Last updated: August 16th, 2019
1.1.1 use our products or services;
1.1.2 download documents from us or subscribe for alerts or newsletters;
1.1.3 attend one of our events, or an event hosted at our premises;
1.1.4 visit or register to use http://www.beyond-ratings.com (the “Website”)
1.4 Your data controller will be the LSE Group entity which collected your personal data. In relation to the Website, that entity is Beyond Ratings S.A.S. We will process any personal information we collect about you in accordance with applicable data protection laws, and where required, we will maintain appropriate registrations as data controllers with the local regulatory bodies.
1.6 Whilst your data controller may be a specific LSE Group entity, your details may be held in our contact database which can be accessed and used by other entities in the LSE Group, which may be located outside the EEA. For more information on data sharing and transfers of data outside of the EEA, please see section 5 below.
1.7 Effective Date:19.08.2019
2. WHAT PERSONAL INFORMATION DO WE COLLECT
2.1 "Personal Information" refers to information which does or is capable of identifying you as an individual. The types of Personal Information that we process will depend largely on the service you receive from us (and may also vary by country, and according to applicable law). However, the following is an overview of the types of Personal Information which we process:
2.1.1 your name;
2.1.2 email address;
2.1.3 other personal contact details (including telephone number and postal address);
2.1.4 job title;
2.1.6 corporate contact details (including business "direct dial" or office address);
2.1.7 date of birth (for instance, where you hold a regulated position in respect of a listed company);
2.1.8 financial information (where necessary to conclude services contracts with you);
2.1.9 your photograph (for instance, where you attend an LSE Group event);
2.1.10 career history, professional background and other CV related information (for example, where you provide this to us in connection with an application to be a qualified advisor);
2.1.11 national insurance number (where required for regulatory purposes); and
2.1.12 your driving license or passport (required to confirm your identity where you visit our premises).
2.2 Your use of the Website and related online services involves the automated collection of certain types of information, some of which may be considered Personal Information under applicable laws or in specific circumstances. This information includes:
2.2.1 IP address;
2.2.2 browser type; and
2.2.3 operating system.
2.3 In addition, the Website may use a range of cookies to improve and personalise your experience. More information about these can be found in the Cookies Policy.
2.4 We may in limited circumstances collect certain types of sensitive Personal Information which are protected more strictly by law. These include:
2.4.1 disability information (where you choose to share this with us in relation to accessing to our services or our physical premises); and
2.4.2 religious affiliation (for example, where this relates to your dietary requirements for an LSE Group hosted event).
2.5 We will only collect information that is necessary for us to provide you with the product or service that you have requested. The type of information that we may collect will depend upon the nature of that service or product.
3. HOW WILL WE USE ANY PERSONAL INFORMATION THAT WE COLLECT?
3.1 It will often be apparent from the context how we intend to use that Personal Information.
3.2 The following is an overview of LSE Group's purposes for processing Personal Information. Please remember that additional information may be provided to you in a separate notice, or in our terms and conditions. In addition to 1.5, in the event of any conflict between any separate notice and our terms and conditions, our terms and conditions shall take precedence.
3.3 All processing of Personal Information which we undertake is justified by a "condition" for processing. In addition, processing of sensitive Personal Information is always justified by a secondary condition. In the majority of cases, processing will be justified on the basis that:
3.3.1 you have consented to the processing;
3.3.2 the processing is necessary to perform a contract or to take steps to enter into a contract;
3.3.3 the processing is necessary for us to comply with a relevant legal obligation; or
3.3.4 the processing is in our legitimate commercial interests, subject to your interests and fundamental rights.
3.4 The purposes for which we process your Personal Information are to (in each case, where applicable):
3.4.1 provide you with specific services in accordance with a contract you are entering, or have entered into with us;
3.4.2 register you for client services, and to create user accounts ;
3.4.3 onboard you as a client and to carry out background and screening checks;
3.4.4 compile and maintain files on prospective and current directors and qualified advisors, and to carry out background and screening checks on the same, in order to comply with regulatory requirements;
3.4.5 carry out regulatory reporting ;
3.4.6 provide you with newsletters or alerts where you have signed-up for these on the Website;
3.4.7 conduct market research surveys, where you choose to participate in these;
3.4.8 run competitions;
3.4.9 create, calculate, produce, operate, maintain and administer indexes, products and services using publicly available securities holdings information;
3.4.10 analyse usage of the Website (see more information in relation to our use of analytics tools below);
3.4.11 arrange events hosted at our premises, where you are either an organiser or an attendee; and
3.4.12 control access to our premises.
Your personal data may be processed either electronically or in hard copy form, both inside and outside the EU and the EEA, in accordance with paragraph 6.
3.5 We may send you direct marketing communications. . In limited circumstances, where we have obtained your prior consent, we may send you marketing communications in relation to carefully selected and relevant third party partners, whose products and services may be of interest to you. You may opt out of certain kinds of marketing, or all forms of marketing, by emailing us at the following address email@example.com or visiting our marketing preference center, where applicable. Alternatively, you can click on the "opt-out" link provided in all our marketing emails.
4.1 We use analytics tools on the Website to provide the service you request, identify service issues to us, improve our services, provide content tailored to your personal preferences, and to monitor the Website's traffic and usage.
4.2 When we send you marketing emails, we may use email tracking technology, such as dynamic links and image files, to monitor engagement and to understand the relevance and effectiveness of our communications to you.
4.3 When you fill in forms or download files from the Website, we may use technologies to distinguish known from unknown Website visitors, and to monitor customer engagement with our services.
4.4 We may use IP lookup technology to determine your general location so that we can customise the Website for you. We may also use IP lookup to determine how our known clients engage with different parts of the Website.
4.5 All of these tools may be provided by third-party service providers and may include the collection and tracking of certain data and information regarding the characteristics and activities of visitors to the Website. We may disclose data, including Personal Information, to certain such third-party services providers in order to obtain such services.
4.6 One of our providers is Google Analytics and more information about the ways in which they collect and process your Personal Information can be found here: (https://www.google.com/policies/privacy/partners).
5. DISCLOSURE OF YOUR PERSONAL INFORMATION
5.1 We may share your personal information within the LSE Group in order to provide you with our services. Access to your Personal Information is limited to those employees, agents and contractors of the LSE Group who need access to it in order to provide you with our services; to communicate with you (including, with your consent, to send you marketing communications); and to carry out legal or regulatory obligations.
5.2 We may also employ the services of third party service providers to help us in certain areas, such as website hosting, physical security, marketing and market research. Where third party service providers receive your information we will remain responsible for the use of your Personal Information. We take appropriate steps to ensure that such third parties treat your Personal Information with the same consideration that we do.
5.3 We may from time to time be required to disclose your Personal Information to law enforcement bodies, regulators, agencies or third parties under a legal requirement or court order. We act responsibly and take account of your interests when responding to any such requests.
6. CROSS-BORDER TRANSFERS OF YOUR PERSONAL INFORMATION
6.1 We are an international organisation, with businesses both inside and outside of the European Economic Area ("EEA"). Third party service providers who handle data on our behalf may be based in locations around the world, and we may also be subject to scrutiny from courts or regulators in a number of different jurisdictions. For these reasons, your Personal Information may be transferred to other countries both inside and outside of the EU and the EEA. As privacy laws in other countries may not be equivalent to those in your home country, we only make arrangements to transfer data overseas where we are satisfied that adequate levels of protection are in place to protect any information held in that country or that the service provider acts at all times in compliance with applicable privacy laws. Where required under applicable laws we will take measures to ensure that Personal Information handled in other countries will receive at least the same level of protection as it is given in your home country, for instance by entering into contracts incorporating the European Commission approved model contract clauses.
6.2 By providing us with your personal information, you expressly acknowledge and agree to our transferring your Personal Information to countries or jurisdictions which may not provide the same level of data protection as your home country, including without limitation countries or jurisdictions outside the EEA.
7. RETENTION OF YOUR PERSONAL INFORMATION
7.1 We apply a general rule of keeping your Personal Information for as long as required to fulfil the purposes for which it was collected. However, in some circumstances we may retain Personal Information for longer periods of time, for instance where we are required to do so in accordance with legal, tax or accounting obligations.
7.2 In specific circumstances we may also retain your Personal Information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
7.3 We maintain a retention procedure which we apply to records in our care. In all cases, where your information is no longer required we will ensure it is disposed of in a secure manner and, where required by applicable law, we will notify you when such information has been disposed of.
8. PROTECTION OF YOUR PERSONAL INFORMATION
8.1 We will hold your Personal Information securely whilst it is under our control, including where it is processed by third party service providers on our behalf. We train our employees in respect of their obligations under data protection laws, and we ensure that only relevant LSE Group employees, contractors and agents have access to your personal information.
8.2 We take the security of our physical premises, our servers and the Website seriously and we will take all appropriate technical measures using recognized security procedures and tools in accordance with good industry practice to protect your personal information across all of these platforms.
8.3 Whilst we use all reasonable endeavours to protect your security in the manner described above, we consider that it is only appropriate to advise you that data transmission over the Internet and the World Wide Web cannot always be guaranteed as 100% secure, and therefore that you use the Website at your own risk.
10. YOUR RIGHTS
10.1 Subject to applicable law, you may have some or all of the following rights in respect of your personal information:
10.1.1 to obtain a copy of your personal information together with information about how and on what basis that Personal Information is processed;
10.1.2 to rectify inaccurate Personal Information (including the right to have incomplete Personal Information completed);
10.1.3 to erase your Personal Information (in limited circumstances, where it is no longer necessary in relation to the purposes for which it was collected or processed);
10.1.4 to restrict processing of your personal information where:
10.1.4.1 the accuracy of the Personal Information is contested;
10.1.4.2 the processing is unlawful but you object to the erasure of the Personal Information;
10.1.4.3 we no longer require the Personal Information but it is still required for the establishment, exercise or defense of a legal claim
10.1.5 to challenge processing which we have justified on the basis of a legitimate interest (as opposed to your consent, or to perform a contract with you);
10.1.6 to prevent us from sending you direct marketing;
10.1.7 to withdraw your consent to our processing of your personal information (where that processing is based on your consent);
10.1.8 to object to decisions which are based solely on automated processing or profiling.
10.1.9 In addition to the above, you have the right to lodge a complaint with the supervisory authority. In the UK there is the Information Commissioner’s Office.
10.1.10 If you wish to investigate the exercising of any of these rights, please contact us using the details set out below.
13. INFORMATION ABOUT THE DATA CONTROLLER AND CONTACT DETAILS
13.1 In relation to this Website, your data controller will be Beyond Ratings S.A.S. However, if your data controller is another member of the LSE Group, we will make that information clear to you at the time your Personal Information is collected.
13.2 In all cases, if you have any complaints or queries relating to the processing of your Personal Information by any member of LSE Group, or to exercise any rights in respect of your Personal Information, you should contact us in one of the following ways:
By post: 51 rue Sainte Anne 75002 Paris, France
By email: firstname.lastname@example.org