These terms apply to the use of products and services developed by the Interfax Group. For the purposes of this Privacy Policy “the Interfax Group” / “Interfax” / “we” / “us” / “our” means Joint-Stock Company “Interfax News Agency”, Joint-Stock Company “Interfax”, Interfax Europe Ltd, and Interfax Deutschland GmbH as well as other companies of the Interfax Group. Our offices are at build. 1, 2 Pervaya Tverskaya-Yamskaya Ul., Moscow, 127006, Russia: Victoria House, 4th Floor, 1-3 College Hill, London EC4R 2RA; and Taunusstrasse 54, D-61440, Oberursel, Germany. For the purposes of this policy the companies of the Interfax Group not established in the European Union are represented in the European Economic Area (EEA) and Switzerland by Interfax Deutschland GmbH with its office at Taunusstrasse 54, D-61440, Oberursel, Germany.

The Interfax Group is the leading independent provider of business and financial products essential for decision makers. Having built its reputation on the provision of accurate and timely breaking news from the territories of Russia and the CIS, over the past decades Interfax has successfully transformed into an information company, creating professional IT solutions tailored for risk assessment, compliance, due diligence, KYC, business and financial intelligence. Today, Interfax product range includes political and general news, financial and business credit information, industry analysis, market data and sophisticated business solutions for risk management and other ancillary products and services (hereinafter, the “Services”).

Some of the information incorporated into our Services may be classified as “personal data” under European Union (EU) law as it is information relating to an individual. We are committed to protecting and respecting your privacy. This Privacy Policy explains the basis on which we collect, process and disclose personal data. Where we decide the purpose or means for which personal data is processed, we are the data “controller.” We will comply with all applicable data protection laws, including the General Data Protection Regulation 2016/679.

This Website and Services may contain hyperlinks to third party websites. These third party websites operate fully independently from us, and we cannot accept any responsibility or liability for the privacy practices of such third parties nor the availability of these external sites or resources. The appearance of such links on the Website or in any part of our Services is not an endorsement. Should you use any of these third party websites, such use is at your own risk and we would recommend that you review their respective privacy policies.

This privacy policy (“Privacy Policy”) applies to individuals i) who use this website (the “Website”) ii) who use the Services and iii) whose personal information forms part of the content included within our Services. Depending on the Services, we may provide additional privacy notices and/or terms of use. This Privacy Policy should be read in conjunction with those privacy notices and terms of use, as applicable to our specific Services.

We have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy and the data handling of the Interfax Group. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the following details DPO@interfax.co.uk. Victoria House, 4th Floor, 1-3 College Hill, London EC4R 2RA

Your Enquiries

If you contact us about our Services, the forms you complete or the emails you send may include information about you, such as your name as the contact point for an organisation, your email address, the organisation's address, job title, telephone number and your enquiry.

In line with the legitimate interest we have in promoting and operating our business, we will process your enquiries to reply and provide you with information about the Services.

We may also process enquiries to take steps you ask of us with a view to entering into an agreement to provide our Services.

We also hold such information in our CRM system which provides a single view of all our Customers (prospective or current), their contacts, contract details and other business information. The CRM system also contains information on activities and interactions with Customers (which may include emails, summaries of calls, and meetings).

You are under no obligation to provide us with any details, but if you do not provide all relevant information, we may not be able to help.

Information provided by you when using our Services

We will collect information on how you use our Services. This information helps us administer, manage, operate, protect and improve the Services (and provide customer support in connection with the Services). This information may also be used for the purposes of managing any security risks and verifying your identity when logging into and/or using the Service.

We will use information about you for providing and/or making our Services available to you under the terms of use of our Services, as well as contacting you about matters requiring attention.

Mailing List

We may use the email address we collected from you to keep you updated with our news by email unless you would like to be removed from that list (in which case please let us know by clicking unsubscribe at the bottom of each marketing email).

In line with the legitimate interest we have in promoting our business, we will use the email address we collected from you to provide you with this information.

There may also be circumstances where we will ask you for your explicit consent in respect of our use of your data in which case you will be notified at the time.

How you use our Website (Analytics)

On the Website, we use the Analytics Cookies to collect analytical information, such as your internet protocol (IP) address, to help analyse how visitors use the Website.

We process this information to understand how visitors use the Website and to compile statistical reports regarding that activity (for example, your IP address is used to approximate the country from which you access our Website, and we aggregate this information together so we know that visitors to our Website come from a specific territory). This information is not used by us to develop a personal profile of you.

We will not associate any automatically collected data gathered from the Website with any personally identifying information from any source or create personal profiles on you using this information.

You can always choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser. For further information about cookies, please see: www.allaboutcookies.org, and how to adjust your browser settings here: www.allaboutcookies.org/manage-cookies.

All content you submit to us

If you send us objectionable content or otherwise behave in a disruptive manner when using our Website, we may process personal data included in your messages to respond to and stop such behaviour.

We only process personal data in this way for the legitimate interests of ensuring that use of our Website and the Services are lawful, does not disrupt our systems (and the availability of the Services), does not harass our staff or other individuals, and to enforce our legal rights and to comply with our legal obligations.

Where we reasonably believe you are or may be in breach of the law (for instance, because content you send amounts to harassment or is defamatory), we may use your personal information to inform relevant third parties such as your email/internet provider or law enforcement agencies about the content.

News Agency Services

Personal data may appear as part of our News Services. Such information may include: full name, business position and any relevant information appearing in the publication.

Our journalists source and use information in line with journalistic standards, applicable codes of conducts and guidelines.

We process this information for journalistic purposes and in line with the legitimate interest we have in promoting and operating our business and/or where we reasonably believe that the publication of such journalistic material would be in the public interest.

SCAN

SCAN is a system for media monitoring and analysis of the media environment. SCAN curates third party news reports and makes them more easily accessible and searchable. The sources in SCAN are primarily public in nature and include the leading news agencies, newspapers, magazines, websites, radio and television.

Personal information may appear as part of a third party news report made available in SCAN. Such information may include: full name, business position and any information about you appearing in the publication. SCAN also contains curriculum vitae of certain key public persons.

We process this information for journalistic purposes and in line with the legitimate interest we have in promoting and operating our business and/or where we reasonably believe that the publication of such journalistic material would be in the public interest.

SPARK - Interfax

SPARK-Interfax is a comprehensive solution for verification of any legal entity in Russia, Ukraine, Kazakhstan, Belarus, Kyrgyzstan and Moldova. It is a reliable tool to help you meet the international regulatory requirements with regards to KYC/third parties, AML/CFT, investigation and due diligence procedures. The tool provides access to company registration details and financial results and possesses complex analytical capabilities, which locate the ultimate beneficiaries (UBOs), uncover hidden affiliations between entities and individuals and minimise the time needed to make any conclusions about the dependability and creditworthiness of a company.

The information that is contained in SPARK-Interfax is primarily focused on businesses. However, SPARK-Interfax also holds information on directors and shareholders. Such information may include full name, current and previous business position, current and previous share participation in companies, Russian taxpayer identification number, disqualification information, as well as date and place of birth (for private entrepreneurs).

The information that SPARK-Interfax holds, is sourced from publicly available sources like public websites, open government databases and/or from Interfax’s commercial partners.

We process this information in line with the legitimate interests pursued by us or by our Customers: to enable businesses to manage their financial risks, protect against fraud, know who they are doing business with, meet compliance and regulatory obligations and better understand organisations, industries and markets.

We have provided further detail on the lawful reason for processing your personal information below.

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on your privacy (and right to a private life), unless we have your consent or are otherwise required or permitted to by law.

Performance of Contract means processing your data where it is necessary for the performance of a contract or to take steps at your request before entering into such a contract.

Consent means that we ask for your consent to specific uses of personal information where we need to. We will collect it separately and make it clear that we are asking for consent.

Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.

Public Interest means processing your personal data for the performance of a task in the public interest that is set out in law.

Journalism in the public interest means that processing is carried out with a view to the publication of journalistic material and we reasonably believe that the publication of such material would be in the public interest (taking into account the importance of the public interest in the freedom of expression and information).

We may disclose personal data to the Interfax Group and its respective personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Policy, provided that they do not make independent use of the information.

We only permit them to process your personal data for specified purposes and in accordance with our instructions. All our third party service providers are required to take appropriate security measures to protect your personal information in line with our policies. Activities which are carried out by third party service providers include: CRM management software, website hosting, and IT support.

We share the information incorporated into our Services (and that may include personal data) with our Customers (businesses and organisations with whom we enter into agreements to access our Services). The use of our Services by the Customers is always subject to our applicable terms of service which relate to the particular Service in question.

In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).

If we are involved in a merger, acquisition, or sale of all or a portion of our business or assets, the information we hold may be included as part of that sale, in which case you will be notified via email and/or a prominent notice on the Website of any changes in ownership or use of your information, as well as any choices you may have regarding that information.

Except as provided above, we will not provide your information to third parties.

We will honour your rights under applicable data protection laws. These rights are not absolute and they do not always apply in all cases.

Ask for a copy of the data we are processing about you and have inaccuracies corrected

You have the right to request from us i) confirmation of whether we are processing your personal data, and if so ii) a copy of the personal information we hold about you, and iii) correction of any inaccuracies.

We will use reasonable efforts to the extent required by law to supply or correct personal information held about you on our files (and with any third parties to whom it has been disclosed to).

Object to us processing data about you

You can ask us to restrict, stop processing or delete your personal data if:

• you consented to our processing of the personal data and have withdrawn that consent;
• we no longer need to process that personal data for the reason it was collected;
• we are processing that personal data (including profiling) because it is in the public interest or it is in order to pursue a legitimate interest of Interfax or a third party, and you do not agree with that processing and you believe there is no overriding legitimate interest for us to continue processing it;
• the personal data was unlawfully processed;
• you need the personal data to be deleted in order to comply with legal obligations;
• the personal data is processed in relation to the offer of a service to a child.

In some cases you can delete your personal data from your account by following the instructions in your account settings.

Obtain a machine-readable copy of your personal data, which you can use with another service provider

• If (i) we are processing data in order to perform our obligations to you or because you consented and (ii) that processing is carried out by automated means, we will help you to move, copy or transfer your personal data to other IT systems at your request.

Make a complaint to a Supervisory Authority

• If you are unhappy with the way we are processing your personal data, please let us know by contacting us.
• If you do not agree with the way we have processed your data or responded to your concerns, an alternative is to submit a complaint to a Data Protection Supervisory Authority.

We do not use the Website or any Service to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information within a reasonable time.

We will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. For example, our databases are password protected and limited to essential employees only. Please be aware that although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

This Policy may be updated from time to time. We will notify you of any changes by posting the new policy here and, where feasible, letting you know by email.

We are established in the following countries: UK, Russia, Germany, Hong Kong, United States and in the course of business we may transfer information (which may include personal data) to other entities in our group in those countries.

Where we transfer your personal information to entities in our group in countries which have not been deemed to have an adequate level of protection under an adequacy decision of the EU Commission, we have put in place specific contracts containing the EU Commission’s standard contractual clauses (the “Model Clauses”) (or an alternative compliance mechanism, such as binding corporate rules) (“BCRs”) to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection, in particular the GDPR.

If you require further information about these protective measures, please contact DPO@interfax.co.uk.

We will hold your personal information on our systems for as long as is necessary for the relevant purpose, or as otherwise described in this Privacy Policy.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.