This document was last updated on 29th May 2012.
We would advise users to familiarise themselves with this document, and be aware that it will be updated from time to time.
We do occasionally update this Policy so please do return and review this Policy from time to time.
Information we collect
In running and operating this website we may collect and process certain data and information relating to you and your use of this site. This data and information is detailed below:
- Details of visits to our website and the pages and resources that are accessed, including, but not limited to, traffic data, location data and other communication data that may assist us in understanding how visitors use this website.
- Information that visitors provide to us as a result of filling in forms on our website, such as when a visitor registers for information, signs up for our newsletter or makes a purchase.
- Information provided to us when our visitors communicate with us electronically for any reason.
Our website may place one or more cookies (small text files) on your computer or device. These cookies are used to enhance the users experience when navigating through our site, and may also be used by us to gather statistical information about website usage.
Types of Cookies that we may use
Strictly necessary cookies:
These cookies are essential in order to enable you to move around our website and use its features. Examples of these include: Remembering your purchases and placing them in the shopping basket before placing your order.
These cookies collect statistical information about how visitors use our website. They do not collect information that could identify a visitor. However, they do help us to improve how our website functions.
"By using our website, you agree that we can place these types of cookies on your device"
All browsers have the functionality to allow users to block cookies from specific sites or to block cookies from all sites as well as allowing the user to delete all cookies from their hard drive. Please refer to your browsers help facility.
Use of your information
The information we collect is used for our own use in developing our website and also occasionally by advertisers on this site. In addition, we may use the information for the following purposes:
- To provide you with information relating to our website, products or our services that you request from us.
- To provide you with information on other products that we feel may be of interest to you.
- To meet our contractual obligations to you.
- To notify you about any changes to our website, including improvements, and service or product changes that may affect our website.
If you are an existing customer, we may contact you with information about goods and services similar to those that you have expressed an interest in previously via our website.
Finally, we may use your data, or allow carefully selected third parties to use your data, so that you can be provided with information about unrelated goods and services which we consider are likely to be of interest to you. We or they may contact you about these goods and services by any of the methods that you consented to at the time your information was collected.
Storing your personal data
Data that is provided to us is stored on our secure servers. Details relating to any transactions entered into on our site will be encrypted to ensure its safety. (See our security of customers data policy below for more information)
Security of customers data: policy and procedure
- All customers contact details are stored only on our internal databases, which can be accessed only by Forum employees.
- Forum Business Media Ltd gives customers the opportunity to opt out of receiving marketing information. This information is kept in a suppression list. All post and fax mailing is screened for Forum Business Media Ltd by suppliers against official mail and fax preference lists.
- Forum maintains anti-virus software on both server and all individual PCs.
Credit card data
Forum Business Media Ltd offers customers the opportunity to pay for products by credit/debit card. The Payment Card Industry Security Standards Council has introduced a Data Security Standard that requires us to ensure that all customers security data is appropriately protected. This document sets out what the key principles of the Security Standard are and the procedures Forum Business Media Ltd has have put in place in order to meet them.
1. Build and maintain a secure network
1.1 Install and maintain a firewall configuration to protect cardholder data
1.2 Do not use vendor-supplied defaults for system passwords and other security parameters.
Cardholder data is only held on a secure webpage to which only the appropriate Forum Business Media Ltd staff have access. As soon as the details are downloaded from the webpage and processed the details are deleted from the webpage.
2. Protect Cardholder Data
2.1 Protect stored cardholder data
2.2 Encrypt and maintain secure systems and applications.
For credit card payments made via PayPal through our website, cardholder data is processed by PayPal using their secure systems. Only specially authorised PayPal staff will have access to these details. At no point is cardholder data divulged to Forum staff.
For credit card payments made by telephone to Forum Business Media, the cardholder data is only handled by authorised members of staff. Once a sales order is processed the payment, using the cardholder data provided, is made via the credit card terminal. As soon as the transaction has been entered and accepted by the bank, the hard copy of the cardholder data is destroyed by shredding. The merchant copy of the credit card receipt is stapled to the sales order and a black permanent marker pen is used to cross through all cardholder data, making it unreadable.
No cardholder data details are held electronically or physically.
3. Maintain a vulnerability management program
3.1 Use and regularly up-date anti-virus software
3.2 Develop and maintain secure systems and applications
Maintaining and reviewing our systems is an on-going process. Appropriate security checks were made when a new website went live in April 2010.
4. Implement strong access control measures
4.1 Restrict access to cardholder data by business need-to-know
4.2 Assign a unique ID to each person with computer access
4.3 Restrict physical access to cardholder data
Only the Customer Services staff, who process the sales orders, have access to cardholder data.
Physical access to cardholder data is restricted to Customer Services staff only. All data is destroyed as soon as the payment has been processed
5. Regularly monitor and test networks
5.1 Track and monitor all access to network resources and cardholder data
5.2 Regularly test security systems and processes
5.3 Maintain a policy that addresses security information.
All cardholder data is deleted or destroyed as soon as the transaction has been processed. No cardholder data is held electronically on our network or in hard copy.
Forum Business Media Ltd takes seriously our responsibility to secure all cardholder data. Our systems and procedures are continually reviewed annually and any improvements implemented.
The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically. Transmission of such data is therefore entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential.
Disclosing your information
Where applicable, we may disclose your personal information to any member of our group. This includes, where applicable, our subsidiaries, our holding company and its other subsidiaries.
We may also disclose your personal information to third parties:
- Where we sell any or all of our business and/or our assets to a third party.
- Where we are legally required to disclose your information.
- To assist fraud reduction and minimise credit risks
Third party links
You may find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them
Access to information
The Data Protection Act 1998 gives all individuals the right to access personal information that is held about them. You can request a copy of any information that we hold about you. Please note that any request for this information may be subject to payment of £10.00, which covers our administrative costs. Please contact us if you wish to make such a request.
Forum Business Media Ltd
3rd Floor Regal House
70 London Road
Tel: +44 (0)20 8243 8704
Fax: +44 (0)20 8043 0548