First Wednesdays is a website and meetup operated, organised and curated by Hanway Associates Limited to help those in the medical cannabis scene get together, network and collaborate.
We are committed to protecting the personal data that we obtain about you.
Hanway Associates Limited (“we”, “us”, “our”) is a company incorporated in England & Wales with company number 10824240 whose registered office is located at 56 Broadwick Street, London, England, W1F 7AJ.
Where we decide the purpose and means for the processing of your personal data, we are the controller. As controller, when we process your personal information, we are bound to comply with all applicable data protection laws, including the General Data Protection Regulation 2016/679 and the Data Protection Act 2018.
What information we may collect about you;
How we will use information we collect about you;
Whether we will disclose your details to anyone else; and
Your choices and rights regarding the personal information you have provided to us.
Information we may collect about you
To provide our Services to you, we collect and process the following information which may include your personal data.
Information provided by you
We may obtain some personal information about you directly through our Website, by email or other means.
Contacting us, or signing up to our mailing list
If you contact us via the Website or email, we may obtain personal information about you such as:
email address and/or telephone number
information about where you live
information about what you do and what you’re interested in
the name of your organisation
your postal address
messages contained in online submissions, email, phone or similar conversations
If you have gotten in touch with an enquiry, we’ll process your personal data in order to pursue our legitimate interests in responding to enquiries and promoting our events.
If we have a contract with you, we may also process your personal data in response to your enquiries insofar as it’s necessary for us to perform our contractual obligations.
If you ask to be added to our mailing list, we may process your personal data on the basis of consent you give when you subscribe, and we will keep you updated with information on news, events and updates unless you later ask to be removed from that list (for example by clicking unsubscribe at the bottom of emails you receive from us).
We use a third party email marketing service provider, the Mailchimp platform operated by The Rocket Science Group LLC, to manage our newsletter and email lists and to send emails to our subscribers.
Registering for our events (“Registration Data”)
If you RSVP or register to attend a particular event, we may use:
information about your reasons for attending
in order to pursue our legitimate interests in managing entry to the event and monitoring who and how many people attend those events.
Where an event is subject to a fee, we or those organising the event may engage a third party, such as Eventbrite, Inc. to manage payment processing and the sale of tickets.
To the extent we process your personal data in the course of marketing and selling tickets to an event, we do so to the extent it is necessary for the performance of a contract you are party to, or to take steps at your request prior to entering into a contract.
Data Analytics & Marketing
We and our trusted partners use technology such as cookies and other mechanisms to collect log and analytical information. When you visit our Website, you will be asked to agree to use of this technology across the web. You can change your mind and change your consent choices at any time.
Our Website also uses website analytics, including Google Analytics, and which we may use to evaluate and improve our Website.
To find out more about Google Analytics or Square Space and to learn how to opt out, please visit:
When you visit our Website, these analytics service providers may collect the following data, which will almost always be anonymised and aggregated before reporting back to us:
number of visitors to our Website;
pages visited while at the Website and time spent per page;
page interaction information, such as scrolling, clicks and browsing methods;
websites where visitors have come from and where they go afterwards;
page response times and any download errors; and
other technical information relating to end user device, such as IP address and device ID, device operating system and browser type and/or browser plug-in.
We process this analytics information for a number of purposes, including:
to help us improve our Services to ensure content is presented in the most effective manner for you and for your device;
to understand how, and how often, users visit and interact with our Website and use our online Services;
to monitor the technical operation of our Website (e.g. response times, downloading or uploading errors);
to obtain other technical information relating to end user devices;
to administer our services and for internal operations, including troubleshooting, data analysis, testing, research and survey purposes; and
to compile statistical reports regarding visitor activity, including reports providing aggregated anonymous analytics data that may be shared with our promotional partners.
This analysis is fundamental to our business, including the running of our online Services, and we therefore undertake such monitoring in the pursuit of our legitimate interests of improving our Website and providing a better service and source of information to visitors.
Where you sign-up to a particular event, if that event is organised by a local partner of ours, we’ll share your Registration Data with that local partner so they are able to manage and monitor admission and attendance at the event. We’ll let you know whether a particular local partner is running an event when we inform you about the event itself.
In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention or to our professional advisers).
If we are involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email, account message and/or a prominent notice on our website of any change in ownership or uses of this information, as well as any choices you may have regarding this information.
We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements between us, to investigate potential breaches, or to protect the rights, property or safety of Digital Spring, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
If you send us objectionable content, or behave in a disruptive manner when using our Website, we may process any personal information that you have submitted to us, including in your personal messages, to respond to and stop such behaviour. Where we reasonably believe that you are or may be in breach of the law (i.e. the content you share on the Website amounts to harassment or is defamatory), we may use your personal information to inform relevant third parties about the content, such as your email or internet provider or law enforcement agencies.
Consumer Control and Opt-Out Options
If you do not wish to receive promotional or other marketing material from us or third parties then you can opt-out by clicking on the unsubscribe link in those emails or contacting us at firstname.lastname@example.org at any time.
Your Rights in relation to your Personal Data that we process
You have a number of rights in relation to the way we process personal data about you. Where an individual makes a data subject rights request in accordance with data protection laws, we aim to comply without undue delay, and within one month at the latest. Those data subject rights include the right to make the following requests:
to ask for confirmation and information about the personal data that we process about you, including a copy of data we are processing about you;
to have inaccuracies corrected or incomplete personal data made complete;
to ask us to restrict, stop processing, or to delete your personal data;
to request a machine readable copy of your personal data, which you can use with another service provider. Where it is technically feasible, you can ask us to send this information directly to another provider if you prefer;
to not be subject to automated decision-making, including profiling; and
to make a complaint to the data protection supervisory authority. In the UK, you may contact the ICO at: https://ico.org.uk/concerns/
To make a request in relation to any of the aforementioned rights or generally about how we process your personal data, please email us at email@example.com
In accordance with data protection laws and good commercial practice, we do not retain data in a form that permits identification of the person(s) to whom it relates for any longer than is necessary. Once the purpose for which information has been collected has been fulfilled, we will either permanently delete your personal information or remove all identifiers within it so that it is no longer personal data. We may use such anonymised data for research and/or business analysis purposes.
We do not knowingly use the Website to solicit data from or to market to children under the age of 13.
If a parent or guardian becomes aware that his or her child has provided us with information or may be receiving communications from us or otherwise interacting with our Website without consent of a parent or guardian, we ask that this be brought to our immediate attention. We will make it our priority to address this situation and delete information relating to a child as soon as practicable. In such an event, please contact us at firstname.lastname@example.org.
Security of Data
We will take commercially reasonable, appropriate technical and organisational measures to ensure a level of security appropriate to the risk that could be encountered via the use of our Services, taking into account the likelihood and severity those risks might pose to the rights and freedoms of our Website visitors.
In particular, we will take precautions to protect against the accidental or unlawful destruction, loss or alteration, and unauthorised disclosure of or access to the personal information transmitted, stored or otherwise processed by us.
Please be aware that, while we make the security of our Website and your personal information a high priority and devote considerable time and resources to maintain robust IT security, no security system can prevent all security breaches. When you choose to share your personal information with us, you accept the aforesaid and provide your information at your own risk.
International Data Transfers
Our servers are located in the European Union and the information that we collect directly from you will be stored in these servers. We may also transfer your personal data to our third party service providers, many of whom may be located outside of the EU, operate from multiple locations including non-EU based operations or engage sub-processors located outside the EU.
There are agreements in place to ensure that any international transfers of personal data to our affiliates or third party service providers have appropriate safeguards that meet the requirements of EU data protection laws.
If you would like to find out more about these safeguards or if you have any other queries or comments in relation to this policy, please let us know by emailing us at email@example.com.
Last updated: April 2019