UKTN Privacy Policy Update: Key Changes and Data Practices Explained
Tech City News Limited, the publisher of UKTN, has released a comprehensive update to its privacy policy, which took effect in February 2024. The document, which serves as the primary privacy notice for all users of the UKTN website, outlines the company’s approach to handling personal data, its legal obligations, and the rights of individuals. This article extracts the headline and key facts from the policy to help readers understand how their information is managed.
Who Is Responsible for Your Data?
The controller of your personal data is Tech City News Limited, referred to as "UKTN", "we", "us", or "our" in the policy. The company has appointed Marco Callegari as Data Protection Officer (DPO). Users can direct any questions about data handling to mydata@wearemvi.com or by post to 124 City Road, London, EC1V 2NX. The policy also notes that individuals have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if they believe their data rights have been violated.
Types of Personal Data Collected
UKTN collects several categories of personal data. Identity Data includes first name, maiden name, last name, username, marital status, title, date of birth, and gender. Contact Data covers billing address, delivery address, email address, and telephone numbers. Financial Data includes bank account and payment card details. Transaction Data records details of payments and purchases. Technical Data captures IP address, login data, browser type, time zone, location, and operating system. Profile Data includes username, password, purchase history, interests, preferences, and survey responses. Usage Data records how you interact with the website and services. Marketing and Communications Data stores your preferences for receiving marketing from UKTN and third parties, as well as your communication preferences.
The policy makes clear that it does not collect Special Categories of Personal Data (e.g., race, religion, health) or information about criminal convictions. Aggregated Data, which is anonymised and cannot identify you, may be used for statistical or research purposes.
How Your Data Is Collected
Data is collected through three primary channels. Direct interactions occur when you fill in forms, correspond via post, phone, or email, or engage with UKTN services—such as applying for products, creating an account, subscribing to publications, entering competitions, or providing feedback. Automated technologies like cookies, server logs, and similar tracking tools collect Technical Data when you browse the website. UKTN also receives Technical Data from third-party analytics providers (e.g., Google) and advertising networks (e.g., Google DoubleClick for Publishers). These third parties may be based inside or outside the EU.
Legal Bases for Processing
UKTN processes personal data under three main legal bases: performance of a contract (e.g., to deliver a service you requested), legitimate interests (e.g., for running the business, fraud prevention, network security, and marketing analytics), and compliance with a legal or regulatory obligation. The policy states that consent is generally not relied upon except for sending third-party direct marketing via email or text message. Users can withdraw consent to marketing at any time by contacting UKTN.
The policy includes a detailed table outlining specific purposes for processing and the corresponding data types and lawful bases. For example, registering a new customer uses Identity and Contact Data under performance of a contract. Processing and delivering an order involves Identity, Contact, Financial, Transaction, and Marketing Data, with the legal basis being contract performance and legitimate interest (debt recovery). Managing customer relationships includes notifying users of policy changes and requesting reviews, relying on contract performance, legal obligation, and legitimate interest (keeping records accurate). Enabling participation in prize draws or surveys uses Identity, Contact, Profile, Usage, and Marketing Data, based on contract performance and legitimate interest (studying customer behaviour).
Marketing and Advertising
UKTN aims to provide users with choices regarding how their data is used for marketing. The policy describes using Identity, Contact, Technical, Usage, and Profile Data to build a profile of user interests and to decide which offers or products may be relevant. Users receive marketing communications if they have requested information, purchased goods or services, or provided details in a competition—and have not opted out. Third-party marketing only occurs with explicit opt-in consent. Users can opt out of marketing messages at any time via their account settings or by following opt-out links in messages. Opting out does not affect data provided for other transactions, such as purchases.
Data Sharing and International Transfers
UKTN may share personal data with internal third parties (other companies within the Tech City News Group, acting as joint controllers or processors) and external third parties (service providers like IT administrators, professional advisers such as lawyers and bankers, and regulators like HMRC). If the company sells, transfers, or merges parts of its business, the new owners may use the data in line with this policy. All third parties are contractually required to respect the security of the data and to process it only for specified purposes.
Regarding international transfers, UKTN states it does not transfer personal data outside the European Economic Area (EEA). When transfers do occur—for example, with certain service providers—they are covered by European Commission adequacy decisions or standard contractual clauses. For US-based providers, the Privacy Shield framework may be used.
Data Security and Retention
The company has implemented security measures to prevent accidental loss, unauthorised access, or disclosure of personal data. Access is limited to employees, agents, and contractors with a business need, and they are bound by confidentiality obligations. Procedures are in place to handle suspected data breaches, and UKTN will notify relevant regulators and affected individuals where legally required.
Data retention periods vary. By law, basic customer information (Contact, Identity, Financial, and Transaction Data) must be kept for six years after the customer relationship ends, primarily for tax purposes. Users can request deletion in certain circumstances (see Rights below). Anonymised data may be retained indefinitely for research or statistical purposes.
Your Rights Under UK GDPR
UKTN outlines seven key rights for individuals. The right to access your personal data, known as a data subject access request, allows you to obtain a copy of the data held and verify its lawful processing. The right to correction enables you to have incomplete or inaccurate data corrected. The right to erasure (the "right to be forgotten") allows you to request deletion of data where there is no compelling reason for its processing, though UKTN may be unable to comply in certain cases (e.g., legal obligations). The right to object to processing applies when UKTN relies on legitimate interests or direct marketing. You can request restriction of processing in scenarios such as disputing accuracy, unlawful processing, or needing data for legal claims. The right to data portability allows you to receive your data in a structured, machine-readable format, applicable only to automated data processed by consent or contract performance. Finally, the right to withdraw consent applies to any processing based on consent, without affecting prior lawful processing.
Exercising these rights is free of charge unless the request is clearly unfounded or excessive. UKTN may request identification to confirm your identity and aims to respond within one month, extending to two months for complex or multiple requests.
Glossary of Key Terms
The policy defines several terms. Legitimate Interest refers to UKTN's business interest in delivering the best service and experience, balanced against your rights. Performance of Contract means processing necessary for a contract with you or to take pre-contractual steps. Comply with a Legal or Regulatory Obligation means processing required by law. Internal Third Parties are companies in the Tech City News Group based in the UK or EU providing IT and administration services. External Third Parties include service providers, professional advisers, and regulators.
The updated privacy policy is available in full on the UKTN website, and users are encouraged to read it alongside any other fair processing notices. By continuing to use the site, you agree to the collection and use of your data as described.
This summary is provided for informational purposes and does not replace the official privacy policy. For any queries regarding your personal data, contact the DPO at mydata@wearemvi.com.
Source: UKTN News