This page explains how and why we use personal data to communicate FCA news and events, including our newsletters. It also includes information on why we use personal data when you register to attend a FCA event (including webinars and virtual online events).
The personal data we use
When people sign up for our newsletters we collect their email address.
We hold the names and contact details of individuals acting in their capacity as representatives of their organisations.
If you wish to attend one of our events, you will be asked to provide your contact information including your organisation’s name and email address.
How we collect this personal data
We collect email addresses when people sign up for our newsletters on our website. Personal data for event registration is collected via registration forms and we may sometimes use third parties to carry out this on our behalf.
We collect names and contact details of individuals acting in their capacity as representatives of their organisations during their professional engagement with us. We engage through verbal and written input, consultation papers and dialogue with other regulators, industry bodies and regulated firms.
Why we use this personal data
We use the email addresses provided when people sign up for our newsletters on our website to send them the newsletter they have signed up for.
We will sometimes use the contact details of those who we have a relationship with in their capacity as representatives of their organisation to invite them to FCA events relevant to their relationship with us.
We use event registration information to facilitate the event and provide you with the required service. We also need this information so we can communicate with you.
The lawful basis for us using this personal data
We use this personal data under Article 6(1)(e) of the GDPR (it is necessary for the performance of a task carried out in the public interest) and Section 8(c) of the DPA 2018.
Since some activities are entirely optional for an individual’s participation, where necessary we obtain appropriate consent from the individuals who participate in such activities, under GDPR Article 6(1)(a) and/or Article 9(2)(a).
When we share personal data with third parties
We regularly use third-party agencies to communicate the FCA newsletters and for event registration subscribers.
For example we use a third-party provider – Granicus – to deliver some of our newsletters through its GovDelivery platform.
When this personal data is transferred outside the EU
Some of these third parties transfer data outside the EU in their provision of services to us.
Before we transfer personal data outside the EU, we have robust processes to ensure that appropriate safeguards are put in place to protect any personal data included in such a transfer. If you would like to obtain more details about the safeguards that we have in place with regard to any personal data about you that we may transfer to a particular non-EU country, please contact us.
Learn about your rights
Under the GDPR, individuals have a number of rights relating to their personal data.
Read more about your rights and how to exercise them.
Read more about how to contact us.