Terms & conditions
Privacy Policy

Pirum Systems Limited including its affiliated entities (“Pirum”/the “Company” or “we”/”our”) is committed to protecting the privacy and security of your personal information and we will always treat you and your data with the respect you deserve.

In this Privacy Notice, you can find out more about your privacy rights and how we gather, use and share personal data about you. It applies to “you”, meaning:

  • Our clients and persons our clients have authorised or directed us to interact with (including counterparties) in the course of providing our services;
  • Potential clients and business contacts; and
  • Visitors to our website (www.pirum.com) and offices.

In the course of our business we may need to gather and use personal data (as defined below) about you, by which we mean any information about you from which you can be identified, such as your name and contact details.

Where we are a “controller” of this personal data, we are responsible for gathering, using, storing and sharing your personal data. In circumstances where we are providing services to you or your employer, we will typically be acting as a “processor” of the personal data provided and hosted
within our systems.

Our website may provide links to third party websites. We are not responsible for the conduct of third party companies linked to this website and you should refer to the privacy notices of these third parties about how they may process your personal data.

Group 333

About Us

Pirum is a company registered in England and our address is 2 Copthall Avenue, London, EC2R 7DA

We take your privacy seriously and are committed to processing your personal data fairly and lawfully in compliance with Data Protection Laws.

"Data Protection Laws" means all applicable laws relating to privacy or data protection the United Kingdom, including the UK GDPR and the Data Protection Act 2018.

The Company’s General Counsel & Compliance Officer (“GC/CO”) (Eva Luterkort eva.luterkort@pirum.com) is responsible for maintaining this Policy. Alongside the Cyber Information Security Officer (“CISO”) (Matthew Lyons matthew.lyons@pirum.com), the GC/CO is
ultimately responsible for data protection within the Company. Please see her contact details below. For more information please also refer to our Data Protection Policy.

The Personal Information We Collect About You

Personal data” means any information about an individual from which that person can be identified.  It does not include data where the identity has been removed (anonymous data).  We will typically collect, store and use all or some of the following categories of personal information about you:

  • Contact details such as name, title, work addresses, work telephone numbers, work email addresses and other business information;
  • Business details such as business name, job title, business contact details and trader ID;
  • Website access details including your computers unique identifier (e.g. IP Address), the date and time you accessed the website, passwords to access alerts preferences;
  • Marketing data including your preferences in receiving marketing from us and our third parties (please note that we only undertake business to business marketing);
  • CCTV recordings and images; and
  • Communications data including responses, comments, views and opinions when you communicate with us.

Special Category Personal Data & Criminal Offence Data

Typically, we will not intentionally or systematically seek to collect, store or otherwise use information about you classed as special category personal data or criminal offence data (e.g. information relating to your ethnic origin, health or sexual orientation or criminal history).

How We Collect Personal Data

We collect personal information directly from you through our website, from the appointed administrator at your employer or by direct personal request.  Some information may be collected from publicly available third-party sources.

How & Why We Use Personal Data

Data Protection Laws require companies to have a "legal basis" to collect and use your personal information . Most commonly, we will use your personal information in the following circumstances:

  • To comply with our legal and regulatory obligations; or
  • Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.

Purpose & Legal Basis

We will process your personal data in connection your personal data for the following purposes and on the following legal bases:

purpose_legal basis_0

Direct Marketing

We may use your personal information to contact you with marketing on a business-to-business basis. You may opt out from receiving such marketing by contacting Pirum at legal@pirum.com.

Failure to Provide Information

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with our client and/or provide the services to you.

Accuracy & Completeness

We make every effort to maintain the accuracy and completeness of your personal data which we store and to ensure all of your personal data is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal data or if you become aware that we have inaccurate personal data relating to you (see Contact Us section below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.

Disclosure / Data Sharing

We may have to share your data with third parties, including: (i) third-party service providers (including contractors and designated agents); (ii) other entities in the group; (iii) in the context of a sale of the business; (iv) with a regulator or to otherwise comply with the law; (v) our insurers; and/or (vi) professional advisers to manage risks and/or legal disputes.

We do this (i) where necessary to provide services in accordance with our contract with our client; (ii) where required by law; or (iii) where we have another legitimate interest in doing so.

We require third parties to respect the security of your data and to treat it in accordance with applicable law.

Transfers of Data Outside of the UK

We may transfer the personal information we collect about you outside the UK and EEA in order to perform our contract with our client. We use Microsoft Office 365, Salesforce and NetSuite which cover our email servers and client relationship management systems. For further information please contact us using the details in the Contact Us section below.

Copies of the relevant safeguard documents are available through contacting the GC/CO. Please see their contact details below.

Protecting Your Personal Data

We are committed to safeguarding and protecting all personal data provided to us and will implement and maintain appropriate technical and organisational measures to ensure an appropriate level of security to protect such personal data transmitted, stored or otherwise processed by us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.

Data Retention

We will only retain your personal data for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements. We will generally keep your personal data in accordance with any applicable limitation period (as set out in applicable law) plus one (1) year, to allow reasonable time for review and deletion or anonymisation of the personal information held.  This will usually be seven (7) years following the expiry of our relationship with your employer (our client).

Your Rights

Under Data Protection Laws, you have certain legal rights in respect of your personal data, such rights include:

  • Request access to your personal information that we hold about you. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes
    you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, e.g. if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.
  • Request a copy, or reference to, safeguards such as ‘standard contractual clauses’ used for transfers outside the EU (we may redact data transfer agreements to protect commercial terms).
  • Request to withdraw consent to processing, in the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time (where the legal basis for processing is solely justified on the grounds of consent).

You can request this by contacting us using the details in the Contact Us section below. We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.

Contact Us

If you have any queries about the contents of this Privacy Notice, wish to inform us of a change or correction to your personal data, would like a copy of the data we collect on you or would like to raise a complaint or comment, please contact us using the details set out below:

Email: eva.luterkort@pirum.com or legal@pirum.com

Post: Pirum Systems Limited

Att: Eva Luterkort, General Counsel & Compliance Officer

2 Copthall Avenue, London, EC2R 7DA

How to Lodge a Complaint with the Regulator

We would be happy to address any concerns you have about your data privacy directly, and we encourage you to contact us in the first instance with your queries. However, you are entitled to lodge a complaint with our data protection regulator if you consider that we have breached your data protection rights. Our data protection regulator is the Information Commissioner's Office, which can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF and casework@ico.org.uk

Changes to this Privacy Notice

This Privacy Notice was last updated in April 2024.

We may change or update parts of this Privacy Notice in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. We reserve the right to make such updates to this Privacy Notice at any time. We will do this by updating the Privacy Notice held on Pirum's website www.pirum.com. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Privacy Notice, so you are fully aware of any changes or updates.

We may also notify you in other ways from time to time about the processing of your personal information in addition to providing the details of processing in this Privacy Notice.