WHO ARE WE?
Two Circles is a sports marketing agency. In all territories excluding North America and Switzerland, the legal entity responsible for data is Two Circles Limited (registered number 07753583, of Suite 1, 3rd Floor 11-12 St. James’s Square, London, United Kingdom, SW1Y 4LB). In North America, the responsible local entity is Two Circles Incorporated (a Delaware corporation, with its principal place of business at 30 W 26th St, New York, NY 10010, United States) and in Switzerland the responsible local entity is Two Circles AG (a Swiss company whose principal place of business is at Christoffelgasse 7, 3011 Bern, Switzerland). The entities listed shall together be referred to in this privacy policy as Two Circles (or “we”, “us”, “our”).
WHAT IS THE PURPOSE OF THIS PRIVACY POLICY?
This notice outlines how and why Two Circles collects and uses certain information (which you may provide, or we may collect) from which you are personally identifiable (“personal data”) when you interact with us through the Two Circles website (www.twocircles.com, and relevant sub-domains) or otherwise, where we act as a data controller.
We are committed to protecting and respecting your privacy. Please read the following policy carefully to understand our views and practices regarding your personal data and how we will fulfil our commitment to protecting and respecting your privacy.
For the purposes of the Data Protection Act 2018, the General Data Protection Regulation ((EU) 2016/679), the UK GDPR, Swiss Federal Act on Data Protection (FADP), state and federal privacy laws in the United States (and all other applicable laws relating to the use your personal data) (collectively, the “Privacy Laws”), Two Circles is the “data controller”, meaning that we decide the reasons why your data is used. We are also responsible for keeping your data safe and only using it for legitimate purposes.
This privacy policy does not apply to the extent we process personal data in the role of a processor or service provider on behalf of our customers (or their affiliates). For privacy information related to our customers (or their affiliates) who use our services as the controller, please contact our customer directly. We are not responsible for the privacy practices of our customers, which may differ from those explained in this privacy policy.
CHANGES TO THIS PRIVACY POLICY
Please note that because of the changing nature of privacy laws and regulations, digital technologies, and our business, we may modify this privacy policy from time to time. Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. However, we advise that you check this page regularly to keep up to date with any necessary changes.
This privacy policy was last updated on 17 November 2022.
DATA THAT WE MAY COLLECT ABOUT YOU
You may provide to us, or we may collect from you, the following types of personal data when you interact with us (e.g. through our website, where you receive our services and/or products, or when you communicate with us):
- Contact: first name, surname, email address, telephone numbers and address, company name and job title (if you attend one of our events).
- Profile: your preferences for marketing, other website or technology preferences, your contact history and feedback on your Two Circles experiences (through reviews and surveys)
We may also collect the following types of personal data from you when you use our website. Please read our Cookies Policy carefully for more information.
- Technical: this may include device IDs, browser type, IP address, hardware type, network and software identifiers, location data, operating system and system configuration
- Usage: visitor information e.g. time spent on page, click-throughs, download errors, browsing patterns
Certain of these pieces of information may not identify you on their own but when combined with other information could lead to you being personally identifiable.
You don’t have to give us any of this data but if you don’t, you may not be able to use certain functions and may not receive the optimal user experience.
WHY DO WE USE YOUR DATA AND WHAT ARE OUR LEGAL GROUNDS?
The table below sets out how we use your personal data and our lawful basis for doing so in each case.
| Why we use your data | What data we use |
Why we’re allowed to use your data for these purposes |
| Notify you of changes to our Privacy Policy or relevant terms of service, or changes to our services |
Contact | Perform our contract with you
Necessary to comply with a legal obligation |
| Internal administration and record keeping purposes |
All | Perform our contract with you
Necessary to comply with a legal obligation Our legitimate interests (for the effective operation of our business) |
| Verify your identity and detect fraud and security issues |
Contact, Profile, Technical, Usage |
Our legitimate interests (to prevent/detect fraud and criminal activity) |
| Administer and protect our company, our website and our services/products (including troubleshooting, data analysis, testing, maintenance and support) |
Contact, Technical, Usage |
Our legitimate interests (for the effective administration of our business, website and services/products)
Necessary to comply with a legal obligation |
| Use data analytics to improve our website, services/products, marketing, user relationships and experiences |
Contact, Technical, Usage |
Our legitimate interests (to keep our website updated and relevant, to develop our organisation and to inform our marketing strategy) |
| Providing support, including answering your questions by e-mail or phone |
All | Perform our contract with you
Our legitimate interests (to ensure our customers are satisfied with our services) |
| To understand who is using our website |
Contact, Technical, Usage |
Our legitimate interests (to develop our business and understand our customer base to inform our marketing strategy) |
| Get in touch with you about relevant Two Circles services |
Contact, Profile |
Our legitimate interests (to promote our /services)
Consent |
| If you register for an event or webinar | Contact | Our legitimate interests (to develop our business and relationship with you)
Consent |
| If you attend an event or webinar |
Contact | Our legitimate interests (to develop our relationship and our business with you)
Consent |
| Improve and personalise your user experience by delivering more relevant content whilst you browse, ensuring that our content is presented in the most effective manner for you and for your computer/device, to remember your preferences and to enable you to participate in interactive features of our website |
Contact, Profile, Technical, Usage |
Our legitimate interests (to develop our business, improve our user experience and inform our marketing strategy) |
| Enable you to feedback to Two Circles through reviews and surveys |
Contact, Profile, Technical, Usage |
Our legitimate interests (to develop our business, services and products) |
We also anonymise and aggregate personal data (so that it does not personally identify you). This is not personally identifiable, so we are allowed to use this for any purpose (such as testing our systems and carrying out customer research and analysis).
DO WE TRANSFER/HANDLE YOUR DATA INTERNATIONALLY?
We may share your personal data within Two Circles. This will involve transferring your data to our group companies in the EEA, , Switzerland, the USA, or the UK. Some of our external third parties are based outside of these jurisdictions so their processing of your personal data may involve a transfer of data outside of these jurisdictions.
Whenever we transfer your personal data out of these jurisdictions, we ensure a similar degree of protection is afforded to it by ensuring that appropriate safeguards are implemented, to the extent required by the applicable Privacy Laws. Please contact us using the details set out below if you want further information on the specific mechanism used by us when transferring your personal data.
DO WE DISCLOSE YOUR INFORMATION?
We may disclose your personal information to the following types of third parties:
- vendors and contractors who are performing services on our behalf to enable uses of the information we have describe above;
- our external consultants who assist with the development and delivery of our services;
- analytics and search engine providers that assist us in the improvement and optimisation of our website;
- companies who assist with our marketing, customer surveys and feedback tools;
- third parties who help us detect fraud or criminal activity; and
- our group companies.
We may also need to disclose your personal information in the following circumstances:
- if we are required to do so by law or pursuant to a regulatory request;
- in the event that we sell or buy any business or assets we may be required to disclose certain of your personal data to the prospective seller or buyer of such business or assets; or
- in order to enforce or apply our terms of use and other agreements or in respect of other legal claims.
We do not sell any personal data of users.
HOW DO WE KEEP YOUR DATA SECURE?
We have implemented industry standard security measures to prevent unauthorised access to, use or loss of, your data. We also make sure that when we are required to share your information with third parties, they are subject to suitable confidentiality and security standards.
Despite the security measures that we implement, please be aware that the transmission of data via the internet is not completely secure. As such, we cannot guarantee that information transmitted to us via the internet will be completely secure and any transmission is at your own risk.
HOW LONG WILL WE KEEP YOUR DATA?
We will keep your data for as long as required in connection with the original purpose for which that data was collected (e.g. where you are still happy to hear from us about our latest news and services).
Once you no longer wish to be engaged with us we may still need to keep hold of your data if there is a legal reason for doing so (e.g. for tax purposes or where we are resolving a dispute with you), but we will only retain the data which is strictly necessary for such reason and thereafter, will remove this data from our systems.
THIRD PARTY SITES
This privacy policy only applies to our website. If you leave our website via a link or otherwise, you will be subject to the policy of that website provider (this includes any social media sites). We have no control over third party policies or the terms of the relevant third party website and you should therefore check their policy before continuing to access the site.
YOUR RIGHTS
You have various rights under the Privacy Laws which entitle you, in certain circumstances and depending on the Privacy Laws which apply to you and us, to:
- ask us for a copy of the personal data we hold about you;
- correct or update your personal data, which you can do yourself by logging into your account (if relevant) or if you would prefer, please contact us and we can assist;
- request that we delete your personal data;
- object to the handling of your personal data where we are relying on a legitimate interest (as set out in the above table);
- restrict the processing of your personal data;
- request the transfer of your personal data (or some of it) to a third party service provider; or
- where you have provided your consent for something, in certain circumstances, you may withdraw this consent (but note that we may continue to use your personal data if we have legal grounds for doing so).
Please contact us using the details set out below if you would like to exercise your rights, which you can do for free. We may charge a reasonable fee in certain circumstances, including where your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Otherwise, we will always respond within one month (unless there is a reason for us to take longer in which case we will inform you).
If it is not clear to us who is making the request, we may ask you to confirm your identity before we proceed.
If you are concerned about the way we are handling your personal information you may also contact your local data protection authority (for example, if you are based in the UK, this is the ICO (Information Commissioner’s Office), but if you are based in the EEA please refer to the European Data Protection Board website for details of your local authority). However, where possible, we would really appreciate the opportunity to help with your concern in the first instance.
If your personal data has been submitted to us in our role as a processor (by or on behalf of our customer (or their affiliates) and you wish to exercise any rights you may have under Privacy Laws, please enquire with them directly.
California Residents
California law also grants state residents certain rights, including the rights to access specific types of personal data, to request its deletion, and not to be denied goods or services for exercising these rights.
HOW TO OPT-OUT OF TWO CIRCLES COMMUNICATIONS
If at any time you decide you would like us to remove you from our marketing communications, or to unsubscribe from our database, you can contact us using the details provided at the bottom of this privacy policy. You must include your name, e-mail address, and clear instructions regarding changes you are requesting. You may also unsubscribe from e-mail newsletters by clicking on the “unsubscribe” link found at the bottom of the e-mail.
HOW TO CONTACT US
If you wish to exercise any of your rights in relation to your personal information or if you have any queries about how we use your personal information, please let us know by contacting us at the following address: Data Protection Officer, Two Circles, Suite 1, 7th Floor 50 Broadway, London, United Kingdom, SW1H 0BL, or by email at dpo@twocircles.com.