Independent Research Forum Privacy Notice
This privacy notice outlines how we, Independent Research Forum Ltd (“IRF”), the Data Controller, collect and use your personal data, and how, in doing so, we comply with our legal obligations to you. Your privacy is important to us, and we are committed to protecting and safeguarding your privacy rights.
Please read this notice carefully so that you understand your rights in relation to your personal data, and how we will collect, use and process your personal data.
IRF operates in London, with expanding links with professional investors throughout the US, Europe and Asia. Our primary purpose is to facilitate mutually beneficial relationships between professional investors and independent research providers (“IRPs”). For the purpose of this notice, IRF is a limited company incorporated in England and Wales (registered number 10152530) with registered address at Arthur House, Chorlton Street, Manchester, England, M1 3FH.
If you have any queries in relation to this notice, or need more information, please do not hesitate to contact us at:
Data Protection Officer
Independent Research Forum Ltd
23 Austin Friars
Or email us at: firstname.lastname@example.org
2. Information about your Personal Data
This Privacy Notice relates to data about you, and your interaction with our services.
"Personal Data" is information that can be used to identify you, directly or indirectly, alone or together with other information. This includes things such as your full name, email address, phone number, certain cookie and network identifiers, passport details and utility bills.
IRF collects, uses, discloses and processes Personal Data as outlined in this Privacy Notice, including to operate and improve the services and our business; for advertising and marketing; and to provide you with information on events and our fortnightly publication, The Cut, as further described in this Privacy Notice.
3. Personal Data we collect
Most of the Personal Data we collect about you is obtained directly from you when you enter it via our website or write to us. However, we may also obtain Personal Data from the businesses we contract with and anyone who acts on your behalf, as well as information obtained by conducting our own research, information gathered from publicly available sources, and from service providers we have engaged to carry out specific data processing activities, such as our “compliance umbrella” services.
We collect the following types of information:
- Identity information, including personal details such as your full name, date of birth, email address, postal address and contact details where necessary;
- Log-in information for our “Providers” section on our website;
- Information about your business, business partners, beneficial owners or directors;
- Details of our interactions with you, including written/electronic communication about services and products you use, logs of telephone calls with you and us, notes from meetings, records of any agreements, transactions which contain your name and any identifiers that we hold;
- Investor profile and transaction information;
- Asset class, geographical coverage and strategy information;
- Account information, including bank account details (where relevant);
- KYC and other information we are required to collect to meet our regulatory obligations.
4. How do we use your Personal Data
We collect and use information about you if you visit our website, utilise our services, make enquiries or send other communications, apply for jobs at IRF, subscribe to The Cut, register for one of our events, or when you respond to communications by us.
Your relationship with us will determine why we collect particular information about you. We may be required by law to collect certain information, require it in order to perform a contract, or prior to entering into a contract with you, or use it for our legitimate business interests where these do not override your rights or interest.
We may collect and use your information in the following ways:
- To manage an account you have with us and update the records we hold about you from time to time;
- Enabling access to our products and services;
- To effectively respond to your queries;
- KYC and anti-money laundering checks; this includes identity verification, investor profile and transaction information;
- Any other processing for which you have given your consent, for example surveys; and
- Regulatory, legal and audit purposes.
5. Who has access to your Personal Data?
Your Personal Data will be processed by employees of IRF in order to fulfil our obligations to you as outlined in this notice. We may also share your details with third parties, including:
- IT service providers, including Dropbox, Bloomberg IB and MailChimp who we use to process and store information;
- Messels Compliance Service who provide a “compliance umbrella” service to assist us in fulfilling our obligation to you;
- Sub-contractors we may use in technical, payment and delivery services;
- Third-party service providers who perform functions on our behalf under contract, support our systems, operations and/or processes;
- Credit reference agencies and other background check providers;
- Tax, audit or other authorities, when we believe in good faith that the law or other regulation requires us to share this information, for example where processes and systems are being compliance assessed; and
- Law enforcement or other regulatory bodies who can legally request access to information about you for the prevention and detection of crime, the apprehension or prosecution of offenders, and the assessment or collection of tax.
6. Legal basis for processing
We collect and process your Personal Data for a variety of purposes outlined in this Privacy Notice. In certain cases, separate consent is not required, including:
a) For the performance of a contract: To perform our contractual obligations to you, including account registration, where we need to provide your Personal Data to our service providers, where we need to collect Personal Data from third party sources and when you access third party products and services, where we collect data from third parties or publicly-available sources.
b) To meet legal obligations.
c) For Legitimate Interests: to send you marketing and promotional messages in relation to services or events similar to those we have previously provided to you. You can ask us at any time to take you off our mailing lists and we will not send you any more marketing communications.
7. Consent as a basis for processing
Where we need your consent to hold your information we will ask you to confirm your consent in writing and we will inform you why we are collecting the information, how we will use it, how long we keep it for, who else will have access to it and what your rights are as a data subject. Where we do rely on consent you have the right to change your mind and withdraw that consent at any time by writing to us. If you withdraw your consent we will immediately cease using any personal information obtained and processed under that consent unless we have some other legal obligation to continue to use it.
To withdraw consent, please contact us at email@example.com
8. Information security and international transfer of data
IRF is committed to being transparent and taking all reasonable and appropriate steps to keeping your personal information secure and to protect it from misuse, loss, or unauthorised access. We do this by having in place a range of appropriate technical and organisational measures.
It may be necessary to transfer your data to suppliers/service providers where we rely on storage, system and administrative support from outside the European Economic Area therefore the processing of your data may involve a transfer of data to countries outside of the United Kingdom.
We take all reasonable steps to ensure that your personal data is processed securely. We will only transfer personal information outside the EEA where it is compliant with applicable data protection legislation and the means of transfer provides adequate safeguards in relation to your personal information.
9. Data retention
We will retain your Personal Data for as long as you have a relationship with us or as otherwise necessary to provide you the services. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Where we no longer need to process your Personal Data for the purposes set out in this Privacy Notice, we will delete your Personal Data from our systems.
10. Your rights
To exercise your privacy rights please send your request in writing. We may be required to verify your identity for security purposes. Your rights are outlined below:
- The right to access information we hold about you, why we have that information, who has access to the information and where we obtained the information from.
- The right to correct and update the information we hold about you. If the data we hold about you is out of date, incomplete or incorrect you can inform us and your data will be updated.
- The right to have your information erased. If you feel we should no longer be using your data you can request that we erase the data that we hold. Upon receiving a request for erasure we will confirm whether it has been deleted or a reason why it cannot be deleted (for example because we have a legal obligation to keep the information or we need it for a legitimate business interest).
- The right to object to processing of your data. You may request that we stop processing information about you. Upon receiving your request we will contact you and let you know if we are able to comply or if we have legitimate grounds to continue to process your data. Even after you exercise your right to object, we may continue to hold your data to comply with your other rights or bring or defend legal claims.
- The right to data portability. You have the right to request that we transfer your data to another controller.
- The right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- The right to withdraw consent at any time where we are relying on consent to process your personal data.
We will comply with your request where it is feasible to do so, within 30 days of receiving your request. There are no fees or charges for the first request. However additional requests for the same data may be subject to an administrative fee of £25 per request.
To exercise your rights please do so by writing to:
Data Protection Officer, Independent Research Forum Ltd, 23 Austin Friars, 2nd Floor, London, EC2N 2QP.
Or email us at: firstname.lastname@example.org
We do not use any third party cookies on our website.
12. Complaints process
At IRF we aim to ensure all information collected about you is done so fairly and lawfully, whilst implementing robust measures to keep your information secure. If you are not satisfied with the information provided in this notice, please contact us in the first instance so we can resolve your queries or provide you with any additional information required.
Alternatively it is your right to contact your local Data Protection Authority and lodge a complaint. In the UK the lead Data Protection Authority is the Information Commissioner. For more information please visit the Information Commissioner’s office at www.ico.org.uk/concerns or call them on 0303 123 1113, or write to them at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Any changes we make to this notice in the future will be posed on this page. Please check back to see any updates or changes to this notice.