Skip to content

Privacy Policy

Euronext Corporate Services Privacy Policy

 

INTRODUCTION

Welcome to Euronext Corporate Services privacy policy. Euronext Corporate Services is a brand owned by Euronext Corporate Services BV, a company located at Beursplein 5, 1012 JW, Amsterdam, The Netherlands affiliated company of the Euronext NV’s Group, Euronext N.V. being a Dutch company located at Beursplein 5, 1012 JW, Amsterdam, the Netherlands.

Euronext Corporate Services is a global company, offering a suite of services to its users and customers in several locations. As such, this policy is applicable to the services provided by the following companies (all together referred to herein as “Euronext Corporate Services”):

  • Euronext Corporate Services BV, with the corporate registration number 68034970 located at Beursplein 5, 1012 JW, Amsterdam, the Netherlands ;
  • Euronext Corporate Services Finland Oy, with the corporate registration number 2700662-1 located at Lapinlahdenkatu 16, 00180 Helsinki, Finland ;
  • Euronext Corporate Services France S.A.S., with the corporate registration number 444 325 286 R.C.S. Créteil located at 79 rue de Paris, 94220 Charenton-le-Pont, France ;
  • Euronext Corporate Services Germany GmbH, with the corporate registration number District Court of Frankfurt HRB 129135 located at Bockenheimer Landstraße 23, Frankfurt am Main, Germany ;
  • Euronext Corporate Services Italy S.r.l., with the corporate registration number MI-2621729 located at Piazza degli Affari 6, 20123 Milano, Italy ;
  • Euronext Corporate Services Sweden AB, with the corporate registration number 5591417083 located at Holländargatan 17B, 111 60 Stockholm, Sweden ;
  • Euronext Corporate Services UK Limited, with the corporate registration number 5682866 located at Floor 10, 110 Cannon Street, London, EC4N 6EU, United Kingdom ;
  • iBabs B.V., with the corporate registration number 60962062 located at De Factorij 33, 1689 AK, Zwaag, Netherlands ;
  • Company Webcast B.V., with the corporate registration number 24384974 located at Rivium Boulevard 176, 2909 LK Capelle aan den IJssel, Netherlands ;
  • InsiderLog AB, with the corporate registration number 559141-7083 located at Holländargatan 17, 111 60, Stockholm, Sweden.

When we refer to “we” or “us” in this Policy, we are referring to Euronext Corporate Services together with, as applicable, the Euronext Corporate Services Products.

Our services are mainly provided on a contractual basis to corporate subscribers, therefore as an individual user, you will be entitled to use the services on the basis we have agreed with the relevant corporate subscriber. Nevertheless, our services can also be directly subscribed by individuals. We also collect and process Personal Data from non-users when you sign for a demo, download an asset or attend a webinar.

This policy is drafted with reference to the EU General Data Protection Regulation (from 25th May 2018) (together the “Data Protection Legislation”). Euronext corporate services believes that compliance with the data protection principles outlined in the Data Protection Legislation creates a strong framework to ensure that individuals’ Personal Data is secured, protected and used appropriately.

This policy addresses how Euronext Corporate Services uses, transfers and stores the Personal Data we collect about individuals (“Users”) when they access our website or any instance of our online applications (the “Portal”), or use any of our services or products (collectively, the “Euronext Corporate Services Products”), or otherwise have their Personal Data submitted to us in accordance with this policy.

By using any of the Euronext Corporate Services Products and/or you or a corporate subscriber you work for agreeing to our terms and conditions, Users are accepting the practices and guidelines set out in this document (the “Policy”), so please take a few minutes to read it over carefully.

Please also use the Glossary to understand the meaning of some of the terms used in this privacy policy.

This Privacy Policy was last updated on April, 5th 2023.

Table of content

1. IMPORTANT INFORMATION AND WHO WE ARE

1.1 Purpose of this privacy policy

1.2 Controller / Processor

1.3 Contact details

1.4 Changes to the privacy policy and your duty to inform us of changes

2. THE DATA WE COLLECT ABOUT YOU

2.1 Personal we collect

2.2 If you fail to provide personal data

3. HOW IS YOUR PERSONAL DATA COLLECTED?

4. HOW WE USE YOUR PERSONAL DATA.

4.1 Global framework

4.2 Purposes for which we will use your personal data

4.3 Cookies

4.4 Change of purpose

5. DISCLOSURES OF YOUR PERSONAL DATA

6. INTERNATIONAL TRANSFERS

7. DATA SECURITY AND CONFIDENTIAL INFORMATION

8. DATA RETENTION

9. YOUR LEGAL RIGHTS

9.1 Your rights

9.2 No fee usually required

9.3 What we may need from you

9.4 Time limit to respond

10. GLOSSARY

1. IMPORTANT INFORMATION AND WHO WE ARE

1.1 Purpose of this privacy policy

This privacy policy aims to give you information on how Euronext Corporate Services collects and processes your personal data through your use of the Euronext Corporate Services Products, including any data you may provide through the Portal when you register for an account or request for a demo.

It is important that you read this privacy policy together with any other privacy notice(s) or fair processing notice(s) we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements the other notices and is not intended to override them.

1.2 Controller / Processor

For the purposes of the Data Protection Legislation, where we are the party that determines the purposes for which, and the manner in which, any Personal Data is processed, the Controller of any such Personal Data is Euronext Corporate Services. However, we may also collect or be provided with certain Personal Data pursuant to our agreements with our customers and partners who remain the Controller of that Personal Data – in this case, we act as a Processor of the relevant customer or partner. Where we act as Controller, this Privacy Policy will be applicable. Where we act as a Processor of any Personal Data, we will process such Personal Data in accordance with this Privacy Policy, our Terms and Conditions and the relevant Controller’s instructions. The qualification of Euronext Corporate Services as Controller or Processor will be provided in our Terms and Conditions.

We have appointed a Euronext Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

1.3 Contact details

Full name of legal entities:

  • Euronext Corporate Services BV, with the corporate registration number 68034970 located at Beursplein 5, 1012 JW, Amsterdam, the Netherlands ;
  • Euronext Corporate Services Finland Oy, with the corporate registration number 2700662-1 located at Lapinlahdenkatu 16, 00180 Helsinki, Finland ;
  • Euronext Corporate Services France S.A.S., with the corporate registration number 444 325 286 R.C.S. Créteil located at 79 rue de Paris, 94220 Charenton-le-Pont, France ;
  • Euronext Corporate Services Germany GmbH, with the corporate registration number District Court of Frankfurt HRB 129135 located at Bockenheimer Landstraße 23, Frankfurt am Main, Germany ;
  • Euronext Corporate Services Italy S.r.l., with the corporate registration number MI-2621729 located at Piazza degli Affari 6, 20123 Milano, Italy ;
  • Euronext Corporate Services Sweden AB, with the corporate registration number 5591417083 located at Holländargatan 17B, 111 60 Stockholm, Sweden ;
  • Euronext Corporate Services UK Limited, with the corporate registration number 5682866 located at Floor 10, 110 Cannon Street, London, EC4N 6EU, United Kingdom ;
  • iBabs B.V., with the corporate registration number 60962062 located at De Factorij 33, 1689 AK, Zwaag, Netherlands ;
  • Company Webcast B.V., with the corporate registration number 24384974 located at Rivium Boulevard 176, 2909 LK Capelle aan den IJssel, Netherlands ;
  • InsiderLog AB, with the corporate registration number 559141-7083 located at Holländargatan 17, 111 60, Stockholm, Sweden.

Name and title of our Data Protection Officer: dpo@euronext.com

Email address: dpo@euronext.com

Postal address: 14 place des reflets – CS 30064 – 92054 Paris la Défense Cedex

You have the right to make a complaint at any time to Autoriteit Persoonsgegevens, the supervisory authority for data protection issues in the Netherlands or to the Garante per la Protezione dei Dati Personali. We would, however, appreciate the chance to deal with your concerns before you approach Data Protection Authorities, so please contact us here: dpo@euronext.com in the first instance.

1.4 Changes to the privacy policy and your duty to inform us of changes

This version was last updated on the date stated at the beginning of this privacy policy. We reserve the right to amend this privacy policy from time to time as required to ensure its accuracy.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

2. THE DATA WE COLLECT ABOUT YOU

2.1 Personal we collect

Personal Data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). For the full definition of Personal Data, please see paragraph 10.

We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:

Data we collect as a Controller:

  • Corporate Subscriber Data includes the name of the corporate subscriber authorising your access to our Portal and your job title
  • Identity Data includes your name.
  • Contact Data includes your mobile phone number, telephone number and your email address.
  • Location Data such as you country of residence.
  • Technical Data includes your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, pages viewed on any Euronext Corporate Services.
  • Profile Data includes your username and password.
  • Your cookie and consent preferences.

Data we collect as a Processor:

  • Identity Data includes your name.
  • Contact Data includes your mobile phone number, telephone number and your email address.
  • Corporate Subscriber Data includes the name of the corporate subscriber authorising your access to our Portal and your job title.
  • Location Data such as you country of residence.
  • Technical Data includes your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, pages viewed on any Euronext Corporate Services.
  • Products and date and time of those viewings, and other technology on the devices you use to access any Euronext Corporate Services Products.
  • Profile Data includes your username and password.
  • Usage Data includes information about how you use the Portal.

We may also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data, but is not considered Personal Data in law, as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of Users accessing a specific Portal feature.

We may also anonymise data (Anonymised Data) that we collect, use and share for the purposes of providing support to you, a corporate subscriber and other Users of Euronext Corporate Services Products. Like Aggregated Data, this data does not directly or indirectly reveal your identity.

However, if we combine or connect Aggregated Data or Anonymised Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this privacy notice.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

2.2 If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with the corporate subscriber authorising your access to our Portal and you fail to provide that data when requested, we may not be able to allow you access to Euronext Corporate Services Products. In this case, we will let you know if access to Euronext Corporate Services Products is denied.

3. HOW IS YOUR PERSONAL DATA COLLECTED?

 

3.1 We use different methods to collect data from and about you including through:

 

3.1.1 Direct interactions. You, or a third party authorised by your employer will or will arrange to provide your Identity, Contact, Employment and Profile Data when registering an account with us or requesting access to Euronext Corporate Services Products. You may also provide us with this information when corresponding with us by telephone, phone, email, social media or otherwise.

3.1.2 Automated technologies or interactions. As you interact with any Euronext Corporate Services Products, we may automatically collect Technical Data and Usage Data. We collect this personal data by using cookies, server logs, web beacons/pixels and other similar technologies.

3.1.3 Third parties. We may receive personal data about you from various third parties, e.g. your employer or a corporate subscriber, as set out below:

3.1.3.1 Identity, Contact and Corporate Subscriber Data from the corporate subscriber authorising your access to any Euronext Corporate Services Products to whom we are providing services.

3.1.3.2 Identity, Contact and Corporate Subscriber Data from or on behalf of your employer who has authorised your access to any Euronext Corporate Services Products or provided us with your personal data as a result of your employer providing services to a corporate subscriber.

3.1.3.3 Identity, Contact, Corporate Subscriber, Technical, Profile and/or Usage Data from the provision of support service provided (as detailed in paragraph 10.6).

3.1.3.4 Identity, Contact and Corporate Subscriber Data from a third party who has been expressly permissioned by you, your employer or a corporate subscriber

4. HOW WE USE YOUR PERSONAL DATA

4.1 Global framework

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

4.1.1 Where we need to allow you to access any Euronext Corporate Services Product and to provide support services.

4.1.2 Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example, our legitimate interests may include the administration and management of our business and the provision of our services to the corporate subscriber authorising your access to any Euronext Corporate Services Product.

4.1.3 Where we need to comply with a legal or regulatory obligation.

Please see paragraph 10.2 to find out more about the types of lawful basis that we will rely on to process your personal data.

Generally, where applicable, we obtain, collect and process your personal data on the basis of consent for some specific marketing purposes (i.e. proposal of products & services, invitation to events…).

4.2 Purposes for which we will use your personal data

4.2.1 As a data controller we use the personal data you provide us in the following ways:

4.2.1.1 provide you with access to the information and services that the corporate subscriber authorising your access to our Portal requests from us

4.2.1.2 provide services to your employer or the corporate subscriber authorising your access to our Portal

4.2.1.3 remember your cookie and consent preferences for your future visits

4.2.2 As a data processor we use the personal data you provide us in the following ways:

4.2.2.1 provide you with access to the information and services that the corporate subscriber authorising your access to our Portal requests from us

4.2.2.2 provide services to your employer or the corporate subscriber authorising your access to our Portal

4.2.2.3 provide support services to you

4.2.2.4 manage and administer our business

4.2.2.5 review and improve our services

4.2.2.6 To provide you with promotional communications, such as email, to the extent that you have provided consent to receive such communications under applicable law, to notify you about changes to the Euronext Corporate Services Products.

4.2.2.7 personal data that we receive from third parties may be combined with the personal data that you provide to us and used for the purposes described above.

4.2.2.8 administer the Euronext Corporate Services Product and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes

4.2.2.9 provision of support services to you

4.2.2.10 improve the Portal to ensure that content is presented in the most effective manner for you and for your computer or mobile device

4.2.2.11 improve other websites we operate

4.2.2.12 refine the provision of the services offered on the Portal and to assist in the development of new services

4.2.2.13 allow you to participate in interactive features of the Portal, when you choose to do so

4.2.2.14 as part of our efforts to keep the Portal safe and secure

4.2.2.15 provide services to your employer or a corporate subscriber

4.2.2.16 provide services to a third-party that has been expressly authorised to access Euronext Corporate Services Products by you, your employer or a corporate subscriber

4.3 Cookies

The Portal uses cookies to distinguish you from other Users of the Portal. This helps us to provide you with a good experience when you use the Portal and also allows us to improve the Portal. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Portal may become inaccessible or not function properly.

Cookies are small text files that are sent and stored on the user computer, smartphone or other device for accessing the Internet, whenever you visit a website. They are useful because they allow a website to recognize the user device, log when the user visits a particular page or provide a secure connection to a website, etc. Euronext Corporate Services undertakes to delete Cookies, which it is responsible for, from your computer after a duration of 12 months. At the end of this period, consent will be obtained from you again.

Euronext Corporate Services uses cookies for various purposes:

Cookie type Purposes Description / Third Parties involved
Necessary

Authentication


Usage of the Platform


Operation of the Website

Enable to secure the Platform and product access.


Help us to provide you a good experience on the platform.


Provide you a good browsing experience and memorize your consent preferences on our website (HubSpot).

Functional User preferences Used by HubSpot CMS to save your language and consent preferences.
Analytics

Audience Analytics


Marketing

Enable us to access website visit and statistics to improve your experience and understand more about our visitors. (Segment, Google Analytics, Leadfeeder).


Enable us to better optimize our advertising campaigns and understand (Google Ads, LinkedIn Ads, Facebook Ads, Microsoft Ads).

Advertising

Conversion Reporting

 

Audience

Enable us to access analytics data on your interactions with our advertising campaigns (Google Ads, LinkedIn Ads, Microsoft Ads).

 

Allow us to build advertising audience to be targeted in our marketing campaign (Google Ads, LinkedIn Ads, Microsoft Ads).

You can decide if a cookie from Euronext Corporate Services websites can be stored on your device. Euronext Corporate Services recommends that you leave the cookie active. By blocking, turning off or otherwise rejecting the cookie, some web pages may not display properly, or the user will not be able to use any website services that require you to sign in. At any moment, you can delete cookies through the configuration of the consent and privacy options available in your browser. 

  

Cookie Removal Instructions: 

As part of our commitment to privacy and compliance with the General Data Protection Regulation (GDPR), we want to provide you with information on how to remove cookies from your browser. 

To remove cookies from the main browsers, please follow the instructions below: 

Google Chrome: 

  1. Open Chrome and click on the three-dot menu icon in the top-right corner.
  2. Select "Settings" from the drop-down menu.
  3. Under the "Privacy and security" section, click on "Clear browsing data."
  4. Select the time range for which you want to remove cookies.
  5. Check the box next to "Cookies and other site data."
  6. Click on the "Clear data" button to remove the cookies.

Mozilla Firefox: 

  1. Open Firefox and click on the menu button (three horizontal lines) in the top-right corner.
  2. Select "Settings" from the menu.
  3. In the left sidebar, click on "Privacy & Security."
  4. Under the "Cookies and Site Data" section, click on the "Clear Data" button.
  5. Check the box next to "Cookies and Site Data."
  6. Click on the "Clear" button to remove the cookies.

Safari: 

  1. Open Safari and click on "Safari" in the top menu.
  2. Select "Settings" from the drop-down menu.
  3. In the Preferences window, click on the "Privacy" tab.
  4. Click on the "Manage Website Data" button.
  5. In the new window, select the website(s) for which you want to remove cookies.
  6. Click on the "Remove" button, then click "Done" to confirm.

Please note that the above instructions may vary slightly depending on the browser version you are using. If you are using a different browser, we recommend referring to the browser's documentation or support website for specific instructions.

 

4.4 Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at dpo@euronext.com.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

5. DISCLOSURES OF YOUR PERSONAL DATA

5.1 We may disclose your personal data to other companies of the Euronext NV’s Group from which Euronext Corporate Services BV is a subsidiary.

5.2 We may also disclose your personal data to third parties in relation with the purposes for which personal data are processed including:

  • regulatory authorities and law enforcement agencies;
  • our trusted third party service providers and our IT service providers;
  • third parties involved in financial market activities;  
  • third parties involved in hosting or organizing events or courses;
  • professional advisors such as tax or legal advisors, consultants and accountants, and
  • any prospective buyers of Euronext Corporate Services or the business of Euronext Corporate Services.

5.3 We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. INTERNATIONAL TRANSFERS

We store and process your personal data on servers located within the European Economic Area (the "EEA"). We only transfer your personal data outside the EEA where the European Commission has decided that the third country in question ensures an adequate level of protection in line with EEA data protection standards or where there are appropriate safeguards in place to protect your personal data.

We may transfer the personal information we collect about you to recipients in countries other than the country in which the information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your information to recipients in other countries (such as the U.S.), we will protect that information as described in this Privacy Policy and will comply with applicable legal requirements providing adequate protection for the transfer of personal information to recipients in countries other than the one in which you provided the information, including by selecting service providers that are located in a country recognized by the European Commission as providing an adequate level of data protection or by implementing appropriate safeguards based on the European Commission’s Standard Contractual Clauses, where applicable. Subject to applicable law, you may obtain a copy of these safeguards by contacting us as indicated below.

7. DATA SECURITY AND CONFIDENTIAL INFORMATION

We have put in place appropriate security measures (commensurate with the sensitivity of the personal data we process) to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Euronext Corporate Services employs encryption technology to protect certain transmissions of data to/from the Services, but e-mail and other communications are not encrypted. You should not send any personal or identifying information, such as bank or credit card details via email. By employing e-mail or other insecure electronic communication means you acknowledge that you have no expectation of privacy with respect to the information delivered thereby and that Euronext Corporate Services will not be responsible for any loss or damage that could result from interception by third parties of any information so sent.

8. DATA RETENTION

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting, regulatory or contractual requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete your data: please see paragraph 9 below for further information.

Please be aware that we keep personal data for Users of Euronext Corporate Services Products (including Identity Data, and Usage Data) for audit purposes whilst the relevant corporate subscriber is contracted to us and as required by any regulatory requirements applicable to the relevant corporate subscriber.

We may be subject to contractual requirements that specify how long we can keep your personal data for (for example, in our contract for the supply of services to the corporate subscriber authorising your access to any Euronext Corporate Services Products).

9. YOUR LEGAL RIGHTS

9.1 Your rights

The table below sets out the rights which you have to address any concerns or queries with us about our processing of your personal data. Please note that these rights are not absolute and are subject to certain exemptions under applicable data protection law.

RIGHT FURTHER INFORMATION
RIGHT TO BE INFORMED You have the right to know your personal data is being processed by us, how we use your personal data and your rights in relation to your personal data.
RIGHT OF ACCESS You have the right to ascertain what type of personal data [Euronext Corporate Services BV] holds about you and to a copy of this personal data.
RIGHT TO RECTIFICATION You have the right to have any inaccurate personal data which we hold about you updated or corrected.
RIGHT TO ERASURE In certain circumstances you may request that we delete the personal data that we hold on you. You have also the right to give post-mortem instructions regarding your personal data.
RIGHT TO RESTRICTION OF PROCESSING You have the right to request that we stop using your personal data in certain circumstances including if you believe that the personal data we hold about you is inaccurate or that our use of your personal data is unlawful. If you validly exercise this right, we will store your personal data and will not carry out any other processing until the issue is resolved.
RIGHT TO OBJECT Where we rely on our legitimate interests to process your personal data, you have a right to object to this use. We will desist from processing your personal information unless we can demonstrate an overriding legitimate interest in the continued processing.
RIGHT TO DATA PORTABILITY In case the processing is based on your consent or a contract conclude with you, you may request us to provide you with certain personal data which you have given us in a structured, commonly used and machine-readable format and you may request us to transmit your personal data directly to another controller where this is technically feasible.

 

You can exercise any of these rights by: By sending an email to the following address: dpo@euronext.com or by postal address: 14 place des reflets – CS 30064 – 92054 Paris la Défense Cedex

You have the right to make a complaint at any time to Autoriteit Persoonsgegevens the supervisory authority for data protection issues in the Netherlands. We would, however, appreciate the chance to deal with your concerns before you approach Autoriteit Persoonsgegevens, so please contact us here: dpo@euronext.com – in the first instance.

9.2 No fee usually required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.

9.3 What we may need from you

We may need to request specific information from you to help us to confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

9.4 Time limit to respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or if you have made a number of requests. In this case, we will notify you and keep you updated.

10. GLOSSARY

TERM DEFINITION
Controller Means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Cookie A cookie is an online identifier.
Data Protection Authority (DPA) An official or body that ensures compliance with Data protection laws and investigates alleged Breaches of the laws’ provisions.
Data Subject An identified or identifiable natural person.
Lawfull Basis Legitimate Interest means conducting and managing our business in our interests, or the interests of a third party. Our interests could include, for example, our internal administrative purposes or ensuring network and information security. Whether a particular legitimate interest may exist can also depend on the relationship we have with you.
We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests or the interests of a third party. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract. Such contract may exist with you, your employer or corporate subscriber with whom you or your employer have a business relationship. Alternatively, it may be necessary to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we or a corporate subscriber may be subject to.
Consent means your clear, unambiguous consent for a specific purpose, for example, for marketing and promotional materials.
Personal Data Means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing Means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Processor Means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.