Privacy policy Sarah Foley February 6, 2020
Privacy Policy

This website provides information about Strata’s general business, software, products, or services. If you have any questions about Strata’s collection of your data please contact Strata at [email protected]

Policy introduction

Any data collected through the Strata website including Personal Data, will only be used when you register, request information or a response from Strata to better target you for further sales, marketing or recruitment opportunities. Once collected, Personal Data will not be used for a different incompatible purpose without your consent. Strata Financial Services Consulting LTD 51 Eastcheap, London, United Kingdom, EC3M 1DT is regarded as the Data Controller.

We take the protection of data privacy very seriously. All Personal Data collected through the website application will be treated as strictly confidential and will only be used as set out in this Privacy Notice. The applicable data protection laws shall be respected in full.

Therefore, please read this Privacy Notice thoroughly. 

Purpose of data collection

We may rely on the following lawful reasons when we collect and use personal data to operate our business and provide our products and services:

Contract – We may process personal data in order to perform our contractual obligations owed to (or to enter into a contract with) the relevant individuals.


Consent – We may rely on your freely given consent at the time you provided your personal data to us.


Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. These may include:

  • Delivering services to our clients – To deliver the professional services our clients have engaged us to provide including information on new products and services.
  • Direct marketing – To conduct and analyse our marketing activities.  To deliver timely market insights and speciality knowledge including tailor-made online experience we believe is welcomed by our business clients, subscribers and individuals who have interacted with us.
  • Monitor our IT systems – Prevent fraud or criminal activity and protect our IT systems.
  • Corporate responsibility – Comply with our corporate and corporate social responsibility commitments.
  • Legal obligations – We may process personal data in order to meet our legal and regulatory obligations or mandates.
  • Public Interest – We may process personal data in order to perform a specific task in the public interest or in the exercise of official authority vested in us.
  • Vital Interests – We may process personal data to protect the vital interests of the individual or another natural person.  
How do we collect personal data?  

Directly. We obtain personal data directly from individuals in a variety of ways, including obtaining personal data from individuals who provide us with their business card(s), complete our online forms, subscribe to our newsletters, attend meetings or events we host, visit our offices or for recruitment purposes. We may also collect personal data directly when, for example we are establishing a business relationship, performing professional services through a contract. 

Indirectly. We obtain personal data indirectly about individuals from a variety of sources, including recruitment services and our clients:

Public sources – Personal data may be obtained from public registers (such as Companies House), news articles, sanctions lists and internet searches. 

Social and professional networks sites 

Business clients – Our business clients may engage us to perform professional services which involves sharing personal data they control as part of that engagement. 

Recruitment services – We may obtain personal data about candidates from an employment agency, and other parties including former employers, and credit reference agencies. 

What categories of personal data do we collect? 

We may obtain the following categories of personal data about individuals through direct interactions with us, or from information provided through client engagements from applicants, our suppliers and through other situations including those described in this Privacy Notice. 

Personal Data. This is the list of personal data we commonly collect to conduct our business activities. 

  1. Contact details (e.g, name, company name, job tile, work and mobile telephone numbers, work and personal email and postal address). 
  2. Professional details (e.g, job and career history, educational background and professional memberships, published articles). 

Sensitive personal data 

We typically do not collect sensitive or special categories of personal data about individuals other than our own employees. In some circumstances it is necessary for Strata to process sensitive personal data of our employees and other third parties. Other than where such personal data is made public by the individual themselves, such processing would only be undertaken as necessary for Strata to exercise its rights and obligations as an employer (including for occupational health purposes), protect the vital interests of individuals, establish or defend legal claims or with the explicit consent of the individual(s) concerned.  Examples of sensitive personal data we may obtain, or otherwise hold, include:

  • Personal identification documents that may reveal race, religion or ethnic origin, possibly biometric data of private individuals, beneficial owners of corporate entities, or applicants.
  • Expense receipts submitted for individual tax or accounting advice that reveal affiliations with trade unions or political opinions.
  • Adverse information about potential or existing clients and applicants that may reveal criminal convictions or offences information.
  • Information provided to us by our clients in the course of a professional engagement.
  • Diversity and equal opportunity information volunteered by participants in certain Strata professional development programmes and recruitment processes.
  • Health data where the processing is necessary to assess, monitor and control spread of infectious diseases and to provide a safe environment for our employees, clients and suppliers.

What legal ground(s) do we rely on?

We aspire to be transparent when we collect and use personal data and tell you why we need it, which typically includes:

Providing professional advice and delivering reports related to our tax, advisory, audit and assurance, pension scheme administration, mergers and acquisitions and other professional services. Our services may include reviewing client files for quality assurance purposes, which may involve processing personal data for the relevant client.

  • Promoting our professional services, products and capabilities to existing and prospective business clients.
  • Sending invitations and providing access to guests attending our events and webinars or our sponsored events.
  • Administering, maintaining and ensuring the security of our information systems, applications and websites.
  • Authenticating registered users to certain areas of our sites.
  • Seeking qualified candidates, and forwarding candidate career inquiries to our People team, which may be governed by different privacy terms and policies.
  • Processing online requests, including responding to communications from individuals or requests for proposals and quotations.
  • Contacting journalists regarding company press releases, invitations to annual press parties, highlighting messages that may be of interest on specific industry topics.
  • Complying with legal and regulatory obligations relating to anti-money laundering, terrorist financing, fraud and other forms of financial crime.
  • Compiling health and safety data (directly or indirectly) following an incident or accident. Indirect data can take many forms including an incident report, first aider report, witness statements and CCTV footage.
  • Collecting health data to assess, monitor and control spread of infectious diseases and to provide a safe environment for our employees, clients and suppliers.
With whom do we share personal data?

We will share your personal data with employees of strata, including sales, marketing, IT, recruitment and operations teams in order to create inter alia email campaigns and other marketing efforts.

We will not disclose your personal data to anyone else under any circumstances except as otherwise stated in this privacy notice, to successors in title to our business, to establish, exercise or defend our rights, or where required by law.

Who is processing the personal data?

Employees of strata (from sales, marketing, IT, recruitment and operations) are processing your data and helping with the data storage. Any processing of your personal data by these employees is in accordance with our instructions.
If the services of third parties for the technical maintenance, administration or processing of data are required, the personal data will be accessed by these parties only to the extent that is required to ensure a smooth and secure technical handling of the website and in compliance with applicable law, including with respect to data confidentiality, privacy and security.

Viewing, editing, updating or deletion of your personal data:
Please contact [email protected] if you want to see any personal data stored about you in our records. We will honour your legal right to view your personal data in accordance with applicable privacy law. If you think that any of the personal data collected through the website is incorrect, confusing or incomplete, please contact [email protected]. You may also ask us to erase, restrict or port your personal data and you may tell us if you object to our use of your personal data. Personal data will be stored by us in accordance with our applicable data retention requirements and corporate policies.

Data security
We use a variety of methods, such as firewalls, intrusion detection software and manual security procedures, to secure your data against loss or damage and to help protect the accuracy and security of personal data and to prevent unauthorised access or improper use. If you think that the website or any personal data is not secure or that there has been unauthorised access to the website or your personal data, please contact [email protected] immediately.

Data transfers
Your personal data is transferred to the US which is not considered to have the same level of data protection as in the EU. However, we ensure all data transfers comply with applicable legal requirements. Should you wish to know more about how data is protected or wish to request a copy of the contractual protections please contact [email protected].[EC1] 

Use of cookies or other tracking technology
A cookie is a small file which is placed on your computer’s hard drive. If you choose to accept cookies, the file is added and the cookie helps to analyse web traffic or lets us know when you visit a particular site. Cookies further allow us to respond to you as an individual and we can tailor our operations to your needs, likes and dislikes by gathering and remembering information about your preferences when you return to our site and for logged-in users to maintain the session and remember table filters. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Notification of changes
Strata reservices the rights to change this Privacy Policy at any time. Please check this page periodically for changes. Your use of the services after any such amendment or change in the Privacy Policy shall be deemed as your express acceptance of such amended/changed Privacy Policy. Information collected prior to the time any change is posted will be used accordingly to the rules and laws that applied at the time the information was collected. 

Further information
If you consider that we are not complying with this privacy notice or if you have any questions in relation to this privacy notice, please contact [email protected]. You may also lodge a formal complaint with your competent data protection authority.


Get in touch

Let us know more about your enquiry
How can we get in touch with you?
What would you like to discuss?