At IndexLab London Ltd trading as Evident Insights (“Evident”, “we”), we take the privacy of our users and customers very seriously. We understand that your personal data is important and we are committed to protecting it in accordance with all applicable privacy laws and regulations, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada and the New York State Department of Financial Services (NYDFS) Cybersecurity Regulation.
Privacy Policy
The Importance of Privacy at Evident
Purpose of our Privacy Policy
This privacy policy explains how we collect, use, and share the personal data of users and customers who visit our website or interact with us in other ways. It also outlines the rights that you have in relation to your personal data and how you can exercise those rights.
The individuals from which we may gather and use data can include:
- Customers
- Suppliers
- Business contacts
- Employees/Staff Members
- Third parties connected to your customers
- Public data related to individuals involved in artificial intelligence who work for large banks and financial institutions
and any other people that the organisation has a relationship with or may need to contact. This Privacy Policy applies to all our employees and staff members and all personal data processed at any time by us.
Data Controller & Contact
Evident is the data controller for the personal data that we collect from you. If you have any questions or concerns about our privacy policy or your rights, you can contact us at [email protected].
The Data We Collect About You
We collect various types of personal data from our users and customers, including:
- Contact Information (such as names, email addresses, and phone numbers)
- Demographic Information (such as age, gender, and interests)
- Technical Information (such as IP addresses, browser types, time zone setting and location, operating system and platform, and device identifiers)
- Marketing and Communications Data (such as your preferences in receiving marketing information and other information from us)
- Billing Data (such as information relating to your debit and credit card information such as the name attached to your payment details and your billing address)
- Financial Data (such as your banking details e.g. your account number and sort code)
- Transactional Data (such as details and records of all payments you have made for our services or products)
- Customer Support Data (such as feedback and survey responses)
- Usage Data (information about how you use our website, products and services)
- Professional Data (data relating to job titles, conference attendance, professional publications, etc.)
How We Collect and Retain Your Data
We may collect, use, store and transfer different kinds of personal data about you. We collect personal data from you directly when you provide it to us, such as when you create an account, fill out a form, or make a purchase on our website.
We may also collect personal data from third parties, such as ad networks or analytics providers, through the use of tracking technologies like cookies.
Purposes for Which We Use Your Personal Data
We use the personal data that we collect from you for a variety of purposes, including:
- To provide our products and services to you
- To send marketing emails and other communications
- To personalise content and recommendations based on your preferences
- To analyse your behaviour and improve the performance of our website
The Legal Basis for Collecting That Data
There are a number of justifiable reasons under applicable data protection legislation that allow collection and processing of personal data. The main avenues we rely on are:
- “Consent”: Certain situations allow us to collect your personal data, such as when you tick a box that confirms you are happy to receive email newsletters from us, or ‘opt in’ to a service.
- “Contractual Obligations”: We may require certain information from you in order to fulfill our contractual obligations and provide you with the promised service.
- “Legal Compliance”: We’re required by law to collect and process certain types of data, such as fraudulent activity or other illegal actions.
- “Legitimate Interest”: We might need to collect certain information from you to be able to meet our legitimate interests - this covers aspects that can be reasonably expected as part of running our business, that will not have a material impact on your rights, freedom or interests. Examples could be your address, so that we know where to deliver something to, or your name, so that we have a record of who to contact moving forwards.
Cookie Policy
We use cookies and other tracking technologies on our website to improve its performance and enhance your user experience. Cookies are small pieces of data that are stored on your device and used to track your browsing activity and to personalise your experience.
We use several types of cookies on our website, including:
- Necessary cookies: These cookies are essential for the operation of our website and allow you to navigate and use its features.
- Functionality cookies: These cookies enhance the functionality of our website by remembering your preferences and settings.
- Performance cookies: These cookies collect anonymous data on the performance of our website and are used to improve its performance.
- Targeting cookies: These cookies are used to display targeted ads to you based on your interests and browsing activity.
You can manage your cookie preferences by adjusting the settings on your browser or device. Please note that disabling certain types of cookies may affect the functionality of our website.
Marketing and New Content Communications
You will receive marketing and new content communications from us if you have created an account and chosen to opt into receiving those communications. From time to time we may make suggestions and recommendations to you about goods or services that may be of interest to you.
How We Use Your Personal Data
We will only use your personal data when the law allows us to.
Set out below is a table containing the different types of personal data we collect and the lawful basis for processing that data. Examples provided in the table below are indicative in nature and the purposes for which we use your data may be broader than described but we will never process your data without a legal basis for doing so and it is for a related purpose.
Activity | Type of data | Legal justification | Lawful basis for processing data |
---|---|---|---|
When a user opts-in to marketing communications or downloads our content | Profile/Identity Data Contact DataMarketing and Communications DataUsage Data | Legitimate Interest Explicit Consent | We need to process this data so that we can inform users about product developments and company news. |
When a user contacts us directly | Profile/Identity Data Contact DataMarketing and Communications DataUsage Data | Legitimate Interest Explicit Consent | We need to process this data based on our legitimate interest. |
When a user submits payment information | Payment information | Contractual obligations Legitimate Interest | We need to process this data because you are a customer of our services. |
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Use of Aggregated Data
We also collect, use and share aggregated data such as our data that underlies the Evident AI Index and other products. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.
However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
We may also aggregate data to enable research or analysis so that we can better understand and serve you and others. For example, we may conduct research on your demographics and usage. Although this aggregated data may be based in part on personal data, it does not identify you personally. We may share this type of anonymous data with others, including service providers, our affiliates, agents and current and prospective business partners.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Opting Out of Marketing Promotions
You can ask us to stop sending you marketing messages at any time by contacting us. Where you opt out of receiving these marketing messages, we will continue to retain other personal data provided to us as a result of interactions with us not related to your marketing preferences.
Sharing Your Data with Third Parties
We may share your personal data with third parties, such as ad networks or analytics providers, for the purpose of displaying targeted ads or analysing your behavior. We take steps to protect the personal data that we share with these third parties, such as requiring them to sign confidentiality agreements or limiting the data that we share.
In addition, we may be required by law to disclose your personal data to the relevant authorities if required by a subpoena, court order, or other legal process. In the event that we exit the market, go through a merger, or are acquired by another company, we will ensure that any personal data that is transferred will be done so in accordance with the applicable laws and regulations, and with appropriate safeguards in place to protect your personal data.
Our Commitment to Data Security
We store your personal data on secure servers and take other measures to protect it from unauthorised access or misuse. We have implemented appropriate technical and organisational measures to protect your personal data, including encryption and access controls.
Any personal data collected by us is only accessible by a limited number of employees who have special access rights to such systems and are bound by obligations of confidentiality.
However, no transmission of data over the internet is guaranteed to be completely secure. It may be possible for third parties not under the control of Evident to intercept or access transmissions or private communications unlawfully. While we strive to protect your Personal Data, we cannot ensure or warrant the security of any Personal Data you transmit to us. Any such transmission is done at your own risk. If you believe that your interaction with us is no longer secure, please contact us.
Your Legal Rights
You have certain legal rights in relation to your personal data, including the right to:
- Access your personal data: You have the right to request a copy of the personal data that we hold about you, as well as information about how we use it and who we share it with.
- Correct your personal data: If you believe that any of the personal data that we hold about you is incorrect, you have the right to request that we correct it.
- Delete your personal data: In certain circumstances, you have the right to request that we delete your personal data.
- Object to the processing of your personal data: You have the right to object to our processing of your personal data if you believe that it is not necessary for the purposes outlined in this privacy policy.
- Restrict the processing of your personal data: You have the right to request that we restrict the processing of your personal data in certain circumstances, such as while we verify the accuracy of the data.
- Transfer your personal data: In certain circumstances, you have the right to request that we transfer your personal data to another organisation.
You can exercise these rights by contacting us at [email protected]. We will respond to your request within a reasonable time period and in accordance with applicable laws.
International Transfer of Data
We may transfer your personal data to third-party service providers and partners located outside of the UK, the European Economic Area (EEA) and European Union (EU) for the purposes described in this Privacy Policy. These third-party service providers and partners may be located in countries that do not have the same data protection laws as the UK, the EEA and EU.
When transferring personal data outside of the UK, EEA and EU, we take appropriate steps to ensure that your personal data is protected in accordance with this Privacy Policy and all applicable laws and regulations. These steps may include:
- Entering into Standard Contractual Clauses (SCCs) approved by the European Commission, which provide appropriate safeguards for the transfer of personal data.
- Verifying that the recipient of the personal data has certified their compliance with the EU-US Privacy Shield Framework, which requires them to provide similar protection to personal data as in the EU.
- Obtaining your explicit consent for the transfer of personal data, where such consent is required by law.
How to Request Your Data and the Process for Obtaining It
We retain your personal data for as long as it is necessary for the purposes outlined in this privacy policy. After that time, we delete or anonymise your personal data.
We understand the importance of proper data management and retention. We take steps to only collect and retain the personal data that is necessary for the purposes for which it was collected. The retention period for personal data may vary depending on the reason for which it was collected and the legal or regulatory requirements applicable to the data.
We have implemented appropriate technical and organisational measures to ensure the security and integrity of personal data during the retention period. We also regularly review and assess the need to continue to retain personal data, and will delete or anonymise personal data that is no longer required to be retained.
You have the right to request deletion of your personal data. We will fulfill such requests, unless we are required by law or regulations to retain the data, or if the data is needed to resolve disputes or enforce our agreements. However, if your request is clearly unfounded, we could refuse to comply with your request.
Age limit for our users
You must not use Evident unless you are aged 18 or older. If you are under 18 and you access Evident by lying about your age, you must immediately stop using Evident. This website is not intended for children and we do not knowingly collect data relating to children.
Notification of Changes and Acceptance of Policy
We may update our privacy policy from time to time to reflect changes in our practices or to comply with new laws or regulations. We will post any changes on this page and encourage you to review the policy regularly to stay informed about how we protect your personal data.
By using Evident, you consent to the collection and use of data by us as set out in this privacy policy. Continued access or use of Evident will constitute your express acceptance of any modifications to this privacy policy.
Interpretation
Our staff are not authorised to contract on behalf of Evident, waive rights or make representations (whether contractual or otherwise). If anything contained in an email from an Evident or @indexlab.io address contradicts anything in this policy, our terms or any official public announcement on our website, or is inconsistent with or amounts to a waiver of any Evident rights, the policy and other website content will take precedence. The only exception to this is genuine correspondence expressed to be from a director of Evident.