1. Introduction
Pareto Economics Ltd ("Pareto Economics", "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website at www.pareto-economics.com, use our Global Power Index Dashboard, or engage with our services (collectively, the "Services").
This Privacy Policy is issued in compliance with the UK General Data Protection Regulation ("UK GDPR"), the Data Protection Act 2018, and other applicable data protection legislation. Please read this Privacy Policy carefully to understand our practices regarding your personal data.
By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our Services.
2. Data Controller
For the purposes of applicable data protection legislation, the data controller is:
Pareto Economics Ltd
Registered in England and Wales
Email: privacy@pareto-economics.com
Telephone: +44 (0) 208 154 3425
If you have any questions about this Privacy Policy or our data practices, please contact us using the details above.
3. Data We Collect
We collect and process the following categories of personal data:
3.1 Information You Provide Directly
| Category | Examples | Purpose |
|---|---|---|
| Identity Data | First name, last name, job title, position | Account creation, service personalisation |
| Contact Data | Email address, telephone number, business address | Communication, service delivery |
| Professional Data | Organisation name, industry sector, department | Service customisation, analytics |
| Preference Data | Countries of interest, indices of interest, communication preferences | Dashboard personalisation, relevant content delivery |
| Enquiry Data | Messages, feedback, support requests | Responding to enquiries, service improvement |
| Transaction Data | Subscription tier, payment history, invoice details | Service provision, billing |
3.2 Information Collected Automatically
| Category | Examples | Purpose |
|---|---|---|
| Technical Data | IP address, browser type and version, operating system, device identifiers | Security, troubleshooting, analytics |
| Usage Data | Pages visited, features used, time spent, click patterns | Service improvement, analytics |
| Location Data | Country and city (derived from IP address) | Compliance, regional content |
3.3 Information from Third Parties
We may receive personal data about you from third parties, including:
- Business partners who refer you to our Services
- Event organisers where you have attended our speaking engagements
- Publicly available sources such as LinkedIn (for business contact purposes only)
4. How We Use Your Data
We use your personal data for the following purposes:
4.1 Service Provision
- Creating and managing your Global Power Index Dashboard account
- Providing access to GPI data, analytics, and specialised indices
- Processing subscriptions and payments for premium services
- Delivering advisory, research, and consulting services you have engaged
- Responding to your enquiries and providing customer support
4.2 Service Improvement
- Analysing usage patterns to improve our platform and services
- Conducting research and analysis to enhance our methodologies
- Developing new features, products, and services
4.3 Communications
- Sending service-related communications (account notifications, security alerts, updates)
- Sending marketing communications about our services, events, and publications (where you have consented or we have a legitimate interest)
- Inviting you to participate in surveys or feedback opportunities
4.4 Legal and Compliance
- Complying with applicable laws, regulations, and legal processes
- Protecting our rights, property, and safety, and those of our users
- Detecting, preventing, and addressing fraud, security issues, or technical problems
5. Legal Basis for Processing
We process your personal data on the following legal bases under UK GDPR:
| Legal Basis | Applicable Processing Activities |
|---|---|
| Contract Performance (Article 6(1)(b)) | Account creation, service delivery, subscription management, payment processing, customer support |
| Legitimate Interests (Article 6(1)(f)) | Service improvement, analytics, fraud prevention, business-to-business marketing, defending legal claims |
| Consent (Article 6(1)(a)) | Marketing communications (where required), non-essential cookies |
| Legal Obligation (Article 6(1)(c)) | Tax and accounting requirements, responding to lawful requests from authorities |
Where we rely on legitimate interests, we have conducted a balancing assessment to ensure our interests do not override your fundamental rights and freedoms. You may request details of this assessment by contacting us.
6. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your experience and analyse usage.
6.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They help websites function properly and provide information to website owners.
6.2 Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for website functionality, security, and authentication | Session / up to 1 year |
| Analytics (Google Analytics) | Understanding how visitors use our website, measuring performance | Up to 2 years |
| Preferences | Remembering your settings and preferences | Up to 1 year |
6.3 Google Analytics
We use Google Analytics, a web analytics service provided by Google LLC. Google Analytics uses cookies to help us analyse how visitors use our website. The information generated by cookies about your use of the website is transmitted to and stored by Google on servers which may be located outside the UK.
Google's ability to use and share information collected by Google Analytics is governed by the Google Privacy Policy. You may opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.
6.4 Managing Cookies
You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. Most browsers allow you to:
- View what cookies are stored and delete them individually
- Block third-party cookies
- Block all cookies
- Delete all cookies when you close your browser
7. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data to third parties. We may share your personal data only in the following circumstances:
7.1 Service Providers
We engage trusted third-party service providers to assist in delivering our Services. These providers are contractually bound to process your data only for specified purposes and in accordance with our instructions. They include:
- Cloud hosting providers (data storage and infrastructure)
- Payment processors (Stripe) for secure transaction processing
- Email service providers for communications
- Analytics providers (Google Analytics) for website analysis
- Customer relationship management (CRM) systems
7.2 Legal Requirements
We may disclose your personal data if required to do so by law or in response to valid requests by public authorities, including:
- Compliance with a legal obligation
- Protection of our rights, property, or safety
- Prevention or investigation of possible wrongdoing
- Protection of the personal safety of users or the public
7.3 Business Transfers
In the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your personal data.
8. International Data Transfers
Your personal data may be transferred to, stored, and processed in countries outside the United Kingdom, including the United States, where our service providers operate data centres.
When we transfer personal data outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements, including:
- Adequacy decisions: Transfers to countries deemed to provide adequate protection by the UK Government
- Standard Contractual Clauses (SCCs): Contracts approved by the UK Information Commissioner's Office that provide appropriate safeguards
- Binding Corporate Rules: Where applicable, internal rules adopted by multinational organisations
You may request further information about the safeguards we use by contacting us.
9. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.
Our standard retention periods are:
| Data Category | Retention Period |
|---|---|
| Account data | Duration of account plus 2 years after closure |
| Transaction and billing data | 7 years (for tax and accounting compliance) |
| Marketing preferences | Until you withdraw consent or unsubscribe |
| Enquiry and correspondence data | 3 years from last communication |
| Analytics data | 26 months (Google Analytics default) |
When personal data is no longer required, we securely delete or anonymise it.
10. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:
- Right of Access: You have the right to request a copy of the personal data we hold about you.
- Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
- Right to Erasure: You have the right to request deletion of your personal data in certain circumstances (also known as the "right to be forgotten").
- Right to Restriction: You have the right to request that we restrict the processing of your personal data in certain circumstances.
- Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.
- Right to Object: You have the right to object to processing based on legitimate interests, including direct marketing.
- Right to Withdraw Consent: Where processing is based on consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
- Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
To exercise any of these rights, please contact us at privacy@pareto-economics.com. We will respond to your request within one month, as required by law. We may request specific information to verify your identity.
If you are not satisfied with our response or believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
Helpline: 0303 123 1113
11. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure authentication mechanisms, including multi-factor authentication where appropriate
- Regular security assessments and vulnerability testing
- Access controls limiting data access to authorised personnel only
- Staff training on data protection and security practices
- Incident response procedures for potential data breaches
While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.
12. Children's Privacy
Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last updated" date at the top of this Policy
- Notify you by email (for registered users) or by prominent notice on our website
- Where required by law, obtain your consent to material changes
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Pareto Economics Ltd
Email: privacy@pareto-economics.com
General enquiries: info@pareto-economics.com
Telephone: +44 (0) 208 154 3425
We aim to respond to all legitimate requests within one month. Occasionally, it may take longer if your request is particularly complex or you have made multiple requests, in which case we will notify you and keep you updated.