Privacy and Data Policy

This is Hackford Data Ltd's Privacy and Data Policy, which details how we handle personal data on our website and in opur data products.

1. Introduction and General Terms

This Privacy and Data Policy covers the processing of personal data by Hackford Data Limited (“Hackford”, “we”, “us”) when providing its services to its clients. If you have any questions or comments about this Privacy and Data Policy, please contact us at:

Data Protection Officer: Daniel Robinson
Email address: dan.robinson@hackforddata.com

Hackford Data is dedicated to protecting your privacy. This Privacy and Data Policy outlines how we handle personal data collected from you, public sources, and third parties.

When we determine the purpose or method of processing this personal data, we act as the “data controller.” We adhere to all relevant data protection regulations, including the UK GDPR, the Data Protection Act 2018, and the California Consumer Privacy Act (CCPA).

This Privacy and Data Policy covers the following points:

  • The personal data we may collect about you
  • The legal basis for processing your data
  • Who we may share your information with
  • How we will use your information
  • Who we may disclose your information to
  • Your rights concerning your information

2. What Information Does Hackford Collect?

Hackford’s Website

When you contact us through our website regarding our services, any forms you fill out or emails you send may include personal information, such as your full name, email address, the organisation you represent, and the details of your enquiry.

Hackford Database Overview

Hackford collects current and historical business information, specifically focusing on business contact details related to individuals operating in the UK financial services sector in a professional capacity. This information is used to compile comprehensive datasets of individuals and business profiles. These curated datasets are provided to our clients—businesses seeking to connect with financial services professionals for B2B sales, marketing, and recruitment purposes.

Data Collected on Individuals in the Hackford Database:

  • Full Name
  • Company Details
  • Office Location
  • Job Title
  • LinkedIn URL
  • Business Email Address
  • Business Telephone Number

We also maintain data about your employer, including its name, size, market segment, and website. If you have changed jobs, we may retain information about your previous employers and job titles.

To deliver certain services, Hackford records business email addresses in its database. If a business email address is not available, Hackford may generate one based on the known email structure used by the employer.

We collect personal data from publicly available sources, such as the FCA’s Register and Directory, employment and business-oriented social networks, recruitment websites, and company websites.

Individuals included in the Hackford Database can request removal at any time via email or the web. We will process such requests promptly and within any legally required timeframe.

3. Use of Email Addresses from the Hackford Database

We provide business email addresses in the Hackford Database so that clients can directly approach the individuals to whom those business email addresses relate. Since the communication (by whatever means) of advertising or marketing material directed to particular individuals is defined as “direct marketing” (even if you are not explicitly selling something), you must be compliant with any applicable rules pertaining to email marketing, as well as applicable data protection law. Further, to enable us to support the assessment that the disclosure of such email addresses to you (and your subsequent use of those email addresses) is not unduly prejudicial to the rights and freedoms of the individuals to whom the email addresses relate, you must comply with each of the requirements below.

3.1. Clients Must Use Email Addresses Appropriately

Clients must use email addresses to contact individuals in a way that is direct and deliberate with content that is relevant to UK financial services businesses.

3.2. Identification and Contact Details

You must identify yourself in any email you send and include contact details.

3.3. Opt-Out Mechanism

You must include in each email a clear and simple way for anyone you email to opt out of your communications.

3.4. Handling Objections and Opt-Outs

If someone objects to or opts out of your marketing, you must immediately add them to a ‘do not contact’ list and stop communications with them. You must screen all your marketing against this list to make sure you don’t contact anyone who has opted out.

3.5. Compliance with Data Protection Laws

You must ensure that you are fully compliant with any applicable data protection laws. It is your responsibility to keep up to date with any changes in the law.

4. Controller and Processor

4.1. When Hackford is a Controller

Hackford acts as a data controller when collecting and using information about website visitors or when gathering data to create and maintain the Hackford Database and provide services. In no event will Hackford and clients process the Hackford Database data as joint controllers.

4.2. When Hackford is a Processor

When clients use our services, they act as data controllers, responsible for ensuring that the personal information they collect is processed lawfully. In these cases, Hackford acts as a data processor, handling personal information solely according to client instructions. Clients are responsible for determining how they use our services. Clients must ensure that third-party individuals receive appropriate notice about data processing, provide informed consent when needed, and meet all legal requirements for data collection and use.

Clients must also manage data subject rights requests under applicable laws for users and individuals whose data is processed through our services. Hackford’s obligations as a data processor are defined in our agreements with clients and are not included in this Privacy and Data Policy.

5. Grounds of Processing

Where appropriate, Hackford processes your data with your consent. You have the right to withdraw such consent at any time, and we will cease to process data after consent is withdrawn.

5.2. Legitimate Interest

Hackford processes personal data where it is in our or our clients’ legitimate interest, provided these interests are not overridden by individuals’ rights. We have conducted a Legitimate Interests Assessment (LIA) based on guidance from the Information Commissioner’s Office (ICO), available upon request.

Our and our clients’ legitimate interests include:

  • Accessing and maintaining accurate information about potential business customers within the UK financial services sector.
  • Identifying key professionals in B2B contexts to facilitate relevant communications.
  • Supporting clients’ B2B sales, marketing, and recruitment efforts by providing targeted contact information.
  • Delivering aggregated statistical insights for industry analysis and trend identification.

We prioritise transparency and respect for individual rights by providing clear privacy information and mechanisms to opt out, ensuring that individuals retain control over their professional data. This processing supports the functioning and growth of the UK financial services sector while balancing individual rights with industry needs.

5.3. Necessary for Fulfilling Contractual Obligations

Hackford may process personal data when it is required to fulfil the terms of a contract with an individual. This processing is essential for meeting our contractual obligations and ensuring that the services or commitments outlined in the contract are delivered.

Hackford may process personal data to comply with legal and regulatory requirements. This includes activities such as preventing, investigating, and detecting crime or fraud, addressing anti-social behaviour, and prosecuting offenders, which may involve collaboration with law enforcement and regulatory bodies.

6. Data Sharing

We may share your information with the following parties:

6.1. Hackford Clients

Hackford may share personal data with its clients as part of our service offerings. Clients are provided with controlled access to our database and may use the data to contact individuals via business phone, business email, other electronic communications, or targeted display ads on social networks for the purpose of marketing their products or services. Personal data from Hackford’s database may also be integrated into clients’ customer relationship management (CRM) systems, marketing automation platforms, or sales enablement tools.

By remaining in Hackford’s database, you may receive communications from our clients as they conduct B2B sales, marketing, and recruitment activities. These communications are intended to be relevant to your role within the UK financial services sector. However, we cannot guarantee that all communications will align with your interests or expectations.

6.2. Government Authorities

We may disclose your information as required by law, which may involve sharing data with government bodies and law enforcement agencies. This includes disclosures related to current or potential legal proceedings and to establish, exercise, or defend our legal rights, including sharing information with relevant parties for fraud prevention purposes.

7. Individual Data Usage

Hackford Website

We may process your personal data for the following purposes:

  • To deliver our services to clients or their customers in accordance with the agreed terms of service.
  • To respond to your enquiries, provide support, and supply you or your organisation with information about Hackford’s services.
  • To operate and maintain the website, compile reports on visitor usage, and enhance user experience.
  • To evaluate candidates for potential employment at Hackford and communicate regarding job opportunities or submitted applications.
  • To keep you informed through our mailing list about Hackford’s news, offers, and updates.

Hackford Database

We may use your personal data within the Hackford Database for the following purposes:

  • To develop, maintain, and expand our financial services insights database, facilitating B2B sales, marketing, and recruitment for our clients or their customers.
  • To provide, sustain, and improve our services.

8. Marketing Opt-Out Options

To permanently remove your personal data from the Hackford Database, please contact us using the contact information provided above. We require the details in this form to accurately locate your data within our database and process your request. The information you provide will be used solely for this purpose. We will handle your request as promptly as possible and in accordance with the timelines specified by the UK GDPR.

If you wish to be removed from our mailing list, you can unsubscribe by clicking the “unsubscribe” link at the bottom of any marketing email you receive.

9. Your Rights Regarding Personal Data Processing

You have the following rights concerning the personal data we process. We aim to respond to your requests without undue delay and within one month at the latest.

To make a request, please contact us using the contact details above, addressed to the Data Protection Officer.

9.1. Right to Access and Rectify

You have the right to request a copy of the personal data we hold about you and to have any inaccuracies corrected. We will make reasonable efforts, as required by applicable law, to provide, amend, or delete your personal data in our records (including notifying any third parties to whom it has been disclosed).

9.2. Right to Object to Processing

You can request the restriction, cessation of processing, or deletion of your personal data if:

  • You previously consented to Hackford processing your personal data but have now withdrawn that consent.
  • Hackford no longer needs to process your personal data for the original purpose of collection.
  • Hackford is processing your personal data for reasons of public interest or legitimate interest, and you disagree with this processing with no overriding justification for continuing.
  • The personal data was processed unlawfully.
  • You need the personal data deleted to comply with a legal obligation.

10. Data Retention

We retain personal data only as long as necessary for the relevant purposes. When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the data, potential risk from unauthorised use or disclosure, the purposes of processing, the feasibility of achieving those purposes through other means, and applicable legal requirements.

11. Changes to This Privacy and Data Policy

We may update this Privacy and Data Policy periodically, especially if required by changes in the law or business practices affecting data protection. Any updates will be posted on our website, and by continuing to use our site, you accept the terms of the revised Policy. We encourage you to review this page regularly.

This Privacy Policy was last updated on 1 November 2024.