Privacy Policy

Learn what data we collect, what we do with it, and your rights

Blackpeak is a research and consulting firm that provides risk, due diligence, dispute support and business intelligence services to clients (corporates and individuals). As part of providing these services, we may gather information on clients and others and our clients may require us to collect information on individuals in order to fulfill their compliance obligations or for legitimate business purposes.

Where appropriate, we anonymise or pseudonymise personal information collected. We carry out regFular checks to ensure that we are not collecting and holding more personal information than is necessary.

Blackpeak values your privacy and cares about the way in which your personal information is treated.

This policy describes:

What personal information we collect about you.
How we obtain your personal information.
How we use your personal information.
On what basis we use your personal information.
How long we keep your personal information.
With whom we share your personal information.
How we protect your personal information.
How we process or transfer your personal information in or to different countries.
Your rights regarding your personal information.

Blackpeak refers to the Blackpeak Group of companies.

What Personal Information Do We Collect About You?

We may collect personal information from you in the course of our business, including through your use of our website, when you contact or request information from us, when you engage our services or as a result of your relationship with us, our employees or clients. The personal information that we process includes:

Basic information, such as your name (including name prefix or title), the company where you work, your title or position, your education/qualifications, other biographical details and your relationship to other people.
Contact information, such as your postal address, email address and phone number(s).
Financial and other information obtained from you.
Technical information, such as information from your visits to our website or applications or in relation to materials and communications we send to you electronically.
Information you provide to us for the purposes of attending meetings and events.
Identification and background information provided by you or collected as part of our business acceptance processes.
Personal information provided to us by or on behalf of our clients, or generated by us in the course or providing services to them, which may include special categories of data.
Any other information relating to you which you may provide to us or which we obtain in the normal course of our business.

How We Obtain Your Personal Information

We collect information from you as part of our business acceptance processes and about you and others, as necessary, in the course of providing research, consulting and related services.
In the course of our research we may use public, media, government or regulatory databases and other avenues to obtain information on the subjects of our work.
We collect personal information while monitoring our technology tools and services, including our websites and email communications sent to and from Blackpeak.
We gather information about you when you provide it to us, or when you interact with us directly.
We may collect or receive information about individuals from other sources, including human sources and social media sites, as part of our normal business research work.

How We Use Your Personal Information

Blackpeak collects and processes personal information about you in a number of ways, including through your use of our website and in the provision of services by us. We use that information:

To provide and improve our website, including auditing and monitoring its use.
To provide and improve our services to you and to our clients, including handling the personal information of others on behalf of our clients.
To provide information requested by you or by our clients as part of our ordinary research and consulting business.
To promote our services, including sending business updates, publications and details of events.
To manage and administer our relationship with you and our clients.
To fulfill our professional, legal, regulatory, compliance and risk management obligations.
For establishing, exercising or defending legal claims and to comply with laws and regulations that apply to us or the parties we work with.
As part of as part of a contemplated or actual corporate transaction such as a reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings)
For the purposes of recruitment.

Use of Blackpeak Website

A number of facilities on our website invite you to provide us with personal information, such as the vacancy application facility in the ‘Careers’ section of our website, our email queries facilities and the newsletter subscription application facility. The purpose of these facilities is apparent at the point when you provide your personal information and we only use that information for those purposes.

Our website uses Google Analytics, a web-based analytics tool that tracks and reports on the manner in which the website is used to help us to improve it. Google Analytics does this by placing small text files called ‘cookies’ on your device. When you visit our website, you will be asked for permission for us and for third-party analytics to utilize such cookies.

You may refuse the use of cookies or withdraw your consent at any time by selecting the appropriate settings on your browser but please note that this may affect your use and experience of our website. By continuing to use our website without changing your privacy settings, you are agreeing to our use of cookies.

The information that the cookies collect, such as the number of visitors to the site, the pages visited and the length of time spent on the site, is aggregated and therefore anonymous. User-level and event-level data collected by Google Analytics and associated with cookies are kept for 26 months, after which they will be permanently deleted, unless the user initiates a new session on the website.

Marketing and Other Emails

We collect personal information, such as name, email address, company, phone number and geographic location from emails and business cards and store them in our customer relationship management (CRM) software. We use information saved in our CRM to track business relationships and assess the strength of these relationships based on frequency of contact. We use that information in order to assess, analyse and improve the services that we provide.

We also use personal information from the CRM to send marketing communications by email. We use a one-pixel image which is be embedded in the footer of the campaign to track the open and read activities of the email, as well as the links the recipient has clicked. The email footer also includes an unsubscribe link, which you can click to remove yourself from the emailing list. If you receive marketing communications from us and no longer wish to do so, you may unsubscribe at any time by replying to the email or by clicking the unsubscribe link in the email.

Data deleted from the CRM and from marketing communications will be moved into the recycle bin in encrypted form and deleted permanently in line with our retention policies. Data in the CRM are hosted globally within Blackpeak Group and we use trusted vendors in the provision of and improvement of our services. Please refer to the section ‘How We Process or Transfer Your Personal Information in or to Different Countries’ below for further details.

Meetings, Events and Seminars

We will collect and process personal information about you in relation to your attendance at our offices or at an event or seminar organised by Blackpeak or its business partners. We will only process and use special categories of personal information in order to cater for your needs and to meet any other legal or regulatory obligations we may have. We may share your information with our IT and other service providers or business partners involved in organising or hosting the relevant event.

Research, Consulting and Other Services

We collect, create, hold and use personal information in the course of, and in connection with, the services we provide to our clients. We will process identification and background information as part of our business acceptance, finance, administration and marketing processes, including anti-money laundering, conflict, reputational and financial checks. We will also process personal information provided to us by or on behalf of our clients for the purposes of the work we do for them. The information may be disclosed to third parties to the extent reasonably necessary in connection with that work.

On What Basis We Use Your Personal Information

We use your personal information on the following bases:

To perform a contract, such as engaging with an individual to provide research, consulting or other services.
For the establishment, exercise or defence of legal claims or proceedings.
To comply with our legal and regulatory obligations.
For legitimate business purposes/legitimate interests.

How Long We Keep Your Personal Information

Your personal information will be retained in accordance with our data retention policy and for no longer than is deemed necessary. In respect of clients, we retain data for no longer than five years after you cease to be a client save where data may be required to be retained for a longer period to meet legal and regulatory requirements, including limitation periods for taking legal action, or for Blackpeak’s legitimate business and compliance requirements.

With Whom We Share Your Personal Information

We are an international research and consulting company and any information that you provide to us may be shared with and processed by any entity in the Blackpeak group of companies. You can see a list of our offices here and read more about ION Analytics here.

We may also share your personal information with certain trusted third parties in accordance with contractual arrangements in place with them, including:

Our professional advisers and auditors.
Suppliers to whom we outsource certain support, research or record retrieval services.
IT service providers to Blackpeak.
Third parties engaged in the course of the services we provide to clients and with their prior consent.
Third parties involved in hosting or organising events or seminars.

We take appropriate steps to ensure the confidentiality and security of your data under our contracts with these trusted third parties.

Where necessary, or for the reasons set out in this policy, personal information may also be shared with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies. While it is unlikely, we may be required to disclose your information to comply with legal or regulatory requirements. We will use reasonable endeavours to notify you before we do this, unless we are legally restricted from doing so.

Blackpeak uses social media sites such as LinkedIn and Twitter. If you use these services, you should review their privacy policy for more information on how they deal with your personal information.

We do not sell, rent or otherwise make personal information commercially available to any third party, except with your prior permission, save as described elsewhere in this Privacy Policy.

Your Obligations

You are responsible for your own compliance with all relevant data privacy laws or regulations. In particular, when using our services or accessing our systems you should not input, upload or disclose to Blackpeak, any irrelevant, inaccurate or excessive information about you or other individuals.

How We Protect Your Personal Information

We use a variety of technical and organisational measures to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction consistent with applicable data protection laws. In the event of any leak or breach of our data systems or information you have provided to us, we undertake to provide notification of such breach without undue delay and in alignment with time limits specified under applicable law.

Blackpeak is part of a group of companies that are independently audited and certified to ISO270001 standards on an annual basis.

How We Process or Transfer Your Personal Information in or to Different Countries

In Singapore, we are governed by the Personal Data Protection Act 2012 (the “PDPA“). We will not disclose your personal information to any other person without first obtaining your consent for us to do so, unless any such disclosure is permitted under any of the statutory exemptions listed in the PDPA; for example, when the disclosure is required by law, or for any investigation.

We exercise the same duty of care and confidentiality to our other clients and hence are not under any obligation to disclose to you their personal information, unless given consent to do so.

We will do our best to protect your personal data within our control by putting in place reasonable security arrangements to prevent unauthorised access, use, disclosure or similar risks. However, we cannot be responsible for any unauthorised use of your personal data by external third parties as a result of circumstances beyond our control.

In the European Union, Blackpeak is a data controller, for the purposes of the EU General Data Protection Regulation (“GDPR“), in respect of personal data obtained from EU data subjects located in (or whose data resides in) the European Economic Area (the “EEA”). It may be necessary, in providing our services and for other legitimate business reasons, to transfer data outside the EEA, or from outside the EEA to a location within the EEA.

The level of protection for information to meet GDPR outside the EEA may be less than that offered within the EEA or for those countries on its EU Data Protection adequacy decision list. Where this is the case, we will implement effective legal mechanisms so that individual rights are protected under the EU GDPR.

Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you where the processing is in our legitimate interests and not overridden by your own interests or fundamental rights and freedoms. When so required by law, we will collect personal information only where we have your consent to do so.

In Hong Kong, nothing in this Privacy Policy shall limit any rights of a data subject under the Personal Data (Privacy) Ordinance.

Your Rights Regarding Your Personal Information

The European Union’s GDPR, Singapore’s PDPA and other applicable data protection laws provide certain rights for data subjects. We aim to provide best global practice across all of the jurisdictions in which we operate, although the level of protection offered by law varies from country to country.

You may request details of the information we hold about you and how we process it unless you are the subject of a specific business investigation carried out by us for normal business reasons on behalf of a client (save for any information you yourself have provided). You can ask to have information we hold on you rectified or deleted, to restrict our processing of that information, to stop unauthorised transfers of your personal information to a third party and, in some circumstances, to have personal information relating to you transferred to another organization, save in relation to information on you gathered or processed for normal business reasons on behalf of a client.

If you object to the processing of personal information you have provided, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations.

Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve the business purposes set out above or that you may not be able to make use of the services and products offered by us. Please note that, even after you have chosen to withdraw your consent we may be able to continue to process your personal information to the extent required or otherwise permitted by law, in particular in connection with exercising and defending our legal rights or meeting our legal and regulatory obligations.

If you wish to exercise any of these rights, please contact us by email. If you have unresolved concerns, you also have the right to complain to the data protection authority where you live, work or where you believe a breach may have occurred.

We must ensure that your personal information is accurate and up to date. Therefore, please advise us of any changes to your information by emailing us.

This Privacy Policy was last updated in March 2024. Blackpeak reserves the right to make changes to this Privacy Policy without notice.

View our Terms of Service

©Copyright 2024 ION Group

ION Analytics, 1345 Sixth Avenue, 50th Floor, New York, United States of America, NY 10105. View all offices

Cookie	Duration	Description
__cf_bm	1 hour	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
wpEmojiSettingsSupports	session	WordPress sets this cookie when a user interacts with emojis on a WordPress site. It helps determine if the user's browser can display emojis properly.

Cookie	Duration	Description
li_gc	6 months	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.
wp-wpml_current_language	session	WordPress multilingual plugin sets this cookie to store the current language/language settings.

Cookie	Duration	Description
__utmzzses	session	Google Analytics sets this cookie to gather information about how a visitor uses the site.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gcl_au	3 months	Google Tag Manager sets the cookie to experiment advertisement efficiency of websites using their services.
_gd_session	4 hours	This cookie is used for collecting information on users visit to the website. It collects data such as total number of visits, average time spent on the website and the pages loaded.
_gd_visitor	1 year 1 month 4 days	This cookie is used for collecting information on the users visit such as number of visits, average time spent on the website and the pages loaded for displaying targeted ads.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.

Cookie	Duration	Description
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.

Cookie	Duration	Description
_an_uid	7 days	No description available.
GATrafficSource	session	Description is currently not available.
receive-cookie-deprecation	1 year 1 month 4 days	Description is currently not available.