Effective from June 2021
This policy explains what data, including personal data, we collect from and about you when you access and use our website and the services made available through it.
We appreciate that there is a lot of detail in this policy, but it is important that you read this policy to ensure you are fully informed about how we use your personal data and your rights.
We may need to make changes to this policy occasionally, to reflect any changes to our services or legal requirements. We will notify you of any important changes on our website or by email before they take effect.
If you’ve got any questions about this policy, please email us at firstname.lastname@example.org
Who are we?
We are AISIMULATOR LTD, a private limited company registered in England and Wales under company number 14016949 with our registered office at 40 Berkeley Square, Bristol, Clifton, England, BS8 1HP.
As required by UK data protection law, we’re registered as a ‘controller’ with the Information Commissioner’s Office (ICO).
The personal data we collect
When we talk about ‘personal data’, we mean any data that identifies or can be used to identify you. This does not include data where your identity has been removed (anonymous data).The types of personal data collected by and about you through our website include:
Biographic data: You will provide us with your name and your status as an investor and the nature of the investments you are interested in
Contact data: We ask you for your name and email address when signing up to receive our newsletter
Communications data: This includes any emails that you send to us and any interactions we may have with you through our social media channels
Where we get your personal data from
As long as you are visiting our website, we will only collect your personal data from you.
What we use your personal data for
This section is important as it explains what we will use your personal data for, and the legal grounds relied on by us for those purposes.
Under UK and EU data protection law there are six legal grounds that we may rely upon, the most relevant being where:
you have given your consent to us using your personal data for specific purposes
use of your personal data is necessary for us to enter into and perform our contract with you
use of your personal data is necessary to comply with any legal obligation on us
use of your personal data is necessary to pursue our legitimate interests and those interests are not outweighed by your fundamental rights and interests
We may use your personal data for purposes which are closely related to any of the above purposes. If we want to use your personal data for any unrelated purposes, we will let you know about this in advance.
Who we share your personal data with
We do not sell your personal data for marketing purposes and we never will.
The only people that will have access to your personal data include:
our staff (who are either employed by us or engaged by us under contracts which include strict confidentiality and data protection obligations on them)
our technical service providers, such as our developers, hosting providers, email marketing tools and analytics providers (all of which will only have the access they need to make our website work and provide their services to us and will have entered into contacts which include strict confidentiality and data protection obligations on them)
any regulatory authorities such as HM Revenue & Customs (the UK tax authority)
any actual or potential buyer of our business
In the very rare situation where we are asked to disclose personal data in response to any legal request or court order, we will take legal advice before making any disclosure to ensure that your rights and interests are considered before responding to such requests.
Where your personal data is stored
Most of our technical service providers are based outside the UK and the European Economic Area, which means that your personal data will be transferred outside the UK and the EEA. Whenever we transfer your personal data outside the UK or the EEA, we ensure that a similar degree of protection applies to your personal data in one or more of the following ways:
ensuring that the country to which your personal data is transferred is deemed by the European Commission to provide a similar degree of protection for your personal data
entering into a specific contract that has been approved by the European Commission as providing a similar degree of protection for your personal data
How we keep your personal data secure
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We also limit access to your personal data to those of our staff and technical service providers that have a need to access it (based on the principle of ‘least privilege’). They will only use your personal data based on our instructions and are required to keep your personal data confidential.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the ICO or any other relevant regulator where we are legally required to do so.
How long we keep your data for
We will only keep your personal data for as long as necessary in connection with the purposes we collected it for and to comply with any legal, accounting or reporting requirements. To determine how long we keep your personal data for, we consider the amount, nature and sensitivity of the personal data, the purposes for which it was collected and the potential risk of harm from us continuing to keep it.
We will retain any personal data linked to your account for as long as you are a member and for 12 months after you have terminated your membership (in case you decide to re-activate it within that time).
We will retain personal data relating to email marketing until you unsubscribe, or your email address has become permanently unavailable.
We will retain any analytical data collected about your use of our website which identifies you for a period of 12 months.
We may retain any data that does not identify you indefinitely.
Our website uses small text files, called cookies, which are stored on your device when you access and use our website. Apart from those cookies which are strictly necessary for us to provide you with access to any features of our website that you have requested, we will only store cookies on your device if you’ve consented to this when you first access our website.
As cookies are unique, we can use them to distinguish you from other users for the purposes described above, however we have configured our analytical cookies so that your IP address is anonymised. To find out more about cookies, how to refuse them and how to change your device’s cookie settings, you should visit the ICO Cookie Guidance.
Our website uses the following types of cookies:
Strictly necessary cookies: these cookies are required for the operation of our website(we do not need your consent for these cookies – but if you delete them, the website may not function as it should)
Analytical cookies: these cookies allow us to recognise new and returning visitors to our website and see how users engage with our website
Functionality cookies: these cookies are used to remember your preferences or customise your experience
Under UK and EU data protection laws, you have the following rights in relation to your personal data:
Access: You have the right to be informed if your personal data is being used and the right to request a copy of the personal data held about you together with certain information about the processing of such personal data to check that are holding it lawfully
Correction: You have the right to ask us to correct any inaccurate or incomplete personal data held about you
Deletion: You have the right to ask us to delete or remove any personal data held about you where there is no good reason for us to continue holding it or where you have exercised your right to object
Restriction: You have the right to ask us to restrict how we hold your personal data, for example, to confirm its accuracy or our reasons for holding it
Objection: You have the right to object to our holding of any personal data about you which is based on our legitimate interests or those of a third party based on your particular circumstances. You also have the right to object to our holding your personal data for direct marketing purposes
Portability: You have the right to receive or request that we transfer a copy of the personal data we hold about you in an electronic format where the basis of our holding such information is your consent or the performance of a contract and the information is processed by automated means
You will not have to pay any fee to exercise any of the above rights, although we may charge a reasonable fee or refuse to comply with your request if any request is clearly unfounded or excessive. Where this is the case, we will let you know.
To protect the confidentiality of your personal data and other members of our community, we may need to ask you to verify your identity before fulfilling any request in relation to your personal data.