Privacy policy
Center for Financial Professionals (CeFPro®) (“We”) is committed to protecting your privacy and maintaining the security of any personal information received from you. The purpose of this statement is to explain to you what information we collect and how we may use it.
The Data Controller is Center for Financial Professionals of 5 The Millers House, Roydon Road, Stanstead Abbotts, SG12 8HN. We can be contacted at privacy@cefpro.com or by calling our data controller Andreas Simou on +44 (0) 20 7164 6582 / +1 888 677 7007.
We work according to the requirements of data protection legislation in the UK and comply with the EU’s General Data Protection Regulation (“GDPR”). You can visit most pages on our site without giving us any information about yourself, but sometimes we do need information to provide services that you request.
This privacy statement covers the Center for Financial Professionals website (www.cefpro.com) and all content and event specific domains owned by the Center for Financial Professionals (for example, www.risk-americas.com, www.risk-evolve.com)
The statement does not cover external websites linked to from this site that are not owned by the Center for Financial Professionals.
Changes to the Policy
If the privacy policy changes in any way, we will place an updated version on this page. Regularly reviewing the page ensures you are always aware of what information we collect and how we use it.
If you have any questions about this privacy policy or the privacy practices of this Website, contact privacy@cefpro.com
Usage Data
Usage Data is collected automatically when using the Service, which includes access to www.cefpro.com, CeFPro’s members hub (CeFPro Connect), the market intelligence reports, magazine, videos, podcasts and other associated items of CeFPro. Tracking is used to provide better service to our members, and the community we serve.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.
Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:
- Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
- Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity). Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. We use both Session and Persistent Cookies for the purposes set out below:
- Necessary / Essential Cookies Type: Session Cookies Administered by: Us Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.
- Cookies Policy / Notice Acceptance Cookies Type: Persistent Cookies Administered by: Us Purpose: These Cookies identify if users have accepted the use of cookies on the Website.
- Functionality Cookies Type: Persistent Cookies Administered by: Us Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.
- Tracking and Performance Cookies Type: Persistent Cookies Administered by: Third-Parties Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Website. We may also use these Cookies to test new pages, features or new functionality of the Website to see how our users react to them.
With whom the information may be shared
At times, we may share your personally identifiable information with others for various purposes. The following outlines the ways in which your information may be shared with others. Except as expressly set forth below, we do not share, sell, rent or trade personally identifiable information with third parties for their promotional purposes.
Aggregate Information: We may share aggregate information such as demographics and usage statistics with the team, advertisers, sponsors or other organizations. When this type of information is shared, the other parties do not have access to your personally identifiable information.
Partners, Subsidiaries and Affiliates: We may share your information (including, without limitation, personally identifiable information) with our subsidiaries and affiliates. Affiliates include our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us. If you do not want us to share your information with our subsidiaries and affiliates, you may tell us by sending an email to privacy@cefpro.com with your request.
With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, for payment processing, to contact You.
With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
Business Transfers: In the event that all or substantially all of our assets are sold or transferred to another party, or another transaction occurs in which your personally identifiable information is one of the business assets transferred, all personally identifiable information that has been collected and saved may be one of the business assets we transfer.
Legal Process: In the event we are required to respond to subpoenas, court orders or other legal process your personally identifiable information may be disclosed pursuant to such subpoena, court order or legal process, which may be without notice to you.
With Your consent: We may disclose Your personal information for any other purpose with Your consent. For example for the purpose of competitions and third parties where you have indicated opt-in permission. (See GDPR Privacy Policy for more information)
Legitimate business interest
We or our partners/affiliates may from time to time email you with information about other events, content or product information that we believe you may have an interest in, based on legitimate business interest. You can opt out, or define your areas of interest, of this communication at any time. (See GDPR Privacy Policy for more information)
Social Media
The App may make third-party social-media features (such as Twitter, Facebook and LinkedIn) available to its users. We cannot ensure the security of any information you choose to make public in a social-media feature. Also, we cannot ensure that parties who have access to such publicly available information will respect your privacy. Please exercise caution when deciding to disclose personal information in these areas.
Security
This App and the computers that supply data to the App incorporates reasonable safeguards to protect the security, integrity, completeness,accuracy and privacy of the personal information that we may collect and we have put into place reasonable precautions to protect such information from loss, misuse and alteration. Only those employees who need access to your information in order to do their jobs are allowed access. Our security policies are reviewed periodically and revised as required.
Retention of Your Personal Data
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.
Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ to those from Your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer. The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.
Security of Your Personal Data
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.
Detailed Information on the Processing of Your Personal Data
The Service Providers We use may have access to Your Personal Data. These third-party vendors collect, store, use, process and transfer information about Your activity on Our Service in accordance with their Privacy Policies.
Analytics
We may use third-party Service providers to monitor and analyze the use of our Service.
- Google Analytics and Google Tag Manager
- Microsoft Clarity
Email Marketing
We may use Your Personal Data to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send or by contacting Us. We may use a variety of mail service providers to communicate the CeFPro’s offerings and services, including but not limited to:
- Pardot (Salesforce)
- Mailchimp
Payments
We may provide paid products and/or services within the Service. In that case, we may use third-party services for payment processing (e.g. payment processors, merchant service providers). We will not store Your payment card details. That information is provided directly to Our third-party payment processors whose use of Your personal information is governed by their Privacy Policy, and various legislation on the processing of payments.. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. All and any credit card information provided to CeFPro will be immediately destroyed upon payment and completion of transaction.
Connect membership is an annual commitment where autorenewal for membership services is taken every year. Payment details are kept by CeFPro merchant service providers, and therefore this information will not be processed by us. If you wish to opt-out of auto renewal please contact us by email at privacy@cefpro.com no less than one month before your renewal date.
Photography and videography
By attending CeFPro events, you as an attendee agree to be included in any photography or filming as part of the marketing and promotions of the event. You have the right, prior to publishing and in writing, to express your right to withdraw and not be included, otherwise CeFPro has the right for continuing business and promotional purposes, to photography and video at events and other gatherings organised by the business.
GDPR Privacy Policy
Legal Basis for Processing Personal Data under GDPR
We may process Personal Data under the following conditions:
- Consent: You have given Your consent for processing Personal Data for one or more specific purposes.
- Performance of a contract: Provision of Personal Data is necessary for the performance of an agreement with You and/or for any pre-contractual obligations thereof.
- Legal obligations: Processing Personal Data is necessary for compliance with a legal obligation to which the Company is subject.
- Vital interests: Processing Personal Data is necessary in order to protect Your vital interests or of another natural person.
- Public interests: Processing Personal Data is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Company.
- Legitimate interests: Processing Personal Data is necessary for the purposes of the legitimate interests pursued by the Company.
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Your Rights under the GDPR
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
You have the right under this Privacy Policy, and by law if You are within the EU, to:
- Request access to Your Personal Data. The right to access, update or delete the information We have on You. Whenever made possible, you can access, update or request deletion of Your Personal Data directly within Your account settings section. If you are unable to perform these actions yourself, please contact Us to assist You. This also enables You to receive a copy of the Personal Data We hold about You.
- Request correction of the Personal Data that We hold about You. You have the right to have any incomplete or inaccurate information We hold about You corrected.
- Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
- Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
- Request the transfer of Your Personal Data. We will provide to You, or to a third-party You have chosen, Your Personal Data in a structured, commonly used, machine-readable format. Please note that this right only applies to automated information which You initially provided consent for Us to use or where We used the information to perform a contract with You.
- Withdraw Your consent. You have the right to withdraw Your consent on using your Personal Data. If You withdraw Your consent, We may not be able to provide You with access to certain specific functionalities of the Service.
Exercising of Your GDPR Data Protection Rights
You may exercise Your rights of access, rectification, cancellation and opposition by contacting Us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.
You have the right to complain to a Data Protection Authority about Our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
Your acceptance of the privacy policy and notification of changes to the policy
By using our websitethis App, you signify your agreement to the terms of our privacy policy. We may amend this privacy policy at any time. If we make a material change to the way in which we collect, use, and/or share your personal information, we will post a notification on the App.
QUESTIONS ABOUT THIS PRIVACY POLICY
If you have any questions about this privacy policy or the privacy practices of this Website, contact privacy@cefpro.com
So do we, or should we, also have on there:
- Photography and videography at CeFPro events – We have the right to take photos/film at our events, we will not single out any individual without their express permission, and that we make every effort to take group images. You have right, prior to publishing and in writing, to express your right to withdraw and not be included, otherwise CeFPro has the right for continuing business and promotional purposes, to photography and video at events and other gatherings. CeFPro events are held in a public arena, open to all who wish to register, and therefore …not sure of words, but if public we could use this…
- Auto-renewals – think we might need something in here about autorenewals, where applicable. Connect will have membership and could include payment and autorenewal for membership services. These details are kept by merchant service providers, and will not be in our hands.
- Payment prior to events – do we need something here?? I know it is a privacy policy but we need to somewhere to state that they need to pay in advance of an event. Or within a week of the EB deadline, to ensure the reduced rate is retained (ALSO, need to check with Admin as we have a link to https://www.cefpro.com/terms-and-conditions/ is this the same? )