It contains important information on who we are; how to contact us; our collection and use of your personal data; how we store this data; who we share it with; your rights in relation to your personal data; and how to contact us and the supervisory authorities in the event you have a complaint.
IPSX UK Limited operates a Recognised Investment Exchange (as defined in the Financial Services and Markets Act 2000) and a Recognised Stock Exchange for the purposes of Section 1005 of the Income Tax Act 2007.
We collect, use and are responsible for certain personal data about you. When we do so, we are regulated by the UK General Data Protection Regulation (“UK GDPR”) which applies in the United Kingdom (“UK”) and we are responsible as ‘controller’ of that personal data for the purposes of those laws.
We can be contacted by telephone, email and post as follows:
Telephone: 0203 931 8779
Post: Head of Compliance and Legal, IPSX, 1 Farnham Road, Guildford, Surrey GU2 4RG
Personal data is information that can be used to identify a living person. The types of personal data we collect and process will depend on the service you receive from us. However, the following provides an overview of the types of personal data we collect:
Where you or your firm have/has requested a service from us, we may collect the following types of personal data:
Through your use of our website, we may also collect data on an automated basis including your:
Under very limited circumstances, we may collect certain types of sensitive personal data which are protected more strictly by law. These include:
We will only collect personal data that is necessary for us to provide you with the product or service that you have requested, such as your email address and subscription preferences when you sign up to our email alerts. Data will be subscribed to our email alert database but you can be removed or unsubscribed from IPSX emails directly by calling 020 3931 8800 or by emailing email@example.com with your request. Requests to unsubscribe may take up to 5 days to action.
Our Website is not intended for use by children and we do not knowingly collect or use personal information relating to children.
Most of the personal information we collect is provided to us directly when:
We may also collect personal information indirectly through your browsing activity whilst on our Website (please see the IPSX Cookies Policy for further information).
We need your personal data in order to:
n limited circumstances, we may send you marketing communications in relation to carefully selected and relevant third-party partners, whose products and services may be of interest to you. You may opt out of certain kinds of marketing, or all forms of marketing, by calling 0203 931 8800 or by emailing firstname.lastname@example.org with your request. Alternatively, you can click on the "opt-out" link provided in all our marketing emails.
Under the UK GDPR, we are required to have a lawful basis for processing your personal data. There are various different lawful bases on which we may rely, depending on what personal data we process and why. In the majority of cases, our processing of your personal data will be justified on the basis that:
If we are relying on your consent to process your personal data, you have the right to withdraw your consent at any time and you can do so by contacting us on 0203 931 8800 or at email@example.com.
We have security measures in place to prevent personal data from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your personal information will only do so in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We will retain your personal data for as long as required to fulfil the purposes for which it was collected. However, in some circumstances we may retain your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, tax or accounting obligations.
In specific circumstances, we may also retain your personal data for longer periods of time where required for regulatory purposes.
We may share your personal data within the IPSX group of companies in order to provide you with our services. Access to your personal data is limited to those employees, agents and contractors of IPSX who need access to it in order to provide you with our services, to communicate with you, and to fulfil legal or regulatory obligations.
We may also employ third-party service providers to help us in certain areas, such as website hosting, physical security, marketing and market research. Where third-party service providers receive your personal data, we will take appropriate steps to ensure that such third parties treat your personal data in an appropriate manner.
We may from time to time be required to disclose your personal data to law enforcement bodies, regulators, agencies or third parties under a legal requirement or court order. We will act responsibly and take account of your interests when responding to any such requests.
It is our policy to only enter into arrangements with service providers outside the EU and EEA where we are satisfied that adequate levels of protection are in place to protect any information held in the country in which they are located or that the service provider acts at all times in compliance with applicable privacy laws. Where required under applicable laws, we will take appropriate measures to ensure that personal data handled in other countries will receive at least the same level of protection as it is given in the EU and EEA, for instance by entering into contracts incorporating the European Commission approved model contract clauses.
Under the UK GDPR, you have a number of important rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to object to the processing of your personal information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we will respond to your request within one calendar month.
If you would like to exercise any of these rights, please contact Head of Compliance and Legal by any of the means identified in the section containing our contact details at the start of this policy.
If you have any concerns about our use of your personal data, you may address these to our Head of Compliance and Legal by any of the means identified in the section containing our contact details at the start of this policy.
You can also complain to the Information Commissioner’s Office (“ICO”) if you are unhappy with how we have used your data.
The ICO’s address is:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk