Website GDPR Privacy Policy

Privacy notice.

Ibex Compliance LLP with offices in London collectively known as “Ibex”.

What is the purpose of this privacy notice?
This privacy notice details what personal information we may collect, process and store about our Clients in order to adhere to EU Data Protection Directive 95/46/EC (“GDPR”) and other local regulatory authorities. “Personal Information” means any information relating to an identified or identifiable natural person (‘data subject’).

How do we process your personal Data?
In our capacity providing compliance solutions, we will receive, store, and/or process personal data. In such cases, we are acting as a data processor and will process the personal information on behalf of and under the direction of our partners and/or clients. The information that we collect from our clients in this capacity is used for managing transactions, reporting, invoicing, renewals, other operations related to providing services to the client.

Ibex uses personal data that it collects directly from its clients in its role as a service provider for the following business purposes, without limitation:

  • Maintaining and supporting its products/services, delivering and providing the requested products/services, and complying with its contractual obligations related thereto (including operations related to providing services to a client);

  • Satisfying governmental reporting, tax, and other requirements;

  • Storing and processing data, including personal data, in computer databases and servers located in the United States, EMEA and Asia;

  • Verifying identity (e.g., for access to accounts or for service desk support);

  • as requested by a client;

  • For other business-related purposes permitted or required under applicable local law and regulation;

  • and as otherwise required by law.

Ibex does not disclose personal information to third parties for purposes that are materially different than what it was originally collected for. Should this change in the future, we will provide individuals with the option to opt-out.

What Data do we Collect?
Ibex has identified the following Data Fields as potentially collected on the basis of providing Contractual Services to its clients and their members of staff:

Data Fields – Personal Data Information

  • first name 

  • last name

  • email – work

  • email – personal

  • address – work

  • address – home

  • ip address – lan

  • ip address – wan

  • phone number – work

  • phone number – home

  • mobile phone number – work

  • mobile phone number – home

  • mobile phone imei – work

  • mobile phone imei – home

  • online forum/website/software account username(s)

Ibex has also identified the following Data Fields as potentially collected on the basis of provided consent to send further information to website visitors:

  • first name

  • last name

  • company name

  • email

  • phone number

  • ip address

  • browser type

What do we do with it?
Ibex complies with its obligations under GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

How long will we keep it?
Ibex only retain the personal data in accordance with contractual or regulation requirements. If you have provided consent to your information being used for marketing purposes it will be kept with us until you notify us that you no longer wish to receive this information.

Your Rights in connection with Personal Data
Under certain circumstances, individuals have the right to:

  • Request a copy of their personal data (commonly known as a “data subject access request”). this enables them to receive a copy of the personal information we hold about them and to check that we are lawfully processing it.

  • Request correction of the personal data that we hold about them.

  • Request the erasure of personal data. an individual may ask us to delete or remove personal data where there is no good reason for us continuing to process it. an individual may also request that we stop processing personal data where we are relying on a legitimate interest and there is something about their particular situation which permits an object to processing on this ground.

  • Request the restriction of processing of personal data for example until its accuracy or the reason for processing it is more clearly established.

  • Request the transfer of personal data to another party.

Individuals who wish to review, verify, correct or request erasure of Personal Data, object to the processing of Personal Data, or request that we transfer a copy of Personal Data to another party, please contact our nominated representative using the information at the end of this notice.

Changes to Privacy Policy
Changes may be necessary to this policy to reflect legal or data processing developments. The revised Privacy Policy will be posted on this website. A notice will be posted on our homepage for 30 days whenever this Privacy Policy is changed in a material way, and the date of last update will be indicated at the top of the Privacy Policy.

Contact Details at Ibex
For all queries, complaints or to review your rights and information we have on file, please contact us at info@ibexcompliance.com

Contact Details at the ICO
You can also contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF to assist you with any queries regarding your rights under GDPR.