top of page

Client Vendor Portal User
(Vendors of our clients who complete ESG surveys via the Vendor Portal on )

Personal data that we hold and how we use it:

As a Vendor Portal user we hold the contact information for designated party at the vendor organization who completed the ESG, security or other survey at the request of, and for submission to, our client. This data would have been sourced from you directly.

Lawful basis for processing:

All Vendor Portal data is processed to enable us to fulfill our contract with our client  and to manage our relationship with you as a Vendor survey respondent.

Data Sharing and Transfers

Like most companies, we use a number of other companies as part of our data processing, for
example cloud services and technology services. We have Data Processing Agreements in
place with these providers.  Where you are UK or EU based and data is transferred outside of the
UK/EEA, we ensure that appropriate protection and mechanisms are in place, for example
Standard Contractual Clauses. We do not sell your data to anyone.

Retention Periods

We hold contact information for Client Vendors for the length of time that the client contract is in place, plus up to an additional 90 days for the client to be able to access and copy it if they wish.


bottom of page