This policy was last updated on 21st May 2018 to comply with the EU General Data Protection Regulation.
Tab Media and its subsidiary companies listed below (together “Tab Media”, “we” or “us”) will collect, use, share and disclose or otherwise process your personal information in line with this Policy. The relevant data controller for your data will depend on which product or service you have interacted with or to which title you have subscribed as set out below.
The Tab for the websites and other online properties relating to the student news network The Tab
Tab Jobs for The Tab’s job email
Babe.net or Babe for the website and social channels relating to babe.net
Collection of information
Registration, forums, apps and your dealings with us
We collect information about you when you provide it to us; for example, when you fill out our online forms, apply to write for us, enter a competition, respond to our promotions, subscribe to a paid product, register for an email newsletter or participate in a reader forum (which could be on any medium).
Information from devices
Posts, comments and interaction
If you correspond with any of our sites or titles, or interact with other customers or audience members or our staff, for example by using polls, comments, text messages, video, email, phone, or by post, we may display this content indefinitely in any relevant context, subject to our editorial judgement and your rights as set out in this Policy. This may be anonymised in the case of testimonials or customer service conversations.
Public information and posts
Any information about yourself or others that you post on our social media pages, on platforms like Twitter, Facebook and other chat rooms, blogs and forums, will be viewed by other people (including search engines), over whom we have no control. You are responsible for the information you choose to post or otherwise make available in such public areas, and you acknowledge that this may be collected and used by third parties.
If you use third party payment providers, such as Stripe or PayPal, to pay for or receive payment from us that site may pass information to us including your name, email address, billing or other address, phone number (if applicable), date of sign-up, the number of payments you have received from verified PayPal users, whether you have been verified to have control of a bank account and any other information you agree they can share.
We may also obtain online and offline information about you from other organisations, such as consumer insight providers, that have your permission or where there is a legitimate interest in sharing your personal information with us or companies like us. We may combine this with information we collect in accordance with this Policy.
When you visit one of our websites or use one of our apps, advertising networks and other intermediaries select and then display adverts on your device.
These companies collect information from your device to help select adverts that they believe are more relevant to you. They also use this information to tell advertisers that the adverts have been delivered and seen. You can find out more in the Cookies section of this Policy.
Our Legal Bases for Using Personal Information
All organisations need a legal reason to use your personal information. If they don’t have one, they can’t use it. There are a number of legal grounds that enable data processing. Below are the most relevant grounds you should be aware of.
With your consent
There are some activities where we process personal information with your consent. For example, if you sign up to our email newsletter email. If we want to send you separate marketing messages by email, we would ask your permission first and you could opt-out at any time. However, if you opt-out or withdraw consent, we may not be able to provide the product or service you have requested.
To enter into and fulfil a contract
We also process your personal information in order to fulfil a contract we have with you. For example, we would use your information to provide you with access to your digital subscription or other products you have signed up for or to provide a prize to which you are entitled.
For a legitimate interest
We may use your information where there is a legitimate reason to do so. For example, we may use your information where it would help achieve our business objectives or to facilitate a benefit to you or someone else.
We only rely on legitimate interests if the reason for using your information is fair and lawful. Where we want to rely on legitimate interests as a legal basis, we will carry out a balancing test between our legitimate interests and your privacy rights.
Our legitimate interests in processing personal data include:
To comply with legal obligations
There may be situations where we need to use your information to comply with legal and regulatory obligations or defend claims. This may include publishing information about prize winners, for example.
In the table below we have listed the main reasons we process your information and the legal bases that are available to us. The specific legal basis we use will depend on the activity the information is used for. Please keep in mind that while we will rely on one legal basis, if that is no longer available to us, we may be able to rely on another.
|Purposes of processing (why we use your information)||Lawful basis for the use of your information – this may depend on the specific activity|
|To provide products and services, improve your experience and manage our relationship with you||Consent, Fulfil a Contract, Legitimate Interest, Legal Obligation|
|To personalise content and offers||Consent, Fulfil a Contract, Legitimate Interest|
|To send you direct marketing||Consent, Legitimate Interest|
|To send you product-related and similar product and services communications||Fulfil a Contract, Legitimate Interest|
|To conduct market research and perform analytics||Consent, Legitimate Interest|
|To match data and gain audience insights||Consent, Legitimate Interest|
|To detect ad blockers||Fulfil a Contract, Legitimate Interest, Legal Obligation|
|To allow third party advertising||Consent, Performance of a Contract, Legitimate Interest|
|To provide co-branded services and features||Consent, Performance of a Contract, Legitimate Interest|
|To disclose your information as permitted or required by law||Consent, Performance of a Contract, Legal Obligation|
|To ensure our services are used appropriately||Legitimate Interest, Legal Obligation|
|As part of the sale of our business||Consent, Legitimate Interest, Legal Obligation|
|To take payments, check your identity and conduct credit checks||Consent, Performance of a Contract, Legitimate Interest, Legal Obligation|
|To share between group companies for analysis, audience insights, business efficiencies, content personalisation and to deliver relevant advertising||Legitimate Interest|
|To ensure that our products and services conform to agreed industry standard standards||Legitimate Interest|
How We Use Personal Information
To provide products and services and improve experience
We will use your information to provide you with products and services you have asked for and to manage our relationship with you, including allowing you to interact, comment, and participate in online games, contests and reward programmes.
We may use your information to monitor, improve and protect our products, content, services and websites, both online and offline. We may also provide you with help and support where we believe it is required. For example, if you have provided your contact information, we may contact you when a checkout journey is not completed.
To personalise content and offers
We sometimes make assumptions about your interests based on the way you interact with our products and services and the information we hold about you. For example:
Knowing these preferences also allows us to understand the products, content and services our customers like, letting us focus our efforts on developing those areas. We may also use this information to make decisions about what direct marketing to show you.
“Do Not Track” browser settings
If you choose to turn on Do Not Track setting in your browser, your browser sends a special signal to websites, analytics companies, ad networks, plug-in providers, and other web services you encounter while browsing to request that they stop tracking your activity. Currently our websites and apps are not designed to respond to “Do Not Track” signals.
To send you direct marketing
Where we have your permission or a legitimate interest, we may send you direct marketing. This may include communications by post, telephone, email, messages (including push notifications where you have an app installed) to your mobile devices, through social media (such as Facebook, Instagram and Twitter) and on our website, or on other websites, as you browse the internet. The communications may contain information about our products, services, events and offers. We may also send you information, offers and promotions from our commercial customers and partners where you have given your consent.
You will be able to opt-out of direct marketing by following the instructions in the communication or by changing the settings in your preference centre.
To send you information about similar products and services
We will send you information, exclusive offers and promotions about similar products and services to those that you have already engaged with or purchased, where you have indicated that you are happy to receive them. You will always be able to opt-out of these, either in the communications themselves or via your preference centre.
To send you product-related communications
As part of the products and services you have with us, you are entitled to receive newsletters, bulletins, and other “in-life” communications that relate to those products and services, including triggered emails, such as updates you make.
You will be told about the types of communications you will receive when you sign up and you will be able to unsubscribe at any time. However, if you do, you may not get the most out of the products and services you have signed up to.
We may send you service messages by email, SMS, social media, post, or other channels, containing important information about changes to our service or your account. These communications are a fundamental part of our products and services. For example, we may contact you to validate your payment details or to tell you about changes to the product or service.
To conduct market research and perform analytics
We may use your information to conduct market research to improve the services we offer and to develop new products and services. You will be able to opt-out of receiving market research surveys by following the instructions in the communication.
You may also be asked if you would like to join our audience panels to help us improve our products and services. We value your participation and you will always have the choice to opt-out of these panels.
To match data and gain audience insights
Where we have your permission or a legitimate interest, we may compare our customer database with our commercial customers’ and partners’ customer databases. This process allows us to see if a partner’s adverts would reach its existing customers that use our products and services, or we could reach our customers through their products or services. It also helps us to understand if those customers are likely to find promotions from those partners relevant. Where a customer is found to be on both databases, we may use the marketing permissions we hold to send that customer direct marketing. We do this through the use of a trusted third party processor to identify matching customers.
We may also provide our commercial customers and partners with information about the effectiveness and reach of advertising campaigns that they have planned or carried out. This information will not identify you directly without your consent.
For example, we may tell advertisers how many customers their adverts can reach based on criteria they select (such as “21-year-old men who like football and live in London”) or how many times an advert was viewed.
If you would prefer not to have your information used for database matching or audience insights, please email email@example.com
To detect ad blockers
When you visit our sites we may check (using cookies, code, script or other technical means) to see if you have an ad blocker installed on your device or if your internet browser settings allow adverts or not.
If we detect that your device or internet browser is using an ad blocker, we may ask you to “whitelist”, trust or pause blocking adverts while you visit our websites or apps. You can do this easily in your browser settings or within the ad blocker itself. If you continue to use an ad blocker this may have an impact on the content you are able to see on our website or apps.
To allow third party advertising
In some instances targeted advertising may be displayed on our websites and apps by third parties using our platforms. These third party adverts may collect and use your personal information, which is outside of our control. This targeting may be caused by cookies already in place on your device. More general information on cookies can be found in the Cookies section of this Policy.
To provide co-branded services and features
To disclose your information as permitted by law
Your information may be disclosed where we are permitted by law to do so, for example where we get police requests or regulatory inquiries. We may also disclose your personal information where we are allowed by law to protect or enforce our rights or the rights of others and for the detection and prevention of crimes, such as fraud.
To ensure our services are used appropriately
If you post or send offensive or objectionable content, or otherwise engage in disruptive behaviour anywhere on or to any of our websites or apps, we may use your information to stop such behaviour. This may involve informing and responding to relevant third parties such as law enforcement agencies about the content and your behaviour.
As part of the sale of our business
If we sell part or all of our business, customer information may be one of the transferred business assets. If this happens, your information may be disclosed to our advisers and any prospective purchaser’s advisers and will be passed to the new owners of the business for the purposes set out in this Policy and to ensure continuity of your selected services.
To take payments, check your identity and conduct credit checks
Customer information will be used to take payment for products and services and may be used to verify credit details related to this payment. Permission to do so is implicit in providing financial details to process payment. Direct debit or continuous payment authority information, including card details, may be retained in accordance with our regulatory requirements, by us or our payment processors for ease of renewal of services. Additionally, we may receive updated payment details from your bank or payment provider from time to time, which we will use to ensure that your details are kept up to date and to allow us to take future payments.
If we provide a service to you that is dependent on age or residency, and we have an obligation to verify this information then we may pass your details to a third party to carry out the verification for us.
If you apply for credit, then to help us to make credit decisions about you, prevent fraud, check your identity and prevent money laundering, we may search the files of credit reference agencies who will record any credit searches on your file whether or not your application succeeds. We may also disclose details of how you conduct your account to such agencies. The information will be used by other credit grantors for making credit decisions about you and the people with whom you are financially associated for fraud prevention, money laundering prevention and occasionally for tracing debtors.
To ensure that our products and services conform to agreed industry standards
We may share your information with auditors for the purposes of verifying that we comply with relevant standards. For example, we may ask third party auditors to assess our compliance with information security and Privacy by Design best practice. This may require them to access your information in our systems.
How We Share Your Information
Sharing between Tab Media companies
Your information will be shared between the Tab Media companies listed in the About Us section above for use in accordance with this Policy.
Sharing with Commercial Partners
We may disclose your personal information to third parties, such as competition partners, for their direct marketing purposes where we have told you about this and you have given permission or there is a legitimate interest to do so.
These partners will also pass us the information they collect about you, including your usage and interaction with those products and services, which we will use in accordance with this Policy.
Disclosure to our processors
We may pass your information to our processors – companies that we use to provide services on our behalf, for example for home delivery services, prize fulfilment agencies, market research or other purposes mentioned in this Policy. These processors can only use your information in accordance with our instructions and for no other purpose.
When you complete our registration forms or use our services, we may transfer your information to our group companies and processors outside the EEA to countries that may not have data protection rules that provide the same level of protection. However, we only transfer your information where there are appropriate measures and controls in place. If you would like to receive a copy of the applicable data transfer safeguards used when your information is transferred outside the EEA to non-adequate countries, please contact us at firstname.lastname@example.org
Access & Control of Your Information
Updating your information
Please ensure you update your personal information or tell us if it changes or is inaccurate. You can update your details, for example your email address, in your account settings or an equivalent section if you are a subscriber. You may also email our team at email@example.com
Preference centre: controlling direct marketing
You can change your mind about receiving direct marketing or other communications you receive from us, such as bulletins and other information about your chosen products and services by contacting us using the details below, changing the settings in your account settings or by following the unsubscribe instructions in the relevant communication.
There may be some types of communication that you receive that cannot be controlled through your preference centre, but you will still be able to opt-out by following the instructions in the communication itself.
Withdrawing consent for processing
Where we may rely on your consent to process personal information, you have the right to withdraw that consent at any time. Often, this can be managed through account settings – such as your consent for us to send you communications. Otherwise, please contact us at firstname.lastname@example.org with details of your request. In some instances we may still have an alternative legal basis to continue to process that personal information and we will inform you of that. If you do withdraw consent we may not be able to provide the product or service you have requested.
You may request a copy of your personal information from Tab Medi, as well as the right to not be profiled. You can also ask us to correct any inaccuracies in your personal information. In some circumstances you may be able to ask us to transfer information you have provided to us to another organisation. Similarly, you may be able to transfer your information from another organisation to us, but you should check with us first if this is possible.
You may also have the right to object, erase, or restrict our processing of your information – for example, where we process personal data because this is in our legitimate interests, you may object to this. We will need to carefully consider your request, as there may be circumstances which require us, or allow us, to continue processing your data.
To exercise any of these rights, please contact us at email@example.com These rights may be restricted by law, for example we may not be able to provide a copy of your data where the data we hold is also the data of a third party and it is not reasonable to disclose this information.
Complaining to the Regulator
If you have a comment, concern or suggestion, please contact us at firstname.lastname@example.org. If you have a complaint and we cannot resolve the matter, you have the right to complain to the Information Commissioner’s Office in the UK https://ico.org.uk/ or the Data Protection Commissioner in the Republic of Ireland https://www.dataprotection.ie/docs/Home/4.htm. Alternatively you may contact the data protection regulator responsible for your country or region.
Retention of Personal Information
We will retain your information for as long as necessary for the uses set out in this Policy, or while there is a legitimate reason for doing so. If you ask us to delete your information before that time, we may not be able to do so due to technical, legal, regulatory or contractual constraints. For example, we would need to retain your name and contact details for suppression purposes if you do not want to receive direct marketing from us.
If you ask for your account to be closed, we will do this as soon as is reasonably possible subject to any applicable terms and conditions relating to the account. Personal information from closed accounts is retained in order to comply with legal obligations, prevent fraud, collect any fees owed and to resolve disputes.
Cookies and Similar Technologies
What are Cookies?
Cookies and other online tracking technologies are small bits of data or code that are used to identify your devices when you use and interact with our websites and other services. They are often used for remembering your preferences, to identify popular news stories, to remember you’re logged in and allowing you to comment on stories.
Our legal bases for cookies and similar technologies
Using information collected from cookies: where we want to use the information that cookies and similar technologies collect, we either need your consent or a legitimate interest. In practice it will not always be practical to get opt-in consent as doing so with cookie banners and pop-ups would disrupt your use and enjoyment of our sites and content. This is why we usually rely on our legitimate interests to use the data collected by cookies. To do this we conduct an assessment to make sure the purposes for which we use your data are fair and that your privacy rights are considered. We only rely on legitimate interests where your rights do not override our interests in using the data.
For more information about your rights in relation to legitimate interests, please see the section on Access & Control.
What Cookies Do We Use and Why?
Essential cookies and similar technologies
Analytics cookies and similar technologies
These collect information about your use of our websites and apps, and enable us to improve the way they work. For example, analytics cookies show us which are the most frequently visited pages on The Tab or babe websites allowing us to provide the most popular news articles further up the page. They help us record how you interact with our websites, such as how you navigate around pages and from page to page, identifying improvements we can make to the customer journey. They also help identify any difficulties you have accessing our services, so we can fix any problems. Additionally, these cookies allow us to see overall patterns of usage at an aggregated level.
We may place cookies and similar technologies on behalf of comScore who help us measure the size and quality of our audiences across platforms. You can learn more and control how comScore use your information here http://www.scorecardresearch.com/preferences.aspx.
Functional/preference cookies and similar technologies
These cookies collect information about your choices and preferences, and allow us to remember things like language, your username (so you can log in faster), text size, and location, so we can show you relevant content to where you are. They allow us to customise the services you have accessed. We also use these cookies to provide you with services such as video clips.
Tracking, advertising cookies and similar technologies
We use these types of technologies to provide advertisements that we think may be more relevant to your interests. This can be done by delivering online adverts based on your previous web browsing activity, known as “online behavioural advertising” (OBA). Cookies are placed on your browser which will remember the websites you have visited. Adverts based on what you have been looking at are then displayed to you when you visit websites which use the same advertising networks.
For example, you may be doing online research to buy a bicycle, and read several articles about bikes on various websites. As you browse those sites a cookie from an advertising network would be placed in your browser. It would remember that you had visited several websites related to cycling. Then, when you visited another website in the same advertising network, the website could show you an advert related to cycling.
To help us deliver relevant advertising using cookies, we use Google Double Click. You can find out more about Google Double Click here.
We participate in an advertising platform offered by The Publisher Desk. To learn more about The Publisher Desk, please visit https://www.publisherdesk.com/
Web beacons and tracking pixels
These are bits of data that count the number of users who access a website or webpage and can also allow us to see if a cookie has been activated. Web beacons used on web pages or in emails allow us to see how successful an article has been, or whether an email message was successfully delivered and read in a marketing campaign. Web beacons are also used to verify any clicks through to links or advertisements contained in emails. We may use this information to help us identify which emails are more interesting to you and to inform advertisers how many customers have clicked on their adverts (the information shared with advertisers is aggregated and does not identify you individually).
We may, in certain situations, use Adobe Flash Player to deliver special content, such as video clips or animation. To improve your user experience, Local Shared Objects (commonly known as Flash cookies) are used to provide functions such as remembering your settings and preferences. Flash cookies are stored on your device, but they are managed through an interface different from the one provided by your web browser.
Tracking URLs are a special web link that allows us to measure when a link is clicked on. They are used to help us measure the effectiveness of campaigns and advertising and the popularity of articles that are read.
We may collect and analyse a device’s browser information to help identify that device, present content correctly, conduct analytics and help prevent and detect fraud.
If you access our services from a mobile device
We may collect a unique device identifier assigned to that device, geo-location data, and other transactional information for that device. We may also use the unique identifier to validate free trials, for example.
Protect our networks
Cookies and similar technologies help us identify and prevent threats to our sites. They are necessary to protect your information and our business from outside threats.
Allow you to access our services
Cookies and similar technologies permit your connection to our websites: our servers receive and record information about your computer, device, and browser, including potentially your IP address, browser type, other software or hardware information, and your geographic location.
Assess usage of services
We use information about your usage of our services, websites and apps, such as pages you have visited, content you have viewed, search queries you have run, and advertisements you have seen or interacted with to assess how our services are used.
Provide eCommerce functionality
Cookies and similar technologies help us provide functionality that you need to navigate our sites, select products and services and purchase them.
Provide relevant content
The content on our websites and in our communications with you may be adjusted depending on what we know about the content, products and services that you like. This means we can highlight content and articles that we believe will be of interest to you. We provide personalisation by using cookies, IP addresses, web beacons, URL tracking and mobile app settings.
Sell third party advertising
To learn more about controlling cookies and similar technologies, please see the section below on Managing Cookies.
By downloading our apps, we will require access to the following services on your device: unique identifier (UDID), MAC address or other applicable device identifier and location. Other services may also be required in order for the apps to function. We may use this information to validate free trials. Our apps may also provide push notifications to your device. You may control these through using the tools on your device, such as turning off push notification and location services.
Where other partners are placing cookies and similar technologies for their own purposes, they are called data controllers and will use your information for their own purposes.
In the future we plan to release improved controls to allow you to choose which partners can collect and use your information.
Most modern browsers are set to accept cookies by default, but you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser.
Controlling OBA cookies
In addition to being able to control cookies by changing the settings in your browser on your computer, or in your mobile device’s settings, you can also control which companies can set cookies and similar technologies on your devices, by visiting the following links (you’ll need to turn any cookie or ad blockers off for the control pages to show which companies you can opt-out of):
Importantly, these ad networks set cookies to remember that you have chosen to opt-out. If you clear your cache the opt-outs will not be applied and you would need to opt-out again.
Controlling Flash cookies
You can manage the use of Flash technologies with the Flash management tools available at Adobe’s website, at http://www.adobe.com/devnet/flashplayer/articles/privacy.html.
Controlling web beacons
You can prevent web beacons from tracking your activity, although you won’t be able to decline receiving them in emails. For information about managing your cookie options, please visit http://www.allaboutcookies.org/.
Please note that by blocking any or all cookies, you may not have access to certain features, content, or personalisation available on our websites or apps.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via in site notification within 7 business days
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a US law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
To be in accordance with CANSPAM we agree to the following:
Changes to This Policy
In addition to any general data protection enquiries you may have, you can use these details to contact our Data Protection Officer.
|By mail:||Data Protection Enquiries,
Tab Media Ltd
2-4 Great Eastern Street