Website Privacy Policy

Overview

Alfa Financial Software Holdings PLC and its subsidiaries (together the 'Group') value individuals' privacy and recognise their rights regarding the personal information collected from them. We are committed to maintaining the security and privacy of the personal information we process, both through our website or through our interactions with clients, prospects, or industry partners.

This Privacy Policy (the 'Policy') applies to all companies within the Alfa Group. Each company within the Group acts as a data controller, and relevant company names and information can be found below:

Subsidiary Jurisdiction Subsidiary of Incorporation
Alfa Financial Software Limited
Alfa Financial Software, Inc.
Alfa Financial Software Australia Pty Limited
Alfa Financial Software NZ Limited
Alfa Financial Software GmbH 		United Kingdom
United States
Australia
New Zealand
Germany

When we mention "Alfa Financial Software," "Alfa," "we," "us," or "our" in this Policy, we are referring to the relevant company within our group responsible for processing personal information.

Contacting us

Alfa Financial Software Limited is the controller responsible for overseeing questions in relation to this Policy.

If you wish to contact us to learn more about how we process personal information, to exercise your rights, make a complaint, or discuss our practices, please e-mail our Data Protection Officer at dataprotection@alfasystems.com or write to us at the following address:

Data Protection Officer
Alfa Financial Software Limited
Moor Place,
1 Fore Street Avenue,
London EC2Y 9DT,
United Kingdom

Information we collect about you

The following table sets out why we process your personal information and our legal basis for processing your personal information. We may rely on more than one legal basis for processing your personal information, depending on the context of the processing activity.

When we refer to personal information, we're talking about any information that can identify an individual. This excludes information where the individual's identity has been removed (anonymous data).

The Reason We Use Your Personal Information What Personal Information We Collect Legal Basis for Processing
  • Assess suitability for employment
  • Personal identifiers - your name, contact details (e.g. address, e-mail address, telephone number) and other similar contact data
  • Education, work history, and qualifications - education history, employment history, work-related skills and experience, professional credentials or licenses, qualifications, information provided by references, and other information provided on your Curriculum Vitae (CV)
  • Characteristics of Protected Classifications - citizenship and work authorisation status, and contents of any other identification provided to Alfa for application
  • Job-related social media data - information collected from and related to publicly published profiles you've created on job-related social media platforms and job boards (such as LinkedIn)
  • The processing is carried out under our legitimate interests as an employer to determine suitability for job opportunities, communicate with individuals regarding potential job opportunities, establish and maintain candidate relationships, promote an inclusive work environment, manage an individual's candidate relationship.
  • The processing is necessary to comply with legal obligations
  • Maintain communication if you have attended one of our sponsored events, conferences,and webinars
  • Software demonstrations
  • Address inquiries regarding our services/products
  • Build and maintain social media presence, branding and maintain market awareness
  • Personal identifiers - your name, contact details (e.g. e-mail address) or social media account details
  • The details of your communications with us and the details of our messages to you
  • The processing is carried out under our legitimate interest so that we can identify potential clients, and perform marketing activities to promote our services and products.
  • Website Analytics via the use of Cookies
  • Online identifiers - your IP address and a unique User ID
  • This processing is carried out only when you have provided your consent. Users can opt out of the use of non-essential cookies via the cookie banner.

How we collect your personal information

We use different methods to collect information from and about you.

At Alfa, we collect personal information from individuals who visit our website, show interest in our services or products, apply for employment or interact with us in other related ways, such as through marketing or events.

Most of the personal information is provided directly by individuals who reach out to us to apply for a job, attend a sales/marketing event, or engage in conversations regarding our services or products.

Retaining your information

We will retain your personal information for the duration necessary to fulfil our agreement with you, provide requested services, for legitimate business purposes, or other essential reasons such as compliance with laws, regulations, or legal authorities. This includes purposes such as audit, security, fraud prevention, or safeguarding Alfa's legal rights.

Due to various record retention obligations, retention periods may differ. We utilise the following criteria to determine retention periods:

  • Existence of contractual or legal obligations requiring data retention.
  • Specific retention periods allowed by law, statute, or regulation.
  • Agreement to a longer retention period by the individual.
  • Original expectation for retention at the time of data provision

Where your information may be shared

Alfa ensures accountability among its employees, contractors, and suppliers to maintain the trust you place in us with your personal information.

Alfa may share the information that is necessary to fulfil its interests, as detailed in the "Information we collect about you" section, with other Alfa entities, service providers, and business partners engaged to assist in managing the processes required to achieve those interests.

It is important to note that any third parties handling your personal information will do so strictly according to our instructions. They are obligated to maintain confidentiality and ensure the security of your information.

Security of your information

At Alfa, safeguarding personal information is of utmost importance to us. We have established a comprehensive framework of cybersecurity and privacy measures, including encryption, to reinforce our commitment to protecting data privacy. Our adherence to ISO 27018:2019 and ISO 27001:2013 certifications underscores our dedication to maintaining robust security standards.

We evaluate security aspects such as Confidentiality, Integrity, and Availability to uphold the protection, accuracy, and accessibility of data for its intended purposes. Some key controls incorporated within these certifications include:

  • Implementation of Multi-Factor Authentication (MFA) across all internet-based systems
  • Encryption of data both at rest and in transit
  • Regular technical assessments of our systems to identify vulnerabilities and configuration weaknesses
  • Restricted access limited to authorised individuals only
  • Screening of all employees to meet at least the Baseline Personnel Security Standard (BPSS)
  • Provision of data handling training for all employees
  • Establishment of policies and procedures governing secure operations and system configuration

How we transfer information we collect internationally

International Data Transfers Within Alfa: To support our global operations, we transfer information worldwide and permit access to this information from countries where Alfa-owned or operated entities have a presence, for the purposes outlined in this Policy. It's important to note that these countries may not have privacy and data protection laws equivalent to those in many of the countries where our clients and users are located. When sharing your information within Alfa, we adhere to mechanisms such as the EU-U.S. Data Privacy Framework (refer to Alfa's Data Privacy Framework Policy), Standard Contractual Data Protection Clauses approved by the European Commission, and the International Data Transfer Addendum to the European Commission Standard Contractual Clauses.

International Data Transfers to Third Parties: Information may be shared with our service providers or business partners who are based in countries with potentially different privacy and data protection laws compared to your country of residence. When disclosing information pertaining to individuals in the European Economic Area, the UK, or Switzerland, to our service provides or business partners we rely on European Commission-approved Standard Contractual Data Protection Clauses, the International Data Transfer Agreement Addendum to the European Commission Standard Contractual Clauses, or other suitable legal mechanisms to ensure the transfer is adequately safeguarded.

Your rights and choices

We value your right to access and manage your information. The extent of personal information requested when utilising our services aligns with Alfa’s interests in delivering our services effectively to you. Alfa adheres to relevant data protection laws and regulations.

You may possess specific rights concerning your personal information. Further details regarding the availability of these rights and how to exercise them are outlined below.

European Privacy Rights

For individuals residing in the European Economic Area (“EEA”), United Kingdom, or Switzerland, Alfa ensures compliance with data protection laws applicable in your region. If applicable, you are entitled to the following rights:

  • Access: You have the right to request access to your personal information. You can inquire whether we process your personal information, and if so, request access to it. This allows you to obtain a copy of the personal information we hold about you and certain additional information.
  • Correction: You have the right to request correction of inaccuracies (rectification) in your personal information. Upon your request, we will update any incomplete or inaccurate personal information to ensure its accuracy.
  • Erasure: You can request the deletion of your personal information in certain circumstances, subject to our legal obligations or if retention is necessary for legal claims.
  • Restriction: You have the right to request suspension of processing certain personal information, for instance, if you wish to verify its accuracy or the purpose of processing.
  • Transfer: You may request to receive your information in a machine-readable portable format or transfer certain personal information to another party.
  • Automated decisions: You have the right to contest any automated decision that has a legal or similar significant effect on you and request a review.
  • Right to Object: You can object to Alfa processing your information in specific circumstances, including instances where we rely on legitimate interests. However, we may continue processing based on legitimate interests or where relevant to legal claims. You also have the right to object to processing for direct marketing purposes.
  • Complaint: You have the right to lodge a complaint with a Data Protection Authority, particularly in your habitual residence, our location, or where an alleged infringement of data protection law occurred.
Australia Privacy Rights

For individuals located in Australia, Alfa is committed to your rights under the Privacy Act, and wants to ensure your aware that, if applicable, you have the following rights:

  • Access: You have the right to request access to your personal information.
  • Correction: You have the right to request correction of your personal information.
  • Erasure: Alfa will take reasonable steps to destroy or de-identify your personal information once it is no longer needed for the purpose for which it was collected.
  • Right to object: You have the right to ask us to suspend the processing of your personal information if you believe that your personal information is not being processed in accordance with Australian data protection law.
  • Right to Object to Processing for Direct Marketing: You have the right to object to processing for direct marketing purposes.
California Privacy Rights

For individuals located in California, Alfa is committed to upholding your rights under the California Consumer Privacy Act, and wants to ensure you are aware that, if applicable, you have the following rights:

  • Right of Access: You have the right to request access to the categories of personal information we collected about you, the sources from which it was collected, the purposes for which it was collected or shared, the categories of third parties with whom it was shared, and a copy of certain pieces of personal information we have collected or maintained. Please note that we may not be able to fulfil your request if it involves disclosing personal information about another individual or if it would violate any laws or regulations.
  • Right to Correction: You have the right to request correction of any inaccurate personal information that we maintain about you.
  • Right of Deletion: You have the right to request the deletion of personal information that we have collected from you, subject to certain exceptions outlined in the law.
  • Right to Opt-out: You have the right to opt-out of the sale or sharing of your personal information to third parties. Alfa does not sell or share personal information to third parties, as defined by California law.
  • Right to Limit Use and Disclosure of Sensitive Information: You have the right to request that we limit our use and disclosure of your sensitive personal information, although Alfa does not use or disclose sensitive personal information except for purposes authorised by the CCPA.
  • Right not to be Discriminated Against: You have the right to be free from discrimination for exercising your consumer privacy rights. We will not deny you goods or services, charge you different prices, or provide a different level of quality for exercising your rights, unless permitted by law.
Other Privacy Rights

Under the laws of certain jurisdictions, you may have additional rights regarding your personal information. These rights may include the ability to request more information about the personal information we collect, access to the personal information we process, correction of errors or omissions, deletion of personal information, or objection to or limitation of further processing. Alfa complies with relevant data protection laws and will honour individual rights requests in accordance with those laws.

Direct marketing

Periodically, we may utilise your contact information to send you updates via email, aimed at informing you about relevant opportunities or services aligned with your interactions with us.

You have the option to opt out of receiving direct marketing communications from us at any time. Each marketing communication will include instructions on how to opt out of receiving similar emails from the specific service or resource. Alternatively, you can opt out by contacting the Data Protection Officer at dataprotection@alfasystems.com.

Cookies

We use cookies, which are small data files containing information placed on your computer and automatically downloaded to your device to recognise you as a previous visitor to our website. These cookies identify your browser or device and gather and store information about your website usage. For further details regarding cookies, the types we use, and their purposes, please refer to Cookies Information.

Updates to this Privacy Policy

Alfa may periodically update this Privacy Policy to reflect changes in our operations and the manner in which we process your personal information. Any updates or modifications will be reflected in this notice.

This Policy was last updated on 6th March 2025