Privacy and Cookies Policy

This privacy and cookies policy (“Policy”) applies to your use of www.fintechscotland.com ("Website”).  This Policy sets out the basis upon which we may collect personal data from you, or that you have or will provide to us, and how we may process your personal data.  It also provides information on how we use cookies.  This Policy should be read alongside our Terms & Conditions, which sets out the terms upon which you may use the Website.

​We are committed to preserving and respecting your privacy.  Please read this Policy to understand how we use and protect the information that you provide to us.

The Website is owned and operated by FinTech Scotland (“us” or "we").  We are a private company limited by guarantee incorporated in Scotland under company number SC567086 and have our registered office at Data Driven Innovation Building, 13-15 South College Street, EH8 9AA. For the purpose of applicable data protection legislation, we are the data controller.

By using the Website or by otherwise providing us with your information, you are acknowledging that you are aware of how we use your information.  You warrant that any data provided by you on the Website is accurate.

1) INFORMATION THAT WE COLLECT FROM YOU

We collect information about you:

  • that you provide to us when you use our Website, including, but not limited to, information you provide when you fill in any forms (including the contact form) on our Website or participate in any social media functions on our site; and
  • if you contact us by phone, email or otherwise, we may keep a record of that correspondence.

The type of information we collect from you may include:

  • where you use the contact form on the Website: your full name and email address and any other information that you volunteer in the contact form;
  • technical information about your visits to the Website including, but not limited to, your IP (Internet Protocol) address used to connect your device to the internet and our Website, traffic data, location data, log data, your browser settings, the date and time of your visits, and details regarding which pages, products or resources on our Website you access.  When you visit the Website our servers automatically record this type of information;
  • demographic information such as postcode/location, preferences and interests; and
  • other information relevant to surveys which you complete.

2) USE OF YOUR INFORMATION

We use your information:

  • to analyse the information we collect from you in order to examine trends and patterns in the information and improve our website content and navigation;
  • to ensure that content from our Website is presented in the most effective manner for you and your device;
  • to contact you for direct marketing purposes, if you have explicitly accepted for us to do so, in order to send you updates on FinTech Scotland which may be of interest to you;
  • to contact you for your views on our products and services;
  • for our internal record keeping; and
  • for all other purposes consistent with our legitimate interest to ensure the proper performance of our operations and business.

3) WHERE WE STORE YOUR INFORMATION

Information posted on the Website is stored in the WordPress database. WordPress is the content management system used to create and maintain the Website. The Website is hosted on Amazon Web Services (“AWS”). Our AWS account is hosted in England.

When you sign up to our newsletter, we store your contact details on campaign monitorwho act as both data storage and data processor. They store data in a US-based data center. In addition, they use multiple data processing locations including USA, Australia and Germany. They also use CloudFront at strategic AWS edge and regional locations as an external content delivery network for faster content caching. More on Amazon’s CloudFront can be found here: https://aws.amazon.com/cloudfront/features/

When we transfer your data outside of the EEA, we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy, such as by use of the data protection contract clauses that have been approved by the European Commission.

4) HOW LONG WE RETAIN YOUR INFORMATION FOR

We will hold your personal information on our systems for as long as is necessary for the relevant activity or services.  Unless otherwise requested using the contact details below, if you unsubscribe from our communications, your personal data will be retained indefinitely on a suppression list so that we know not to contact you.

5) DISCLOSURE OF YOUR INFORMATION

The information you provide to us will be treated as confidential. However, we may disclose your information to other third parties who act for us as our service provider or who advise us for the purposes set out in the policy or for purposes approved by you.

We may disclose your personal information to third parties:

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms & Conditions, and other agreements;
  • to protect our rights and property, or our safety and our users’ safety; and/or
  • for the purposes of preventing or reporting any illegal or immoral activity.

We will not sell, distribute or lease your personal data to third parties other than in accordance with this Policy, unless we have your permission or are required by law to do so.

6) LEGITIMATE INTERESTS

Data protection laws require that we meet certain conditions before we are allowed to use your data in the manner described in this Policy. We will rely on a condition known as "legitimate interests".  It is in our legitimate interests to collect your personal data as it provides us with the information that we need to contact you for direct marketing purposes and improve our website content and navigation. We will always ensure that we keep the amount of data collected and the extent of any processing to the absolute minimum to meet this legitimate interest.

7) YOUR RIGHTS - COPIES AND CORRECTIONS

The accuracy of the information that we hold about you is important to us.  If any of the information that we hold about you is inaccurate or out of date, or you object to us processing it, please let us know using the contact details below.

You have a number of rights under data protection laws in relation to the way we process your personal data.  These are set out below. You may contact us using the details below to exercise any of these rights and we will respond to any request received from you within one month from the date of the request. The information will usually be provided free of charge, although in certain circumstances, we may make a small charge.

You have a number of rights under the data protection laws, namely:

  • to access your data (by way of a subject access request);
  • to have your data rectified if it is inaccurate or incomplete (right to rectification);
  • in certain circumstances, to have your data deleted or removed (right to be forgotten);
  • in certain circumstances, to restrict the processing of your data;
  • a right of data portability, namely to obtain and reuse your data for your own purposes across different services;
  • to object to direct marketing:
  • not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you; and
  • to claim compensation for damages caused by a breach of the data protection legislation.

8) SECURITY

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website.  Any transmission is at your own risk. We are committed to ensuring that your information is secure.  In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

Your data may be stored by third parties on our behalf as set out in this Policy.  We, and our third party contractors, employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction or damage.

Please help us keep our records updated by informing us of any changes to your email address and other contact details.

9) LINKS TO OTHER WEBSITES

Our Website contains links to other websites of interest. If you use these links to leave our Website, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information you provide whilst visiting such sites and such sites are not governed by this Policy. You should exercise caution and check the terms and conditions and privacy policies which apply to third party websites.

10) COOKIES

A “cookie” is a piece of software that attaches to the hard drive of your device and remembers information about the configuration of your device. Our services use cookies to distinguish you from other users. This helps us to provide you with a good experience when you use our services and also allows us to improve our Website. You can disable the cookies that we attach if your browser supports this.  For further information on how to do this, please refer to WWW.ALLABOUTCOOKIES.ORG.  However, you should bear in mind that if you exercise this option, you may be unable to use some of our on-line services.

The types of cookies that our site uses are:

Google Analytics cookies

  • collect - Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels.
  • rc::a - Persistent cookie - This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
  • rc::c - expires after the session - This cookie is used to distinguish between humans and bots.
  • ads/ga-audiences - expires after the session - Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites.
  • IDE - expires after 1 year - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.
  • test_cookie - expires after 1 day - Used to check if the user's browser supports cookies.
  • VISITOR_INFO1_LIVE - expires after 179 days - Tries to estimate the users' bandwidth on pages with integrated YouTube videos.
  • YSC - expires after the session - Registers a unique ID to keep statistics of what videos from YouTube the user has seen.
  • yt.innertube::nextId - Persistent cookie. Registers a unique ID to keep statistics of what videos from YouTube the user has seen.
  • yt.innertube::requests - Persistent - Registers a unique ID to keep statistics of what videos from YouTube the user has seen.
  • yt-remote-cast-installed - expires after the session - Stores the user's video player preferences using embedded YouTube video
  • yt-remote-cast-available - expires after the session
  • yt-remote-connected-devices - persistent cookie - Stores the user's video player preferences using embedded YouTube video
  • yt-remote-device-id - persistent cookie - Stores the user's video player preferences using embedded YouTube video
  • yt-remote-fast-check-period - expires after the session - Stores the user's video player preferences using embedded YouTube video
  • yt-remote-session-app - expires after the session - Stores the user's video player preferences using embedded YouTube video
  • yt-remote-session-name - expires after the session - Stores the user's video player preferences using embedded YouTube video
  • CONSENT - Expires after 6100 days - Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website.

Other cookies

  • __cfduid from freegeoip.net - expires after  1 year. Used by the content network, Cloudflare, to identify trusted web traffic.
  • CookieConsent - expires after 1 year - Stores the user's cookie consent state for the current domain
  • wordpress_test_cookie - expires after the session - Used to check if the user's browser supports cookies.
  • vuid - expires after 2 years - Collects data on the user's visits to the website, such as which pages have been read.
  • _ga - expires after 2 years - Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
  • _gat - expires after 1 day - Used by Google Analytics to throttle request rate
  • _gid - expires after 1 day - Registers a unique ID that is used to generate statistical data on how the visitor uses the website.
  • wordpress_test_cookie- expires after the session - Used to check if the user's browser supports cookies.
  • GPS from youtube.com - expires after 1 day. Registers a unique ID on mobile devices to enable tracking based on geographical GPS location.
  • __fb_chat_plugin - Facebook cookie. Persistent cookie used to track the user’s interaction with the website’s Facebook chat-widget.
  • common/cavalry_endpoint.php - Facebook cookie. Will expire after the session. Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement.
  • messaging_plugin - Facebook Cookie -

11) CHANGES TO OUR PRIVACY POLICY

We may amend this policy from time to time. If we make any substantial changes we will notify you by posting a prominent notice on our Website.

12) CONTACT US

If you have any queries concerning your personal information or any questions on our use of the information then please contact us via the “Contact Us” page on the Website.

13) COMPLAINTS

If you are not happy with the way in which your personal information is held or processed by us, or you are not satisfied with our handling of any request by you in relation to your rights, you may complain to the Information Commissioner's Office (ICO) by calling 0303 123 1113.

The ICO is the UK's independent body set up to uphold information rights.  You can find out more about the ICO on its website (https://ico.org.uk/).