GDPR

Last updated: 20/05/2022

AXG Advice (we, us, our, as applicable) takes your privacy seriously. This privacy policy describes how AXG Advice collects, processes and stores your personal information when you use our services, websites, applications, products, the purposes for which it is used and with whom it is shared.

This policy was last updated on the date that appears at the top of this page.

1. Who we are

For the purposes of data protection law, AXG Advice is the controller of the personal information it collects from you. This means that it decides why and how your personal information is processed and is responsible for that processing. AXG Advice is registered with the Information Commissioner’s Office, registration number: Z9468098 and with the Financial Conduct Authority, reference number: 450813.

Our Data Protection Team is responsible for responding to queries relating to this privacy policy. If you have any questions about this privacy policy, including any requests related to your personal information, please contact our Data Protection Team using this email address: DataProtection@axgam.com

Please see the end of this policy for our legal and contact information.

2. Types of personal information we collect about you

AXG Advice collects personal information from you if you (or an organisation for whom you work) purchase or use our services, request information, request customer support or correspond with us.

We collect and process the following personal information about you:

Identity information, such as your first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.

Contact information, such as billing address, email address and telephone numbers.

Financial information, such as payment related information.

Transaction information, such as details about payments to and from you and other details of products and services you have purchased from us.

Marketing and communications information, such as your preferences in receiving marketing from us and, where applicable, third parties and your communication preferences.

Other information relating to you which you may provide to us, for example in the correspondence that you send to us.

We also collect personal information from third parties such as our partners and associates, and publicly available websites, to help us maintain data accuracy and provide and enhance our services and products.

We share personal information with others only as described in this Statement, or when we believe that the law otherwise permits or requires it.

AXG Advice may request sensitive personal information as part of the recruitment and employment process or as anonymised input into our services and products.

3. How do we collect your personal information?

We use different methods to collect personal information from and about you as follows:

3.1. Direct contact with you during the course of business. You may give us your contact details, payment details for invoice purposes, by placing an order online or by corresponding with us by post, phone, email or in other ways (all of which are provided by you on  voluntary basis). This includes personal information you provide when you:

• request marketing information to be sent to you
• provide us with some feedback on our products or services
• provide us with your contact details for us to assist you with using our products
• interact with us at meetings

If you do not provide this information, you will not be able to interact or communicate with us or our services in the ways mentioned above.

3.2. Using third party or publicly available sources, where we may receive personal
information about you from:

• Analytics providers such as Google Inc. based outside the EU
• Survey and marketing companies based inside and outside the EU
• Contact, financial and transaction data from providers of technical, payment and
  delivery services who host our data inside and outside of the EU.
• Identity and contact data from publicly availably sources such as Companies House based inside the EU.

4. How does AXG Advice use personal information?

We process your personal information for the purposes listed below.

We process your personal information for the following purposes on the basis that the
processing is necessary for us to pursue our legitimate interests as a business.

• Account setup and administration: We use your personal information such as your name, email and domain address, phone number, and information to set up and administer your account, provide technical and customer support and training, verify your identity, and send important account, subscription, and Service information.
• Personalisation: We use your personal information to deliver and suggest tailored content to personalise your experience with our services and websites.

Processing necessary for us to promote our business, brands and products

• Marketing and events: We use your personal information to deliver marketing and event communications to you across various platforms, such as email, telephone, text messaging, direct mail, and online. If we send you a marketing email, it will include instructions on how to opt out of receiving these emails in the future. We also maintain email preference for our services for you to manage your information and marketing preferences. Please remember that even if you opt out of receiving marketing emails, we may still send you important service information related to your accounts and subscriptions. Please see further Marketing below.

Processing necessary for us to respond to changing market conditions and our clients’ needs

• Research and development: We may use your personal information for internal
  research and development purposes and to improve our services.

Processing necessary for us to operate the administrative and technical aspects of our business efficiently and effectively

• General administration: We use your personal information for the following legal and administrative purposes:
  • for the prevention of fraud and other criminal activities;
  • to meet our internal and external audit requirements;
  • for network and information security purposes in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
  • to comply with a request from you in connection with the exercise of your
    rights;
  • for the purposes of a corporate restructure or reorganisation or sale of our
    business or assets;
  • for efficiency, accuracy or other improvements of our databases and systems;
  • to enforce or protect our privacy, safety, property or contractual and other
    legal rights or to bring or defend legal proceedings;
  • to respond to requests from courts, law enforcement agencies, regulatory
    agencies, and other public and government authorities, which may include such authorities outside your country of residence; and
  • for general administration including managing your queries, complaints, or claims, to send service messages and to provide you with important information about our business.

We process your personal information to comply with our legal obligations including:

• to verify the accuracy of information we hold about you;
• to keep a record relating to the rights you exercise in connection with our processing of your personal information;
• to respond to mandatory requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such
  authorities outside your country of residence; and
• to respond to and resolve your complaints relating to the services we provide.

5. Marketing

As described above, we process your personal information for direct marketing purposes on the basis that it is necessary for us to pursue our legitimate interests as a business (see above in this section for further details). From time to time we may tailor and personalise marketing communications that we send to you, for example, by notifying you of products, services, offers or promotions that apply to your interests, location, industry sector, employer or job role.

6. With whom do we share your personal information?

AXG Advice only shares or discloses personal information when necessary to provide its services or conduct our business operations as described below. When we share personal information, we do so in accordance with our documented data privacy and security requirements. Our suppliers, service providers and other recipients We may share your information with our third-party service providers, agents, subcontractors and other organisations (as listed below) for the purposes of providing services to us or directly to you on our behalf.

• Recipient / relationship to us
• Industry sector (& sub-sector)
• Cloud storage providers
• IT (cloud services)
• Law enforcement agencies
• Relevant regulatory organisations
• Audit (financial)
• IT support service providers
• IT (support and maintenance)

When we use third party service providers, we only disclose to them any personal
information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.

When we share your personal information with third parties that are controllers of that information, they may disclose or transfer it to other organisations in accordance with their data protection policies. This does not affect any of your data subject rights as detailed below. In particular, where you ask us to rectify, erase or restrict the processing of your information, we take reasonable steps to pass this request on to any such third parties with whom we have shared your personal information.

Other ways we may share your personal information

• Third parties for re-organisation: We may disclose your personal information to
  any third party who is restructuring, selling, buying or acquiring some or all of our business or assets (or contemplating doing so) or in the event of a merger, bankruptcy, dissolution, re-organisation or similar event to with any parties involved in those processes or transactions.
• Third parties for legal reasons: We will share personal information only when we believe it is required, such as:
  • if we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation or police, court or government request, which may include such authorities outside your country of residence;
  • to comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities; and
  • to protect our rights, users, systems, and services.

7. Where and how does AXG Advice transfer your personal information?

AXG Advice is a global organisation, and your personal information may be stored and processed outside of your home country. We take steps to ensure that the information we collect is processed according to this Privacy Policy and the requirements of applicable law wherever the data is located.

When we transfer personal information from the European Union to other countries in which applicable laws do not offer the same level of data privacy protection as in your home country, we take measures to provide an appropriate level of data privacy protection. In other words, your rights and protections remain with your data. For example, we use approved contractual clauses, multiparty data transfer agreements, and other measures designed to ensure that the recipients of your personal information protect it. If you would like to know more about our data transfer practices or to obtain a copy of the safeguards we use, please contact our Data Protection Team by email at DataProtection@axgam.com.

AXG Advice has networks, databases, servers, systems, and support located throughout our offices globally. We collaborate with third parties such as cloud hosting services, located around the world to serve the needs of our business, workforce, and customers. We take appropriate steps to ensure that personal information is processed, secured, and transferred according to applicable law.

8. Securing your personal information

AXG Advice uses appropriate technologies, policies, processes and procedures to protect personal information. Our information security policies and procedures are closely aligned with widely accepted international standards and are reviewed and updated regularly to reflect changes in legislation and in business needs.

Examples of the technologies, policies, processes and procedures we maintain are:

• we have measures in place to protect against accidental loss and unauthorised access, use, destruction, or disclosure of data;
• we have a Business Continuity and Disaster Recovery strategy that is designed to safeguard the continuity of our service to our clients and to protect our people and assets;
• we place appropriate restrictions on access to personal information;
• we implement appropriate measures and controls, including monitoring and physical measures, to store and transfer data securely;
• we regularly conduct security awareness training for employees and contractors;
• we take steps to ensure that our employees and contractors operate in accordance with our information security policies and procedures and any applicable contractual conditions;
• we require, through the use of contracts and security reviews, our third-party vendors, service providers and their sub-contractors to protect any personal information with which they are entrusted in accordance with our security policies and procedures.

9. How long do we keep your data?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

The length of time we retain your personal information is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We determine the period of retention of your personal information based on the following criteria:

• Retention in case of queries. We will retain your personal information in case of queries from you, including on behalf of an organisation for whom you work.
• Retention in case of claims. We will retain certain of your personal information for the period in which you or a third party might bring claims against us.
• Retention in accordance with legal and regulatory requirements. We will carefully consider whether we need to retain your personal information after the period  described above in case of a legal or regulatory requirement. In respect of some  activities we are obliged by regulation to retain data and information indefinitely, e.g. Defined Benefit Pension Transfers.

The exceptions to the above are where:

• you exercise your right to require us to retain your personal information for a period longer than our stated retention period (see further Restriction of processing below);
• you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Request deletion below);
• we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or
• in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.

When we no longer need your personal information, we securely delete or destroy it.

10. Your right regarding your personal information

The European Union’s General Data Protection Regulation and other applicable data
protection laws provide you with rights over your personal information. AXG Advice respects your right to access and control your  information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information. If you wish to exercise any of your rights listed below, please contact our Data Protection team by email at  DataProtection@axgam.com. Except in rare cases, we will respond to you within 1 month after we have received this information or, where no such information is required, after we have received full details of your request.

• Information regarding processing: You have the right to be informed about why, how and by whom your personal information is processed (which is what this policy sets out to do).
• Access to personal information: If you request access to a copy the personal information we hold about you, we will gladly comply, subject to any relevant legal requirements and exemptions, including completing our identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data.
• Request correction: You have the right to correct or amend your personal information if it is inaccurate or requires updating.
• Request deletion: You have the right to request deletion of your personal information; however, this is not always possible due to legal requirements and other obligations and factors. Remember that you can update your account information by using the “Contact Us” option within the relevant service.
• Object to processing: If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect your choice in accordance with our legal obligations.
• Restriction of processing: You can ask us to suspend the processing of your personal information if you want us to establish the accuracy of the information;
• where our use of the information is unlawful but you do not want us to erase it; where you need us to hold the information even if we no longer require it as you need it to establish, exercise or defend legal claims; and you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
• Request personal information transfer (“data portability”): We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
• Automated decision making: We will only make a decision that may significantly affect you (and for which we use only automated processing) in the ways the law permits and that are described in this privacy policy. Where we are permitted to make such a decision in these ways, you may contest that decision by emailing DataProtection@axgam.com.
• Withdraw consent at any time: You have the right to withdraw your personal information where we are relying on consent to process it. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

Making a complaint: If you are not satisfied with how AXG Advice manages your personal information, you have the right to make a complaint to a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed. The contact details for the Information Commissioners Office (ICO), the data protection regulator in the UK, are available on the ICO website. A full list of National Personal Information Protection Authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm Where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.

11. Policy changes

AXG Advice may change this Privacy Policy at any time by sending you an e-mail with the modified Privacy Policy or by posting a copy of them on the website. Any changes will take effect seven (7) days after the date of our e-mail or the date on which we post the modified Privacy Policy on our website, whichever is the earlier.

12. Contact and legal information

To contact us for any reason, including to exercise any of your rights in relation to your personal information, please write to the Data Protection Team at the address below or email us at DataProtection@axgam.com

You can also contact us by:

•  Telephone: + 44 (0) 127 300 5495
• E-mail: info@axgam.com

AXG Advice is a company incorporated in England & Wales with company number 05677304 and has its registered office address at Mocatta House, Trafalgar Place, Brighton, BN1 4DU, United Kingdom.