Skip to main content

GCI Stakeholder Privacy Notice

Terms & Conditions

Stakeholder Privacy Notice

Version 1.7 Date Last Updated: May 2024

Stakeholder engagement is used widely across the GCI Health group companies and is essential to the work we do for our clients. Stakeholders are individuals who have interest in our Clients’ products and/or services. Stakeholders include:

  • political / government figures and political groups or associations;
  • media / journalists/ bloggers;
  • influencers;
  • members of the company’s value chain: customers, suppliers, competitors;
  • sector associations;
  • NGOs / civil society representatives / think tanks;
  • academics; or
  • key opinion leaders

This notice is to enable you, as a Stakeholder, to better understand how we use your data. We respect the privacy of individuals that we interact with, this privacy notice contains important information about how we use your personal data as a Stakeholder. 

For how we use your information that is collected using this website please click here.

What information do we collect?

Information that we collect about Stakeholders comes from subscriber databases services, publicly available resources such as social media channels, personal websites or directly from Stakeholders themselves, this information includes the information below:

  • Name
  • Email address
  • Telephone number
  • Assessment of Influence
  • Previous public statements
  • Organisation
  • Job title
  • Previous public work
  • Inferences on attitudes towards our Clients (Positive, Neutral, Negative)
  • Any other information the Stakeholder may provide to us.

How do we use it?

We will use your personal data in the following ways. We are also required by law to state a “legal basis for processing”, i.e. to tell you on what grounds we are allowed to use your information, and this is also set out below:

How we will use your personal data:Our legal basis for processing:
to provide you with information that you may be interested in about our Clients’ products and/or services;Legitimate Interest – we use your personal information to help us to deliver Client information that may be of interest to you.
to provide you with information that you may be interested in from GCI Health services or insights;Legitimate Interests – we use your personal information to help us to deliver the information that may be of interest to you.

Additionally, we may provide additional services to our Stakeholders depending on our interactions which are outlined below:

How we will use your personal data:Our legal basis for processing:
Event management (including travel);Legitimate Interest – we use your personal information to invite you to events which may be of interest to you and manage your attendance if you choose to attend.
Interviews (Phone, In-Person, Video or case studies)Performance of a Contract with you.

Do we pass your information to third parties?

We may send your personal information to other group companies, affiliates and third parties to help us process your personal information for the purposes set out in this notice.  Further details of our group companies can be found here.

We may also share limited information with our Clients on Stakeholders relevant to their organisation, business, or sector.

We may disclose your personal information if we or any of our assets are the subject of a sale or similar corporate transaction. We will ensure that the third parties who receive your personal information are required to keep it confidential.

We may disclose personal information to third parties when we reasonably believe we are required by law, and in order to investigate, prevent, or take action regarding suspected or actual unlawful or otherwise prohibited activities, including, but not limited to, fraud.

Where do we send your information?

We are a global company and therefore we may transfer your personal information to countries around the world including the US and other countries outside Europe. We will, where the country to which your data is transferred has not been found to provide an adequate level of protection, put in place appropriate safeguards (we use standard contractual clauses) to ensure your information is protected.  

How long do we keep your information?

We will keep Stakeholder information no longer required than for the purpose for which it was collected after this it will be deleted. If the work is for a Client, it will be archived for as long as required under our Client contract and then deleted.

How do we protect your information?

We take appropriate measures to ensure that your personal information disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.

Your rights

You are entitled to ask: 

  1. for a copy of the personal information we hold about you, and details about how we are processing your personal information; 
  2. to have any inaccuracies in your personal information corrected; 
  3. if we are processing your personal information by automated means and on the basis of your Consent (see “How do we use it?”, above), for us to provide your personal information to you in a structured, commonly-used and machine-readable format.  You can also ask us to provide your personal information directly to a third party in this format, and, if technically feasible, we will do so; and
  4. to have your personal information erased, or for our use of it to be restricted (for example, if your preferences change, or if you don’t want us to send you the information you have requested). 

Please contact us using the details set out below if you would like to exercise any of these rights.

You also have the right to make a complaint to the supervisory authority if you’re not happy with how we’ve handled your personal information.  Please refer to the local data protection authority where you are located. For example, if you are in the UK, the supervisory authority is the Information Commissioner’s Office (ICO) (http://www.ico.org.uk); In France the supervisory authority is the Commission Nationale de l’informatique et des Libertés (CNIL) (https://www.cnil.fr/).

How to contact us

If you wish to exercise any of your rights in relation to your personal information or if you have any queries about how we use your personal information, please let us know by contacting us at the following address: privacy@gcihealth.com

Changes to this privacy notice

We review this privacy notice on a regular basis to ensure that it is up-to-date with our use of your personal information and that our Stakeholder mapping practices align with the latest guidance on Stakeholder mapping under the GDPR. 

We reserve the right, at our discretion, to revise this privacy notice at any time. The updated privacy notice will be posted on our website. You are encouraged to review this privacy notice from time to time.