Privacy Policy
This policy explains how Leadenhall Analytics collects, uses and protects personal information when you visit our website, contact us or work with us.
1. Who we are
Leadenhall Analytics is the trading name of Leadenhall Analytical Services Ltd, which provides actuarial, pricing, exposure management and related analytical consulting services. For the purposes of UK data protection law, Leadenhall Analytical Services Ltd is the controller of the personal information described in this policy, unless we tell you otherwise in a particular engagement.
You can contact us about this policy or about how we handle personal information at enquiries@leadenhallanalytics.com.
2. The personal information we collect
Depending on how you interact with us, we may collect and use the following categories of personal information:
- identity and contact details, such as your name, employer, job title, business email address, telephone number and any business address you choose to provide;
- enquiry and correspondence data, including information you provide when you contact us through our website, by email, by telephone or on LinkedIn;
- client and supplier relationship information, such as engagement details, billing contacts, contract records and meeting notes;
- website usage information, such as IP address, device/browser data and basic website analytics information collected through cookies or similar technologies;
- recruitment or business development information, where you apply to work with us or otherwise engage with us professionally; and
- any other information you choose to provide to us.
3. How we collect personal information
We collect personal information directly from you, from your employer or colleagues, from publicly available professional sources such as LinkedIn or company websites, and through your use of our website. We may also receive personal information from clients, counterparties, suppliers and professional advisers where this is relevant to our services or business operations.
4. How we use personal information
We use personal information for the following purposes:
- to respond to enquiries and provide information about our services;
- to assess, propose, deliver and administer consulting engagements;
- to manage client, supplier and professional relationships;
- to carry out onboarding, conflict checks, project delivery, invoicing, record keeping and internal administration;
- to improve our website, content and business operations;
- to send relevant business communications, insights or marketing where permitted by law; and
- to comply with legal, regulatory and professional obligations, and to establish, exercise or defend legal claims.
5. Our lawful bases for processing
Under the UK GDPR, organisations must identify a lawful basis for processing personal information. Depending on the circumstances, we generally rely on one or more of the following:
Contract
Where processing is necessary to take steps at your request before entering into a contract, or to perform a contract with you or your organisation.
Legitimate interests
Where it is necessary for our legitimate interests, or those of a client or third party, and those interests are not overridden by your rights and freedoms. This may include responding to business enquiries, managing client relationships, operating our consultancy and improving our services.
Legal obligation
Where we need to process information to comply with applicable law, regulation, tax, accounting or professional requirements.
Consent
Where we ask for your consent, for example in relation to certain marketing communications or non-essential cookies, you can withdraw that consent at any time.
6. Who we share personal information with
We may share personal information, where appropriate, with:
- our professional advisers, auditors, insurers and service providers;
- IT, hosting, basic web analytics, communications and document management providers;
- clients, counterparties and project participants where relevant to an engagement;
- payment, invoicing and accounting providers;
- regulators, law enforcement bodies, courts or other authorities where required; and
- potential buyers, investors or advisers in connection with a business reorganisation or transaction, subject to appropriate confidentiality measures.
We do not sell personal information.
7. International transfers
Some of our suppliers or service providers may process personal information outside the UK. Where we transfer personal information internationally, we will take appropriate steps to ensure it is protected, such as relying on adequacy regulations, standard contractual clauses or other recognised safeguards where required.
8. How long we keep personal information
We keep personal information only for as long as necessary for the purposes for which it was collected, including for legal, regulatory, tax, accounting, contractual and record-keeping requirements.
As a general guide:
- website enquiries and general business development contacts are typically retained for up to 24 months after our last meaningful interaction, unless there is a continuing business reason or legal need to keep them longer;
- client engagement records are retained for as long as needed for project delivery and then for a reasonable period afterwards to meet contractual, legal, regulatory, insurance and professional requirements;
- finance and tax records are retained in line with applicable legal and accounting requirements; and
- marketing preferences are retained until you unsubscribe or ask us to stop.
Retention periods may be extended where necessary to deal with disputes, claims or investigations.
9. Security
We take appropriate technical and organisational measures to protect personal information against unauthorised or unlawful processing, accidental loss, destruction or damage. These measures may include access controls, secure storage, password protection, role-based access, contractual controls with suppliers and other security practices proportionate to the nature of the information we hold.
10. Your rights
Depending on the circumstances, you may have the right to:
- request access to your personal information;
- request correction of inaccurate or incomplete information;
- request erasure of your personal information;
- request restriction of processing;
- object to processing carried out on the basis of legitimate interests or for direct marketing;
- request transfer of your information to you or another provider, in certain cases; and
- withdraw consent where processing is based on consent.
These rights are not absolute and may be subject to legal or regulatory exemptions.
11. Marketing
Where we send marketing or insight communications, we will do so in accordance with applicable law. You can opt out of marketing communications at any time by using the unsubscribe method provided or by contacting us directly.
12. Cookies and website analytics
Our website may use cookies or similar technologies to support website functionality and basic web analytics so we can understand usage and improve performance. Where non-essential cookies are used, we will seek consent where required by law and provide appropriate information through our cookie notice or consent mechanism.
13. Third-party websites
Our website may contain links to third-party websites, including LinkedIn or other external services. We are not responsible for the privacy practices of those third-party websites, and we encourage you to read their privacy policies.
14. How to contact us
If you have any questions about this privacy policy or how we handle personal information, please contact us at enquiries@leadenhallanalytics.com.
15. Complaints
If you have concerns about how we use your personal information, we would appreciate the opportunity to address them first. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection matters.
16. Changes to this policy
We may update this privacy policy from time to time to reflect legal, technical or business developments. The latest version will always be posted on this page, together with the date of the most recent update.