect to, sign up to, participate in, create an account for or otherwise use our Services, we may collect personal data about you. The personal data we collect will depend on the circumstances and the Services you are using, but could consist of the following:

Personal data that you actively provide to us

• Name, job title, job level, user type, e-mail address, phone number and postal address.

• User identification, password.

• Information requested by us from you when you report a problem with our Services.

• Your correspondence address if you contact us.

• Your programme interest.

• Any other information that is provided at the time of registration for the use of our Services, connection to our Services or requesting additional services from us.

User generated personal data

• Demographic information such as postcode, preferences and interests.

• Computer and software information, such as your unique ID, operating system, browser type, connection speed and internet service provider;

• Details of your visits to our Services including but not limited to data traffic and other communication data and the resources to which you have access.

We may also collect other information regarding your use of our Services through cookies and other similar technologies. You can find out more about this in our Cookies Policy.

What happens if you connect your social network to our Services?

You can link to various social network sites from our website. This Privacy Policy does not apply when you are using the features in your social network account. Instead, your interactions with these features are governed by the privacy policy and other policies of the companies providing them.

WHY DO WE COLLECT YOUR PERSONAL DATA?

Our purposes

We process your personal data for the following purposes:

A) For the sake of our contractual relationship:

• For the provision of our Services to you, including to fulfil your requests, improve your experience of our Services and to administer our contractual relationship with you.

• To ensure that content from our Services is transmitted to you and your device in the most efficient way.

• To communicate with you regarding your subscription or your account.

• To notify you about changes to our Services.

• To conduct surveys in order to improve your interaction with our Services.

• To provide offers, news, information, products or services that you request from us.

• To carry out analysis on an aggregated level to improve our products and services.

• To send promotional emails about new products, special offers or other information which we think you may find interesting.

• To contact you for market research purposes.

B) For our legitimate purposes:

• To share your information with our group companies when it is necessary for administrative purposes or for the provision of our Services to you.

• To use IP-address, device identifiers or other information necessary to block disruptive use or Services, for the reason of protecting our Services or otherwise enforcing or applying our Terms and Conditions.

• To provide you with offers, news, information, products or services that we believe may be of interest to you, including tailoring what you see so that it relates to your likely interests.

• For analysing and statistical purposes.

• For the establishment, exercise or defence of legal claims.

C) For marketing purposes:

• To send you our newsletter, if you have agreed thereto, which may also contain offers, news or information related to our Services which we believe may be of interest to you. Please note that you can unsubscribe at any time from our newsletter by clicking the “unsubscribe” link in the newsletter.

D) We may also process your personal data if it is necessary for us to comply with a legal obligation or authority decision.

What legal ground in GDPR is the processing of your personal data based on?

The processing of personal data for the purposes described under:

- point (A) is necessary for the performance and conclusion of our contract with you;

- point (B) is necessary for our legitimate interest of developing, administering, protecting and marketing our Services as well as from a business and strategic management perspective;

- point (C) will only occur if we have received your consent to such processing;

- point (D) is necessary to comply with a legal obligation or authority decision.

Is it mandatory for you to provide your personal data?

Personal data that we request from you and that is marked 'mandatory' in anyway, for example by using the * symbol or an error box if you omit to include certain information, is required for us to provide our Services (for statutory, contractual, administrative, technical or similar reasons). However, some of the personal data may be required only in the event that you use specific features, turn on optional parts of the Service or request certain resources, offerings, promotions, programs, etc. from us or our partners, as will be further indicated prior to collecting such personal data from you.

WHO MIGHT WE SHARE YOUR PERSONAL DATA WITH?

Intra-group transfers

We may disclose your personal data to other companies within the MTG group if it is necessary for administrative purposes or the provision of our Services to you. If you have agreed thereto, we may also disclose your personal data to companies within the MTG group for marketing purposes. MTG group companies who have access to your personal data follow practices consistent with this Privacy Policy.

Partners and advertisers

We may share your personal data with our partners and advertisers but only when you have requested it or provided your consent for us to do so.

We may also use aggregate information to monitor usage of our Services in order to help us improve and develop our Services, and we may provide such aggregate information to third parties e.g. content partners or advertisers. This aggregate information does not include personal data and cannot be linked to you.

Third parties for security or other legitimate reasons

We may also disclose your personal data to third parties, if we reasonably believe that disclosure of such personal data is necessary:

• to comply with valid legal obligations including subpoenas, court orders, governmental requests or search warrants, and as otherwise authorized by law;

• to protect our rights or property, or the safety of our customers or employees;

• to protect against fraudulent, malicious, abusive, unauthorized or unlawful use of or subscription to our Services and to protect our network, Services, devices and users from such use;

• to advance or defend against complaints or legal claims in court, administrative proceedings and elsewhere;

• to determine credit risk, for reporting purposes or to obtain payment for our Services;

• as part of mergers & acquisitions, provided that the prospective buyer or seller agree to respect your personal data in a manner consistent with our Privacy Policy;

• to outside auditors and regulators.

Third party suppliers

We may use third party suppliers to perform services for us such as to provide the infrastructure and IT services (including but not limited to data storage), process credit and debit card transactions, to provide customer services, collecting debt analysis and improve data and process customer inquiries and perform other statistical analyzes. In the performance of these services the third party suppliers may have access to your personal data but is only authorized to process it strictly on our behalf and in accordance with our instructions.

WHERE DO WE PROCESS YOUR PERSONAL DATA?

The personal data that we collect from you may be transferred to and stored at a destination outside the European Economic Area ('EEA'), including at destinations that are not subject to a decision by the European Commission establishing an adequate level of protection of personal data. It can be shared with other companies within the MTG Group, processed by staff working for us or for one of our suppliers, located outside the EEA. Such personnel may for example be involved in the execution of our support services. We will take all reasonable necessary steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy and have adopted appropriate safeguards to protect it. If you wish to have further information on or a copy of these safeguards, please contact us using the contact information provided at the end of this Privacy Policy.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We will only keep your personal data for as long as we consider necessary for the fulfilment of our purposes that we have described above under “WHY DO WE PROCESS YOUR PERSONAL DATA”, after which we will securely delete or in some cases anonymise your personal data. We do regular status checks to review when personal data needs to be deleted. However, as we process your personal data for various purposes, the actual period for which the personal data will be stored will depend on the circumstances.

HOW DO WE PROTECT YOUR PERSONAL DATA?

Safeguarding your personal data is a priority for us. Any personal data that you provide to us is stored on secure servers and we use rigorous procedures to protect against loss, misuse, unauthorized access, alteration, disclosure, or destruction of your personal data. Any payment transactions will be encrypted by industry-standard technology.Although we work hard to protect your personal data, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal data. However, we maintain security and incident response plans in the event of a physical or technical incident to handle this in a timely manner and limit any negative effect of such incident.

HOW CAN YOU ACCESS YOUR PERSONAL DATA?

We understand that you may at times need further information from us regarding your personal data and how it is processed or that you may wish to update or correct the personal data you have provided us with. In light hereof, you have inter alia the following rights:

Right to access your personal data: you have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and information.

Right to rectification of personal data: if you find that personal data that we process about you is inaccurate, you have the right to have us correct such personal data.

Right to erasure of personal data (right to be forgotten): under certain circumstances, such as if your personal data has been unlawfully processed or you have withdrawn your consent (if the processing of your personal data is based on consent), you have the right to request and obtain erasure of your personal data from us.

Right to restriction of processing: under certain circumstances, such as if you question the accuracy of your personal data or you have objected to our legitimate purpose to process your personal data, you have the right to request that we restrict the processing of your personal data until a solution has been found.

Right to object to processing: under certain circumstances, such as if you question the our legitimate interest to process your personal data, you have the right to object, on grounds relating to your particular situation, to such processing.

Right to data portability: if your personal data is processed by automated means based on your consent or for the fulfilment of our contractual relationship, you have the right to request that we provide you with your with personal data on a machine-readable format for transmission to another data controller.

Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint regarding our processing of your personal data with your supervisory authority.

Please contact us using the contact details provided below to make a request in respect of your rights. We will use commercially reasonable efforts to respond to your request within 30 days of receiving such request. If we cannot honour your request within the 30-day period, we will let you know the reasons why and when we expect to be able to fulfil your request.Please also note that you can change your contact preferences at any time on the page 'Your Account' if you do not wish to receive certain information from us. You can also exercise this right at any time by contacting us at info@drg.tv.

CHANGES TO THIS PRIVACY POLICY

Our Privacy Policy may change from time to time. Therefore, you should make sure to review the latest version of this policy on a regular basis. We will post any Privacy Policy changes here and, if the changes are significant, we will provide you with a more prominent notice such as an email notification. If we change this Privacy Policy in a way that will affect how we use your personal data, we will advise you of the choices you may have as a result of those changes. We will also keep prior versions of this Privacy Policy in an archive for your review.

CONTACT

The data protection officer in respect of DRG may be contacted by email drglegal@drg.tv.

We welcome any questions, comments and requests regarding this Privacy Policy which should be sent to info@drg.tv.

Digital Rights Group Limited is registered in England & Wales, company number 05978061. The registered office address is Chiswick Green, 610 Chiswick High Road, London, W4 5RU.We operate under and are bound by the General Data Protection Regulation 2016/679 ('GDPR') together with the Data Protection Act 1998 and the Electronic Communications Act (2003:389).