Immersive Finance
Privacy Policy

1. OVERVIEW

1.1. Immersive Finance Ltd (“we”, “us”, or “our”) is committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our software and related services (collectively, the “Service”), including our website (www.immersive-finance.com) and our WebApp, and otherwise during our business activities. This Privacy Policy does not apply to personal information collected about our employees, applicants, or other personnel.

1.2. We process your personal data in accordance with this Privacy Policy and applicable data protection legislation, including the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018. Please read this Privacy Policy carefully. If you do not agree with its terms, you should not use our service.

1.3. Our Services may contain links to other websites or services; the information practices and/or the content of such other websites or services shall be governed by the privacy statements of those websites or services.

1.4. Immersive Finance Ltd is registered with the Information Commissioner’s Office (“ICO”) under the registration number ZC114209.

2. INFORMATION WE COLLECT

2.1. Information You Provide: We may collect personal information that you voluntarily provide to use, such as your name, email address, contact information, and other information you provide when you use our Service.

2.2. Automatically Collected Information: We may automatically collect certain information when you use our Service, including but not limited to your device information, IP address usage data, and other associated analytics.

2.3. Cookies: We use a limited number of cookies to ensure our site remains secure and functional. We use essential cookies necessary for the operation of our Service, and analytics cookies (including Google Analytics with anonymised IPs) to understand how users interact with our Service. Non-essential cookies are only placed with your prior consent, which you may give or withdraw at any time via our cookie preference centre. For full details of the cookies we use and their purpose, and how to manage your preferences, please read our Cookie Policy.

3. HOW WE USE YOUR INFORMATION

3.1. We use the information we collect for various purposes, including but not limited to:

3.1.1. Providing and improving our Service;

3.1.2. Communicating with you, including responding to your inquiries and sending important updates; and

3.1.3. Analysing user trends and behaviour to enhance user experience.

3.2. Detailed below is specific information on how we use your data and which third parties we engage to help us:

3.2.1. We track and store usage behaviour such as which links are clicked on and API endpoint usage statistics so that we can optimse the Service we provide to you. We use Google Analytics with the anonymised IP feature enabled for this purpose. Please refer to Google’s Privacy Statement (https://policies.google.com/privacy).

3.2.2. When you contact us for support or other customer service requests, we maintain records related to such requests, including any information provided by you, and may contact you about our services with relevant information. We may also obtain personal information about you from third parties such as LinkedIn, X (formerly Twitter), Telegram, and other publicly accessible sources.

3.2.3. We may use your personal information to contact you with marketing or promotional materials related to Immersive Finance. If you no longer wish to receive such communications, you may unsubscribe at any time using the unsubscribe link in any email, or by emailing info@immersive-finance.com. Such requests will be processed immediately and in any event within two (2) business days.

3.2.4. To manage user access and to handle API authentication and authorisation, we store user email address details in the Auth0 data store. Please refer to their Privacy Statement here. IP addresses are also logged on our servers (hosted with AWS, OVH Cloud, and Microsoft Azure). Please refer to their respective privacy policies.

3.2.5. Third-Party Providers: Third-party providers will collect, use, and disclose your information only to the extent necessary to allow them to perform the services they provide to us. We recommend that you read their privacy policies to understand how your personal information will be handled by them. Please note that certain providers may be located in jurisdictions with different data protection standards – see Section 3 (International Transfers) below.

3.3. Where we transfer personal data to countries outside the United Kingdom, we will ensure that appropriate safeguards are in place in accordance with UK GDPR Chapter V. This may include transfers to countries that have received a UK Adequacy Decision, or transfers subject to an International Data Transfer Agreement (“IDTA”) or UK Addendum to EU Standard Contractual Clauses. We will not rely on consent as the sole mechanism for legitimising international data transfers.

3.4. Data that is provided to us is stored in our secure servers. Details relating to any transactions entered into via our Service will be encrypted to ensure their safety.

3.5. The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically; the transmission of such data is entirely at your own risk. Where we have given you a password so that you can access certain areas of our Service, you are responsible for keeping this password confidential.

4. SHARING YOUR INFORMATION

4.1. Where applicable, we may disclose your personal information to any member of our group, including our subsidiaries, or holding company, and its other subsidiaries.

4.2. We may also disclose your personal information to third parties:

4.2.1. Where we sell or transfer any or all of our business and/or assets to a third party.

4.2.2. Where we are legally required to disclose your information.

4.2.3. To assist with fraud protection and minimise credit risk.

4.2.4. We may publicly display aggregated, anonymised data to communicate how our services are typically used.

5. YOUR RIGHTS

5.1. Under the UK GDPR and Data Protection Act 2018, you have the following rights regarding your personal information:

5.1.1. Right of Access: You may request a copy of the personal data we hold about you (a “Subject Access Request” or “SAR”). We will respond free of charge within one (1) calendar month of receipt.

5.1.2. Right to Rectification: You may ask us to correct inaccurate or incomplete personal data.

5.1.3. Right to Erasure: In certain circumstances, you may ask us to delete your personal data.

5.1.4. Right to Restriction: You may ask us to restrict the processing of your personal data in certain circumstances.

5.1.5. Right to Data Portability: Where processing is based on consent or contract and carried out by an automated means, you may request your data in a structured, commonly used, machine-readable format.

5.1.6. Right to Object: You may object to processing based on legitimate interests, including for direct marketing purposes.

5.1.7. Right to Withdraw Consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

5.2. To exercise any of these rights, please contact us at info@immersive-finance.com. We will respond within one (1) calendar month. We reserve the right to ask you to verify your identity before processing your request.

6. UK GDPR COMPLIANCE

6.1. The following sets out our compliance position under the UK GDPR and Data Protection Act 2018.

6.1.1. Data Controller & Data Processor: Immersive Finance Ltd acts as the data controller for personal data you provide directly to us. We may also act as a data processor when processing personal data on behalf of our Clients, in which case a Data Processing agreement will govern that processing in accordance with Art.28 UK GDPR.

6.1.2. Lawful Basis for Processing: We will only process your personal data where we have a lawful basis to do so. The primary bases on which we process personal data are:

6.1.2.1. Performance of a Contract (Art.6(1)(b) UK GDPR): Processing necessary to provide the Service to you or your employer as a Client.

6.1.2.2. Legitimate Interests (Art.6(1)(f) UK GDPR): Processing for our legitimate interests in operating, improving, and securing the Service, where these interests are not overridden by your data protection rights.

6.1.2.3. Legal Obligation (Art.6(1)(c) UK GDPR): Processing necessary to comply with applicable laws and obligations.

6.1.2.4. Consent (Art.6(1)(a) UK GDPR): Where we rely on consent (such as for non-essential cookies or direct marketing), we will obtain this separately and you may withdraw it at any time.

6.1.3. Data Subject Rights: Under UK GDPR, you have the rights described in Section 5 above. To exercise these rights, please contact us at info@immersive-finance.com.

6.1.4. Where we transfer personal data to countries outside the UK, we do so in accordance with UK GDPR Chapter V, relying on UK Adequacy Regulations, IDTAs, or other appropriate safeguards.

6.1.5. Data Security: We have implemented appropriate technical and organisational measures to ensure the security and confidentiality of your personal data, including encryption at rest, secure server infrastructure, and access controls.

6.1.6. Data Retention: We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by applicable law. As a general guide:

6.1.6.1. Account and subscription data is retained for the duration of the Client relationship and for up to 7 years, thereafter in accordance with our statutory record-keeping obligations.

6.1.6.2. Usage and analytics data is retained for 3 years.

6.1.6.3. Support records are retained for 1 year.

6.1.6.4. Please contact us at info@immersive-finance.com for further details on our retention schedule.

6.1.7. Complaints: If you believe that our processing of your personal data does not comply with UK GDPR or the Data Protection Act 2018, you have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”), the UK’s data protection supervisory authority. The ICO can be contacted at http://www.ico.org.uk or by telephone on 0303 123 1113. We would, however, welcome the opportunity to address your concerns directly before your approach the ICO – please contact us in the first instance at info@immersive-finance.com.

7. CHANGES TO THIS PRIVACY POLICY

7.1. We may update this Privacy Policy from time-to-time. For minor changes (such as typographical corrections or clarifications that do not affect your rights), we will update the policy on our website and amend the “Last Updated” data at the top of this page. For material changes to how we process your personal data – including changes to the lawful basis for processing, the categories of data collected, or retention periods – we will provide not less than thirty (30) days’ prior notice by email to the address associated with your account before changes take effect.

8. CONTACT

8.1. If you have any questions or concerns about this Privacy Policy, or about how we handle your personal data, please contact us at –

8.1.1. Email: info@immersive-finance.com.

8.1.2. Address: 128 City Road, London, EC1V 2NX.

8.1.3. ICO Registration Number: ZC114209.

9. ATTESTATION

9.1. By using our Service, you acknowledge that you have read and understood this Privacy Policy. This Privacy Policy forms part of our Terms of Service.