InfraXmedia, the media group that owns and operates several industry-leading publications and events, has published an updated Data Protection and Privacy Policy, effective as of 25 April 2025. The policy applies to all companies within the InfraXmedia group, including its flagship brand Data Center Dynamics, and governs how the organization collects, stores, uses, discloses, and transfers personal data from users, customers, business partners, event registrants, and website visitors.
Who Is InfraXmedia?
InfraXmedia (Holdings) Ltd is a limited company registered in England and Wales under company number 14354660. Its registered office and principal trading address is at 32-38 Saffron Hill, London EC1N 8FH, United Kingdom. The group operates a number of media properties focusing on data centers, digital infrastructure, and technology topics. In the privacy policy, InfraXmedia emphasizes its compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003, and similar legislation in other jurisdictions such as the European Economic Area, Switzerland, the United States, Canada, and Latin America.
What Personal Information Is Collected?
The policy outlines four main categories of data subjects: customers and business partners, marketing and events registrants, website visitors, and employees or contractors. For customers and business partners, InfraXmedia may collect name, email address, phone number, job title, company name, country, and business address. In certain jurisdictions, a copy of a current passport or residence card may be required for identity verification. Marketing and events registrants provide similar contact details along with preferences and professional interests. Website visitors’ data includes IP address, browser type, device information, and cookies, which are covered in a separate Cookie Policy. Employees and contractors have their personal data processed as part of employment and contractual obligations, governed by separate internal policies.
The policy notes that by entering details into any form provided by InfraXmedia, users enable the company to deliver the services they select. This consent-based model applies wherever required, but the policy primarily relies on the legal basis of legitimate interest for processing business-to-business contacts.
How Will the Information Be Used?
InfraXmedia processes personal information under three lawful bases: contractual obligation, legitimate interest, and consent. Contractual processing occurs when data is necessary to fulfill a subscription, event registration, or service agreement. Legitimate interest is used for marketing, event management, media services, and analytics—activities that the company argues are essential for its business operations and customer experience. The policy stresses that legitimate interest processing is carefully balanced against the rights and interests of data subjects, and that InfraXmedia will not use data where the impact on the individual outweighs its interests.
Specific use cases include contacting users for service-related reasons, inviting participation in research studies, sending operational information such as badges and app details for events, tracking website traffic flows, fulfilling subscription orders, providing user online communities, determining the effectiveness of promotional campaigns, planning business activities through aggregated analysis, and managing imagery such as photographs, podcasts, broadcasts, videos, and films captured at events. The policy warns that such imagery may be used for promotional purposes on InfraXmedia websites and marketing materials, including transfer to third parties named at the time of collection.
Marketing Communications and Opt-Out
One of the most notable sections of the policy covers marketing contact. Under UK GDPR, InfraXmedia asserts that it can contact staff members of limited companies, public limited companies, incorporated partnerships, trusts and foundations, local authorities, and government institutions using corporate email addresses without requiring prior consent or having had previous dealings. This relies on the legitimate interest basis, which the policy acknowledges requires extra responsibility for protecting people’s rights. The company states it must consider and protect those rights, and guarantees it will do so.
InfraXmedia provides an opt-out mechanism via unsubscribe links at the bottom of all marketing and product emails, as well as by emailing the data team at dataprivacy@infraxmedia.com. The policy also addresses the Telephone Preference Service (TPS) and Mailing Preference Service (MPS): if a user is registered on either service but subsequently submits personal data via an InfraXmedia website or data capture form, the company assumes the user has consented to marketing communications for the time being. However, users can opt out at any time by contacting the data team.
Sharing of Personal Information
InfraXmedia may share personal data with other companies within its group, including its holding company and subsidiaries. It may also disclose data if compelled by law for crime prevention, detection, prosecution, or tax assessment. No further consent is required in such circumstances, and the company will comply with any legally binding request. In the event of a business sale or acquisition, personal data may be disclosed to prospective buyers or sellers on a strictly confidential basis.
For events, webinars, whitepapers, and digital downloads, InfraXmedia informs attendees that it will pass personal data to stated sponsoring third parties for their own marketing communications. It also shares data with speakers who are asked questions during digital broadcasts. The list of sponsoring third parties is available at https://www.datacenterdynamics.com/en/dcd-partners. The policy emphasizes that InfraXmedia will only share data with sponsors shown in that list at the time of registration, and does not share or sell data outside this condition.
Given the global nature of its operations, InfraXmedia may transfer personal data internationally. To ensure adequate protection, the company relies on Adequacy Decisions (for countries recognized by the UK or EU), Standard Contractual Clauses (SCCs), the U.S. Data Privacy Framework (DPF) for US-based transfers, and separate Data Protection Agreements with partners. The policy also notes that InfraXmedia compiles and shares anonymized statistics about website usage, traffic, and user patterns.
Third-party services, including behavioral analytics platforms, may collect information such as IP address (processed and de-identified), device screen size, browser information, geographic location (country only), and preferred language. These services help InfraXmedia understand user behavior through heatmaps and session replays. The company states it only deals with parties contractually forbidden from selling the data collected on its behalf.
Data Subject Rights and Access
Under UK GDPR, individuals have the right to access their personal data and verify the lawfulness of processing. A subject access request must be verified by reasonable means, and the individual may need to specify the information the request relates to. Requests are generally free of charge, but InfraXmedia may charge a reasonable fee or refuse to respond if requests are manifestly unfounded or excessive. Responses must be provided within one month, extendable by two months for complex requests, with an explanation provided. If any personal information is incorrect, users can contact the data team to have it updated.
Data Retention and Storage
InfraXmedia retains personal data only as long as necessary for the purposes for which it was collected. When data is no longer required, it is erased or disposed of without delay. However, certain information may be kept for up to six years for audit and tax purposes, or longer if legislation requires. The policy warns that data transmitted over the internet is not completely secure, and although the company implements security measures, any transmission is at the user’s own risk. Data may be transferred and stored outside the UK and EEA, and by submitting data, users agree to such transfers.
Cookies and IP Addresses
IP addresses, operating system, and browser type are collected for system administration and aggregate reporting to advertisers. This statistical data does not identify individuals. InfraXmedia uses cookies to provide a personalized browsing experience, and users are referred to a separate Cookie Policy for details.
Contact and Complaints
Questions or comments about the policy can be directed to the Data Controller at InfraXmedia (Holdings) Ltd, 32-38 Saffron Hill, London EC1N 8FH, or by email to dataprivacy@infraxmedia.com. Users may also contact the UK Information Commissioner’s Office (ICO) via phone (0303 123 1113), email, live chat, or post at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. The ICO’s website provides full details on how to raise concerns.
The policy was last updated on April 25, 2025, marking its most recent revision. InfraXmedia reserves the right to update the policy at any time with or without notice, and users are deemed to have accepted changes upon first use of any InfraXmedia site after alterations. Therefore, users are encouraged to review this page periodically when submitting personal information to any InfraXmedia company website.
This update reflects ongoing efforts by InfraXmedia to align with evolving data protection regulations across multiple jurisdictions, including the UK, EU, and US. By emphasizing legitimate interest as a primary lawful basis for business-to-business marketing, the company seeks to maintain flexibility while acknowledging the added responsibility to protect individuals’ rights. The policy’s detailed treatment of international transfers, particularly through the new U.S. Data Privacy Framework, indicates awareness of global compliance requirements. For users and business partners, the clear opt-out mechanisms and sponsorship disclosure practices provide transparency in how their data is used and shared.
Source: Datacenterdynamics News