GDPR/UK GDPR Appendix
We are in compliance with the requirements of the EU General Data Protection Regulation 2016/679
(“GDPR”), the retained EU law version of the GDPR, as adopted into the law of the United Kingdom
pursuant to the European Union (Withdrawal Act) 2018 (“UK GDPR”), the Data Protection Act 2018
and other applicable data protection legislation. Accordingly if you are a resident of the UK,
European Union or the European Economic Area, then the following paragraphs will apply in
addition to the content set out above. If you are a resident in the European Union or European
Economic Area, please refer to the GDPR as appropriate and, if you are a resident in the UK, please
refer to the UK GDPR as appropriate.
Below we have set out the categories of personal data we may collect from you (“Personal
Information”) and the legal basis we rely on to process the data:
-Contact information if, whether as an existing or prospective client, you submit an enquiry or CV
(Curriculum Vitae) to us, register an account with us, download white papers or other materials
from our Website, respond to a survey, subscribe to our newsletter or other materials, or if we
otherwise collect information from you in the course of a meeting, a convention, an exhibition or
another similar event (each, an “Event”). Contact information may include your name, surname,
email address and telephone number (“Contact Information”).
If you subscribe to our newsletter or other materials, we will process your Personal Information
on the basis that you have consented to this and will only send such materials to you for as long
as you continue to consent.
Otherwise, we will such process your Personal Information on the basis of performing our
contract with you or on the basis of our legitimate interest in providing our services to you.
-A record of any correspondence or communication between you and us (“Communication
We process this information on the basis of the performance of our contract with you or on the
basis of our legitimate interest in providing our services to you.
– Information which we hold when you order or otherwise subscribe to Landa’s digital printing
services. Such information includes Contact Information, Financial Information and address
details for the delivery and collection of the digital printer services (“Order Information”).
We process Order Information on the basis of performing our contract with you or on the basis of
our legitimate interest in providing our services to you.
-Financial information which we hold in the context of providing services to you (“Financial
Information”) such as billing and banking details.
We process this information when we provide services to you on the basis of the performance of
our contract with you or on the basis of our legitimate interest in providing our services to you.
– Cookie Information
cookies used on our Website.
We are in compliance with the requirements of the EU ePrivacy Directive (2009/136/EC).
Accordingly, if you are a resident in the European Union or European Economic Area on your first
visit to our Website from your browser we will display a notice to notify you that we are using
cookies but we will not load any cookies, except for those cookies which are strictly necessary for
the basic functioning of the Website, until you have provided your consent by clicking the
“Accept” button. If you click the “Accept” button on our cookies notice, the other cookies will
On this basis and where applicable and necessary, we process Cookie information on the basis
that you have consented to this. Otherwise and where consent is not required, we process such
information on the basis of our legitimate interest in providing our services to you.
–Marketing information. We may hold information about you in order to provide information
about our services. This may include names, email addresses, phone numbers, addresses, and
other information (“Marketing Information”).
We process this information on the basis of our legitimate interests in communicating with you
about our services or on the basis that you have consented to receiving the information.
We generally collect information from you directly however in certain circumstances, we may also
collect it from a third party. If we do obtain your Personal Information from a third party your
privacy rights under this notice are not affected and you are still able to exercise the rights contained
within this privacy notice.
With respect to your personal data, you have:
-The right to be informed – a right to know about our Personal Information protection and
processing activities, details of which are contained in this notice
– The right to access – the right to request a copy of any Personal Information that we have about
– The right to rectification – the right to request a correction of any errors in or update of the
Personal Information that we have about you
– The right to erasure (the ‘right to be forgotten’) – the right to request that your Personal
Information is deleted from our records
– The right to restrict processing- the right to request that we no longer process your Personal
Information in certain ways, whilst not requiring us to the delete the same data
– The right to object to processing – the right to request that your Personal Information will not
– The right to data portability – the right to request that your Personal Information be transferred
or exported to another organisation
– The right to withdraw consent – the right to withdraw any permission you have given us to
process your personal data
– Rights in relation to automated decision making and profiling-
– The right not to be subject to automated decision-making (including profiling) when those
decisions have a legal (or similarly significant effect) on you
– The right to request that your Personal Information will not be used to contact you for direct
All requests or notifications in respect of your above rights may be sent to us in writing at the
contact details listed above. We will endeavour to comply with such requests as soon as possible but
in any event we will comply within one month of receipt (unless a longer period of time to respond is
reasonable by virtue of the complexity or number of your requests).
If Personal Information we hold about you is subject to a breach or unauthorised disclosure or
access, we will report this to our data protection manager or officer (if an officer has been
appointed) and the UK’s Information Commissioner’s Office (ICO) (as necessary).
If a breach is likely to result in a risk to your data rights and freedoms, we will notify you as soon as
Please refer to the section “Do We disclose any information to outside parties?” as set out above
for details as to which third parties your Personal Information may be disclosed to.
In addition to this, and as part of the services offered to you, the information you provide to us will
be transferred to, and stored in, countries outside of the European Economic Area and UK.
By way of example, this may happen if:
-Some of our data processors (including for instance server providers of third party providers)
are from time to time located in a country outside of the European Economic Area and UK.
-If you use our services while you are outside of the European Economic Area and UK, your
information may be transferred outside the UK and European Economic Area in order to
provide you with our services or communicate with you.
-We may communicate with individuals or organisations outside of the European Economic
Area and UK in providing our services to you. Those communications may include Personal
Information (such as contact information).
-From time to time your information may be stored in devices which are used by our staff
outside of the European Economic Area and UK (but staff will be subject to our cybersecurity policies).
If we transfer your information outside of the European Economic Area and UK, and the third
country or international organisation in question has not been deemed to have adequate data
protection laws, we will provide appropriate safeguards and we will be responsible for ensuring
Please refer to the section “For how long do We keep your Personal Information?” as set out above
In addition to the above, the retention periods stated can be prolonged or shortened as may be
required (for example, in the event that legal proceedings apply to the data or if there is an on-going
investigation into the data).
We review the Personal Information (and the categories of personal data) we are holding on a
regular basis to ensure the data we are holding is still relevant to our business and is accurate. If we
discover that certain data we are holding is no longer necessary or accurate, we will take reasonable
steps to correct or delete this data as may be required.