Payments Innovation Forum Ltd Privacy Policy
Last updated: November 2023
Payments Innovation Forum Ltd (“PIF”, “we”, “our” or “us”) takes your privacy very seriously and is committed to protecting and respecting it. PIF is a limited company (with company number 0595515) registered at 86-90 Paul Street, London, EC2A 4NE.
Please read this privacy policy carefully as it contains important information on who we are, and how and why we collect, store, use and share your personal information. It also explains your rights in relation to your personal data and how to contact us, or the supervisory authorities, if you have a complaint.
PIF is a not-for-profit trade association representing firms across the payments and fintech sectors.
PIF is the data controller under GDPR and specific UK legislation incorporating the requirements of GDPR in relation to the processing of your personal data.
The personal information we collect about you
When someone visits our website, we use a third-party service, Google Analytics, to collect standard Internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to various parts of our site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of people who visit our site.
We also use third-party service providers to deliver our event information, to email you member resources, and to e-mail you event registration confirmations. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our event marketing communications.
We also collect information about you when you enrol as a member of PIF and/or attend any of our meetings, events and/or PIF working groups and committees. This may be collected where you have been invited, nominated or otherwise requested to attend one of our meetings, events and/or working groups and committees. This information may include your name, job title, company name, company details, email address and telephone number
We may also collect information from publicly accessible sources including information you make available on our social media accounts, e.g., ‘likes’, posts, reposts and responses to our LinkedIn page posts, X (Twitter) posts and YouTube videos, and information that enables us to carry out due diligence and other checks on you, e.g., with Companies House.
This personal information is required for us to provide products and services to you. If you do not provide the personal information we may ask for, it may delay or prevent us from providing products and services to you.
How we collect your personal information
We collect most of your personal information directly from you, such as in person, by telephone, by email and/or via our website and social media accounts. However, we may also collect information:
- From publicly accessible sources, e.g., Companies House or social media (e.g., LinkedIn, X (Twitter))
- From your employer
- From a third party with your consent
- From cookies on our website (see ‘The personal information we collect about you’ above and ‘Cookies’ below)
- In photographs containing an identifiable image of you taken at PIF meetings or events
How and why we use your personal information
Under data protection law, we can only use your personal information if we have a proper reason for doing so, namely:
- To comply with our legal and regulatory obligations;
- For the performance of our contract with you or to take steps at your request before entering into a contract;
- For our legitimate interests or those of a third party, or
- Where you have given consent
As a business, it is very important that we perform our agreement with you and/or carry out our contractual obligations with the best service possible. It is in our legitimate interest to be responsive to you to ensure the proper functioning of our products, services and organisation.
A legitimate interest is when we have a business or commercial reason to use your personal information, so long as it is not overridden by your own rights and interests.
The following table explains what we use (or ‘process') your personal information for, and why we do so:
| What we use your personal information for | Our reasons for doing so |
| Membership enrolment/administration purposes | For the performance of our contract with you or to take steps at your request before entering into a contract |
| To provide products and services (e.g., membership benefits and services) to you | For the performance of our contract with you or to take steps at your request before entering into a contract |
| Statistical analysis to help us manage our business, e.g., in relation to our financial performance, member/customer base, range of products and services or other efficiency measures | For our legitimate interest or those of a third party, i.e., to be as efficient as possible so we can deliver the best service to you |
| Operational reasons, such as improving efficiency and member services | For our legitimate interest or those of a third party, i.e., to be as efficient as possible so we can deliver the best service to you |
| Updating and enhancing member/customer records | For the performance of our contract with you or to take steps at your request before entering into a contract For our legitimate interest or those of a third party, e.g., making sure that we can keep in touch with our members/customers about existing or new products and services To comply with our legal and regulatory obligations |
| Marketing our membership and other products and services to existing and former members/customers | For our legitimate interest or those of a third party, i.e., to promote our business to existing and former members/customers |
| Ensuring the confidentiality of commercially sensitive information | For our legitimate interest or those of a third party, i.e., to protect trade secrets and other commercially valuable information To comply with our legal and regulatory obligations |
Marketing Communications
We may use your personal information to send you updates (e.g., by email or telephone) about our products and services.
We have a legitimate interest in processing your personal information for marketing or promotional purposes (see above 'How and why we use your personal information') and it is in your legitimate interests for you to receive these updates. This means that we do not usually need your consent to send you marketing communications. However, where consent is needed, we will ask you for this consent separately and clearly.
We will never share or sell your personal information outside of PIF for marketing purposes.
You have the right to 'opt out' of receiving our marketing communications at any time by contacting us at [email protected] and by using the 'unsubscribe' link provided in our emails. You can also update your marketing preferences in your PIF membership online account.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and services in the future, or if there are changes in the law, regulation, or the structure of our business.
Disclosure of your personal information
We routinely share personal information with:
- Third party service providers we use to help deliver our products and services to you, such as those requiring your personal information in order to provide a service to PIF
- Third party service providers we use to help us run our business, such as website hosts and membership management platforms
- Our employees and volunteers
- Your employer
- Our social media pages where, for marketing purposes, we may post photographs of PIF events which may contain an identifiable image of you
We only permit our third party service providers to handle your personal information if we are satisfied that they take appropriate measures to protect your personal information. We do not allow our third-party service providers to sub-contract their services to any other company or individual without our permission.
We may disclose and exchange information with law enforcement agencies or regulatory authorities if we are required to do so by a court order or in relation to crime prevention.
We will not share your personal information with any other third party.
Where we hold your personal information
Personal information may be held on our systems and those of our third party service providers (see above 'Disclosure of your personal information')
How long we keep your personal information
We will keep your personal information while you are a member of PIF or we are providing products and services to you. Thereafter, we will keep your personal for as long as is necessary:
- to respond to any questions, complaints made by you or on your behalf
- to show that we have treated you fairly
- to keep records required by law
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. In most cases we will retain your personal data for up to seven years. When it is no longer necessary to retain your personal information, we will delete it or store it an anonymised format.
Security of your personal information
We have appropriate security measures in place to prevent your personal information from being accidently lost or accessed unlawfully. We limit access to your personal information to those who have a genuine need to access it. Those processing your personal information will do so only in an authorised manner and are subject to a duty of confidentiality.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential.
Our website may contain links to and from the websites of our member organisations, sponsors, partners and suppliers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Your rights
You have the following rights, which can be exercised free of charge:
- Access - the right to be provided with a copy the personal information we hold about you
- Rectification - the right to require us to correct any errors in your personal information
- The right to be forgotten - you have the right to require us to delete your personal information, in certain situations
- Restriction of processing - you have the right to require us to restrict processing of your personal information, in certain circumstances. e.g., to contest the accuracy of the personal information we hold about you
- Data portability - you have the right to receive the personal information you provided to us in a structured, commonly-used and machine-readable format and/or transmit that personal information to a third party, in certain circumstances
- To object - you have the right to object:
- at any time to your personal information being processed for direct marketing (including profiling)
- in certain other situations to our continued processing of your personal data, e.g., processing carried out for the purpose of our legitimate interests
- Not to be subject to automated individual decision-making - you have the right to not be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you
To learn more about each of these rights, including the circumstances in which they apply, please refer to the UK Information Commissioner's Officer (ICO) Guidance at: Make a complaint | ICO
If you would like to exercise any of your rights, please email us at [email protected] with enough information for us to identify you, e.g., name, company name, the right you wish to exercise, and the personal information to which your request relates.
If you do not want us to collect your personal information
If you do not want us to collect and use any personal information about you, please:
- do not enrol as a member of PIF
- do not visit our website
- do not interact with us on our social media pages
- do not attend our meetings and events
- do not download available resources from our website or social media pages
Cookies
When you visit our site, we may store some information (known as a “cookie”) on your computer. A cookie is a small text file that is stored on your computer, tablet or phone when you visit a website. Some cookies are deleted when you close your browser. These are known as session cookies. Other cookies remain on your device until they expire or you delete them from your cache. These are known as persistent cookies and enable us to remember things about you. Cookies do not contain any personal details about a visitor or their location – they simply identify the computer or device being used. We use cookies to track website performance, to give you a better and more relevant online experience and to provide the products and services you request. You can set your browser to disable cookies.
For further information about cookies, including how to see what cookies have been set, and how to manage and delete them please refer to www.allaboutcookies.org
Changes to our Privacy Policy
We keep our Privacy Policy under regular review and we will publish any updates on this page, and where appropriate, notified to you by email.
How to complain
We hope that we can resolve any query or concern you may raise about our use of your personal information. However, if we have not been able to do so, you have the right to raise your concerns and/or lodge a complaint with the ICO at Make a complaint | ICO