IDBX Corporation Privacy Policy
Last Updated: May 2025
Contents
- Who does this policy apply to
- Purposes for which we collect and use your personal data
- Personal data collected by us
- Further information/marketing
- Personal data retention
- Sharing personal data
- Monitoring of communications
- Data Security
- Disclosures Applicable to Individuals in Europe, the UK, and the Rest of the World
- 9.1 Legal basis for processing personal data
- 9.2 Your rights in connection with your personal data
- 9.3 Contact details for data requests and complaints
- 9.4 Transfers of personal data
1. Who Does This Policy Apply To
This Privacy Policy applies to individuals who interact with IDBX Corporation worldwide, including those in the European Union (EU), the United Kingdom (UK), and other jurisdictions. It does not apply to employees, who should refer to IDBX Corporation’s internal staff privacy policy.
The specific personal data we collect and how we use it depends on your relationship with IDBX Corporation and the products and services you use. Therefore, some information provided below may not be relevant to your specific relationship with us.
2. Purposes for Which We Collect and Use Your Personal Data
We collect and process personal data for the following purposes:
- Service Administration: To manage and provide our services.
- Regulatory Compliance: To comply with legal, regulatory, and self-regulatory obligations.
- Feedback and Research: To gather feedback on our services and conduct market research, including statistical and behavioral analysis.
- Personalisation of Services and Marketing: To improve and personalize our services, including providing information on products and services that may interest you.
- Legal Compliance: To comply with laws, regulations, and good practice.
- Verification and Fraud Prevention: To verify identities, prevent fraud, and protect against network security breaches or malpractice.
- Legal Proceedings: For legal proceedings, obtaining legal advice, or defending legal rights.
These purposes are collectively referred to as the “Specified Purposes.”
3. Personal Data Collected by Us
The types of personal data we collect include:
- Identity and Contact Information: Business email, phone number, address, and where necessary, your date of birth, nationality, and national ID (e.g., passport number).
- Data from Interactions: Data obtained from email correspondence, phone calls, meetings, and events attended.
- Digital Data: Data collected from your use of our services, such as access times, volume of use, and traffic data. For more details on cookies, please see our Cookie Policy.
- Compliance Data: Information necessary for us to meet our regulatory and legal obligations.
Personal data may be collected directly from you, from third parties (e.g., your employer, public databases, or referrals), or automatically through your use of our services (e.g., via cookies).
If you do not provide the required personal data, we may not be able to fulfil our contractual obligations or provide our services to you.
4. Further Information/Marketing
With your consent, we may contact you about additional services you may find interesting. This could include invitations to events or webinars, which may be communicated via email, telephone, or post. You have the right to opt out of such marketing at any time by contacting us as described in this Privacy Policy.
5. Personal Data Retention
We will retain your personal data for as long as necessary to meet the Specified Purposes, respond to queries, and comply with applicable laws and regulations. We have internal procedures for data retention and deletion in line with our legal and regulatory obligations.
6. Sharing Personal Data
We may share your personal data with:
- Your organization: If applicable, we may share your personal data with your employer for legitimate business purposes.
- Our Group Companies: To manage and provide services and for legitimate business operations.
- Third-Party Service Providers: We may share data with service providers who process data on our behalf.
- Legal Obligations: To comply with applicable laws, including government authorities and regulatory agencies.
- Business Transactions: In the event of a merger, sale, or corporate restructuring.
Service-Specific Disclosures: Where relevant, we may share data with customers or counterparties in the context of specific services (e.g., trade matching).
7. Monitoring of Communications
We may monitor communications between you and IDBX staff for security, regulatory compliance, and fraud prevention purposes. This includes email and telephone communications. We may filter out malicious content (e.g., viruses or spam) and monitor for compliance with internal policies.
8. Data Security
IDBX Corporation has implemented strong technical and organizational measures to protect the personal data we process. These measures include secure data storage, access controls, encryption, and regular monitoring of our systems to prevent unauthorized access, alteration, or disclosure.
9. Disclosures Applicable to Individuals in Europe, the UK, and the Rest of the World
This section applies to individuals in the EU, UK, and other jurisdictions where applicable data protection laws exist, including the General Data Protection Regulation (GDPR) for Europe, the Data Protection Act 2018 for the UK, and similar laws in other countries.
9.1 Legal Basis for Processing Personal Data
The legal grounds for processing personal data include:
- Compliance with Legal Obligations: Processing is necessary to comply with legal or regulatory obligations (e.g., Specified Purposes (b), (e), (f), (g)).
- Contractual Necessity: Processing is necessary for the performance of a contract (e.g., Specified Purposes (a), (b)).
- Legitimate Interests: We may process personal data for legitimate interests, provided these interests are not overridden by your rights and freedoms (e.g., Specified Purposes (c), (d)).
Where applicable, we rely on your consent to process your personal data, and you can withdraw that consent at any time.
9.2 Your Rights in Connection with Your Personal Data
As a data subject, you have the following rights:
- Access: You can request to see or obtain a copy of your personal data, including in electronic and paper formats.
- Correction: You can request that inaccurate personal data be corrected or that incomplete data be completed.
- Restriction, Erasure, and Objection: You can request restrictions on processing, object to processing based on legitimate interests, or request the deletion of your personal data (subject to retention policies).
- Portability: In some cases, you may request that your personal data be provided to you in a structured, machine-readable format.
9.3 Contact Details for Data Requests and Complaints
If you wish to exercise any of your rights or have questions regarding your personal data, please contact us:
Data Protection Officer
Email: legal@idbx.com
Phone: [Insert Contact Number]
Address: IDBX Corporation Ltd: 128 City Road, London, United Kingdom, EC1V 2NX
If you are not satisfied with how we handle your personal data, you can contact the Information Commissioner’s Office (ICO) in the UK or the relevant data protection authority in your jurisdiction.
9.4 Transfers of Personal Data
IDBX Corporation may transfer personal data internationally to its group companies or third-party service providers, including to countries outside the EU/UK. We ensure that such transfers are conducted in accordance with global data protection laws and that appropriate safeguards, such as standard contractual clauses, are in place to protect your data.
Contact Information
For any inquiries regarding this Privacy Policy or to exercise your rights regarding your personal data, please contact us:
Email: legal@idbx.com