Press Release

Book Our Football Grounds


Please find below iRama’s privacy notice.

iRama respects your privacy and is committed to protecting your personal data.  

This privacy notice informs you how we manage your personal data when visiting and using our website (regardless of where you visit it from) and tell you about your privacy rights and how the law safeguards you. 

Download a pdf version of the policy here.  


iRama, ("we" or "us") have created this separate Children’s Privacy Policy because we recognise that Minors (people under the age of 18) will be interested in iRama and the services that iRama provides. A young footballer under the age of 18 but older than 16 may well wish to arrange to take advantage of our scouting network. 

This Children’s Privacy Policy is to be read with our Main Privacy Policy and Terms and Conditions. This Children’s Privacy policy is hopefully written in a way that Children understand however it is very important to us and you that you ask your parent or legal guardian to read this Children’s Privacy Policy and our Main Privacy Policy (link here) and Terms and Conditions (link here)  particularly if you are considering engaging our Services. Our Services are defined in our Terms and Conditions   

 The Services that iRama provide can be used by Children over the age of 16 and under the age of 18. This website is not intended for children under the age of 16 and we do not knowingly collect data relating to children under the age of 16 unless the permission of the Child’s parent or guardian has been provided. 

iRama’s website can be accessed throughout the world and different legal rules apply in different parts of the World. iRama seeks to comply with the Children's Online Privacy Protection Act 1998  (“COPPA”) which is a United States law and other frameworks like the General Data Protection Regulation (“GDPR”) which applies in Europe. Our goal is to minimize the information gathered from and disseminated about Children while permitting Children over 16 years of age active use of our Service with their Parent or Guardian’s approval.

The Site is controlled and operated by us from Singapore.

European Users – there is a specific section of this Children's Privacy Policy which applies particularly to European Children (See Section G).

  1. How We Collect and Use Information from Children

If a Child wants to register to become a registered user of our Site, we require the Child’s Parent or Guardian to access the U18 Player Registration link on the Home page of the Website. This page will take the Parent or Guardian to the U18 Player Registration Form which requires the following information to be provided:

U18 Player Registration

Required Information

Main Football playing Position 

Player Name 


Date of Birth 

Email Id 

Parent or Guardian Email Id which we use to ask for that parent’s consent (See Section D of this Children's Privacy Policy).




Zip Code

Status as professional if applies 


YouTube link

WhatsApp Number

Enter WhatsApp Number



Profile Photo 

Referral Code 

We may use information collected from Children during the registration process and in account configuration in the following manner:

To create and maintain the Child's account;

To determine the Child's current age 

Use of anonymous information. If the information collected from a Child does not identify or allow contact with him or her or his or her device (including, for example, aggregated information), we may use and disclose it for any purpose, to the extent permitted by applicable law.

No advertisements! We do not display advertising based on information collected from Children.

No newsletters! Our email newsletters are for parents and guardians of Children only – they are not designed for, or targeted at, Children. Children should not attempt to sign up for our email newsletters. We encourage parents to discuss with their Children the importance of not signing up to receive our email newsletters.

Persistent Identifiers. When visitors interact with the Sites, certain technical information may automatically be collected, to make our Sites more interesting and useful, to track analytics, to keep them free of spam, and for various internal purposes related to our business. Examples of information that is automatically collected include: the type of computer operating system, the device's IP address or mobile device identifier, the web browser, the frequency with which the user visits various parts of our Sites, and information regarding the online or mobile service provider — however, we do not collect any of this information from or about logged-in Children. Our Cookie Policy provides a list of third party service providers who may collect persistent identifiers or use cookies, including describing Necessary Cookies which are enabled for logged-in kids and needed for the site to function. Analytics and Personalisation Cookies are turned off for logged-in children. Please note non-necessary cookies are also disabled by default for European users.

This information is collected using technologies such as cookies, flash cookies, web beacons, and other unique identifiers (which we describe in more detail in our Cookie Policy). This information may be collected by us or by a third party. Persistent identifier information is used by iRama for the sole purpose of providing support for our internal operations, including in order to:

Ensure that the Sites function properly;

Enable us to conduct research and analysis to understand, address and improve the use and performance of the Sites; and

Diagnose and respond to problems.

  1. What Information Submitted By Children Is Viewable On the Site?

We strictly limit the personal information that is publicly viewable about a person who has registered who is known by us to be a Child. Although the Child may create a Profile for his or her account (which includes only a username, password, birth month and year, and parent's email address), no portion of the Child's Profile other than the Child's age is publicly viewable. 

If the Child accesses and uses the Social Media elements of the Site 

When a Child posts a review or comment on the Sites, only the Child's age is posted, along with the content of the Child's posting. 

  1. What Information About Children Is Shared?

We do not disclose to third parties any Children's personal information that we collect other than as follows, consistent with applicable law: (a) with a parent's permission, for the purpose of providing our Services  (b) as required by any applicable law, (c) to third-party service providers who help us operate or manage the Site and provide the Services including Intermediaries, (d) as part of aggregated data shared with third-party service providers, our Board of Directors, funders and other partners, as described in the Privacy Policy, (e) to comply with legal process, (f) to respond to governmental requests, (g) to enforce our Terms of Service, (h) to protect our operations, (i) for assistance in fraud detection and prevention; (j) to protect the rights, privacy, safety or property of iRama, your Child or others, (k) to permit us to pursue available remedies or limit the damages that we may sustain, and (l) in connection with a disposition of all or a substantial portion of our business, assets or shares, such as a sale, merger, consolidation, reorganization, joint venture, assignment, or bankruptcy or similar proceedings.

  1. How do we get parental consent when we are required to do so?

Parental consent is required in respect of our use of a Child’s personal information to obtain our Services through the iRama website. When setting up an account, the Child must provide their parent’s email address. We use that email address to contact the Child’s parent to ask for their consent as required – we also explain to the parent:

What personal information we collect about their Child;

How we use it and why; and

How the parent can revoke their consent and/or ask that we delete their Child’s account and personal information.

If at this stage, the parent gives us their consent, we will carry out the activity for which that consent was required. If not, we won’t.

  1. How May Parents Access, Change or Delete Information About Their Children?

Deleting your Children’s information and their account.

If you are a parent, and we need your consent to certain processing of your Children’s personal information, if you:

Wish us to cease further collection of personal information from your Children;

Believe your Children are participating in an activity on the Site that uses their personal information without the parental consent required by law;

wish us to make no further use of, or delete, the personal information we have collected online from your Children; and/or

No longer wish for your Children to participate as members of the Site,

We will delete your Child’s Profile, and any parental contact information we may hold, on request.  

Parents of European Children can exercise these rights through our Privacy Requests Portal.

Parents of non-European Children can exercise these rights by contacting us at

Accessing or changing your Children’s account and any personal information we have collected online.

Parents may at any time:

Access or make changes to their Children’s account; or

Make changes to the personal information that we have collected online from their children,

By clicking on their Child's "My Account" link, by contacting us at, or by writing to us at the address provided below.

For your Child's protection, we may need to verify your identity before implementing any request described in this Section E. We will try to comply with your request as soon as reasonably practicable.

  1. How May Parents Raise Other Questions or Concerns?

If a parent has any questions or concerns about his or her Child's use of the Sites, we encourage the parent to contact us at or:

Privacy Department


(insert ADDRESS) 

  1. EUROPEAN UNION (“EU”) Privacy Matters

Who does this Section G apply to?  It applies to Children based in Europe.  All references to “Child” or “Children” in this Section G are references to such European Children only. References to such European Children’s “parents” should be understood in the same light.

Who is our EU representative? Our EU representative can be contacted at

What do we mean by “Personal Data”? Under European data protection law, “Personal Data” refers to information about an identified or identifiable natural person. For European Children, references to "personal information" or “information” elsewhere in this Children’s Privacy Policy should be read as including reference to their Personal Data.  

EU-specific rights. Under certain circumstances, Children may have certain rights – including those set out below:

Access. Request access to their Personal Data. 

Correction. Request correction of inaccurate or incomplete Personal Data that we hold about them. 

Erasure.  Request erasure of their Personal Data. 

Objection. Object to our reliance on our Legitimate Interests (see below) as the legal basis of processing of their Personal Data 

Restriction.  Request the restriction of processing of their Personal Data until we address their request establish its accuracy or our reasons for processing it. 

Portability. Request the transfer of their Personal Data in a portable format.  

Withdraw consent. Withdraw their consent to any Processing that relies on it as a legal basis (see below). Their parents have the same right to withdraw any parental consents that we have been given. 

How to exercise these rights? These rights can be exercised by using our Privacy Requests Portal. Typically, there is no fee for this. However, we may charge a reasonable fee if the request is clearly unfounded, repetitive or excessive – or, in these circumstances, we may refuse to comply with the request. We may need to ask for information in relation to any request to help us confirm the identity of the person making it and to speed up our response.

The right to complain. We would love to be able to resolve all questions, requests and complaints about Personal Data directly. However, if a Child or their parent feels we have not been able to satisfactorily resolve an issue, they may contact their local data protection supervisory authority. For the contact information of the Data Protection Authorities for each European Union Member State, please click here.

What Personal Data do we use? The Personal Data that we use is set out in Section A of this Children’s Privacy Policy. 

Our “Legal Bases” for using Personal Data. The GDPR requires us to have a “legal basis” for each way that we use Personal Data. Most commonly, we will rely on one of the following legal bases: 

Where we need to perform a contract we are about to enter into or have entered into with a Child (“Contractual Necessity”).Where a Child engages iRama’s Services with the approval of their Parent or Guardian that is an example of Contractual Necessity.  

Where it is necessary for our legitimate interests and the Child’s interests and fundamental rights do not override those interests (“Legitimate Interests”).  

Where we need to comply with a legal or regulatory obligation (“Compliance with Law”).

Where we have specific consent to carry out the processing for the Purpose in question (“Consent”), in these cases we would need to get a Child’s parent’s consent which we obtain when the Parent completes the Registration Form and/or engages our Services for the Child. . 

Purposes for Processing.

Purposes for Processing. We have set out below, in a table format, the legal bases we rely on in respect of the relevant Purposes for which we use Children’s Personal Data:


Examples of how we use relevant Personal Data for a Purpose 

Our legal basis for this use of data

Services provision

When you and your Parent/Guardian engage our Services we provide essential information about you to the third party such as the Intermediary or Scout who will contact you and your parent/guardian 

Contractual Necessity 

Account set-up and Maintenance

To register a Child’s account on the Sites, and to populate their profile. To provide the core elements of the Sites.

Contractual Necessity.


We might use the Personal Data we collect to keep our Sites and associated systems operational and secure. 

Compliance with Law. 


Legitimate Interests. 


Troubleshooting and Service improvement

We might use the information associated with the Persistent Identifiers above to track issues that might be occurring on our Sites and systems, or to test and improve them.

Important note:
As described in the “Persistent Identifiers” sub-section above, to protect your Children’s privacy, we restrict the collection of this information from and about logged-in Children.

Legitimate Interests.

It is in our legitimate interests that we are able to monitor and ensure the proper operation of our Sites and associated systems and services.

Anonymised Data creation

We may create ‘Anonymous Data’ – this might include aggregated data such as statistical or demographic data. Anonymous Data may be created or derived from any of the Personal Data we collect, but once in anonymous / aggregated form it will not directly or indirectly reveal a Child’s identity (i.e., it’s no longer Personal Data).  

We may use or disclose Anonymous Data for any purpose permitted by law, and do not require a legal basis to do so.

Legitimate Interests.

It is in our legitimate interests that we are able to ensure that our Sites and how we use information about our users is as un-privacy intrusive as possible. 


For all Children who are under 13: 

Children under 13 and Parents of Children under 13 should never provide Personal Data.  we will moderate any communications from those Children to remove Personal Data from them; and we will not knowingly pass on or provide such Children's Personal Data to a third party. We consider this practice to be in the interests of the Children themselves, their parents, and ourselves.  

Purpose limitation. We will only use Children’s Personal Data for the purposes for which we collected it as listed above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.  If we need to use Children’s Personal Data for an unrelated purpose, we will update this Privacy Policy. Please note that we may process Children’s Personal Data without their or their Parent’s knowledge or consent, in compliance with the above rules, where this is required or permitted by law (including the GDPR).

What happens when you do not provide necessary Personal Data or you withdraw consent? Where we need to process a Child’s Personal Data either to comply with law, or to perform the terms of a contract we have with them and they fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into as part of our Services.  Similarly, if we rely on Consent to process Children’s Personal Data, they or their parent may withdraw that Consent, but if this happens, we may not be able to provide certain Services or features.   

International transfers. We are headquartered in Singapore. The Personal Data information that we collect from and about Children will be stored and processed in Singapore and may be stored and processed in other countries outside of Europe. However, it is our policy to ensure that adequate contractual or other safeguards are applied to Personal Data transferred outside of the European Union where required by European data protection law. If you have questions about the safeguards applied to Children’s Personal Data, you may contact us at 

Data security and retention. Our data security and retention practices are described in our general Privacy Policy – please see:

We do not collect any Personal Data about Children from any third parties or publicly-available sources, other than from their parents (where they choose to give it to us) or a third party such as an Intermediary or a Scout where that third party has been engaged as part of the Services.  



IRama collects and handles your personal data when you use this website, this is data you provide when you register, subscribe to our service, and/or when you report an issue with our site. 

Information you give us includes your personal details such as name, address, e-mail address and phone number, Date of birth, photos and video.

It is essential that you read this privacy notice so you are fully aware and understand how your personal data is being used.  It is important you read this together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data. 

This privacy notice is in addition to other notices and is not intended to override them. 

iRama is responsible for your personal data (collectively referred to as ”the company”, “we”, “us” or “our” in this privacy notice).

Should you have any inquiries about this privacy notice, including any requests to exercise your legal rights, please contact; 

Contact details are:


Arc 380, 05-10, 380 Jalan Besar , Singapore 209000.

 To make a complaint, you may do so at the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues ( However, before doing so we would like to take the chance to deal with the matter. 


This privacy notice was created on 30th April 2020. 

Under the new laws, this privacy notice outlines most of your rights.

It your duty to make sure all personal data we have about you is correct and current.  Please keep your details up to date.

Partnerships and other links.

iRama website may incorporate links to third-party websites, plug-ins and applications.  Accessing those links or enabling those connections may allow third parties to collate or share data about you.  iRama does not take any responsibility for the third party privacy policies and has no control over their websites.  It is advisable you read the privacy notices of all websites you visit. 


Any information which an individual can be identified by is known as personal data, or personal information. It does not include data where the identity has been removed (anonymous data).

The following variety of personal data that be may collected about you, transferred, used and stored has been grouped together:

  • Identity includes full name first and last, username or similar identifier, title, date of birth, title, nationality and gender.
  • Contact  includes billing address, delivery address, telephone numbers and email address 
  • Financial  includes bank account and payment card details.
  • Transaction includes information regarding payments to and from you and other information of purchases made from us of products and services.
  • Technical  includes internet protocol (IP) address, your login data, other technology on the devices used to access this website, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform. 
  • Profile includes your username and password, orders or purchases made by you, your interests, choices, observations and survey feedback.
  • Usage includes information about how you use iRama website, products and services.
  • Marketing and Communications includes your choices in receiving marketing from iRama and our third parties and your communication choices.
  • Aggregated Data such as statistical or demographic data is also gathered, shared and used for any purpose. Aggregated Data may be collected from your personal data but is not perceived as personal data in law as this data does not directly or indirectly divulge your identity.  For instance your Usage Data may be aggregated to gauge the percentage of users accessing a particular website feature. However, if we merge or join your personal data with Aggregated Data whereby it can directly or indirectly identify you, we consider the combined data as personal data and will be used in accordance with this privacy notice.
  • Special Categories of Personal Data is not collected about you (including religious or philosophical, race or ethnicity, biometric information, genetic or your health.  Information about criminal convictions and offences is not collected.


iRama may not be able to execute any contract or registration we have or are trying to enter into with you, if you fail to provide personal data which we need to collect by law, or under the terms of a contract we have with you. (For example, to provide you with goods or services). In this situation, iRama may have to cancel a product or service you have with us if this situation arises however we will inform you if this is the case at the time. 


We use a variety of ways to gather information from and about you including through:

  • Direct interactions. This maybe by phone, email, post or otherwise.  You may provide us your Identity, Contact and by filling in forms or by corresponding with us. This includes personal data you provide when you, create an account on our website, subscribe to our publications or services, request our products or services, ask for marketing to be sent to you, enter a promotion, competition, survey or feedback.
  • Automated technologies or interactions.  Technical Data maybe automatically collected when using our website, regarding your equipment, browsing actions and habits.  This personal information is collected by using cookies, server logs and other similar technologies. Technical Data about you maybe collected if you visit other websites that use our cookies Please see our cookie policy for further details.
  • Third parties or publicly available sources. Personal information about you maybe received from various third parties as set out below:
    • Technical Data from analytics providers such as Google based outside the EU.
    • Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as the STRIPE payment system based outside the EU.

Personal information is only used when the law allows us to. Generally, your personal data is used in the following situations:

  • The contract we are going to enter into or have entered into with you needs to be performed. e.g. on booked one of our services or paid service.
  • Where it is imperative for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. For example your details maybe passed onto a coach, manager, football club or team or other parties related.
  • Where we need to conform with a legal or regulatory obligation.

Commonly we do not rely on permission as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to retract permission to marketing at any time by contacting us.


Set out below, is an explanation of all the methods we plan to use your personal data for, and which of the legal bases we rely on to do so. Our legitimate interests have been identified where appropriate.

Your personal data maybe processed for more than one lawful ground depending on the specific objective for which we are using your information. 

Where your data maybe used; 

  1. We would need your identity, contact details, photos and videos, to register with iRama.  

(Lawful basis: performance of a contract with yourself) 

  1. We would need identity, contact, financial, transactions, marketing and communications, when processing or providing any service or product you wanted to purchase.

(Lawful basis: performance of a contract with yourself necessary for our legitimate reasons, to recover debts due to us.) 

  1. We would need your profile, contact, identity, marketing and communications, photos, videos, when requesting you to take part in discussion or other events.  Sending information to managers, teams, scouts, coaches etc.  Notifications of changes in terms and privacy polices etc.

(Lawful basis: performance of a contract with yourself, complying with a legal obligation, required for legitimate interests, keeping records updated, research on how customers use our services and products). 

  1. We would need your profile, contact, identity, usage, marketing and communications, photos and videos for events, competitions feedback or surveys. 

(Legal basis: performance of a contract with yourself, required for our legitimate reasons to study how customers use our services and or products to help them develop and better grow iRama. 

  1. We would require your profile, contact, identity, and technical data for data analysis, support and reporting, testing and maintenance, in order to safeguard our business and related aspects in trouble shooting.

(Lawful basis: Required for our legitimate interests to run the business, technical services to include security to prevent fraud. Also for reorganising and structuring to grow a better product. Necessary to comply with legal obligations). 

  1. We would need your profile, contact, identity, usage, marketing and communications, technical, photos and videos, to insure website content, better recognise what is best for our members, and advertisements.

(Legal basis: required for our legitimate reasons to see how members use our site, services and products to help them, this allows us to develop our business to better provide key services. 

  1. We need technical usage data and technical data for data analytics, to better our services and customer relationships.

(Legal basis: Required for our legitimate reasons to understand types of customers for our services and products, to stay updated and better our marketing). 

  1. To advocate and recommend services and products to our customers.

(Legal basis: required for legitimate reasons and grow our business and products.


iRama aims to deliver you with options regarding certain personal data uses, particularly around advertising and marketing.


We may use your profile, contact, Identity, Technical Usage to help us establish a view on what we think you may want or require, or what may be of significance to you. This enables us to decide which offers, services and products may be of interest for you (we call this marketing).

On requesting information from us or supplying information of your details when you register for a promotion or enter a competition or purchased goods or services from us you will acquire marketing communication, in each case, you have not opted out of receiving that marketing. 


For marketing purposes iRama will obtain your express opt-in consent prior to sharing your personal information with any company outside iRama, unless as otherwise stated.  


At any time you may request us or third parties to stop sending you marketing messages by emailing and state “unsubscribe”

Where you opt out of getting these marketing messages, will not apply to personal information given to us as a result of a product/service experience, product/service purchase or other transactions. 


For more information about the cookies we use, please see Cookie Policy.  Note if you decide to refuse or disable cookies, some parts go this website may not function adequately, and become inaccessible, with this in mind you can set your browser to reject all or some browser cookies. 


Your personal information will only be used for the purposes for which we collected it, unless we reasonably recognise that we require to use it for another reason and that reason is congenial with the primary purpose. Please contact us if you wish to get an explanation as to how the processing for the new purpose is congenial with the primary purpose.

You will be informed if we require to use your personal data for an unrelated reason and we will explain the legal basis which allows us to do so.

Where required or permitted by law, we may process you personal information without your consent or knowledge, in compliance with the above rules. 


Your personal data may have to be shared with the parties set out below for the purposes set out above.

  • External Third Parties who solicit your details are fundamentally managers, scouts, coaches, football club, agents, and teams.
  • Specific third parties listed above.
  • We may choose to transfer, sell, or merge parts of our business or our assets with a third party.  We may choose to acquire other businesses or merge with them. If there is a change to our business then the new owners may use your personal data in the same way as set out in this privacy notice
  • In accordance with the law we require all third parties to safeguard your personal data.  Our third-party service providers are not allowed to use your personal data for their own reasons and only allowed to process your personal data for specified purposes and in accordance with our instructions.

We will get your approval if agents, clubs, related parties require your personal information outside of the European Economic Area (EEA).  Your personal information is not transfer outside of the EEA. 


To prohibit your personal data from being accessed in an unwarranted way, used, changed, disclosed or accidentally lost, we have established appropriate security measures.  Only individuals such as employees, contractors, agents and other third parties who have a business need to know can access your personal data, they are subject to a duty of confidentiality and can only handle your personal data on our direction. 

Procedures have been set up to deal with any suspicious personal data breach we will inform you and any relevant regulator of a breach where we are legally required to do so. 


Your personal data is only retained for as long as it is required to fulfill the purposes we acquired it for, in addition to satisfying any accounting, legal, or reporting requirements.

To establish the reasonable retention time for personal data, we determine the nature, amount and sensitivity of the personal data, the conceivable risk of harm from unwarranted use or disclosure, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

See Request erasure below for further information, as in some situations you can ask us to delete your data.

In some situations we may anonymise your personal data (whereby it can no longer be associated with you) for research or statistical purposes in which case we may use this data indefinitely without further notice to you. 


Under certain situations, under data protection laws you have rights in relation to your personal data which are as follows and further detailed, in the section marked “Your Legal Rights” below. Please click on the links below to find out more about these rights:

  • Request access to your personal data.
  • Request amendments of your personal data.
  • Request deletion of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

If you wish to exercise any of the rights set out above, please Contact us. 


There is no fee to access your personal data (or to exercise any of the other rights). Although, a reasonable fee may be required if your request is undoubtedly excessive, repetitive or unfounded.   Alternatively, we may decline to comply with your request in these circumstances.


To help us substantiate your identity and make sure your right to access your personal data (or to use any of your other rights) we may require specific information from you. This is a security measure to safeguard that personal data is not divulged to any individual who has no right to obtain it. In relation to your request we may contact you for more information to speed up our response 


All legitimate inquires we try to respond to within one month. If your request is particularly complicated or you have made numerous requests, then it may take us longer than a month, in which case we will inform you and keep you updated. 



Legitimate Interest means the interest of our business in administrating and operating our business to ensure we provide you with an outstanding service/product and an outstanding and most guarded experience. Any conceivable consequence on you (both positive and negative) and your rights are deliberated and balanced before we process your personal data for our legitimate interests.  Your personal data is not used for processes where our interests are overridden by the effects on you (unless we are allowed by law or we have obtained your consent). You may contacting us if you require more information about how we assess our legitimate interests against any unforeseen results on you in regards of specific activities by you.

Performance of Contract means processing your information where it is required for the performance of a contract to which you are a party or to make sure at your request before entering into such a contract.

Comply with a legal or regulatory obligation means your personal data is processed where it is require for compliance with a legal or regulatory requirement that we are subject to.


  • Lawyers, auditors, bankers and insurers include some of the professional advisers acting as processors or joint controllers.  They consult on legal, banking, insurance and accounting matters and are based in the United Kingdom.
  • Service providers acting as processors who administer IT and system administration services, and are based in the United Kingdom.
  • HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances are based in the United Kingdom.


You have the right to:

Request access. Commonly known as a “data subject access request” you may request access to your personal data. This allows you to obtain a copy of the personal data we have regarding you and to verify that we are lawfully processing it.

Request amendments This allows you to have any incorrect or incomplete data we have about you corrected, however we may need to authenticate the accuracy of the new data you give to us.

Request deletion   This allows you to request us to remove or delete personal data where there is inadequate reason for us continuing to process it. If you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law you have the right to request deletion or remove of you personal data. We will contact you, if applicable at the time of the request that we may not always be able to grant your request of deletion for specific legal reasons. 

Object to processing This allows you to object to the processing of your personal data where we are depending on a legitimate interest (or those of a third party) or on the grounds you perceive it impacts on your fundamental rights and freedom.  If your personal data is processed by us for direct marketing purposes you have the right to object. In some instances, we may show that we have compelling legitimate grounds to process your information which over-ride your rights and freedoms.

Request restriction of processing This allows you to ask us to discontinue the processing of your personal data in the following situations: (a) where our handling of the data is unlawful but you do not want it deleted; (b) if you want us to determine the data's accuracy; (c) where we no longer need you data but you need it to exercise, establish or defend legal claims; or (d) We need to verify whether we have overriding legitimate grounds to use your data, if you object to is use.

Request the transfer This allows you to request the transfer of your personal data to you or to a third party. Your personal data will be given in a machine-readable, commonly used and structured format to you or the third party you select.  This right only refers to automated information which you originally gave consent for us to use or where we used the information to perform a contract with you.

Withdraw consent at any time  This allows you to withdraw consent where we are depending on consent to process your personal data. Before withdrawal of your consent any processing of information carried out will not affect the lawfulness.  If you withdraw your consent, we may not be able to provide certain products or services to you if you withdraw your consent, however you will be informed if this is the case at the time.