We respect your privacy and we are committed to protecting your personal data.
Page updated 17 November 2021.
This privacy notice will inform you as to how we collect, use and protect your personal data. It will also tell you about your privacy rights and how the law protects you.
Purpose of this privacy notice
This privacy notice aims to give you information on how we collect and process your personal data.
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
Iress is made up of different legal entities, details of which can be found here: Iress Legal Entities. This privacy notice is issued on behalf of the Iress Group so when we mention “Iress”, "we", "us" or "our" in this privacy notice, we are referring to the relevant company in the Iress Group responsible for processing your data.
If you have any questions about this privacy notice or any questions or concerns regarding the manner in which your personal data is being processed please send your query to:
Our EU Representative
If you are resident in the EU you may raise any issues or queries relating to our processing of your personal data with our EU representative (appointed pursuant to Article 27 of the GDPR).
Our EU representative is Iress SAS, a member of the Iress Group incorporated in France. Our EU representative can be contacted directly by emailing them at the following address: email@example.com
Changes to the privacy notice
We keep our privacy notice under regular review. This version has been published on 17 November 2021. Historical versions of our privacy notice can be obtained by contacting us. Details of previous versions of this privacy notice can be found in section 11.
Your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes by contacting us.
Third-party links and embedded content
This website may include links to third-party websites and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements or the manner in which they process your personal data. When you leave our website, we encourage you to read the privacy notice of every website you visit.
This website may also include embedded third-party content. Any embedded content that references a third party’s name or trade mark may be embedded third-party content. Interacting with that third-party content may allow third parties to collect or share data about you. We are not responsible for the manner in which third parties may process your personal data following your access of such content (including their delivery of cookies); nor are we responsible for third-party privacy statements. When you access embedded third-party content, we encourage you to read any associated privacy notice provided by a third party related to the embedded content (which may require you to follow links to the third party’s privacy notice or website).
Personal data means any information about an individual from which that person can be identified. It does not include anonymised or aggregated data, where it is not possible to identify an individual from that data.
We may collect, use, store and transfer different kinds of personal data about you, and we have grouped this together as follows:
Identity data - includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender. If you attend our offices, we may collect details of your car registration.
Contact data - includes billing address, postal address, email address and telephone numbers.
Financial data - includes bank account and payment card details.
Transaction data - includes details about payments to and from you and other details of products and services you have purchased from us.
Technical data -includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website, products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs).
Profile data - includes your username and password, purchases or orders made by you and any requests for support, your interests, preferences, feedback, survey responses, entries to competitions or promotions, and where you have registered for training or an event.
Usage data - includes information about how you use our products and services, this website, or any other Iress websites you may visit, for example the ‘Iress Community’ website or the ‘Iress Learning Centre’ website).
Marketing and communications data - includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share aggregated data such as statistical or demographic data. aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your usage data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
If you do not provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you do not provide that data when requested, we may not be able to perform the contract we have in place with you, or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
Automated technologies or interactions. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies. Please see our cookies policy for further details.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data:
The lawful basis on which we will rely in processing your personal data will depend on the purpose for which we are using it – further details are set out in the following paragraph.
Purposes for which we will use your personal data
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data on more than one lawful basis depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific lawful basis we are relying on to process your personal data where more than one lawful basis has been set out in the table below.
|Version||Date||Detail of change|
|1.0||May 2018||First published|
|1.1||July 2019||References to IRESS changed to Iress to reflect brand change|
|1.2||18th February 2020||Minor update to paragraph 1: including update to Iress compliance email address.
Minor grammatical updates to paragraph 2.
Minor update to paragraph 3 including grammatical updates and an update to how personal data is collected via direct interactions.
Update to paragraph 4 regarding storage of customer personal data on customer relationship management system. Other minor updates to paragraph 4.
Update to paragraph 5 regarding the activities that are carried out by external third parties in relation to the processing of customer data. Other minor grammatical updates to paragraph 5.
Update to paragraph 8 to include anonymised data being used for commercial purposes.
New paragraph 11 setting out version control.
|1.3||18 December 2020||Update to paragraph 1 to include a reference to our EU Representative, including a minor update to the publishing date of this privacy notice.
Update to paragraph 11 to include a reference to the new version of this privacy notice.
|1.4||10 May 2021||Update to include new URL for marketing preference page in the UK|
|1.5||17 November 2021||Paragraph 1 - amendments to Contact Details
Paragraph 2 - update to description of ‘usage data’
Paragraph 4 - updates to the table setting out the purpose for which we will use your personal data
Paragraph 5 - updates to the third parties to whom we may provide your personal data
Paragraph 6 - updates to the section regarding international transfers of personal data to reflect the UK’s withdrawal from the EU and the invalidity of the Privacy Shield.
Paragraph 9 - updates to include reference to the CNIL as the supervisory authority for France
We are required to comply with all applicable privacy legislation in the jurisdictions in which we conduct our business.
Iress Ltd and its branches and subsidiaries ("Iress", "us" or "we") are committed to protecting the personal information we hold.
This privacy notice describes the type of information we collect, how we use and disclose it and how we protect that information. By providing us with your information, you consent to us collecting, using, disclosing and transferring that information as set out in this privacy notice.
At times we may request that you supply us with personal information. Generally this information is requested when you subscribe for a product, or request a service or information from us - such as when you request a fact sheet or a demonstration of our products and services.
Personal information which we may collect from you includes the following:
Although we generally only collect information that has been provided directly by you, there are times that we may collect information from third parties e.g. a company that provide services to us or an information service provider.
Your information is collected and may be used by us:
We may keep your information for a reasonable period for these purposes.
We may share your personal information with:
Where we wish to share your personal information with third parties who are not listed above then we shall seek your consent before doing so, unless the data is anonymised (i.e. it doesn’t identify individuals) – in which case we may share the information without first obtaining your consent.
We may disclose your information to members of our corporate group located overseas. Countries in which we are based include Australia, the United Kingdom, Singapore, Malaysia, Hong Kong, South Africa, New Zealand and Canada. We have appropriate controls in place in relation to intra-group transfers.
In addition, we may transfer your information to countries or jurisdictions which do not provide the same level of data protection as the country in which you reside (including without limitation to the US), if necessary for achieving the purposes set out above. If we do make such a transfer, we will, if appropriate, put a contract in place to ensure your information is protected.
By submitting your personal data, you agree to such transfer, storing and processing as set out above. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice.
Please see our cookies policy.
We may share your information with our business partners for marketing purposes or we may send you information about other organisations' products and services. We may contact you by mail, telephone, fax, email or other electronic messaging service with offers of products, services or information that may be of interest to you. By providing us with your contact details you consent to being contacted by these methods for these purposes. If you do not wish to receive marketing information from any companies within our group or our business partners (other than on the website which you have requested information about) please indicate this on the relevant form where we collect your information, or contact us using the details below.
We take appropriate steps and maintain electronic, physical, procedural and organisational safeguards using industry standard techniques and controls to protect the information we hold (including your personal information) from misuse, loss, unauthorised access, modification or disclosure.
We reserve the right, at our discretion, to change, modify, add or remove portions from this notice at any time so we encourage you to review this privacy notice regularly.
Our corporate website contains links to other websites, including social media sites and widgets. We are not responsible for the content or privacy practices (including the delivery of any cookies) of these websites. We strongly encourage you to read the privacy notices and policies of those websites before providing those third parties with your information.
You have the right to access, request corrections to and copies of the personal information we hold about you. For quality control and training purposes we may monitor or record your communications with us.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal information are available on request. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer an employee, worker or contractor of the company we will retain and securely destroy your personal information in accordance with our data retention policy.
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact firstname.lastname@example.org. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you have any questions or comments about this privacy notice, or any concerns about our handling of your personal information, please contact our Compliance Manager whose contact details appear below.
If you wish to make a formal complaint, please make your complaint in writing to our Compliance Manager. We will consider your complaint promptly and contact you to seek to resolve the matter.
The Compliance Manager
Level 16, 385 Bourke St, Melbourne, VIC, 3000
Phone: +61 3 9018 5800
Iress is a technology company providing software to the financial services industry.
Our software is used by more than 10,000 businesses and 500,000 users globally.