The purpose of this privacy statement is to explain to you Irithmics’s policy with regards to the handling of personal data about you supplied to Irithmics during the process of using this website or in relation to our services.
We are required to provide certain information about data protection and privacy as a result of data protection laws arising pursuant to a European Union data protection directive and corresponding UK laws. Businesses in the UK and European Union countries must comply with national laws enacted in light of their country’s interpretation of the European Union data protection legislation. The legislation seeks to ensure that all personal information held by businesses and organizations is both accurate and suitably protected in order to ensure there is no mis-use of personal data relating to an individual held by the business or organization. Irithmics intends to process your data by complying with relevant legislation.
Irithmics kindly requests that you read the privacy statement below which has been included with a view to protecting your personal data.
This website is provided by Irithmics, the trading name of Findicate Limited, a company registered in England & Wales under registration number 07868666 at 4 Queen Street, Bath, United Kingdom, BA1 1HE (“Irithmics”, “we”, “us”, “our”). For the purposes of data protection legislation, Irithmics is the controller and is responsible for your personal data. We may collect personal information about you (“personal data”) either (i) directly when you are asked to provide data (e.g., name, e-mail address and mailing address) or when you email, phone or otherwise contact us; or (ii) indirectly, e.g. via cookies and other technical means to monitor your use of the portal such as access logs, your internet protocol address or profiling to tailor the website to your preferences or to track your use of certain pages of the website, or from third parties who provide us with information about you.
“You” or “your”, in this privacy statement, means you as an individual, rather than any legal entity (such as your employer) which you may represent when you order a service from us.
We may collect, use, store and transfer different kinds of personal data about you as follows:
- Identity Data – including Name, Username, Employer, Title, Date of Birth;
- Contact Data – including Billing Address, Delivery Address, Email Address and Telephone Numbers;
- Financial Data – including Bank account and payment card details;
- Profile Data – including your username and password, your interests, preferences, feedback and survey responses;
- Usage Data – including details of your use on our website and services, including and not limited to, traffic data;
- Marketing and Communications Data – including your preferences in receiving newsletters and marketing communication from us and our third parties and your communication preferences.
- Location Data – includes your IP address.
We will rely on you as customers with whom we do business to provide us with accurate and relevant information and inform us of any changes.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel the service you have with us.
We do not generally seek to collect data about your racial or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life, criminal record or alleged criminal activity through the website (“special category data”). We may collect some sensitive personal data incidentally. By providing us with unsolicited sensitive personal data you consent to our using those data for the above purposes.
We will collect and process data about you which includes information you give us at several different points, including but not limited to, when you register as a user of our services and an account is created for you, when we correspond with you as a customer or prospective customer, when you visit our website, when you contact us for help, when the website sends us error reports or application analytics data and when you sign up to our newsletters.
We may receive personal data about you from various third parties such as the following:
- Identity and Contact Data from third party intermediaries via whom you have subscribed to or use our services;
- Device data from analytics providers, advertising networks, search information providers
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services
- Identity and Contact data from data brokers or aggregators
- Identity and Contact data from publicly available sources such as companies house and the electoral register
If you are acting as an intermediary or otherwise on behalf of a third party or supply us with information regarding a third party (such as your employer or a client), you undertake that you are an authorized representative or agent of such third party and that you have obtained all necessary consents from such third party to the collection, processing, use and disclosure by us of their personal data.
We have adopted generally accepted standards of technology and operational security in order to protect the confidentiality and security of personal data we collect but where we collect personal data via this website, the nature of the internet is of course such that the data may flow over networks without appropriate security measures and may be accessed and used by unauthorized persons.
We will only use your personal data when the law allows us to so do. Most commonly, we will use your personal data in the following circumstances:
- to perform a contract we are about to enter into, or have entered into, with you;
- if it is necessary for our legitimate interests (or those of a third party) and these are not overridden by your own rights and interests;
- where we need to comply with a legal or regulatory obligation;
- where we have received your consent to do so.
The table below explains what we use (process) your personal information for and our reasons for doing so:
|What we use your personal information for||Our reasons|
|To provide products and/or services to you, managing your customer relation and providing you with customer support||For the performance of our contract with you or to take steps at your request before entering into a contract|
|To prevent and detect fraud||For our legitimate interests or those of a third party, ie to minimise fraud that could be damaging for us and for you|
|Ensuring business policies are adhered to, eg policies covering security and internet use||For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you|
|Operational reasons, such as improving the personalisation of our services to you, improving efficiency, training and quality control||For our legitimate interests or those of a third party, ie to be as efficient as we can so we can deliver the best service for you at the best price|
|Ensuring the confidentiality of commercially sensitive information||For our legitimate interests or those of a third party, ie to protect trade secrets and other commercially valuable information |
To comply with our legal and regulatory obligations
|Statistical analysis to help us manage our business |
Research and analysis about your use of, or interest in, our products/services including those offered by others
|For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price|
|Preventing unauthorised access and modifications to systems||For our legitimate interests or those of a third party, ie to prevent and detect criminal activity that could be damaging for us and for you |
To comply with our legal and regulatory obligations
|Updating and enhancing customer records||For the performance of our contract with you or to take steps at your request before entering into a contract |
To comply with our legal and regulatory obligations
For our legitimate interests or those of a third party, eg making sure that we can keep in touch with our customers about existing orders and new products
|Ensuring safe working practices, staff administration and assessments||To comply with our legal and regulatory obligations |
For our legitimate interests or those of a third party, eg to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you
|Informing you, or enabling third parties to inform you about features, services, products, fund launches and related information from Irithmics or third parties to:|
- existing and former customers;
- third parties who have previously expressed an interest in our services;
- third parties with whom we have had no previous dealings.
|For our legitimate interests or those of a third party, ie to promote our business to existing and former customers|
|External audits and quality checks, eg for ISO or Investors in People accreditation and the audit of our accounts||For our legitimate interests or a those of a third party, ie to maintain our accreditations so we can demonstrate we operate at the highest standards |
To comply with our legal and regulatory obligations
|Monitor and record communications with you (such as telephone conversations and emails)||For our legitimate interests of quality, training and improving our customer services.|
We may store your contact details, and carry out marketing profiling activities for direct marketing purposes. If you have given your consent, or if we are otherwise permitted to do so, we may contact you about our products or services that may be of interest to you. If you prefer not to receive any direct marketing communications from us, you can opt out at any time by sending an email to email@example.com. We will also give you the option to opt out each time we send a marketing communication by electronic means.
Generally we do not rely on consent as a legal basis for processing your personal data, other than sending direct marketing communications to you electronically where we are not otherwise entitled to do so. We will always be clear whenever we intend to process on the basis of consent, and we will process lawfully and only for the purpose for which consent was given. In these cases, you have the right to withdraw consent at any time, but such withdrawal of consent will not affect our processing based on consent before your withdrawal.
The data may, for these purposes, be disclosed to certain types of staff within Irithmics’ organization (i.e., staff whose job it is to process your enquiries and orders or otherwise to administer the website, and those staff involved in the provision of Irithmics services and products which may be of interest to you).
Personal data may also be disclosed to a limited number of third parties, such as intermediaries via whom you access our website or services, third party marketing companies to send you information which may be of interest, data processors, suppliers or providers of goods or services or affiliated entities within our corporate group, as well as vendors who perform functions on our behalf such as parties that provide hosting, maintenance services, virtual infrastructure, payment processing, analysis and other services for us.
We may also be required to share your information as required by law enforcement or government officials, or when we believe, in our sole discretion, that the disclosure of personal information is necessary to report any suspected illegal activity and to protect the security or integrity of our products and services. The third party law enforcement or government officials to whom information may be provided may be in other countries where the laws on processing personal data may be less stringent than in your country.
Some of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
We use the following criteria to determine data retention periods for your personal data:
- Retention for providing the Services. We will retain your personal data as long as necessary for us to provide relevant Services.
- Retention in case of queries. We will retain your personal data as long as necessary to deal with your queries.
- Retention in accordance with legal and regulatory requirements. We will retain your personal data after we have completed relevant Services based on our legal and regulatory requirements
We draw your attention to your following rights under data protection law:
- the right to be informed about the collection and use of your personal data;
- the right of access to your personal data, and to request a copy of the information that we hold about you and supplementary details about that information;
- the right to have inaccurate personal data that we process about you rectified;
- the right (in certain circumstances) to have personal data that we process about you blocked, erased or destroyed;
- the right to object:
- to processing of personal information concerning you for direct marketing;
- to decisions being taken by automated means which produce legal effects concerning you or that similarly significantly affect you;
- in certain other situations, to our continued processing of your personal information;
- the right of portability of your data in certain circumstances;
- rights in relation to automated decision-making.
- These rights are subject to certain limitations that exist in law. Further information about your information rights is available on the website of the Information Commissioner’s Office (“ICO”): https://ico.org.uk/.
You also have the right to ask us not to continue to process your personal data for marketing purposes.
You can exercise any of these rights at any time by contacting us at Findicate Ltd, 4 Queen Street, Bath BA1 1HE or by email on firstname.lastname@example.org.
Our website and services may, from time to time, contain links to and from the third party platforms or websites. If you follow a link to any of these platforms or websites, you need to note that these websites have their own privacy policies and that we do not accept any responsibility or liability for those policies.
If you have a complaint about the way we handle your personal data, please contact us in the first instance by email to email@example.com or write to us at our address above, so that we have an opportunity to resolve it.
You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO): https://ico.org.uk/, the UK supervisory authority for data protection issues or other competent supervisory authority of an EU member state if you are using our services outside of the UK.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Last updated: 1 March 2019