Global Data Protection & Compliance Policy

🌐 Influencer Trade Ltd – Global Data Protection & Compliance Policy

Last Updated: 17 September 2025

1. Introduction

Influencer Trade Ltd ("we," "us," or "our") is a global lead generation provider operating in the UK, Australia, Singapore, New Zealand, and other international markets. We are committed to protecting personal data in accordance with the highest applicable standards, including the UK GDPR, the Australian Privacy Act, Singapore's PDPA, and New Zealand's Privacy Act.

This policy explains how we collect, use, and safeguard data globally. For questions, contact us at:
Email: Fabien@influencertrade.co.uk | Website: https://influencertrade.co.uk

2. Our Global Approach to Data Collection & Legal Basis

We process data under legitimate interest for B2B marketing and explicit, verifiable consent for all B2C communications worldwide.

A. Data We Collect:

Personal Identifiers: Name, email, phone number
Professional Data: Job title, company, investment preferences, property portfolio details
Technical Data: IP address, browser type, engagement data (via compliant analytics tools)
Consent Records: Source, timestamp, and scope of all opt-ins

B. Legal Bases for Processing:

PurposeLegal BasisGlobal ApplicationB2B MarketingLegitimate InterestApplied for business professionals in all regions where permitted by lawB2C MarketingExplicit ConsentRequired for all consumer communications globallyAnalyticsLegitimate InterestUsed to improve services across all marketsLegal ComplianceLegal ObligationFinancial records retained for tax authorities worldwide

3. How We Work With Data Globally

A. Marketing & Lead Generation:

We use legitimate interest to contact B2B professionals across all operating regions
For B2C communications, we rely exclusively on explicit consent obtained through clear opt-in forms
All leads are verified for consent compliance before delivery to clients

B. Data Retention:

B2B Data: 24 months or until opt-out
B2C Data: Immediately deleted upon consent withdrawal
Legal Records: 6 years for financial compliance (aligned with international requirements)

4. International Data Protection & Transfers

A. Security Measures:

Enterprise-grade encryption and access controls
Regular security audits and compliance monitoring
Staff training on global data protection requirements

B. Global Data Transfers:

Primary data storage in UK/EU servers with GDPR adequacy
International transfers use approved safeguards:
- Standard Contractual Clauses (EU/UK)
- Binding Corporate Rules
- Adequacy decisions for approved countries

C. Third-Party Processors:

All vendors operate under Data Processing Agreements (DPAs)
Regular due diligence on international compliance
Vendor monitoring for global standards maintenance

5. Your Rights Across All Regions

You have the right to:

Access your personal data
Rectify inaccurate information
Erase your data (where applicable)
Object to processing
Data portability
Withdraw consent (B2C)

Response Time: We respond to all requests within 30 days, aligning with global standards.

6. Consent Management (Global B2C Standards)

We maintain the highest consent standards worldwide:

A. Clear Opt-In Requirements:

Granular consent options for different processing activities
Plain language explanations of data use
No pre-ticked boxes or implied consent

B. Easy Withdrawal:

Unsubscribe links in all communications
Direct consent withdrawal via email
Processing of opt-outs within 24-48 hours

C. Audit Trails:

Complete records of consent timing, source, and scope
Regular compliance audits
Documentation available for client review

7. International Compliance Framework

Our Regional Compliance Includes:

UK: UK GDPR & Data Protection Act 2018
Australia: Privacy Act 1988 & Spam Act 2003
Singapore: Personal Data Protection Act (PDPA)
New Zealand: Privacy Act 2020 & Unsolicited Electronic Messages Act

Key Regional Requirements:

RegionConsent StandardUnsubscribe TimelineSpecial RequirementsUKExplicit for B2C48 hoursPECR complianceAustraliaExpress consent5 business daysClear sender identificationSingaporeDeemed consent48 hoursDo Not Call registry checksNew ZealandDeemed consent48 hoursClear purpose statement

8. Data Sharing & Partner Compliance

We share data only with:

Verified Partners: With explicit consent for specific campaigns
Compliant Processors: Under strict Data Processing Agreements
Legal Authorities: When required by international law

All partners undergo compliance verification before data sharing.

9. Global Data Breach Response

Our international breach response includes:

72-hour notification to relevant supervisory authorities
Immediate communication to affected individuals where required
Cross-border cooperation with international regulators
Comprehensive mitigation measures

10. Contact & Complaints

For global privacy questions or complaints:
Email: Fabien@influencertrade.co.uk

Supervisory Authorities:

UK: Information Commissioner's Office (ICO)
Australia: Office of the Australian Information Commissioner (OAIC)
Singapore: Personal Data Protection Commission (PDPC)
New Zealand: Office of the Privacy Commissioner

11. Policy Maintenance

We review this policy quarterly to ensure ongoing global compliance. Updates are posted on our website with clear version control.

This policy aligns with international standards including GDPR Articles 12–14, Australian Privacy Principles, Singapore PDPA, and New Zealand Privacy Act requirements.