Acuity Knowledge Partners rebrands to Acuity Analytics. Read press release

x

Last Updated on 10th Nov 2025

1. Introduction

Acuity Analytics (“Acuity”, “us”, “we”, or “our”) is a leading provider of bespoke research, analytics and technology solutions to the financial services sector, including asset managers, corporate and investment banks, private equity and venture capital firms, hedge funds and consulting firms, as well as insurance companies. We are also a leading service provider for specialised and highly qualified procurement and processing of corporate data on behalf of banks and insurance companies. We are also a trusted digital transformation consultancy and Microsoft partner, delivering innovative technology solutions and services that help organisations in highly regulated industries—such as insurance, pharmaceuticals, and healthcare—modernise their operations and drive efficiency.

This Privacy Notice is applicable to the personal data Acuity collects and explains how we collect, use, disclose, and protect your Personal Data (defined below) on the Acuity website or any other websites under our control (“Site”). Please read this Privacy Notice carefully together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing Personal Data about you to learn more about your rights, the information we collect and how we collect, use and protect it. This Privacy Notice supplements the other privacy notices and is not intended to override them. Your use of our website or provision of Personal Data will constitute acknowledgment of the terms of this Privacy Notice.  Acuity may from time to time update this Privacy Notice. Any changes to this Privacy Notice will become effective when we post or link to the revised Privacy Notice on the Site. Please review the “LAST UPDATED” legend at the top of this page to determine when this Privacy Notice was most recently revised.

2. Who is covered

This Privacy Notice covers any visitors to our Site, subscribers to our publications and marketing emails, attendees at our webinars, meetings or events, job applicants, clients, vendors and other third parties.

3. What information is collected

Personal data means any information about an individual that identifies the individual or can be used to identify or contact the individual.

We may collect, use, store, and/or transfer different kinds of personal data about you as required, such as the following:

  • Identifying information– such as name (given or preferred), email, phone number, company name, designation, city/location, date of birth, age, address, employment history, billing and financial information
  • Contact information- such as postal address or location, telephone number, email address, IP address.
  • Financial information- such as billing and financial information
  • Professional information- such as job titles, employment history, employer name and details
  • Transaction information- such as details about payments to and from you and other details of products and services you have purchased from us.
  • Marketing and Communications data includes your preferences in receiving marketing from us and your communication preferences.
  • Information collected via automated methods such as log data, operating system information, browser type, website use details, CPU speed, connection speed, the identification details of the device you use to access our website, IP address received from your browser or device to determine approximate location to assist with localization or for security purposes, metadata of emails and calendars.
  • Call data- such as metadata of emails and calendars, image or video, and voiceprint for identification purposes on the automatic transcript.
  • Survey data- your responses to surveys and other market research projects.

If you do not provide Personal Data:

You do not have to provide us with any Personal Data to visit the Site. However, if you choose to withhold requested information, you may not be able to visit all sections or use all features of the Site. Where we need to collect your personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you and we may have to terminate the provisions of services or decline the requested performance of a task.

4. How do we collect your information

We use different sources to collect information about you including:

a) Direct Interactions- You may be requested from time to time to provide your Personal Data via contact forms, registration forms, application forms, entry logs when you reach out to us:

  • on our Site to contact us;
  • to register for any online services or mobile applications;
  • to apply to any jobs;
  • by visiting one of our physical locations;
  • on our social media pages;
  • to register for training, webinars and meet ups, attend meetings or events we host;
  • to subscribe to our newsletters.

b) Third parties or publicly available data- Your data may be received by us through publicly available data and various third parties such as:

  • third parties sharing information with us that has been lawfully collected by them, including account intelligence services and data enrichment providers;
  • third party tools that collect information when you visit or use our Site such as Google Analytics or Hubspot; For more information, please refer to section 15 below and our .
  • our clients as necessary for the performance of our contracts;
  • public sources such as Companies House, MCA, news, websites or social media pages.

 

5. How we use your information

We will only use your Personal Data when the law allows us to. Processing of Personal Data may be based on more than one lawful ground. Please contact us if you need details about the specific legal grounds we are relying on to process your personal data.

We will only process your Personal Data where there are legal grounds for doing so which will be limited to:

  • Performance of a contract – where we need personal data to perform the contract we are about to enter into or have entered with you;
  • Legitimate interests – where it is in our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
  • Legal obligation – where we need to comply with a legal or regulatory obligation;
  • Consent – where we have your consent or where a third party has shared your information and they have your consent to use your information;
  • Vital Interests – when we believe it is necessary to investigate, prevent, or take action regarding potential policy violations, suspected fraud, potential threats to safety, illegal activities, or as evidence in litigation in which we are involved.

We may use your Personal Data to:

  • Provide and improve our services and products to you or the organisation you work for (including auditing and monitoring use of those services and products);
  • Maintain and develop our relationship with you and our clients;
  • Monitor and analyse our business;
  • Facilitate our internal business operations;
  • Fulfil our legal, regulatory (including in relation to anti-money laundering or sanction requirements), accounting, reporting, risk management or professional obligations;
  • Identify services you may be interested in;
  • Send you updates, publications, marketing and details of events;
  • For recruitment purposes, we require personal data from job applicants and candidates;
  • Protect, establish, exercise or defend legal rights;
  • Process and respond to requests, enquiries or complaints received from you;
  • Enable registration/sign-up and the upkeep of your accounts;
  • Deliver content tailored to your location;
  • Analyse and comprehend our audience, refine our service (including user interface experiences), enhance recommendation algorithms and delivery mechanisms, which could necessitate sharing personal information with our group entities, affiliates, or third-party service providers;
  • Assist advertisers in comprehending our audience and confirming the efficacy of advertising on our Site (usually in the form of aggregated traffic statistics for various site pages), while also providing you with pertinent advertisements;
  • Present you with interest-based content such as articles, stories, and news on our Site;
  • Facilitate your involvement in webcasts and webinars hosted on the Site;
  • Correspond with you regarding our service (e.g., via email), to share updates on new features and content available, promotional announcements, surveys, and to assist you with operational needs like password resets;
  • Enable participation in interactive features offered through our services.
  • Share with our customer support team to address your inquiries/concerns related to your rights or the services provided to you;
  • To provide, update, maintain and protect our services. This includes the use of information to support delivery of the services under a customer agreement, prevent or address service errors, security, or technical issues, analyse and monitor usage, trends and other activities, or at an authorised user’s request.
  • To develop and provide search, learning and productivity tools and additional features. It is in our interest and in the interest of customers to continuously improve and develop the customer support, features and user experience that we provide.
  • Account information is used to communicate with enterprise customers to resolve their queries or requests. Account information is used to send service emails and other relevant operational communications to enterprise customers. Additionally, account information is used for billing and invoicing tracking purposes, account management and other administrative matters.

This list is not exhaustive, there may be other uses not listed above; however, any processing of personal data will be based on lawful grounds as have been determined by the applicable legislation.

Your anonymized and/or pseudonymized information may be used:

  • to enhance the design and content of our Site, ultimately providing you with improved browsing experience
  • to assess content performance and analyze marketing effectiveness, reach, comparison, our digital services use to improve our services
  • to enhance personalised communications and offers for you
  • to monitor user behavior on our Site

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. While we intend to take your explicit consent, it is not always feasible and thereby, we are notifying you that such collection or processing of your personal data shall be subjected to legitimate purpose only.

When the legal ground for processing is solely your consent, you may withdraw it at any time. Please note that withdrawing your consent will not affect the lawfulness of any prior processing of your personal data.

Promotions and Surveys

We may operate sweepstakes, contests, and similar promotions (collectively, “Promotions”). Please note, BEAT Digital Services and Applications do not operate any sweepstakes, contests, and promotions. If you choose to enter a Promotion, we typically ask you for certain Personal Data when you enter and, if applicable, win a Promotion. You should carefully review the rules of each Promotion in which you participate, as they may contain additional important information about our use of Personal Data about you. To the extent that the terms and conditions of such rules concerning the treatment of your Personal Data conflict with this Privacy Notice, the terms and conditions of such rules shall control. We use this information to operate the Promotions. In some cases, for promotions carried for our clients, the survey panelists can be a third-party, in such cases the protection of personal data will be taken care of as per the data privacy notice of the third-party, Acuity will not be accountable for the data privacy controls managed by such a third-party. The promotional information may be stored on a third-party database with the hosting provider. The privacy notice of the hosting provider shall apply and supersede this privacy notice.

6. Who will have access to my information?

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know and are contractually bound in compliance with the applicable jurisdiction data privacy laws. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality. We may have to share your personal data with the parties set out below for the purposes set out in paragraph 5 above:

  • a) Intra-group transfers: We may share your information within affiliate companies from the Acuity Analytics group i.e. Acuity affiliates operating from different geographical jurisdictions other than the location where you submitted the information to perform its legal duties or offer the necessary services required by the technology.
  • b) Business Transfers: Your information may be shared or transferred during events like mergers, sales of company assets, financing arrangements, or acquisitions involving all or part of our business with another company.
  • c) Third-Party Service Providers: We may provide Personal Data to third-party service providers we use to help deliver our services and to help us run our business, including but not limited to, ERP, CRM, HCM, data analytics, order fulfillment, payment processing, virtual computing, hosting, storage services, cloud service providers, promotions and surveys, background checks and other services. Additionally, certain selected third parties approved by you may use tracking technology on our website services to analyse your interactions with them over time, helping us improve our content and understand online activity.

Furthermore, we may disclose your information to specific third parties. We have categorised each party to provide clarity regarding the purpose of our data collection and processing practices in section 4.b).

Where we transfer your information internationally, we will take reasonable steps to ensure that your information is treated securely and the means of transfer provides adequate safeguard (please see section 9 below).

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We DO NOT sell, rent, or trade your information with third parties.

7. Data Retention

We will retain your personal information only for as long as it is essential for the purposes outlined in this Privacy Notice, unless the law mandates or permits a lengthier retention period, such as for tax, accounting, or legal obligations.

Once there is no longer a valid business need or legal obligation to keep your personal data, we will either delete it or anonymize it. If deletion or anonymization is not immediately feasible, like in cases where your information is stored in backup archives, we will securely store it and segregate it from further processing until we can carry out the deletion.

General data is retained by us for a maximum of 7 years, except where there is a legal requirement in certain jurisdictions that mandate 10 years. We regularly review and delete any data that is no longer needed.

8. Protection of Data

Acuity has established reasonable organizational and technical measures to protect Personal Data within our organization from loss, misuse, or unauthorized access, disclosure, alteration or destruction. These measures encompass internal assessments of our data collection, storage, processing practices, and security procedures, involving appropriate encryption and physical safeguards to prevent unauthorized entry into systems containing personal data. We aim to ensure that access to your personal data is limited only to those who need to access it, whilst following the principle of minimization. Those individuals who have access to the data are required to maintain the confidentiality of such information. All data collected through Acuity Analytics website is securely stored in an encrypted database in accordance with industry acceptable standards. This database is housed on firewalled servers, with access restricted by passwords, multi-factor authentication, RBAC controls and tight limitations. If you have access to parts of our websites or use our services, you remain responsible for keeping your user ID and password confidential.

While our security measures are robust, it is important to acknowledge that no security system is entirely invulnerable. We cannot ensure absolute database security, nor can we guarantee that information transmitted to us over the internet will not be intercepted. Additionally, any details shared in discussion areas can be accessed by individuals with internet connectivity.

9. International Transfer

Transferring your personal data outside the United Kingdom (UK), the European Union (EU) and People’s Republic of China (PRC)

Information we hold about you may be transferred to other countries (which may include countries outside the UK, PRC or the European Economic Area (“EEA”)):

  • where Acuity Analytics do business;
  • which are linked to your engagement with Acuity Analytics;
  • from which you regularly receive or transmit information;
  • where Acuity Analytics third parties conduct their activities;
  • locations that are contractually agreed with you as an enterprise customer.

These countries may have less strict privacy laws than the UK, PRC, or EEA, which could result in disclosure of your information to regulatory agencies, governmental bodies, or private individuals. When we or our permitted third parties transfer your data outside the UK, PRC, or EEA, we will impose adequate safeguards, such as contractual obligations (Standard Contractual Clauses and/or International Data Transfer Addendum to the EU Commission Standard Contractual Clauses) on the recipients of the data to ensure that they protect your personal data to the same standard as required in the UK, PRC, and EEA.

10. Notice to Residents of the Peoples Republic of China

Your Rights Under the China Personal Information Protection Law (“PIPL”)

Pursuant to the China Personal Information Protection Law (“PIPL”), and subject to certain exceptions and limitations, residents of the Peoples Republic of China can contact us to exercise the rights described below with respect to certain personal information that we hold about them. Relatives of deceased persons about whom we hold personal information may, for their own lawful and legitimate interest, exercise these rights.  To the extent those rights apply to you, they are described below in section 13.

11. Additional Information for Residents of the DACH region

Your rights are protected in accordance with applicable laws, including the EU GDPR, the German TTDSG, Austrian DSG and TKG, and the Swiss Federal Act on Data Protection (FADP). Personal data shall be collected and processed solely for specified, explicit, and legitimate purposes, based on the legal grounds set forth in Article 6 GDPR and corresponding national provisions. Where consent is required for the use of cookies, tracking technologies, or electronic communications, such consent shall be obtained in accordance with TTDSG §25, TKG §96(3), and FADP Art 6 and in line with clause 13 of this Notice.

Data subjects are entitled to exercise their statutory rights, including access, rectification, erasure, restriction of processing, data portability, and the right to lodge a complaint with the competent national supervisory authority. Transfer of personal data to third coutries shall only occur under the adequate safeguards pursuant to Chapter V GDPR or equivalent Swiss national law provisions.

12. Additional Information for India

In accordance with India’s Digital Personal Data Protection Act (DPDPA) and the 2025 Rules, you have specific rights regarding your personal data, including access, correction, erasure, and grievance redressal. Whenever the legal basis for processing is your consent, it must be free, specific, informed, unconditional, and unambiguous. Personal data, associated traffic data and other processing logs will be kept for one year from the date of the processing for purposes specified in the Seventh Schedule of the Rules, even if there is a deletion request or the processing purpose has been fulfilled.

You can report concerns or complaints directly to the Data Protection Board of India.

13. Data Subject Rights

Where can I file a request to access, rectify or remove my data?

We acknowledge and uphold the rights granted to individuals under their respective local Data Protection legislation. If these rights apply to you, you can exercise them regarding the data we have by reaching out to us at the address provided below. These rights encompass:

  • The right to receive information about the processing of your personal data and to understand what data we possess.
  • The right to correct or rectify the information we hold.
  • The right to restrict processing of your personal data in certain circumstances.
  • The right to access your data and exercise data portability rights.
  • The right to have your data erased (the right to be forgotten).
  • The right to withdraw any previously granted consent, such as for direct marketing communications. If your data was processed based on your consent and you wish to withdraw that consent, please do not hesitate to contact us by reaching out to the competent Data Protection Officer according to your location as specified in section 14 below. Withdrawing consent will not affect the lawfulness of our use of your personal data in reliance of that consent before it was withdrawn.
  • The right to opt out of the sale of your data (in accordance with the California Consumer Protection Act of 2018 “CCPA” and Virginia Consumer Data Protection Act “VCDPA”). Please note that we do not sell, rent or trade personal data.
  • The right to non-discrimination for exercising your rights.
  • The right to object to or request human intervention in fully automated decisions.
  • The right to file a complaint with a local Privacy and Data Protection Regulatory body.
  • There are additional rights pertaining to the China Personal Information Protection Law (“PIPL”), as described above in this document.

You may also have the right to submit a complaint to the relevant supervisory authority in your jurisdiction.

If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details to help us confirm your identity, consult with other parties and keep records regarding your complaint.

14. Data Protection Officers and Local Representatives

To meet the requirements of data protection laws across various jurisdictions, we have appointed a Group Data Protection Officer (DPO).

The DPO is responsible for overseeing our compliance with local data protection regulations, monitoring our data handling practices, and implementing the technical and organisation measures to protect your personal data. We have established regional Local Representatives to managing data subject rights inquiries and requests, and serving as a primary point of contact for both individuals and supervisory authorities/ICO within their respective jurisdictions. The contact details for the DPO and regional Local Representatives are published below, ensuring that you may easily exercise your data protection rights or raise any privacy concerns relevant to your location.

Global DPO:

Samiran Rajkumar

DPO@acuityanalytics.com

EU/EEA (including the DACH region) Local Representative:

Mickey Mitic

LR-EU-DACH@acuityanalytics.com

UK Local Representative:

Joyce Church

LR-UK@acuityanalytics.com

China Local Representative:

Bill Yuan

LR-China@acuityanalytics.com

India Local Representative:

Gaurav Sood

LR-India@acuityanalytics.com

16. Cookies Policy

A cookie is a small text file delivered to and stored on a visitor’s computer. We may use cookies on our website in order to help us improve your experience when you browse our Site. Only strictly necessary cookies, as defined below, will be enabled when you enter the Site. Any non-essential cookies are disabled by default and need your consent to be enabled.

We categorize cookies used on our Site into four types:

  • Strictly necessary- Strictly necessary cookies are essential for the Website to function properly and cannot be disabled in our systems. They are typically activated in response to actions you take that require services, such as setting privacy preferences, logging in, or filling out forms.
  • Analytics and Performance- Analytics and Performance cookies help us track website analytics by counting visits and traffic sources, allowing us to measure and improve the Website’s performance. These cookies may be set by us or by third-party providers, and they help us determine which pages and videos are the most and least popular and how visitors navigate the Website.
  • Functional- Functional cookies provide enhanced functionality and personalization based on your interactions with the Website. Like Analytics and Performance cookies, these may be set by us or by third-party providers, whose services we have incorporated into our pages.
  • Advertising and Targeting- Advertising cookies may be set by our advertising partners, such as Adobe, and they enable those companies to create a profile of your interests and display relevant ads on other websites.

Do Not Track

Do Not Track (“DNT”) is a preference in your browser that you can enable to warn websites you visit that you do not want them to collect certain information about you. Acuity does not respond to DNT signals. If you object to Acuity’s practice with respect to DNT signals, you may choose not to participate in or use Acuity’s services by following the procedure described below.

As part of Acuity’s Online Advertising Effectiveness Program, Acuity authorizes its contractors, partners or customers to discontinue, deploy or develop third-party technologies to facilitate audience measurement and advertising recall activities. Acuity assumes no responsibility for third parties’ compliance with or response to DNT signals.

17. Use of this Site by Minors

This Site is not directed to individuals under the age of eighteen (18), and we request that these individuals do not provide Personal Data through this Site. We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records.

18. Privacy Notice revisions

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Last Update” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.

19. Applicable Privacy Laws

This notice is defined and adopted to the best of our efforts to comply with the privacy and electronic communication laws but not limited to EU GDPR, UK GDPR, CCPA, PIPL, FADP, BDSG, India’s DPDPA and Information Technology Act 2000 and amendment act 2008 and other relevant applicable laws wherever Acuity operates from.