Your Privacy

Last Updated: 16th November 2022

  1. Introduction
  2. What is personal data?
  3. Personal data we collect and its sources
  4. How we collect your personal data
  5. Purposes for which we use your personal data and the lawful bases
  6. Sharing your personal data
  7. Platform users
  8. International transfers
  9. How long we keep your personal data
  10. Security of your personal data
  11. our rights
  12. How to complain
  13. How to contact us

1. Introduction

ClearStake Limited (“ClearStake”, “we,“our”) is committed to protecting the privacy and security of the personal data we collect about end customers and users of our services (“you/your”).

The purpose of this privacy notice is to explain what personal data we collect about you when visit our website. When we do this, we are the data controller.

Please read this privacy notice carefully as it provides important information about how we handle your personal information and your rights. If you have any questions about any aspect of this privacy notice you can contact us using the information provided below or by emailing us at privacy@clearstake.com.

2. What is my personal data

‘Personal data’ is any information from which you can be identified, either directly or indirectly. For example, your name or an online identifier.

‘Special category personal data’ is more sensitive personal data and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purposes of uniquely identifying someone, data concerning physical or mental health or data concerning someone’s sex life or sexual orientation.  

3. Personal data we collect

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are also subject to the EU General Data ProtectionRegulation (EU GDPR) in relation to services we offer to individuals in theEuropean Economic Area (EEA). The personal data we collect includes:

If you have contacted us: your name, your phone number and/or email address and a record of your correspondence (including any details or attachments you have entered into Zendesk).

Where you have reported a problem with our website or platform: your contact details and any details provided, this may include your name, address, telephone number and/or email address.

We may also collect technical data about you. This includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.

4. How we collect your personal data

We use different methods to collect the above personal data from and about you including through:

Direct interactions – where you provide information directly to us, through filling in a form on our website.

Automated technologies or interactions – as you interact with our website, we will collect technical data about you. We will collect this personal data using cookies and other similar technologies. Please see our Cookies Notice for further details.

5. Purposes for which we use your personal data and the lawful basis

When providing services to you, we may use your personal data for the following purposes and on the following lawful bases:

We process your personal data toad minister and protect our business and this website. This includes enabling you to use our website, troubleshooting, testing, system maintenance, support and reporting of data. We rely on the legal basis of legitimate interests to perform this processing. It is necessary for our legitimate interest for running our business, responding to queries, nuisance caller management, to defend our servers against malicious attacks and operational performance improvement.

We process your personal data to notify you about changes to our website and privacy notice. It is necessary to comply with our legal obligation to perform this processing.

We process your personal data to deliver relevant website content and ensure that it is presented in the most effective manner for you and your device. This is in our legitimate interest to achieve the most user-friendly website navigation experience.

6. Sharing your personal data

We may share your personal data with the below parties for the listed purposes:

External third parties:

  • Service providersbased internationally who provide marketing and IT and system administrationservices.
  • Zendesk

Other third parties: other third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.

7. Platform users

For users of our platform please see our platform privacy notice. This explains how your personal data will be used when you use our platform.

8. International Transfers

When we collect your personal data, it may be processed outside the UK. This is because the organisations we use to provide our services to you are located in other countries.

We have taken appropriate steps to ensure that where personal data processed outside the UK, it has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:

  • Your personal data is only processed in a country which theSecretary of State has confirmed has an adequate level of protection (an adequacy regulation); or
  • We enter into either International Data Transfers Agreements (IDTAs) or Standard Contractual Clauses (SCCs) with the receiving organisations and ensure that supplementary measures are also applied, where necessary.

9. How long we keep your personal data

We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.

At the end of the retention period, your personal data will be securely deleted.

10. Security of your personal data

We have implemented appropriate technical and organisational measures to safeguard your personal data and protect it from accidental or unlawful destruction, loss or alteration and from unauthorised disclosure or access.

In addition to the technical and organisational measures we have put in place, there are a number of simple things you can do to in order to further protect your personal information, such as;

  1. Never enter your details after clicking on a link in an email or text message.
  2. If you’re logged into any online service do not leave your computer unattended.
  3. Close down your internet browser once you’ve logged off

Secure Online Services

You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.

11. Your rights

You have certain rights in relation to the processing of your personal data, including to:

  • Request access to your personal data (commonly known as a “Subject Access Request”). This enables you to receive a copy of the personal data we hold about you.
  • Request rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. If you object to us using your personal data for marketing purposes we will stop sending you marketing material.
  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal data to another party (data portability).
  • Automated decision-making. You have the right not to be subject to a decision based solely on automated processing which will significantly affect you. We do not use automated decision-making.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the processing of your personal data fora specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we are permitted by law todo so.

How to exercise your rights

You will not usually need to pay afee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. If you wish to exercise your rights, please contact us at privacy@clearstake.com.

12. How to complain

You have the right to lodge a complaint with the supervisory authority, if you believe we are infringing the UK data protection laws or you are concerned about the way in which we are handling your personal data. The supervisory authority in the UK is the Information Commissioner’s Office who can be contacted online at:

13. How to contact us

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights outlined above, then please address your correspondence to:

29 Harbour Exchange Square, London, England, E14 9GE

Alternatively, you can email us at privacy@clearstake.com

We have also appointed a Data protection Officer (“DPO”). Our DPO is Evalian Limited and can be contacted by emailing privacy@clearstake.com or via our postal address. If sending correspondence to our postal address, please mark the envelope to the ‘Data Protection Officer’.