QuantQuorum logo QuantQuorum
Privacy policy

Personal data processing notice

This notice explains how QuantQuorum processes personal data of users of quantquorum.com and participants in our summits and related services, in accordance with the UK GDPR and the Data Protection Act 2018, as applicable.

1. Data controller and contact details

The data controller is QuantQuorum Ltd., with registered and operating offices in London — United Kingdom (“QuantQuorum”, “we”, “us”). For any request relating to this notice or to exercise your data protection rights, you can contact us at [email protected].

If QuantQuorum appoints a Data Protection Officer (DPO), the relevant contact details will be provided by updating this notice or via dedicated communications. If no DPO is appointed, you can contact the controller using the details above.

2. Categories of personal data we process

QuantQuorum mainly processes personal data relating to professionals and representatives of companies, banks, financial institutions, and organisations that attend our summits or request information about our services. Depending on how you interact with the website or an event, we may process:

  • Identity and contact details: first name, last name, job title, company, professional email address, phone number, invoicing details, and contact details of colleagues or internal points of contact where provided.
  • Contract and attendance data: details about purchased passes, selected sessions, content preferences, participation in roundtables, boardrooms, restricted meetings, feedback, and organisational notes collected to run the summits.
  • Payment and invoicing data: information needed for administration (for example invoice references, order details, payment method). We do not store full payment card details where payments are handled by third-party payment service providers.
  • Website usage and technical data: technical data relating to your visit, such as IP address, server logs, request time, referring URL, browser/device identifiers, and aggregated information about how pages and features are used.
  • Communications data: the content of messages sent via contact forms, email, or other channels, and any information needed to respond to your request.

We do not ask for or wish to receive special category data (for example health data). If such data is provided voluntarily, we will process it only where strictly necessary to respond to your request and within the limits allowed by law.

3. Purposes and lawful bases

Personal data collected via the website or in the context of our summits may be processed for the following purposes, under the corresponding lawful bases:

  • Handling information requests: responding to questions submitted via the website or other channels, sharing informational content and summit details, and preparing tailored proposals. Lawful basis: taking steps at your request prior to entering into a contract and our legitimate interests in providing information about our services.
  • Registrations and contract management: registering attendees, issuing and administering passes, organising meeting agendas, handling payments and invoicing, and fulfilling contractual and pre-contractual obligations with the relevant organisation. Lawful basis: performance of a contract and compliance with legal obligations (for example accounting and tax).
  • Operating summits and related services: planning sessions, participant matchmaking, boardrooms, roundtables, restricted meetings, and handling logistics, security, and accreditation. Lawful basis: performance of the participation contract and our legitimate interests in delivering events safely and effectively.
  • B2B updates and marketing communications: sending communications about future summit editions, editorial content, and updates about QuantQuorum services, in line with rules applicable to electronic marketing to professional contacts. Lawful basis: legitimate interests or, where required, consent.
  • Analytics and service improvement: using browsing data and aggregated attendee insights to analyse website performance, measure interest in content, improve future summit design, and enhance our services. Lawful basis: legitimate interests, subject to applicable rules on cookies and similar technologies.
  • Legal compliance and protection of rights: meeting legal obligations (for example tax, accounting, safety/security) and, where needed, establishing, exercising, or defending legal claims. Lawful basis: legal obligations and legitimate interests.

Where processing is based on consent, you can withdraw consent at any time. Withdrawal does not affect the lawfulness of processing carried out before it was withdrawn. In some cases, however, refusing or withdrawing certain data may make it impossible to complete registration or access specific services.

4. How we process data and keep it secure

We process personal data primarily using electronic systems, with methods strictly related to the purposes described above and in line with principles of lawfulness, fairness, transparency, data minimisation, and storage limitation. We use appropriate technical and organisational measures to protect data against unauthorised access, loss, disclosure, or misuse.

Measures may include, by way of example: access controls and authentication, regular backups, monitoring of system logs, encrypted channels for transmitting sensitive information, and selection of service providers that offer suitable security assurances.

5. Data recipients and international transfers

Personal data may be shared with third parties acting as processors or independent controllers, only as needed for the purposes described above. Examples include:

  • IT service providers (hosting, maintenance, event management systems, analytics tools, email platforms);
  • payment service providers and parties involved in administration and accounting;
  • logistics partners, venues hosting summits, security and accreditation services;
  • legal, tax, or other professional advisers where needed for specific matters;
  • public authorities, regulators, or other institutions where required by law or valid requests.

Some suppliers or partners may be located outside the UK. Where this happens, we take steps to ensure appropriate safeguards are in place in line with UK data transfer rules, such as adequacy regulations, approved standard contractual clauses, and additional technical and organisational measures where required.

6. Retention periods

We keep personal data only for as long as necessary for the purposes for which it was collected, taking into account legal requirements and the need to retain evidence to protect our rights.

By way of indication:

  • participation contracts, invoicing, and administrative records are retained for periods required by applicable civil, tax, and accounting rules;
  • commercial interactions and pre-contractual requests are retained for timeframes aligned with the sales cycle and our legitimate interests;
  • marketing-related data is processed until you opt out or withdraw consent, subject to limited retention needed to demonstrate compliance;
  • website usage data is generally used in aggregated/anonymised form or retained for limited periods as described in the Cookie policy.

7. Your rights

Depending on your circumstances, you may have the right to access your personal data, correct inaccurate data, have data erased, restrict processing, request data portability, and object to processing, as provided under applicable data protection law.

In particular, you can:

  • request confirmation of whether we process your personal data and obtain access to it;
  • request correction of inaccurate data or updates to outdated information;
  • request deletion in certain cases (sometimes referred to as the “right to be forgotten”);
  • request restriction of processing where conditions apply;
  • receive personal data you provided in a structured, commonly used, machine-readable format and request transfer to another controller where applicable;
  • object at any time to processing for direct marketing, including related profiling, and—on grounds relating to your particular situation—to processing based on legitimate interests.

To exercise your rights, email [email protected]. You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO), or with another competent authority depending on your location and circumstances.

8. Updates to this notice

This Privacy policy may be updated to reflect legal changes, developments in QuantQuorum services, or changes in how we process personal data. The latest version is always available on this page and indicates the date of the most recent update.

If material changes significantly affect individuals’ rights, QuantQuorum may notify users through dedicated channels (for example by email communications or on-site notices). Continued use of the services after such changes may be treated as acceptance of the updated notice, to the extent permitted by law.