Last updated: 1st April 2019
1.1 Mzuzu Limited (the “Company“, “we“, “us” or “our“) t/a Acuiti respects your privacy and is committed to treating any information that we obtain about you with as much care as possible and in a manner that is compliant with all applicable data protection legislation including the EU General Data Protection Regulation 2016/679 (“GDPR“) and any national implementing laws in relation to the same including the Data Protection Act 2018 (collectively, “Data Protection Legislation“).
1.2 The Company operates a business intelligence platform which produces content by collecting and processing data and information submitted by senior figures in the derivatives market (the “Platform“).
1.3.1 what personal data we may collect about you in connection with:
220.127.116.11 providing you with access (including preview or beta access) to, and your interaction with us through:
18.104.22.168.1 the Platform;
22.214.171.124.2 acuiti.io (the “Website“);
126.96.36.199.3 any other website or app we own or operate from time to time, related to the Website or the Platform;
188.8.131.52.4 email or social media; and
184.108.40.206.5 any other channels related or ancillary to the foregoing.
(collectively, the “Channels“);
1.3.2 how we collect, store, disclose, transfer, protect and otherwise process that personal data (and for what purposes); and
1.3.3 other important information, such as the lawful basis or bases by which we process your personal data, how long we retain your personal data, and the rights you have in relation to the personal data we hold about you.
1.5 In this policy, terms defined in the GDPR, including “data subject“, “personal data“, and “processing“, have the same meaning when used in this policy. The words “include“, “including“, “such as” and similar words and phrases shall be construed to mean “including without limitation“.
1.6 This policy is intended to be communicated to you in a concise, transparent, intelligible and easily accessible manner, but we appreciate that you may have queries or want to seek clarification as to its terms. If so, please email email@example.com or write to Data Protection Enquiries 141 Hornsey Road, Holloway, London, United Kingdom, N7 6DU and we will endeavour to respond as soon as possible.
1.7 The Company reserves the right to make changes to this policy from time to time including as may be necessary or desirable to reflect any changes in: (i) the ways in which we gather and process personal data; Data Protection Legislation; or (iii) best practice. The Company will endeavour to notify you of such changes but you are advised to check for an updated version of this policy at acuiti.io each time you interact with us through the Channels.
1.8 It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
2 The personal data we process
2.1 We collect personal data about you through the Channels when you:
2.1.1 access and use our websites and apps or other Channels (including automatically by way of cookies or similar technologies – please refer to paragraph 12 below for more information);
2.1.2 register for an account on our websites, apps or other Channels, or subscribe for or participate in other services, competitions, contests, special events, or our mailing list;
2.1.3 contact us (whether in writing, by email, by telephone or otherwise), including via any contact form available on the Channels;
2.1.4 make any enquiry or application with respect to careers, vacancies or opportunities at the Company;
2.1.5 purchase, request or subscribe for a product or service from us;
2.1.6 provide any personal data in connection with your use of the Platform;
2.1.7 request technical support or other customer care support;
2.1.8 participate in polls, surveys and questionnaires on or related to the Channels including the surveys and other requests for information which form the basis of the data available through the Platform (through the Platform, by email, by Phone, or by any other method; or
2.1.9 otherwise interact with us through the Channels.
2.2 Where lawful, we may also obtain personal data from third parties or public sources (for example, the open electoral register or credit reference agencies) and we may process that information where it is an essential component of the products and services we offer you.
2.3 The type of personal data we process may include (if and as applicable):
2.3.2 identity and contact information, such as your name, user name, email address, postal address, date of birth, telephone number, job title and other information provided by you when you register for an account on our Channels or subscribe for other services, contests, special events or our mailing list (“Identity and Contact Data“);
2.3.3 information which you provide in any correspondence with us (“Correspondence Data“);
2.3.4 if you enquire or apply for any vacancies or opportunities at the Company, your CV, résumé, educational background, employment history and any other information you provide in connection with the same (“CV Data“);
2.3.5 in relation to any order, purchase or subscription made by you, your order details, payment information, preferences and other transaction information provided or obtained in connection with any product or service you have requested, bought or subscribed for (“Product and Service Data“);
2.3.6 your responses to any polls, surveys and questionnaires we may run from time to time (“Response Data“);
2.3.7 marketing and communications data, which includes your preferences in receiving marketing from us and our third parties and your communication preferences (“Marketing and Communications Data“);
2.3.8 any personal data contained in content you post on our Platform or otherwise through the Channels (“User Generation Data“); and
2.3.9 information ascertained by your interaction with us through the Channels, including your interests and purchase history (“Transaction Data“).
2.4 We do not process:
2.4.1 any special categories of personal data (including details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data);
2.4.2 any information about criminal convictions and offences; or
2.4.3 any information about children under the age of 13,
and you should not provide us with any such information through any of the Channels.
3 How we process personal data
3.1 We process the data referred to in paragraph 2 above by collecting it from the data subject and then storing it with Salesforce (as referred to in paragraph 7.2.2 below).
3.2 Once the business performance and operational benchmarking results to survey responses have been received, they become anonymised and no longer constitute personal data.
3.3 Any personal data submitted by users when completing surveys is anonymised and aggregated.
3.4 Personal data relating to demographics is stored to use for tailoring survey questions and marketing.
3.5 No personal data is disclosed to third parties except as set out in paragraph 7.
4 The purposes for which we process your personal data
4.1 We use the personal data referred to in paragraph 2 above for the purposes of (if and as applicable):
4.1.1 personalising content on the Channels;
4.1.2 profiling based on job title and interests;
4.1.3 using analytic cookies to analyse and monitor how web users use our Platform and to enhance
4.1.4 sending you promotional and marketing materials, notifications, updates and exclusive news and tailoring those updates for you (unless you have opted out of receiving such communications);
4.1.5 providing you with access to our products and services,
4.1.6 operating and providing access to the Platform;
4.1.7 processing payments and fulfilling orders for products and/or services;
4.1.8 internal training and other internal uses to improve our services and customer experience (including improving our marketing and promotional efforts, analysing channel usage statistics, improving content and product offerings and customising the content and layout of our stores and Channels);
4.1.9 responding to any correspondence from you including enquiries, comments, complaints and request for technical assistance;
4.1.10 if your data was provided in connection with a career opportunity or vacancy, assessing your fitness and eligibility for any particular role;
4.1.11 administering any polls, services, questionnaires, competitions, contests, or special events which you may have subscribed for or participated in;
4.1.12 recording your purchase or usage history and administering your account with us;
4.1.13 market research and demographic studies;
4.1.14 complying with any legal obligation;
4.2 We may process your personal data for the purposes set out in paragraph 4.1 ourselves or in conjunction with our third party service providers (in accordance with paragraph 7).
5 The lawful bases by which we process your personal data
5.1.1 Generally, we do not rely on consent as a legal basis for processing your personal data. Occasionally, however, we will get your consent before sending third party direct marketing communications to you (e.g. via email or text message). If this policy has been communicated to you in relation to any such communications and you have consented to the same, then by accepting the terms of this policy, you give the Company your express, freely given consent to process any of your personal data in accordance with the terms of this policy.
5.1.2 You may withdraw your consent at any time by contacting firstname.lastname@example.org. You can also unsubscribe from different types of emails by following the unsubscribe link displayed at the bottom of each email. The withdrawal of your consent shall not affect the lawfulness of processing based on consent before withdrawal or the lawfulness of processing based on other lawful grounds as set out below.
5.2 Other lawful grounds
The Company may process your personal data in any circumstances where such processing is necessary:
5.2.2 to comply with any applicable law or regulation; or
5.2.3 for the purposes of the legitimate interests pursued by us or third parties. These legitimate interests include the purposes identified above in paragraph 4.1 but also include other commercial interests and our internal administrative purposes.
5.3 We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data.
5.4 More information about which lawful basis is usually used for which data processing activity is set out in the table below:
||Lawful basis for processing including basis of legitimate interest
|To register you as a new customer or user
||Performance of a contract with you
|To process and deliver any orders, subscriptions, or requested services including:(a) Manage payments, fees and charges(b) Collect and recover money owed to us
||(a) Performance of a contract with you(b) Necessary for our legitimate interests (to recover debts due to us)
||(a) Performance of a contract with you(b) Necessary to comply with a legal obligation(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
|To enable you to complete a survey
||(a) Performance of a contract with you(b) Necessary for our legitimate interests (to study how customers use our products/services, and to develop and grow our business)
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)
||(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)(b) Necessary to comply with a legal obligation
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
||Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
||Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
|To make suggestions and recommendations to you about goods or services that may be of interest to you
||Necessary for our legitimate interests (to develop our products/services and grow our business)
|To send surveys and collect data from surveys
||Necessary for our legitimate interests (to receive information based on demographic types and preferences to study how customers may want to use the Platform)
5.5 We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
5.6 If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
5.7 Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
6 What if you refuse to provide us with any personal data?
6.1 Where we need to collect personal data by law, or under the terms of an agreement we have with you, and you fail to provide that data when requested (or fail to consent to the processing of that data, if necessary), we may not be able to perform the contract or arrangement we have or are trying to enter into with you (for example, to provide you with products or services). In this case, we may have to cancel a product or service you have with us (e.g. relating to access to our Platform or any reports or insight documents but we will endeavour to notify you if this is the case at the time.
6.2 Whilst we may be able to provide you with certain products and services notwithstanding your refusal to submit personal data, this may limit your ability to participate in some activities, or use certain features, services or functionality.
7 Sharing information with third parties
7.1 We will not share any of your personal data with third parties except as set out in this paragraph 7 or otherwise notified to you or agreed between you and us from time to time.
7.2 From time to time, we will also need to share personal data with the following types of third party service providers who we engage to provide services which facilitate our business and who may need to process your personal data to the extent necessary to provide those services:
7.2.1 MailChimp, operated by The Rocket Science Group LLC, our email marketing service;
7.2.2 Salesforce, operated by Salesforce.com Inc, our CRM;
7.2.3 Qualtrics, operated by Qualtrics LLC, our survey platform;
7.2.4 Namecheap, operated by Namecheap Inc, our web hosting service;
7.2.5 Totality Services, operated by Totality Services London Ltd, our IT support service;
7.2.6 Microsoft One Drive, operated by Microsoft, the Company’s back-up storage provider;
7.2.7 Forge, operated by Forge Global Limited, our website developers; and
7.2.8 any similar or replacement third parties from time to time.
7.3 We seek to ensure that any third party engaged by us who processes your personal data in connection with the purposes listed above has policies and procedures in place to ensure compliance with the Data Protection Legislation.
7.4 For any third parties that are based, or process data, overseas, we only engage such third parties in accordance with paragraph 8.
7.5 Unless otherwise disclosed to you from time to time, we will remain the data controller in respect of your personal data notwithstanding that third parties may be engaged as data processors.
8 International transfers of personal data
8.1 From time to time it may be necessary for us to transfer your information internationally. In particular your information may be transferred to and/or stored on the servers of our Affiliates or other third parties identified in paragraph 7 which are based outside of the EEA.
8.2 However, we will not transfer your personal data outside of the EEA unless:
8.2.1 such transfer is to a country or jurisdiction which the EU Commission has approved as having an adequate level of protection (including to the USA where Privacy Shield compliant);
8.2.2 appropriate safeguards are in place as set out in Article 46 GDPR or equivalent provisions of other Data Protection Legislation; or
8.2.3 the transfer is otherwise allowed by applicable Data Protection Legislation (such as in the form of a derogation under Article 49 GDPR).
9 Your rights as a data subject
Subject to any conditions or requirements set out in the relevant Data Protection Legislation, you may have some or all of the following rights in relation to the personal data we hold about you:
9.1 the right to request a copy of your personal data held by us;
9.2 the right to correct any inaccurate or incomplete personal data held by us. You can amend any personal data which cannot be modified online, by emailing us at email@example.com;
9.3 the right to request that we erase the personal data we hold about you;
9.4 the right to request that we restrict the processing of your data;
9.5 the right to have your personal data transferred to another organisation;
9.6 the right to object to certain types of processing of your personal data by us; and
9.7 the right to complain (please see paragraph 13 of this policy).
Please note however that these rights are not absolute in all situations and may be subject to conditions and provisos set out in relevant Data Protection Legislation. The Company cannot therefore guarantee that any request from you in connection with the rights set out above will be agreed to. For further information, or to see if you can exercise any particular right, please contact us at firstname.lastname@example.org.
10 Storage and retention of your personal data
10.1 As a minimum, we need to store your data for 12 months when it is deleted if you do not opt in to use the Platform (i.e. for as long as is necessary to enable us to provide you with the goods and services that you have requested from us (or to support your other uses of our Channels, such as maintaining your account(s)).
10.2 However, we will retain certain of your personal data for longer if we think it is reasonably necessary to do so in the circumstances, taking into consideration factors such as:
10.2.1 our need to perform any agreements between you and us (including order fulfilment);
10.2.2 our need to answer any queries or resolve any problems you may have;
10.2.3 your continued consent to receive marketing and other emails and communications from us;
10.2.4 our continued provision of our services to you; and
10.2.5 our need to comply with legal requirements (e.g. relating to record keeping).
10.3 If you tell us that you would like to delete your account, or you do not use or interact with the Platform for 2 years, we will take steps to delete all the personal data we hold about you once it is no longer necessary for us to hold it (e.g. to fulfil any outstanding orders, resolve disputes, or as is permitted by applicable law or regulation).
10.4 Personal data relating to operational performance provided through surveys is deleted by us once the survey has been compiled, this will usually be within four weeks.
10.5 Personal data relating to demographics provided in the surveys is retained by Salesforce (as described in paragraph 7.2.2 above) and will be kept until you opt out or after two years of no interactions with the Platform.
10.6 For as long as we do store your data, the Company follows generally accepted industry standards and maintains reasonable safeguards to attempt to ensure the security, integrity, and privacy of the information you have provided. The Company has security measures in place designed to protect against the loss, misuse, and alteration of the information under our control. Personal data collected by the Company in connection with this policy is stored in secure operating environments that are not available to the public. The Company maintains information behind a firewall-protected server and uses SSL encryption for purchases made through our online store.
10.7 Notwithstanding our efforts to keep your personal data secure, no system can be 100% reliable. To the fullest extent permitted by law, we cannot be held liable for any loss you may suffer if a third party procures unauthorised access to any data you provide through the Channels. In addition, you are responsible for maintaining the strength and confidentiality of any login credentials.
10.8 We will notify you as soon as reasonably practicable if we have reason to believe that there has been a personal data breach by us which could adversely affect your rights and freedoms.
11 Links to third parties
11.1 Our website may link or redirect to other websites that are beyond our control. Such links or redirections are not endorsements of such websites or representation of our affiliation with them in any way and such third party websites are outside the scope of this policy.
11.2 If you access such third party websites, please ensure that you are satisfied with their respective privacy policies before you provide them with any personal data. We cannot be held responsible for the activities, privacy policies or levels of privacy compliance of any website operated by any third party.
12.1 A cookie is a small file of letters and numbers stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive.
12.3 Our websites use some or all of the following cookies:
12.3.1 Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
12.3.2 Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
12.3.3 Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
12.3.4 Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
12.4 You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
||Test if cookies are enabled/ functioning as expected
||Google Analytics for web fonts
||Web font tracking to know whether to refresh cached fonts
||Web font tracking to know whether to refresh cached fonts
|__utmzz, __zlcmid, _ga
||WP Engine cookies to track user session / user activity
12.6 Your browser may give you the ability to block all or some cookies by activating a setting in your browser’s options. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Channels.
12.7 Except for essential cookies, all cookies will remain unless the cookie cache is cleared (unless otherwise indicated in the table above).
13 Questions and complaints
13.1 For all questions or complaints about this policy, we would appreciate the chance to deal with your concerns before you approach the relevant data protection authority. Please contact us in the first instance via email at email@example.com or write to Data Protection Enquiries, 141 Hornsey Road, Holloway, London, United Kingdom, N7 6DU. The Company’s Data Protection Office as of the date of this policy is Will Mitting (firstname.lastname@example.org).
13.2 You have the right to make a complaint at any time to the relevant supervisory authority for data protection issues, which in the UK is the Information Commissioner’s Office (ICO) (www.ico.org.uk).