Effective Date: 21st May 2025
Last Updated: 21st May 2025
1. Introduction
Praxity Global Alliance Ltd (“Praxity”, “we”, “us”, or “our”) is committed to protecting and respecting the privacy of individuals and firms we interact with. As a not-for-profit global alliance of independent accountancy and professional services firms, we process certain personal and firm-related data to enable international collaboration, facilitate events, assess member engagement, and manage potential new member applications.
This policy sets out how we collect, use, and protect personal data, and how cookies are used on our websites, in line with the UK General Data Protection Regulation (UK GDPR), the EU GDPR (where applicable), and other relevant legislation.
2. Data Controller
Praxity Global Alliance Ltd
Suite 2, Beechwood
57 Church Street
Epsom
Surrey
KT17 4PX
United Kingdom
Email: Website@Praxity.com
Telephone: Tel: +44 (0) 1372 738 190
Praxity is the Data Controller for the personal data described in this policy.
3. Personal Data We Collect
We may collect and process the following categories of personal data:
a) From employees of Active Member Firms:
b) From the contact persons of Prospect Firms (Firms Applying to Join):
All data from prospect firms is held separately from active member data but is processed with the same level of security and care.
Visa Support Documents
For some global events, attendees may choose to upload visa application letters or supporting documents through our event registration platform, Cvent. These documents may contain personal information including name, date of birth, nationality, passport number, and travel details.
Praxity only requests visa documentation where necessary to assist with legitimate travel-related requirements. Submission of such documents is voluntary and only accessed by authorised personnel managing event logistics.
Cvent is a third-party event management platform headquartered in the United States. As such, visa-related data submitted via Cvent may be stored or processed on servers located outside the UK or EEA. Cvent provides data protection safeguards in line with UK GDPR, including the use of Standard Contractual Clauses (SCCs) and a commitment to secure data handling.
Praxity treats this data with the highest level of confidentiality and ensures it is retained only for the minimum period necessary to facilitate the event and comply with legal obligations.
4. Purpose of Processing
We process personal data for the following purposes:
5. Legal Basis for Processing
We rely on the following lawful bases under the UK GDPR/EU GDPR:
6. Use of Cloud Storage, Security, and Access Control
All data is stored using secure cloud-based infrastructure, primarily Microsoft Dynamics 365 CRM, in line with industry standards. We implement:
These systems are covered under our business continuity and disaster recovery plans, ensuring data resilience in the event of disruption.
We are also introducing a Microsoft Teams integration for working groups. Access is managed via Microsoft Azure B2C, with the following safeguards:
7. Third Parties with Data Access
We may provide secure, limited access to personal data to trusted third-party partners for business and operational purposes:
All third parties are contractually bound to process data only in accordance with our instructions and under appropriate data protection terms.
As a global alliance, and due to the international nature of our operations, personal data may occasionally be accessed or processed from outside the United Kingdom (UK) or European Economic Area (EEA). This may include:
Where such access or processing occurs, we ensure appropriate safeguards are in place to protect your data, including:
· Standard Contractual Clauses (SCCs) approved by the UK and/or EU
· Use of services and jurisdictions deemed adequate by the UK Government or European Commission
· Access only from secure, encrypted devices using strong authentication controls (including 2FA)
We continuously monitor international data access to ensure it remains compliant with our data protection obligations and internal security standards.
9. Data Retention
We retain personal data only for as long as it is required to fulfil the purposes described in this policy. Data is reviewed periodically and securely deleted or anonymised when no longer necessary.
10. Your Rights Under the GDPR
You have the following rights regarding your personal data:
Please contact us at website@praxity.com to exercise these rights. We may require verification of your identity.
11. Cookies Policy
What Are Cookies?
Cookies are small text files placed on your device when you visit our websites. They help us provide functionality, track usage statistics, and remember preferences.
Types of Cookies We Use:
Managing Cookies
You can manage or delete cookies at any time via your browser settings. When you first visit our website, you may be asked to accept or configure cookies using a pop-up or banner in accordance with legal requirements.
12. Contact and Complaints
If you have any questions or concerns about this policy or your data, please contact:
Data Protection Contact
Email: website@praxity.com
Telephone: +44 (0) 1372 738 190
You also have the right to lodge a complaint with a supervisory authority. For the UK the supervisory authority is: the Information Commissioner’s Office (ICO):
https://ico.org.uk