QS Logo Black

QuantSpark Limited

Privacy Notice for End Customers and Website Users


Last Updated: 16/10/2022



  1. Introduction
  2. What is personal data?
  3. Personal data we collect
  4. How we collect your personal data
  5. Purposes for which we use your personal data and the lawful bases
  6. Sharing your personal data
  7. International transfers
  8. How long we keep your personal data
  9. Security of your personal data
  10. Your rights
  11. How to complain
  12. How to contact us

1. Introduction

QuantSpark Limited is committed to protecting the privacy of our clients and users of our website. We will ensure that the information you submit to us, or which we collect via various channels (including our website, through written correspondence (including e-mail), is only used for the purposes set out in this policy.

Through this Privacy Policy we aim to inform you about the types of personal data we collect from users, the purposes for which we use the data and the ways in which the data is handled. We also aim to satisfy the obligation of transparency under the UK General Data Protection Regulation ("UK GDPR") and the Data Protection Act 2018.

For the purpose of this Privacy Policy the Data Controller of personal data is QuantSpark and our contact details are set out in the Contact Us section at the end of this Privacy Policy.

2. What is personal data?

‘Personal data’ is any information from which you can be identified, either directly or indirectly. For example, your name or an online identifier.

‘Special category personal data’ is more sensitive personal data and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purposes of uniquely identifying someone, data concerning physical or mental health or data concerning someone’s sex life or sexual orientation. 

3. Personal data we collect

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. The personal data we collect includes:

  • First name
  • Last name
  • Email address
  • Job title
  • Information about your company or affiliation
  • Any other personal data required for the purpose of providing our services to you


When you use our website, we also collect certain information via cookies including statistical information about browsing actions and patterns in order to improve our products and to personalise and improve the Site's user experience. This includes browsing actions and patterns which can be associated with specific users, including the pages on the website that you visit and the functionality of the services of which you make use and aggregated statistical information, which does not identify you.

We don't collect information on the content of any documents that you create or generate through the Site (such as Excel reports, pdf reports, etc).

For more information about the use of cookies on our site, please visit our Cookie Policy.

4. Purposes for which we use your personal data and the lawful basis

When providing services to you, we may use your personal data for the following purposes and on the following lawful bases:

Purposes for which we use your personal data and the lawful basis

Where personal data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.

5. Sharing your personal data

In order to provide our services to you, it may be necessary for us to transfer personal data to our trusted third-party service providers for purposes including IT or Professional Support. Where third parties have been engaged to help provide our service to use, we have ensured that measures have been put in place to your personal data. A list of these third partis is available upon request.

6. International Transfers

When we collect your personal data, it may be processed outside the UK. This is because the organisations we use to provide our services to you are located in other countries.

We have taken appropriate steps to ensure that where personal data processed outside the UK, it has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:

  • Your personal data is only processed in a country which the Secretary of State has confirmed has an adequate level of protection (an adequacy regulation); or

  • We enter into either International Data Transfer Agreements (IDTAs) or Standard Contractual Clauses (SCCs) (with the UK Addendum) with the receiving organisations and ensure that supplementary measures are also applied, where necessary.

7. How long we keep your personal data

We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims.

At the end of the retention period, your personal data will be securely deleted or anonymised , for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning.

8. Security of your personal data

We have implemented appropriate technical and organisational measures to safeguard your personal data and protect it from accidental or unlawful destruction, loss or alteration and from unauthorised disclosure or access.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site via third party networks; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

In addition to the technical and organisational measures we have put in place, there are a number of simple things you can do to in order to further protect your personal information, such as;

1. Never share a One Time Passcode (OTP).

2. Never enter your details after clicking on a link in an email or text message.

3. Always send confidential information by encrypted email where possible this reduces the risk of interception.

4. If you’re logged into any online service do not leave your computer unattended.

5. Close down your internet browser once you’ve logged off.

6. Never download software or let anyone log on to your computer or devices remotely, during or after a cold call.

Secure Online Services

You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.

9. Your rights

You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request.

Right of Access

You have the right at any time to ask us for a copy of the personal information about you that we hold. Where we have good reason, and if the UK GDPR permits, we can refuse your request for a copy of your personal information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.

Right of Correction or Completion

If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data rectified, updated or completed. You can let us know by contacting us using the details below.

Right of Erasure

In certain circumstances, you have the right to request that personal information we hold about you is erased e.g. if the information is no longer necessary for the purposes for which it was collected or processed or our processing of the information is based on your consent and there are no other legal grounds on which we may process the information.

Right to object to or restrict processing

In certain circumstances, you have the right to object to our processing of your personal information by contacting us using the details below. For example, if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which override your rights and interests. You also have the right to object to use of your personal information for direct marketing purposes.

You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.

Right of Data Portability

In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format.

You can ask us to transmit that information to you or directly to a third party organisation.

The above right exists only in respect of personal information that:

  • you have provided to us previously; and

  • is processed by us using automated means.

While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organisation's systems. We are also unable to comply with requests that relate to personal information of others without their consent.

You can exercise any of the above rights by contacting us using the details below.

Most of the above rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights.

Right to withdraw consent

In the circumstances where you may have provided your consent to the processing of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we are permitted by law to do so.

How to exercise your rights

You will not usually need to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. If you wish to exercise your rights, please contact us at dpo@quantspark.com

10. How to complain

You have the right to lodge a complaint with the supervisory authority, if you believe we are infringing the UK data protection laws or you are concerned about the way in which we are handling your personal data. The supervisory authority in the UK is the Information Commissioner’s Office who can be contacted online at:

11. How to contact us

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights outlined above, then please address your correspondence to:

QuantSpark Limited

230 Blackfrairs Road




Alternatively, you can email us at dpo@quantspark.com.