Concep are committed to protecting your privacy  

We provide marketing technologies to globally trusted brands in financial and professional services. Adhering to our clients’ strict data security and privacy policies is a top priority and we strive to exceed both clients’ and industry standards. Our marketing software architecture and feature-set, combined with our embedded ISO27001 data management and security processes, means we exceed the requirements of the most data conscious organisations.

We comply with data protection and privacy legislation in the countries in which we operate.

1. Our Details

The Data Controller in respect of our website and services is Concep Group Limited, 3rd floor, 201 Borough High Street, London, SE1 1JA.

In this document when we refer to “Concep” we mean Concep Group Limited and its subsidiaries and associated affiliates; Concep Pty Limited in Australia, Concep Inc. in the US, Concep Bulgaria EOOD in Bulgaria, and Concep Limited in the UK; (“Concep”).  All Concep companies are committed to protecting your privacy.

This Privacy Policy applies only to activities directly related to your use of Concep services, including visiting the Concep website. Our privacy policy does not apply to any third parties’ websites or services that may be linked to the Concep website from time to time. Prior to use of any third party service we strongly recommend that you read the third parties’ privacy policies prior to providing any information to such sites. Concep has no responsibility or liability for any third parties’ websites.

2. The information we collect

The information we collect about you, and the reasons we do so, will vary depending on who you are.


On our clients we hold name, address, phone and email contacts, as well as your IP address if you are contacting us through our website.

Our lawful basis for collecting personal information if you are a client, is in order to fulfil our contractual obligations to you and on the basis of our legitimate business interests in maintaining contact with clients. 

Business contacts

We may collect information about you when you download a report from our website, request a trial of our services, request information about our company, or when you attend one of our events or you meet one of our people at a third-party event.  This may include your name and contact information as well as other information regarding your business or area of interest.  If we collect this information through our website, we may also collect the information mentioned in the ‘website visitors’ section of this Privacy Notice.

We will use this information to keep you informed about developments in our business and services that we believe you will find of interest. If you have requested a trial of our services, we will use the information in order to provide the trial access, and to follow up with you afterwards on your experience of trying our services.  Our lawful basis for this use of information is that it is in our legitimate business interests as a commercial enterprise to inform potential clients and other interested parties about our services. If at any time you wish us to stop contacting you, please email and we will stop.

Information you provide voluntarily

When you contact us, register for seminars, activities and programs available, or request information or services from us, you may choose to provide us with personal data, such as your contact details. We may also collect other types of personal data indirectly through our clients’ use of our services. If you supply us with the personal data of a third person, such as your spouse, colleague, friend or client, we accept that information on condition that you have given that third party all legally required notifications about our collection of the information, and have all rights required from that third party to provide the data to us to use for our business purposes.

When you voluntarily submit personal information on our website, or through other digital channels, we may use that information to contact you with products and services we believe you will be interested in, or to provide you with products you have signed up for.  Our lawful purpose in doing so is that it is in our legitimate interests as a commercial organisation to keep in contact with people who have expressed an interest in our services and may become clients.

You can opt-out from our communication at any point by using the unsubscribe link in the footer of our e-mail campaigns. You can also contact our team here ( and request to be removed from our lists.  

Information we automatically collect

If you do not actively submit any personal information (name, email address, etc.) while on our site, there is still a possibility that personal information is being gathered. This could include location data, online identifiers such as IP addresses, along with the advertising identifier of any mobile device you use to access our digital channels.  It also includes cookies used by us or by third-party service providers.


A cookie consists of a small piece of data sent by a web server to a web browser, and stored by the browser. The data is then sent back to the server each time the user visits the website or navigates to other pages within the website This enables the website to identify and track the web browser but also to deliver the best experience to visitors.

We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to keep track of you whilst you navigate the website. Session cookies last for as long as you keep your browser open. They expire when you close your browser. We will use the persistent cookies to enable our website to recognise you each time you visit, enhancing your experience and to enable third party services. Persistent cookies expire at a fixed point in time or if you manually delete them from your browser, whichever occurs first. You can find instructions on how to delete cookies here ( and how to disable cookies here (

Please note that disabling cookies may limit your usability of our website.

Third party cookies

We use third party cookies for analytical and targeting purposes. Among the third party cookies used by us are Google Analytics and LinkedIn.

Analytical cookies track and gather data about what a user does on a website. We use Google Analytics cookies on our website. Google Analytics cookies help us understand how you engage and interact with our website, including how you came to our website, which pages you visited, for how long and what you clicked on, your location (based on your IP address). Google Analytics insert a range of cookies to provide the reporting described above and these cookies can last from 24 hours to 3 months. The information we collect using analytical cookies is collected on an anonymised basis.

Targeting cookies and similar technology (i.e., beacons) record information about your visit to and use of our website. It allows us to target visitors for advertising based on behaviours or demographic information. The information we collect through this third party using targeting cookies is presented to us as anonymised data.

Our lawful purpose for collecting personal information about website traffic is that it is in our legitimate business interests to seek to improve our website and to understand how it is being used.

3. Information from third parties

We do not source personal information from third parties.

When we are acting as a data processor, we process personal information on behalf of our clients.  Such information is processed under contractual obligations of privacy and care and in accordance with relevant data protection law.

4. Disclosure to others

Concep will not sell personal information to third parties.  We only transfer personal information to other parties as follows:

Group companies

In order to optimise our service to clients, and make best use of our resources, we may transfer personal information to our other group companies. 

Service providers

Concep uses suppliers to collect, process, store, use, analyse and/or transfer the data on its behalf. We require that these suppliers handle the personal data they process or transfer in a manner consistent with Concep’s policies, and any relevant data protection law. By submitting the personal data to us, you acknowledge and agree with your data being processed and/or transferred on Concep’s behalf by its suppliers.

Such suppliers include: hosting service providers, email and marketing communications and event app service providers, support software providers and CRM providers.  We change our suppliers from time to time, but if you would like information about which service providers we currently use, please contact us on

We use a CRM provided by Microsoft to store personal information on clients and business contacts.  This data is hosted in data centres located in the Netherlands and Ireland.  You can get more information about their privacy policies here: or

Business Partners

When we run events jointly with specially selected partners we may share such personal information as you provide during the registration process with such partner.  In such cases, it will be made clear on the registration page or form that information will be shared in this way.

Employees, freelancers and contractors

Only those personnel who need to deal with personal information as part of their job or contract with us will have access to such information.  All such personnel are under obligations of confidentiality regarding personal information.


We may need to pass personal information to certain of our advisors, such as auditors and legal advisors; and we may in certain circumstances need to share personal information with our insurers.  Any such disclosure will be made under conditions of strict professional confidentiality.

Law enforcement or other Governmental or Regulatory Authorities

Please be aware that it is possible that personal data you provide to Concep may be subject to disclosure under the law (e.g. to comply with statutory requirements, court orders or subpoenas) in the countries in which Concep operates.  If this is the case, we will contact you to inform you of this required disclosure to the extent that it is practicable and lawful for us to do so.

5. Retention policy

We keep your personal information only for so long as we have a lawful reason to keep it.  For clients, this will be for as long as you are a client plus the length of time relevant tax or other authorities require that we keep such information.  For business contacts this will be for as long as we believe you have an interest in our products and services.

6. Security

Concep uses various organisational and technical measures to protect your privacy and avoid unauthorised use or disclosure of your personal data. However, you should note that no transfer of data over the Internet is completely secure. While we use reasonable efforts to protect your data on our systems, when the data is transferred over the Internet, it may be accessed and used by unauthorised third parties. Concep has no control over the performance, reliability, availability or security of the Internet and cannot guarantee that any information transfer via the Internet or any communication through the Internet is secure.

7. Transfers outside EEA

As Concep operates on a global basis, any information (including personal data) supplied directly or indirectly to Concep may be stored overseas (for example, in Ireland), transferred to overseas Concep offices (including in the United Kingdom, United States, Australia and Bulgaria) and may be accessed by service suppliers to Concep anywhere in the world. By submitting any personal data on Concep’s site, you authorise Concep to use, process and transfer (if necessary across borders) such data, even in and to countries where the level of data protection may not be commensurate with the high standard of protection adopted by certain countries, such as the standard suggested by the EU General Data Protection Regulation and privacy legislation in Australia and Canada. In such countries, Concep will still handle your personal data in the manner described in this Privacy Policy and in accordance with relevant legislation.

8. Your rights

Individuals have rights over their personal information under the EU General Data Protection Regulation (GDPR).  To exercise, or enquire about, any of these rights in relation to Concep, please email  Please note that to exercise these rights, we may need to ask you for information to confirm your identity.  In all cases we will respond to you as quickly as possible, but in any event within the permitted time limits (normally this is 30 days).

Right of access

You may contact us to ask if we hold information about you as a Data Controller, and if so what information we hold, and on what basis we hold it.  We will reply promptly – but in any event within the legally mandated time limit.  If you contact us about any information we hold as a Processor for another Data Controller, we will pass your request to that Data Controller.

Right to rectification

If you believe the personal information we have is inaccurate or incomplete, you may let us know and if we agree that it is inaccurate or incomplete, we will correct it.

Right to erasure

In certain circumstances, you may ask us to delete all personal information we hold on you.  This might include where our lawful reason for processing no longer applies (for example, if we were processing on the grounds of consent and you withdraw consent).

Right to restrict processing

You can ask us to restrict processing of your data in circumstances where you have exercised your right to rectify information, or have challenged the lawful basis on which we process your information, or where we no longer need your information but you want us to keep it so that you can use it to create, exercise or defend legal claims.

Right to object

If we are processing your personal information on the grounds of our legitimate interests, you have the right to object to this.  We will only continue to use your personal information in the same way if we believe we have an interest which overrides your objection.  You have the right to complain to the relevant Data Protection Authority if you think we are wrong (see below). 

Right to complain

If you are concerned that we have breached a privacy law or code binding on us, or you have other cause to complain, please send an email to  We aim to respond in a reasonable time, and certainly within applicable legal limits.  Our Privacy Officer will manage your complaint and will give you additional information about how it will be handled.

You may also complain to the relevant Data Protection Authority which, in the UK, is the Information Commissioner’s Office (ICO) who you can reach at or +44 303 123 1113.  Further information about your rights under the GDPR is available on the ICO website.

9. Consequences of not collecting data

As noted above, refusal of cookies can have a negative impact on the usability of our site. 

Certain of our services can only be provided if we collect personal data from you.  This will include client services, trials of such services, attendance at events, and some of the content on our website or other digital channels.

10. Changes to privacy notice

In order to make sure this information is up-to-date and best reflects how we use personal data, we may change it from time to time.  We recommend that you check the Notice periodically.  If there is a major change in the way we collect or use data which might impact on your privacy, we will take all reasonable steps to notify you.