Privacy Policy

Background

Siege FX understands that your privacy is important to you and that you care about how your personal data is used. We take our data protection responsibilities very seriously and we respect and value the privacy of everyone who visits this website, www.siegefx.com (“Our Site”) or through alternate methods engages with Siege e.g., participants, vendors.

We only collect and use your personal data as described in this Privacy Policy. Any personal data We collect will only be used as permitted by Data Protection Legislation. Please read this Privacy Policy carefully and ensure that you understand it.

1. Information About Us

Our Site is owned and operated by Siege FX Limited, a limited company registered in England & Wales under company number 10569910, registered address: 8^th Floor, 71 Queen Victoria Street, London, England, EC4V 4AY.

2. What Does This Policy Cover?

This Privacy Policy applies to your use of Our Site and the Siege Platform. It sets out the basis on which any personal data we collect from you or a third party, or that you provide to us, will be processed by us. Our Site may contain links to other websites. Please note that We have no control over how your data is collected, stored, or used by other websites and We advise you to check the privacy policies of any such websites before providing any data to them.

3. What Is Personal Data?

Personal data is any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. It does not include data where the identity has been removed (anonymous data).

For the purposes of this Privacy Policy, “Data Protection Legislation” means the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018 (“DPA”), the Protection of Personal Information Act (“POPIA”) and any other data protection legislation that may apply to our processing of personal data, including the EU General Data Protection Regulation 2016/679 (the “EU GDPR”) (which We are also subject to in relation to services we offer in the European Economic Area (EEA)).

4. What Are My Rights?

Under the Data Protection Legislation, you have the following rights, which We will always work to uphold:

• The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 10.
• The right to access the personal data We hold about you. Part 9 will tell you how to do this.
• The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 10 to find out more.
• The right to be forgotten, i.e., the right to ask us to delete or otherwise dispose of any of your personal data that We process or control. Please contact us using the details in Part 10 to find out more.
• The right to restrict (i.e., prevent) the processing of your personal data.
• The right to object to us using your personal data for a particular purpose or purposes.
• The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
• The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
• Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 10.

It is important that your personal data is kept accurate and up to date. If any of the personal data We hold about you changes, please keep us informed as long as We have that data.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first, using the details in Part 10.

5. What Personal Data Do You Collect and How?

• Subject to the following, We collect limited personal data from you via our website and in the provision of services to you (if applicable), and we may collect the following personal data about you:
• personal data you provide to us in person, via our website or by telephone, including the personal and contact details you supply when requesting that we contact you in relation to a query. For example: your first and last name; demographic data such as your gender, title, country and preferred language; and log-in and account information for authentication purposes and account access.
• personal data gathered using cookies, server logs and other similar technologies, including: details of your visits to our website including but not limited to traffic data, location data, weblogs and other communication data. For more details on the specific cookies we use on our site, please visit our Cookie Policy;
• information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual;

• personal data you provide when:

• • you purchase our services, or we process orders and payment transactions;
  • you provide feedback about our services;
  • we conduct our administrative and business functions;
  • you request our marketing material or communication; and
  • there are communications between you and our representatives, or when you submit a query to us or which is collected via social media, or
  • when we receive it from third parties such as analytics providers or publicly available sources such as LinkedIn.

We do not collect any Special Categories of personal data about you (this includes details about ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic an biometric data). Nor do we collect any information about criminal convictions and offences.

For the purposes of the Data Protection Legislation, we are the data controller responsible for the personal data described above. As a controller we use (or “process”) the personal data we hold on you in accordance with this Privacy Policy.

6. How Do You Use My Personal Data?

We may use your personal data for the purposes set out below, and for each use we have included the legal basis for processing (what the law allows):

• To perform our contracts with you, including providing our services. This is necessary for the performance of the contract, or before entering a contract.
• To comply with our own legal obligations e.g., health and safety legislation. This is necessary for compliance with a legal obligation.
• To operate our business, other than performing our contractual obligations to you. These are our ‘legitimate interests’ for the purposes of Data Protection Legislation and include: dealing with your enquiries, and sending requested information; dealing with job applications; developing, delivering and improving our services; developing our website to be more useful to users, and to deal with any misuse of our website; for internal research, analysis, testing and monitoring; risk management and administrative purpose; assisting investigation of suspected illegal or wrongful activity (including exchanging information with third parties for fraud protection and credit risk reduction); enforcing our website terms, contract terms and other agreements with third parties. This is necessary for the purposes of the legitimate interests pursued by us or by a third party.

Where We collect any personal data, it will be processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the Data Protection Legislation at all times. For more details on security see Part 7, below.

We will keep your personal data while we are providing services to you. Thereafter, we will keep your personal data for as long as is necessary: to respond to any questions, complaints or claims made by you or on your behalf; to show that we treated you fairly; to keep records required by law. We will not keep your personal data for longer than necessary. Different retention periods apply for different types of personal data.

7. How and Where Do You Store My Data?

Your personal data may be transferred to other countries when it is shared with our group entities, It may also be transferred, stored and/or processed outside the UK by our data processors. This is because the organisations we use to provide some of our services to you are located in other countries.

We have taken appropriate steps to ensure that where personal data processed outside the UK, it has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:

• your personal data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an ‘adequacy regulation’); or
• We enter into International Data Transfers Agreements (IDTAs) or Standard Contractual Clauses (SCCs) or equivalent terms with the receiving organisations and ensure that supplementary measures are also applied, where necessary.

Data Security. Personal data security is essential to us, and to protect personal data, We take the following measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed:

• limiting access to your personal data to those employees, agents, contractors, and other third parties with a business need to know and ensuring that they only process your personal data on our instructions, and they are subject to duties of confidentiality; and
• procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.

8. Do You Share My Personal Data?

We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:

• selected third parties whom we engage for hosting and data storage purposes;
• external professional advisers such as accountants, bankers, insurers, auditors and lawyers;
• our marketing agency and some social media (e.g. LinkedIn);
• our group companies and affiliates or other third-party data processers who process data on our behalf.

If any of your personal data is transferred to a third party, as described above, We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

If We sell, transfer, or merge parts of our business or assets, your personal data may be transferred to a third party. Any new owner of our business may continue to use your personal data in the same way(s) that We have used it, as specified in this Privacy Policy (i.e. to communicate with you).

In some limited circumstances, We may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority (including HMRC and our regulators).

9. How Can I Access My Personal Data?

If you want to know what personal data We have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 10.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within a month of receipt and, in any case, not more than one month of receiving it. Normally, We aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date We receive your request. You will be kept fully informed of our progress.

10. How Do I Contact You?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please visit our contact us page and use any of the available contact methods.

11. Changes to this Privacy Policy

We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if We change our business in a way that affects personal data protection.

Any changes will be immediately posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up-to-date. This Privacy Policy was last updated in December 2022.