InfraXmedia (Holdings) Ltd, the parent company of the InfraXmedia group of companies, has published an updated Data Protection and Privacy Policy. The policy, last revised on 25 April 2025, reflects the company’s ongoing commitment to compliance with UK GDPR, the Data Protection Act 2018, and other applicable data protection laws across Europe, the USA, Canada, and Latin America. The document outlines how the group collects, uses, stores, and shares personal data for customers, business partners, marketing registrants, website visitors, employees, and contractors.

Scope and Applicability

The privacy policy applies to all companies within the InfraXmedia group, which includes brands such as Data Center Dynamics and others in the media and events sector. The data controller for the group is InfraXmedia (Holdings) Ltd, with its registered office at 32-38 Saffron Hill, London EC1N 8FH, United Kingdom. The policy is designed to meet best practices in data handling and to ensure transparency with individuals whose data is processed.

Types of Personal Information Collected

The policy details specific categories of personal data collected from different groups:

• Customers and Business Partners: Name, email address, phone number, job title, company name, country, business address, and in certain jurisdictions, a copy of a current passport or residence card.
• Marketing and Events Registrants: Contact details as above, preferences, and professional interests.
• Website Visitors: IP address, browser type, device information, and cookies (addressed in a separate Cookie Policy).
• Employees and Contractors: Personal data relevant to employment and contractual obligations, governed by separate internal policies.

By submitting personal information through any InfraXmedia form, users consent to the processing described in the policy.

Legal Bases for Processing

InfraXmedia processes personal data under three primary lawful bases:

• Contractual Necessity: To fulfill obligations under agreements with customers and business partners.
• Legitimate Interest: To pursue the company’s legitimate business activities, including marketing, event management, media services, and analytics. This basis is used when the processing does not disproportionately impact individuals’ rights.
• Consent: When required, the company obtains explicit permission before processing data (e.g., for certain marketing activities).

The policy emphasises that legitimate interest is a key foundation for many processing activities, especially for contacting corporate subscribers via business email addresses. InfraXmedia states that it carefully balances its interests against the rights of data subjects and guarantees adherence to this principle.

Specific Uses of Personal Data

The policy enumerates several ways data may be used, including service-related communications (e.g., subscription changes, password reminders), invitations to research studies, operational information for events (badges and apps), traffic analysis, fulfilling orders, providing online communities, determining campaign effectiveness, aggregated business analytics, and managing images and videos from group events. Photographs, broadcasts, and films may be used for promotional purposes on company websites and marketing materials.

Marketing Communications and Opt-Out

InfraXmedia relies on legitimate interest to contact corporate subscribers via business email addresses without prior consent. However, the company provides an unsubscribe link in every marketing and product email and an email address (dataprotection@infraxmedia.com) for opting out at any time. The policy notes that registration with the Telephone Preference Service (TPS) or Mailing Preference Service (MPS) does not automatically prevent InfraXmedia from contacting individuals if they subsequently submit personal data, as the submission is interpreted as consent for that instance. Users can revoke consent at any time.

Sharing Personal Data with Third Parties

InfraXmedia may share data with other companies in its group, its holding company, and subsidiaries. It may also disclose information when required by law, such as for crime prevention, tax collection, or legal proceedings. In the event of a business sale or acquisition, personal data may be disclosed to prospective buyers on a confidential basis. For events, webinars, whitepapers, and digital downloads, InfraXmedia shares data with sponsoring third parties for their marketing purposes. Sponsors are listed on the Data Center Dynamics website at the time of registration. Data is not shared or sold beyond this condition. All data are date and time stamped; individuals can opt out by contacting the data team.

International Data Transfers

Given the global nature of its operations, InfraXmedia may transfer personal data to countries outside the UK and European Economic Area. The policy outlines safeguards used: adequacy decisions by the UK or EU, Standard Contractual Clauses (SCCs), self-certification under the U.S. Data Privacy Framework (DPF) for its US-based business, and separate Data Protection Agreements with partners. These measures ensure that data is protected to standards equivalent to those in the UK and EEA.

Data Security and Retention

The policy states that all personal data is stored on secure servers provided by IT system suppliers. Access to internal servers is limited to specialist personnel. The company cannot guarantee absolute security during transmission over the internet, and users transmit data at their own risk. Data is retained only as long as necessary for the purposes for which it was collected. For audit and tax purposes, data may be held for up to six years or longer if required by legislation. When data is no longer needed, it is erased or disposed of without delay.

Rights of Access and Correction

Under UK GDPR, individuals have the right to access their personal data and verify the lawfulness of processing. Subject access requests must be verified by reasonable means, and InfraXmedia will respond within one month (extendable to two months for complex requests). Requests that are manifestly unfounded or excessive may incur a reasonable charge or be refused. If personal data is incorrect, individuals can request correction by emailing the data team. InfraXmedia will update details as soon as practically possible.

Cookies and IP Addresses

InfraXmedia collects IP addresses, operating system, and browser type for system administration and aggregate reporting. This statistical data does not identify individuals. The company uses cookies to provide a personalised browsing experience, as detailed in its separate Cookies Policy.

Changes to the Policy

The Privacy Policy may be updated at any time without prior notice to comply with new practices, regulations, or laws. Changes are posted immediately on InfraXmedia websites, and continued use of the sites after alterations constitutes acceptance of the revised terms. Users are encouraged to review the policy regularly when submitting personal information.

Contact Information

For questions or comments about the policy, individuals can contact InfraXmedia by email at dataprotection@infraxmedia.com or by post to: The Data Controller, The Data Team, InfraXmedia (Holdings) Ltd, 32-38 Saffron Hill, London EC1N 8FH. Users may also contact the UK Information Commissioner’s Office (ICO) via phone (0303 123 1113) or post at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. The ICO’s website provides full details on how to raise concerns. This policy was last updated on 25 April 2025.

Source: Datacenterdynamics News