Privacy Notice for influencers in Cision's Media and Social Influencer Databases

Introduction

This Privacy Notice is for individual influencers included in Cision's Media and/or Social Influencer databases. We explain more about these databases below.

This Privacy Notice does not apply to Cision’s Falcon.io platform. To learn more about the Falcon.io platform see the Falcon.io Listen Platform Privacy Notice.

We at Cision are committed to letting you know how we deal with your personal data, to giving you control over how it is used, and to protecting it.  Here you will find information about what sort of information we hold about you, how and why we collect it, how we use it, and how we keep it secure. This Privacy Notice also tells you about your rights, how you can exercise those rights, and how the law protects you.  Finally, it tells you how you can exercise your preferences to manage the information we have about you, and, if for any reason you do not want to be in  either database, how to ask us to take you out.

About Cision

Cision is a global communications group of companies that enables our customers to identify and connect with influencers; distribute meaningful communications to those influencers; and measure the impact of those communications.  Our customers do this using a number of our different products that allow them access to our databases. Our products and services are operated in many countries under a number of different brands, including Cision, Gorkana, PR Newswire, Hors Antenne, Data Presse, Cision SA, CEDROM, Profnet, HARO, TrendKite, and Prime.  More detail about the products and services we offer can be found  on our website at www.cision.com.

Cision is the data controller and is responsible for your personal data (collectively referred to as Cision, "we", "us", or "our" in this Privacy Notice). Our full contact details are as follows:

U.S.

12051 Indian Creek Court
Beltsville, MD 20705
USA
 

U.K.

5 Churchill Place
London
E14 5HU

Journalist and Influencer hotline: +44 (0)20 7074 2556

If at any time you have any questions about this Privacy Notice or the way we use your personal data please contact our Data Protection Officer by email at Privacy@cision.com

Cision’s Media and Social Influencer Databases

The “Media Database” and the “Cision Social Influencer Database” are referred to collectively below as “the Databases”. 

The Databases are repositories of information (and in particular contact information) relating to influencers like you. We call you an "influencer" because you have the ability to influence the behaviour and opinions of others. 

This term includes traditional journalists working for news publications (e.g. Print, online and broadcast), freelance journalists, and other influencers including social media influencers on Twitter, Facebook, Instagram and other platforms. The Media Database mainly contains information about journalist or blogger influencers and is made accessible to our subscription customers via our customer-facing platforms including for example  Next Generation Cision Communications Cloud (Connect), Cision Communications Cloud, MyGorkana, CPRE,  CisionPoint.  Cision Social Influencer Database contains information about social media influencers and is accessible to our subscription customers via the Social Influencer Database or Next Generation Cision Communications Cloud (Connect) platform only. Your personal information may be included in either or both of the Databases.

 

What personal information we collect

We limit the information that we collect for use in the Databases to that which we think is likely to enable our customers to engage with you in a meaningful and targeted way. The information includes basic information such as your name and contact details, your job title, public social media profiles, areas of interest to you, and possibly some brief biographical information about your career history. 

The types of personal data we collect:

We only collect data that is necessary to conduct our business. We collect, use, store and transfer different kinds of data about you which may include some or all of the following:

  • Prefix and name
  • Gender
  • Job title
  • Educational history
  • Employment history
  • Work address
  • Telephone number
  • Fax number
  • Work email address
  • Personal email address (if provided to us by you)
  • Twitter handle
  • Profile Picture
  • Link to LinkedIn profile
  • Other social media handles/channels such as Instagram
  • Number of social media followers
  • Social media profile picture
  • Other publicly available social media content
  • Pitch preference (ie. how you wish to be contacted)
  • Topics: “Beat” (ie. subject matters you wish to write above)
  • Target groups
  • Articles published about you

We do not hold any sensitive personal data about you (such as data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union memberships, data about your health, genetic and, biometric data) unless you have clearly put such data into the public domain yourself (e.g. you have made such information available to the public by writing about it or by posting it on your social media profile).

How we collect your personal data

The vast majority of the information we hold about you is obtained from publicly available sources (including via social media APIs) or directly from you. This includes your publicly available social media profiles and websites, information about you that is published by your employer (e.g. on your publication's own website) and information from articles you may have written. 

We collect your data either directly from you or your employer, or from publicly available sources such as:

  • Articles or blogs you may have written
  • Vlogs you may have created
  • Your own website
  • Your employer's websites
  • Your publisher's website
  • Your publicly available social media profiles (eg, Facebook, Instagram, Twitter, and LinkedIn) including via publicly available APIs provided by social media platforms.
  • Telephone conversations which may be recorded by us to help us improve our training and quality
  • Other publicly available online sources

We also collect data from other sources including:

  • Other influencers (who may, for example, tell us if you have changed jobs, but we will not publish that information until we have independently verified it)
  • Our customers
  • From third parties who send us published articles.
  • Third parties, such as Brandwatch, Talkwalker, IHS Markit, Lexis Nexis and Capestart
  • Your employer (if you are employed)
  • Your line manager or press team tell us

Verification

We make take steps to verify that your contact details are correct. We may do this, for example, by contacting you or your employer directly or checking against your social media profile or websites you appear on.

Updates to personal information are also provided by influencers themselves, either by emailing global research teams or visiting: 

US: https://www.cision.com/us/contact-us/update-add-media-profile/ 

UK: https://www.cision.co.uk/journalist-services/ 

The purposes for which we will use your personal data

Using this information we then create an influencer profile for you and include it in one or both of the our media Databases.

We allow our customers access to the Databases via one of our online platforms so that they can view your profile and send you information (either via email or social media) that they think you might be interested in. This is also beneficial for you as it means you receive targeted news and other information that may be helpful for you. Our primary role is to facilitate the efficient communication between our customers and influencers.

As well as using the Databases to simply send communications to influencers, our customers can also use the functionality we provide with our platforms to create their own lists of influencers, add their own data about influencers (which only they can access), and monitor your interaction with the communications that they send you (for example, whether you have opened an email sent via one of our customer facing platforms or clicked on any links contained in that email).

One of the main purposes for using your personal data is to create repositories of data regarding influencers (the Databases), and make the Databases available to our customers on a paying basis. Depending on which service our customers are signed up to, your personal data may also be processed in one or more of the following ways:

  • Browsing the Databases: our customers can browse the Media or Social Influencer Databases via one of our online platforms (Next Generation Cision Communications Cloud (Connect), Cision Communications Cloud, MyGorkana, CPRE or CisionPoint.
  • Sending out press releases: our customers can send you press releases, emails or other communications (e.g. direct messages on social media) about things they think you might be interested in.
  • Creating lists: Our customers can create lists of influencers. For example, a customer may want to send out a press release to influencers with special knowledge of the construction industry in South West England. Using one of our customer-facing platforms our customers can search for influencers with that particular interest, create and save a list of those influencers, and then send a press release to those influencers on the list.
  • Exporting influencer data: our customers can export influencer data from Cision Media database provided they use that data in accordance with all applicable laws.
  • Wholesale access to data: some of our customers can purchase wholesale access to the data stored in the Cision media databases to re-sell via their own platforms and products.
  • Media Monitoring: our customers can browse, by keyword search, publications and social media platforms via one of our online platforms. A customer might search a keyword such as “sunglasses”. Our platform will then automatically return a list of all social media posts, articles, etc. containing the keyword "sunglasses" or words related to that subject. It may also return the contact details of the journalist or influencer who wrote that content, if the journalist included those details in the content.  This functionality is not limited to content written by influencers on the Databases
  • Profiling and Tracking: see how we use your personal data for profiling and tracking for more information.
  • Maintaining the administration of the Databases.
  • Maintaining contact, handling enquiries, complaints and disputes.
  • Complying with all applicable laws and regulations.

Legal basis for processing your personal data

We process your personal data in order to provide our services to our customers. We believe that it is in our legitimate business interests to do so. Processing your data in this way also benefits you as an influencer and also our customers. You will receive focused information from our customers, often ahead of general release, giving you material to write about that is relevant to you and your audience. Our customers are able to communicate more efficiently to influencers who are likely to want to hear what they have to say. We consider and balance any potential negative impact on you and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where we believe that our interests are overridden by any unwarranted adverse impact on you. If at any time you want us to remove you from the Databases please email us at Privacy@cision.com and process this request as soon as possible.

We may also use your personal data in the following ways:

  • Media requests: Influencers are free to use our systems and ask for help sourcing upcoming stories or customers who can speak to a specific topic. For example, an influencer writing about EU electric car developments might request to hear from motor industry experts in Europe. The request will be sent to our customers who have signed up to receive them. Customers will email the influencer directly if they can help. Generally, our media request service is used by journalists who want to be connected to our customers.
  • Alerts: Influencers in the Databases  can also request to receive updates on changes to other contacts within the Databases, typically changes to roles or moves within the industry. These alerts are then distributed to influencers via an "alerts newsletter" by our research team.
  • Jobs: Influencers can also receive the latest media jobs information
  • Marketing: Influencers can also receive surveys or invitations to events from Cision.

How to have your profile amended or removed

We want you to be in control, so if at any time you want to see or amend your influencer profile, please email us at Privacy@cision.com Similarly, if at any time you want us to take you out of the Databases altogether please email us at Privacy@cision.com and we will process your request as soon as possible.

Children

The Databases are not intended for children and we do not knowingly collect personal data relating to children. If you are under the age of 16, please let us know and we will take you out of the Databases.

How we use your personal data for profiling

We may use your personal data for automated profiling purposes. The profiling we conduct and how it is used is limited. We use profiling to evaluate (amongst other things) your personal preferences, interests, behaviour and audience and make this available to our customers in response to particular inquiries that they may make through one of our platforms. We may, for example, use profiling to help our customers understand what subjects you like to talk about (which is apparent from the nature of the content you produce) and the extent of your audience (apparent from the number of social media followers you have). This in turn helps our customers direct their communications to you more efficiently and effectively.  The results of this profiling are available in your own profile included in either or both of the Databases.

You have the right to object to us profiling with your personal data. If you would like us to stop profiling with your personal data, then please contact us at Privacy@cision.com and we will remove you from the Databases.

Profiling

We combine the personal data from your influencer profile with the publicly available content that you have produced and then present this information to our customers through one of our customer facing platforms. Using profiling, our customers are then able to search these two publicly available data sets and:

  • Understand what subjects you are interested in: A customer might search a keyword such as "tractors". Our platform will then automatically return a list of all influencers in the Databases who are talking about tractors in their social media posts, articles, etc.
  • View and evaluate your content: A customer might search our platform for your name (or the name of any other influencer) and view the actual content you have produced. (If the content is a print article, then a copy will be displayed to the customer within the Cision platform they are using. If the content is online, then the customer is provided with a hyperlink to the online location of the content). Your content may then be given an automatically generated 'favorability score', which is calculated by analyzing the words you have used in the content against an agreed list of words that the customer considers to be 'favorable' or 'unfavorable' according to their preferences/industry focus. We may also give an automated 'tone' score to any given piece of your content which, depending on the words you have used in the content, will tell the reader whether you view the topic or subject matter in a positive, negative or neutral light. This is derived by looking at groupings of words such as "good", "great", "brilliant", "awful", "dangerous", "sad", etc. Customers are also provided with information about the impact of articles you have written including “average article impact” (measured as low, medium, or high), “SEO impact” (search engine ranking score that predicts how well the website your article appears on will rank on search engine result pages) average shares (average number of times your article has been shared on social media) and total articles (the total number of articles you have written). 
  • Understand your audience and its location: Our customers are able to see your publicly available social media feeds via our customer-facing platforms, together with data from those feeds to see which influencers are talking about what on social media, and which of those influencers have the most impact and reach. Using data provided to us directly by Twitter via their public API we are also able to see, for example, how many Twitter followers you have and roughly where they are based geographically.

We do not make any automated decisions based on profiling. The profiling we do enables our customers to better identify influencers that are interested in the communications our customers want to send. 

The screenshot below illustrates the type of 'profile' information that we may include in your profile:-­

https://gdpr.cision.com/image/privacy+notice+screenshot.jpg

Email Tracking

In common with many of our competitors and other online service providers, we also carry out some monitoring of your engagement with the email content that you are sent by us and by our customers using the Cision email platform. 

To do this, Cision emails may contain a small, invisible, one-pixel image which can be used to let the sender (our customer) know when the email is opened. If you have images enabled on your device, when the email is opened, a message (an automatic request) is sent from your device to Cision’s server requesting the image. That request is logged by Cision and tells us, or our customer, that the email has been opened.  A similar process may be used in relation to links or attachments in the email, with a request being sent to Cision for the content that is accessible via the links or attachments, thus telling Cision that the link or attachment has been accessed. This helps our customers understand what content interests you, and tailor future communications accordingly, and you benefit from receiving targeted and focused information from Cision’s customers on issues which are of interest to you, as specifically identified by you or through the content of your published materials.    However, if you do not wish this to happen then you can opt-out at any time by emailing privacy@cision.com.

How we share your personal data and who we share it with

We may share your personal data with our customers, companies within the Cision Group, and other parties detailed below. We may also transfer your personal data outside of the European Economic Area (EEA), but only when specific safeguards have been put in place in order to protect your personal data.

We may share your personal data with one or all of the following:

  • Customers: our customers are typically communications and marketing departments within businesses or other institutions, or PR agencies. Our customers come from all sectors.
    • We share your data by allowing them access to the Databases via our various online platforms.
  • Internal Third Parties: these include other companies within the Cision group of companies such as Cision, Gorkana, PR Newswire, Cision SA, CEDROM, TrendKite and Prime. Cision Legal Entities
  • External Third Parties: 
    • Service providers who work on behalf of the Cision group of companies for the performance of any contract we enter into with them, for example: IT support in each country.
    • Professional advisors including lawyers, accountants and insurers where we need to do so in order to comply with our legal obligations or for other business reasons.
    • Authorities who require reporting of processing activities in certain circumstances.
       
  • Other Third Parties:
    • Customers who purchase wholesale access to the data in the Cision Media Database to re-sell via their own platforms and products.
  • External Third Parties list

We may also share your personal data with third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with binding contractual obligations which satisfy the requirements of the data protection legislation.

International Transfers

We may share your personal data with entities within the Cision group of companies. This may involve transferring your personal data outside of the European Economic Area (EEA). Some of the third parties to whom we may transfer your personal data (including some of our customers) are also based outside of the EEA, so their processing of your personal data will likewise involve a transfer outside the EEA. Where your personal data is transferred outside of the EEA we do so in accordance with model contracts approved by the European Commission to ensure that there is an adequate level of protection for your personal data.

Important:  September 2020 Update re Schrems II

You may be aware of a recent (July 2020) ruling by the European Court of Justice commonly known as "Schrems II" which impacts data transfers to the US and other countries outside the EU.  The case arose out of concerns that the US law enforcement authorities may be able to access data that was transferred to the US, and that data subjects like you would not have adequate means objecting to such access or use of your data if you were concerned about it.  The ruling affected two common means of ensuring that your data is protected which are known as (a) Privacy Shield and (b) 'Standard Contractual Clauses' (or 'SCCs').  The European Court ruled that Privacy Shield was no longer valid but confirmed that the SCCs were valid though data exporters (like Cision) who were using SCCs should take additional steps to ensure that there were adequate safeguards in place.  Cision does not rely on Privacy Shield for its international data transfers.  Regarding its use of SCCs, Cision has carefully assessed the transfers it conducts, and has concluded that there are adequate safeguards in place, particularly given that the vast majority of influencer data processed by Cision is public domain and  given the nature of services provided by Cision.  However, if you are at all concerned by the possibility that your personal data may be accessed by law enforcement agencies in the US (or in any other country) then please let us know by contacting us at privacy@cision.com and we can either amend your profile to remove any data that is of concern, or remove you from our database.

Our security measures

We are committed to protecting your personal data. We put in place safeguards including robust and appropriate technologies, processes, and contractual arrangements, so that the data we have about you is protected from unauthorized access and improper use, and we will also not keep your personal data for longer than is necessary.

The safeguards we have put in place to protect your personal data include:

How long will we use your personal data?

We will keep your personal data only for as long as is necessary for the purposes set out in this privacy notice and to fulfil our legal obligations, but not longer than five years after you ask to stop receiving communications. We will not keep more data than we need.

Your rights

Under certain circumstances, if you reside in the EU or if your data is processed in connection with one of our European businesses, you have rights under data protection laws in relation to your personal data, including the right of access; the right to rectification; the right to erasure; the right to restrict processing; the right to data portability; and the right to object. If you wish to exercise your rights please contact Privacy@cision.com.

Please note that if you wish to exercise any of your rights in relation to the Falcon platform you should do using the email Privacy@falcon.io

 

We respect and honour these rights and will help you to exercise them insofar as we are able. These rights are not absolute – in some cases they will not apply to you, or to the particular use that we are making of your data, and there are exceptions (for example if we have to process the data to comply with our own legal obligations) but if that is the case we will let you know.

Your rights include the right to:

  • Access your personal information (via what is commonly known as a "data subject access request").
  • Require us to correct any mistakes in your information which we hold.
  • Require the erasure of personal information concerning you in certain situations by submitting a Data Subject Request.
  • Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations.
  • Object at any time to processing of personal information concerning you for direct marketing.
  • Object to decisions being taken by automated means (including profiling) which produce legal effects concerning you or similarly significantly affect you.
  • Object in certain other situations to our continued processing of your personal information.
  • Otherwise restrict our processing of your personal information in certain circumstances.

For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual rights under the General Data Protection Regulation.

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. We hope that we would be able to resolve any concerns that you may have before you approach the ICO so please do contact us in the first instance.

EU Supervisory Authority list

 

 

LAST UPDATED:   26th JUNE 2020