About this policy.
The Isenegger International Advisory Group (IIAG) is committed to protecting and respecting your privacy. This policy explains how we handle your personal data (as defined below) and your rights in relation to your personal data. This policy applies to your use of https://isenegger-group.com/ (the “Site”) or any services offered through or associated with the Site (the “Services”). By using our Site or Services, you agree to the terms of this policy as amended from time to time.
About us.
The Site is owned and operated by Isenegger International Advisory Group (IIAG). When we process personal data, we are responsible as a “controller” of that personal data for the purposes of the General Data Protection Regulation and the Data Protection Act 2018 (the “data protection laws”). In this policy, “we”, “us” or “our” refers to Isenegger International Advisory Group (IIAG).
Third-party links.
Our Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third parties and are not responsible for their privacy practices. When you leave our Site, you will be subject to that website’s privacy policy. We encourage you to read the relevant privacy policy before providing any personal data on a third-party website.
What is “personal data”?
“Personal data” means any information that identifies an individual person. It does not include data about a company or anonymous data (i.e. data where the personal identity has been removed).
How we collect data
Data we receive from you.
Most of the data we collect is collected directly from you. You give us personal data when you visit our Site or when you communicate with us, whether in person or by phone, text, email or other means. This includes data you provide when you fill out forms on our Site (like contact forms or signing up for our newsletter), request or use legal services, provide feedback or apply to work with us.
Data we receive from third parties
We may also receive information from third parties, including our website host, analytics providers, marketing automation providers, reviews providers, e-signature providers, payment service providers, cloud service providers, practice management software, publicly available sources (such as Companies House and social media platforms we engage with) and other third parties we use to help us deliver our Site and Services.
Isenegger International Advisory Group (IIAG) also employs third party suppliers to provide services in regards to our “know your customer” (KYC) obligations, including utilising the services of a credit reference agency, TransUnion. You can find a link to TransUnion’s Privacy Policy here.
We may also receive your personal data from those who have referred you to us, including our partners and current or past clients.
For more information on how these third third parties handle your personal data, please refer to their privacy policies.
Data we automatically collect.
When you visit our Site, we automatically collect technical data about your equipment, browsing actions and patterns (as detailed below). We collect this data using cookies and similar technologies (also detailed below).
Data we collect about you
The personal data we collect about you may include:
Name, including first name and surname;
Contact information, including email address and phone number;
Identity verification information, including personal photo identification, personal identification numbers, date of birth, mailing address and proof thereof;
Billing information, including bank account information or payment card information and billing address;
Purchase history, including information about past services you have engaged us for;
Business information, including company name and job title;
CV information, including education information, past employment information, and professional memberships and qualifications;
Technical information, including your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operation system and platform, and information about other devices you use to access our Site;
Behavioural data, including information about how you use our Site and Services; and
Marketing preferences, including your preferences in receiving newsletters from us and any additional communication preferences.
It is important that the personal data we hold about you is accurate and current. Please notify us if your personal data changes during your relationship with us.
We may also collect, use and share aggregated data such as statistical or demographic data. While aggregated data is sometimes derived from your personal data, it is not considered personal data since it does not directly or indirectly reveal your identity.
We do not collect any special categories of personal data (which includes race or ethnicity, religious or philosophical beliefs, sexual preferences, political opinions, trade union membership, information about your health, and genetic and biometric data).
We also do not collect any information about criminal convictions and offences unless you supply this to us voluntarily and consent to our using it, such as, as part of any application you make to work with us or if the information is relevant to legal services we are providing to you.
We do not use automated profiling or automated decision-making in a way that affects you legally or otherwise significantly affects you.
How and why we use your data.
Under data protection laws, we can only use your personal data if we have a proper reason for doing so, such as complying with our legal and regulatory obligations, fulfilling contractual obligations to you (or taking any steps at your request before entering into a contract), where you have given consent, or for our (or a third party’s) legitimate interest. (A “legitimate interest” is when we have a business or commercial reason to use your information, which is a proper reason for using your personal data as long as our legitimate interest is not overridden by your own rights and interests.) This section explains what we use your personal data for and our reasons for doing so.
Providing our Site to you.
We use your personal data to administer the Site, to ensure content from the Site is presented in the most effective manner for you and for your device, as part of our efforts to keep the Site safe and secure and to allow you to submit contact information through our Site (when you choose to do so). We use your personal data this way for our legitimate interests in maintaining our Site and keeping it updated, obtaining information about prospective clients and candidates, maintaining network security and preventing fraud.
Providing Services to you.
We use your personal data for internal operations, to register you as a new client and to administer and manage your account, respond to communications from you and provide you with information you request from us, manage payments, fees and charges, keep our records current, notify you about changes to the Services and carry out any other obligations arising from any contracts entered into between you and us. We use your personal data this way to fulfill contractual obligations to you (or take steps at your request before entering into a contract), as well as for our legitimate interests in providing Services to you, managing our relationship with you, processing and receiving payments and maintaining accurate records.
Improving our Site and Services.
We use your personal data to make our Site and Services better, including troubleshooting, data analysis, testing, research, and statistical and survey purposes. We use your personal data this way for our legitimate interests in improving our Site and Services and in running and expanding our firm.
Improving our marketing.
We use your personal data to measure and understand the effectiveness of our marketing efforts, deliver relevant marketing to you and make relevant suggestions and recommendations to you. We use your personal data this way for our legitimate interests in promoting our business and Services, running and expanding our firm, and developing and improving our marketing strategy.
Managing your application to work for us.
If you enquire about a job with us or apply to work with us, we use the personal data you provide to process and evaluate your candidacy. We use your personal data this way for our legitimate interests in recruiting and hiring job candidates and in running and expanding our firm.
Complying with legal obligations.
We also use your personal data to comply with legal obligations like mandatory identity verification, reporting and record retention, ensuring the confidentiality of privileged and commercially sensitive information, and responding to any requests from regulatory or legal authorities. We use your personal data this way to comply with legal and regulatory obligations.
Marketing and promotional communications.
We will only send you communications about Services you have engaged us for or that we think might be of value to you, including promotions or new Services. Note that we have a legitimate interest in processing your personal data for promotional purposes, which means in most cases we do not need your explicit consent to send you these types of communications. However, we will not subscribe you to an automated mailing list without your explicit consent. You can ask us to stop sending you marketing messages at any time by the following the opt-out links contained in those messages or by contacting us directly.
Who we share your data with
We routinely share personal data with third parties we use to help run our business and deliver our Services, including our marketing automation providers, e-signature providers, payment service providers, cloud service providers, practice management software, customer relationship management (CRM) system, document automation providers and other third parties we use to help us deliver our Services. We only allow these service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. A list of third-party providers with whom we share your data is available upon request.
We also share personal data with third parties as required to carry out any Services you have engaged us for, including consultant lawyers, government and regulatory authorities and parties involved in your transaction.
We work with a number of partners who offer complementary services to ours, including tax and accounting services, insurance providers, fundraising and grant consultants, board advisors and non-executive directors, virtual office spaces and legal service providers in other jurisdictions. We may share your personal data with these partners if you have expressed interest in services they offer. However, we will only do so with your explicit consent.
We also share personal data with companies that are members of our group, which means our subsidiaries, our holding company and its subsidiaries (as defined in the UK Companies Act 2006).
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations, enforce any of our rights or protect ourselves and others.
We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a restructuring. The recipient will only be permitted to use the data for the purposes we originally collected it for, and they will be bound by confidentiality obligations.
How long we keep your data
We typically will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for (including for the purposes of satisfying any legal, regulatory, tax, accounting, payment or reporting requirements, or to provide any Services you have engaged us for). We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of a dispute in respect to our relationship with you.
Please note that different retention periods apply for different types of personal data. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. For details of our retention periods for the types of personal data we hold about you, please contact us.
How we secure your data
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where required.
Unfortunately, sending personal data via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of data sent to our Site and you send personal data to us at your own risk.
Where your data is stored
To deliver our Services to you, it is sometimes necessary for us to share your personal information outside of the European Economic Area (“EEA”), such as with our offices outside of the EEA, with service providers located outside the EEA or if you are based outside the EEA. These transfers are subject to special rules under data protection laws.
Although non-EEA countries may not have the same data protection laws as the EEA, we will ensure any such transfers comply with data protection laws and that all personal data will be secure. This includes ensuring at least one of the following safeguards applies:
The transfer is made to a country or to a third party that has been deemed to provide an adequate level of protection for personal data by the European Commission. For transfers to the US, this means that the recipient is part of the EU-US Privacy Shield.
The transfer is pursuant to contractual clauses that give your personal data the same protection it has under data protection laws.
We have your consent to the transfer.
If you would like more information about what happens to your personal data when it is transferred outside the EEA, please contact us.
Your rights
Under data protection laws you have the right to:
Be informed: the right to be informed of what personal data we have about you and our purpose for processing it.
Access: the right to be provided with a copy of your personal data.
Rectification: the right to require us to correct any mistakes in your personal data.
Be forgotten: the right to require us to delete your personal data in certain circumstances.
Restriction: the right to require us to restrict processing of your personal data in certain circumstances.
Portability: the right to receive the personal data you provided to us in a structured, commonly used and machine-readable format and/or transmit that data to a third party, in certain circumstances.
Object: the right to object to your personal data being processed for direct marketing (including profiling) and, in certain circumstances, the right to object to our continued processing of your personal data.
Not to be subject to automated decision-making: the right not to be subject to a decision that has legal effects on you or significantly affects you based solely on automated processing (including profiling).
Complain: the right to complain to a supervisory authority if you think any of your rights have been infringed by us. In the UK, this is the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns before you make a complaint, so please contact us using the contact details below if you have a complaint.
If you would like to exercise any of these rights, please contact us.
Cookies
What are cookies? A cookie is a small file of letters and numbers that is placed on your device when your browser requests access to our Site. We use cookies to distinguish you from other users of the Site, to tailor your experience to your preferences, and to help us improve the Site.
Cookies we use
Strictly necessary cookies.
These cookies are required to save your session and to carry out other activities that are strictly necessary for the operation of the Site. They include, by way of general example, cookies that enable you to log into secure areas of the Site, use a shopping cart, or make use of e-billing services. These cookies are session cookies, which means they are temporary and will usually expire when you close your browser.
Analytical/performance cookies.
These cookies allow us to recognise and count the number of visitors to our Site and to see how visitors interact with the Site. These cookies help us improve the way the Site works by, for example, ensuring that users easily find what they are looking for.
Functionality cookies.
These cookies are used to recognise you when you return to the Site. They enable us to personalise our content for you, greet you by name and remember your preferences.
Targeting cookies.
These cookies record your visit to the Site, the pages you visit, and the links you follow. We use this information to make the Site and marketing delivered to you more relevant to your interests. We also share this information with third parties for the same purpose.
Social media cookies.
These cookies work together with social media plug-ins. For example, when we embed photos, video and other content from social media websites, the embedded pages contain cookies from these websites. Similarly, if you choose to share our content on social media, a cookie may be set by the service you have chosen to share content through.
Third party cookies.
Please note that some of the above cookies are placed by third parties and that the Site does not block third party cookies. All third-party cookie suppliers are responsible for their cookies.
Consenting to cookies.
You will be shown a pop-up message requesting your consent to any non-essential cookies before any are placed on your device. Note that when you give your consent, a unique token is generated to show that you have consented and you may not receive the pop-up message again when you return to our Site.
Disabling cookies
By default, most internet browsers accept cookies, but you can choose to enable or disable some or all cookies via the settings on your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party cookies. For further details, please consult the help menu in your internet browser.
Some of the cookies we use are essential for the Site to operate. If you use your browser settings to block essential cookies, you may not be able to access all or parts of our Site.
You have the right to opt out of social media cookies and third-party cookies. To enforce this right, please contact us.
Changes to this policy.
We may update this policy from time to time to account for changes to our services or privacy practices, or changes to the data protection laws. Any changes we may make to this policy will be posted on this page. The changes become effective when we publish the update and generally do not provide notice of changes (although we will notify you of any changes that materially affect you). Please check back frequently for updates and changes.
Contact us.
Questions, comments and requests regarding this policy are welcomed. You can contact us by post at our registered address (above) or by email at info@isenegger-group.com.