- This Privacy Notice (the “Notice”) sets out how we, Infiniti Research Ltd, registered company number 04922062, 8 Wimpole Street, London, United Kingdom W1G 9SP and our affiliates and associated offices (collectively “Infiniti Research”, “we”, “us”, “our”) process the personal data of individuals (each a “User”, “you”, “your”) who contact us or who use our websites, services, programs, content and related features (collectively, the “Services”).
- If you have any questions about this Notice, please contact us by email.
- We will let you know, by posting on our website or otherwise, if we make any changes to this Notice from time to time. Your continued use of the Services after notifying such changes will amount to your acknowledgement of the amended Notice.
- This version of our privacy notice was published in August 2018.
What are personal data?
- “Personal data” means any information relating to an identified or identifiable natural person, known as ‘data subject’, who can be identified directly or indirectly; it may include name, address, email address, phone number, IP address, location data, cookies, call recording and similar information. It may also include “special categories of personal data” such as racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a data subject, data concerning health or data concerning a natural person’s sex life or sexual orientation.
What personal data do we process?
- We may process the following personal data:
- Information provided by you. You may give us information about you by filling in forms such as the contact form on our website, subscribing to services, ordering a product, making applications in respect of job postings, uploading information, corresponding with us by e-mail, phone or otherwise. This information may include your name, email address, billing address, shipping address, phone number, place of employment, payment information, the content of any email you send to us and similar information.
- Information about others. You may also provide to us personal data relating to third parties, such as people who you work with, reporters and other individuals who comment on markets and news, business actors relevant to your industry and other individuals.
- Information about your device. With regard to each of your visits to our website we may collect technical information about your device such as IP address, operating system, browser, time zone setting, the Internet address of the website from which you linked directly to our website, URL clickstream data, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
- Information from third party sources. This may include information received from credit reference agencies, our service providers and other third parties.
- Generally, you are under no obligation to provide this information, but without it, we may be unable to provide you with some of our Services. We may require credit reference agency information before entering in a service agreement with you. Some personal data will be mandatory in order for us to comply with mandatory client due diligence processes before we are able to provide the Services.
- Information about third parties should only be provided if you have demonstrable permission to do so or if the information is available in the public domain.
- We will rely on the information provided by you as accurate, complete and up to date and you agree to ensure that this will be the case.
Your consent to call recording
- When you call us, we will play a short message informing you about call recording. By continuing your call following that message you give consent that your call may be recorded. If you do not agree, you must hang up and contact us by alternative means.
- We may record your calls with us for the following purposes:
- establishing the existence of facts relevant to our business, including a record of your instructions, orders, complaints or other communications;
- reviewing how we and our personnel comply with our regulatory and legal obligations;
- quality control and staff training;
- preventing and detecting crime; and
- ensuring the effective operation of our communication systems and detecting and preventing unauthorized use.
How do we use your personal data?
- We will only process personal data, in accordance with applicable law, for the following purposes:
- responding to your queries, requests and other communications;
- providing the Services including our website and related features as well as the sale of reports, subscription services, research activities, preparation of bespoke reports and providing other information services. This may include retaining a record of your purchase history and, subject to your preferences, payment details to facilitate future purchases, subscription renewals and payments;
- enabling suppliers and service providers to carry out certain functions on our behalf in order to provide the Services, including market analysis, translations, webhosting, data storage, identity verification, technical, logistical and other functions, as applicable;
- allowing you to use features on our website, when you choose to do so;
- sending you personalised marketing communications requested by you. You have the right to unsubscribe by clicking here;
- serving personalised advertising to your devices, based on your interests in accordance with our Cookie Statement below. You have the right to disable cookies as set out below;
- ensuring the security of our business and preventing and detecting fraud;
- administering our business, including complaints resolution, troubleshooting of our website, data analysis, quality control, staff training, testing of new features, research, statistical and survey purposes;
- developing and improving our Services; and
- complying with applicable law, including in response to a lawful request from a court or regulatory body.
- The legal basis for our processing of personal data for the purposes described above will typically include:
- processing necessary to fulfil a contract that we have in place with you or other data subjects, such as processing for the purposes set out in paragraphs (a), (b), (c) and (d);
- your consent, such as processing for the purposes set out in paragraphs (e) and (f);
- processing necessary for our or a third party’s legitimate interests, such as processing for the purposes set out in paragraphs (a), (b), (c), (g), (h) and (i), which is carried out on the basis of our legitimate interests to ensure that Services are properly provided, ensure the security of our business and our Users and the proper administration of our business;
- processing necessary for compliance with a legal obligation to which we are subject, such as processing for the purposes set out in paragraph (j); and
- any other applicable legal grounds.
- The cookies placed on our website. For example, we may use the following cookies on our website:
- Strictly necessary cookies. These cookies are essential in order to enable you to move around our website and use its features. Without these cookies, Services you have asked for cannot be provided. They are deleted when you close the browser. These are first party cookies.
- Performance cookies. These cookies collect information in an anonymous form about how visitors use our website. They allow us to recognise and count the number of visitors and to see how visitors move around the website when they are using it and the approximate regions that they are visiting from. These are first party cookies.
- Functionality cookies. These cookies allow our website to remember choices you make (such as your user name, language or the region you are in, if applicable) and provide enhanced, more personal features. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites. These are first party cookies.
- Targeting or advertising cookies. These cookies allow us and our advertisers to deliver information more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as to help measure the effectiveness of advertising campaigns. They remember that you have visited our website and may help us in compiling your profile. These are persistent cookies which will be kept on your device until their expiration or earlier manual deletion.
- Social Media cookies. These cookies allow you to connect with social media networks such as Facebook, twitter, LinkedIn and Google+. These are persistent cookies which will be kept on your device until their expiration or earlier manual deletion.
- Other cookies that may become available.
- We may combine information from these types of cookies and technologies with information about you from other sources.
- Cookie consent and opting out. By using our Services, we assume that you are happy for us to place cookies on your device. Most Internet browsers automatically accept cookies. However, if you, or another user of your device, wish to withdraw your consent at any time, you have the ability to accept or decline cookies by modifying your browser setting. If you choose to decline cookies, you may not be able to fully experience the interactive features of our website, our platforms and Services.
- If you are based in Europe, when you arrive on our website a pop-up message will appear asking for your consent to place advertising cookies on your device. In order to provide your consent, please click ‘I’m fine with this’. Once your consent has been provided, this message will not appear again when you revisit. If you, or another user of your device, wish to withdraw your consent at any time, you can do so by altering your browser settings.
- You may also opt-out from third party cookies by selecting appropriate options on http://www.youronlinechoices.com/uk.
Disclosure of personal data
- There are circumstances where we may wish to disclose or are compelled to disclose your personal data to third parties. These scenarios include disclosure to:
- our affiliates or associated offices;
- our suppliers and service providers to facilitate the provision of the Services, including couriers, translators, IT consultants, webhosting providers, identity verification partners (in order to verify your identity against public databases), analytics providers, consultants, for example, in order to protect the security or integrity of our business, including our databases and systems and for business continuity reasons;
- subject to appropriate legal basis such as consent, our advertising and marketing partners who enable us, for example, to deliver personalised ads to your devices or who may contact you by post, email, telephone, SMS or by other means;
- payer, such as your employer, who pays for our products and services;
- successor or partner legal entities, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganisation, change of legal form, dissolution or similar event relating to our business. In the case of a merger or sale, your personal data will be permanently transferred to a successor company;
- public authorities where we are required by law to do so; and
- other third parties where you have provided your consent.
International transfer of your personal data
- We may transfer your personal data to a third party in countries outside the country in which the personal data were originally collected for further processing in accordance with the purposes set out above. In particular, your personal data may be transferred across our group of companies to the US and other countries. Where this is the case, we will ensure that appropriate transfer mechanisms, such as standard contractual clauses, are in place to ensure an adequate level of data protection. In relation to our transfers of personal data to our affiliates in the US, you may access our Privacy Shield certification here.
- If we transfer personal data to private organisations abroad, such as our suppliers and service providers, we will, as required by applicable law, ensure that your privacy rights are adequately protected by appropriate technical, organisation, contractual or other lawful means, such as standard contractual clauses. You may contact us for a copy of such safeguards in these circumstances.
- In compliance with the Privacy Shield Principles, Infiniti Research, commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Infiniti Research at: 8 Wimpole Street, London, W1G 9SP, UK.
- Infiniti Research has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU.
- The following is a list of the type or identity of third parties to which our organization discloses personal information to, and the purposes for which we do so: financial organisations, trade and employer associations, current, past or prospective employers, family, associates and representatives of the person whose personal data we are processing, business associates and professional advisers, suppliers and service providers and persons making an enquiry or complaint.We process personal information to enable us to provide a social networking website for our customers; maintain our own accounts and records and support and manage our employees. We also process personal information in the course of selling, hiring or exchanging it.
- Individuals have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please see Annex I of the EU-U.S. Privacy Shield Framework for additional information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction
- Infiniti Research is potentially liable for onward transfers to third parties of personal data of EU individuals received pursuant to Privacy Shield.
- Where we transfer personal data on to third parties we take steps to ensure that there are suitable contractual controls with those third parties where they act as a processor for us.
- Our organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC)
Retention of personal data
- We retain personal data for as long as is necessary for the purposes listed above or longer as may be required by the law. Please contact us for further details of applicable retention periods.
- We may keep an anonymized form of your personal data, which will no longer refer to you, for statistical purposes without time limits, to the extent that we have a legitimate and lawful interest in doing so.
Security of personal data
- We will use appropriate technical and organisational information security measures to try to prevent unauthorised access to your personal data. However, please be aware that the transmission of information via the internet is never completely secure. Whilst we can do our best to keep our own systems secure, we cannot control the whole of the internet and we cannot therefore guarantee the security of your information as it is transmitted to and from our website.
- Where you have created or received a password, authentication code, secure code or verification link which enables you to access certain parts of our website or content, you are responsible for keeping such information confidential. We ask you not to share such information with anyone.
- When you use the services available through this website, transmission of your credit card information and manuscript to us (or our third-party credit card processor) is encrypted using Secure Socket Layer (SSL) encryption. To process and protect your payment information, we use a number of secure and PCI DSS compliant providers and we do not have access to payment data from such transactions. However, if you choose a payment method that requires sharing your payment details with us, please do so either at the telephone number or email address provided in our invoice. This will help us take adequate measures to keep the data safe.
Data subject rights
- Data subjects may have numerous rights in relation to their personal data. For further information about your data protection rights please visit the ICO website.
- Right to make a subject access request (SAR). Data subjects may request in writing copies of their personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that a SAR is being made. You may also be required to submit a proof of your identity and any payment permitted by law, where applicable.
- Right to rectification. Data subjects may request that we rectify any inaccurate or incomplete personal data.
- Right to withdraw consent. Data subjects may at any time withdraw their consent to the processing of their personal data carried out by us on the basis of their previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.
- Right to object to processing including automated processing and profiling. We do not make automated decisions about data subjects. However, we may rely on information provided by third parties such as credit reference agencies which may score data subjects on the basis of automated decisions. Profiling may be carried out for business administration purposes, such as monitoring trends in User visits of our website and in order to deliver relevant ads to Users’ devices. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will comply with each valid opt-out request in relation to marketing communications.
- Right to erasure. Data subjects may request that we erase their personal data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the personal data, such as, our business record retention obligations that we have to comply with.
- Restriction. Data subjects may request that we restrict our processing of their personal data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your personal data in a certain way.
- Right to data portability. In certain circumstances, data subjects may request the controller to provide a copy of their personal data in a structured, commonly used and machine-readable format and have it transferred to another provider of the same or similar services. We do not consider that this right applies to our Services. However, to the extent it does, we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of the data subject’s personal data which may still be retained for legitimate and lawful purposes.
- Right to lodge a complaint with the supervisory authority. We suggest that data subjects contact us about any questions or complaints in relation to how we process their personal data. However, each data subject has the right to contact the relevant supervisory authority directly. A list of supervisory authorities is available here.
- Right to invoke binding arbitration.
a) For clients based in the United States of America:
Any dispute arising under or in connection with this Engagement that is not first resolved by the parties shall be determined and settled exclusively by Arbitration in accordance with the Commercial Arbitration Rules of the American Arbitration Association then in effect. Arbitrators shall be selected pursuant to such Rules. The language to be used in the arbitration shall be English; the governing law of the contract shall be the law of the State of Illinois; the number of arbitrators shall be three; and the seat or legal place, of arbitration, shall be Chicago, Illinois. Any award rendered in such arbitration shall be final and binding on both parties and judgment may be entered on the arbitrator’s award in any court having jurisdiction. The arbitrators may only award actual damages and shall not have the right to award any other damages, including punitive, incidental or consequential damages.
b) For clients who are not based in the United States of America:
Any dispute arising under or in connection with this Engagement that is not first resolved by the parties shall be determined and settled exclusively by Arbitration in accordance with the Commercial Arbitration Rules of the London Court of International Arbitration then in effect. Arbitrators shall be selected pursuant to such Rules. The language to be used in the arbitration shall be English; the governing law of the contract shall be English law; the number of arbitrators shall be three; and the seat, or legal place, of arbitration, shall be London. Any award rendered in such arbitration shall be final and binding on both parties and judgment may be entered on the arbitrator’s award in any court having jurisdiction. The arbitrators may only award actual damages and shall not have the right to award any other damages, including punitive, incidental or consequential damages.