Welcome to the website of the IFRS Foundation and the IASB

Saturday 25 October 2014

Banner graphic

Privacy and Cookies

IFRS


 Privacy and Cookies


The International Financial Reporting Standards Foundation (the Foundation) a not-for-profit corporation under the General Corporation Law of the State of Delaware, which is operating as a registered overseas company in England and Wales (Company No: FC023235), with its principal place of business at 30 Cannon Street, London, EC4M 6XH, United Kingdom.

The Foundation incorporates the International Accounting Standards Board for the purposes of data protection and the processing of personal data.

This statement (the Privacy Statement) explains how we use the personal information we collect and provides information about the cookies that we use on this website. The Foundation has developed this Privacy Statement as we understand that the privacy and security of your personal information is an important issue to you and we are committed to protecting your privacy as a visitor to this website (the Site).

If you do not agree with this Privacy Statement and the Terms and Conditions of Use please do not use this Site.

Contents:

  1. What personal information do we collect and how do we use it?
  2. Sensitive Personal Information
  3. Sharing Your Information
  4. Direct Marketing
  5. Anonymised Analysis
  6. Cookies
  7. European Economic Area (EEA)
  8. Continued Processing
  9. Surveys
  10. Changes to the Privacy Statement
  11. Security and confidentiality
  12. Links to other websites
  13. Disclaimer
  14. Monitoring of telephone calls and e-mails
  15. Contact us
  16. Definitions

1. What personal information do we collect and how do we use it?

The Data Protection Act 1998 (the DPA) places restrictions on the processing of personal data by a data controller.

The Foundation processes your personal data for the purposes set out below. The Foundation collects personal information from you when you communicate with us using any media or in person. We may also collect personal data which relates to you from third parties.

Depending on your relationship with us, the Foundation and entities associated with the Foundation (together referred to as the Foundation) shall process your personal data for the following purposes:

  • the general objectives of the Foundation;
  • providing any goods and services ordered or requested by you;
  • marketing to you the goods and services of the Foundation;
  • providing information to you in connection with education or fundraising;
  • administration and archiving;
  • keeping you informed of and obtaining your views about the Foundation’s and selected third parties’ activities;
  • processing information relating to the Foundation’s promotional activities;
  • (if you explicitly consent) or we are otherwise permitted to do so under the Privacy and Electronic Marketing (EC Directive) Regulations 2003, sending electronic marketing communications to you keeping you informed about the activities of the Foundation or any of the activities listed here;
  • processing any enquiries or complaints raised by you and responding to any communications from you;
  • transferring to third parties with whom we have a business relationship;
  • statutory and regulatory compliance;
  • investigating any misuse by any person of our products and any accusation of wrongdoing;
  • administration of an online application for employment with the Foundation; and
  • providing information to credit reference agencies.

The Foundation will process personal data as set out in this Privacy Statement and its notification to the Information Commissioner.

Prior to processing your personal data the Foundation ensures that it is entitled to do so under a specific condition of the DPA or that you have consented to such processing. You may withdraw your consent to future processing of your personal data for some of the above purposes by clicking here.

As noted above, the Foundation may send you marketing information and by providing your contact details through the Site, you are providing your consent to receiving this. You may express your preferences in accordance with your interests in relation to marketing and other emails sent to you through the “Manage Email Alerts” section of the Site at any time.

If a statutory condition applies allowing the Foundation to process your personal data and you withdraw consent to process your personal data, this will not necessarily mean that the Foundation ceases to process your personal data as it may, for example, be under a statutory duty to do so.

2. Sensitive Personal Information

Certain personal information is categorised by the DPA as 'Sensitive Personal Data'. In some circumstances, we provide you with the opportunity to inform us of your sensitive personal data, e.g. whether or not you are registered as disabled. You may also wish to inform us about your sensitive personal data to ensure that we can provide you with the most appropriate service.

We treat such sensitive personal data with the utmost care. By providing us with this data you are consenting to our processing it for the purposes for which it was given.

Please note that if you fail to inform us of any sensitive personal data which may be relevant to your circumstances this may mean that we cannot provide you with the most appropriate service.

3. Sharing Your Information

We do not share your personal data with any third parties for marketing purposes. Please note that it may be necessary for us to share your personal data to provide you with any goods and services ordered or requested, other than marketing as outlined above.

4. Direct Marketing

You have the right under the DPA to request that we do not process your personal data for the purposes of direct marketing.  If you would prefer that we cease to send you direct marketing information, please contact us via this link.  Please note that if you do so, the only information that you will receive from the Foundation are responses to requests for services provided by the Foundation.

5. Anonymised Analysis

The Foundation will also collect information to perform anonymised, statistical analysis of your interaction with the Site.

6. Cookies

We use technology to track the patterns of behaviour of visitors to the Site. This can include using a 'cookie', pieces of information that are transferred to an individual user's hard drive for record keeping purposes. This includes your name, log-in status, confirmation that you have read our terms and conditions and (in relation to our Web Shop) items in your shopping basket. It is possible for the Foundation to retrieve the information stored in the cookie.

We use 'cookies' on this site to enable our system to recognise your computer and allow us to see how you use the Site and the eIFRS Web App. Most browsers allow you to stop receiving cookies; however, you should be aware that if you do disable cookies, you may not be able to log in, into eIFRS areas, or use our Web Shop and/or our eIFRS Web App.

The cookies function by saving your Site preferences - as a result it is possible to speed up your future activities at the Site and allow the Foundation to provide you with information specifically tailored to your interests. You can usually modify your browser to prevent this happening. The information collected in this way can be used to identify you unless you modify your browser settings. To modify your browser settings click on the help section of your Internet browser and follow the instructions.

We also use Google Analytics to monitor the use of the Site. This does mean that information generated by the cookie about your use of the Site is transmitted to Google which prepares a report setting for IFRS setting out how the Site is used. Such information will be stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of our website, compiling reports on website activity and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google undertakes not to associate your IP address with any other data held by Google.

Below we list the cookies that are used on each of the Sites. The tables explain the type of cookies that are used on the IFRS websites and a brief explanation of what they do:

 

shop.ifrs.org

 

What are they’re used for Cookie Name Default Expiration Time Description
Google Analytics __utma 2 years from set/update Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
Google Analytics __utmt 10 minutes Used to throttle request rate.
Google Analytics __utmb 30 mins from set/update Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
Google Analytics __utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
Google Analytics __utmz 6 months from set/update Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
shop.ifrs.org APTIFY_ECOMMERCE_PWD (Encrypted) When the browsing session ends Used to keep the visitor’s logged in the shop and keep the shopping cart active for the duration of the logged browsing session. We use the industry standard encryption so the password cannot be plainly read.
shop.ifrs.org APTIFY_ECOMMERCE_UID (Encrypted) When the browsing session ends Used to keep the visitor’s logged in the shop and keep the shopping cart active for the duration of the logged browsing session.
shop.ifrs.org ASP.NET_SessionId (Encrypted) When the browsing session ends Session IDs are a 120-bit random number that is represented, generally, by a 20-character string. The string is formatted so that it can be included in a URL and it does not have to undergo URL encoding. For example, the string may be used in cookie-less sessions. The most commonly used method of delivering session IDs is by using cookies to store the session IDs
shop.ifrs.org cb-enabled 1 Year Used to record the acceptance of our terms and conditions.

 

ifrs.org

 

What are they’re used for Cookie Name Default Expiration Time Description
Google Analytics __utma 2 years from set/update Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
Google Analytics __utmt 10 minutes Used to throttle request rate.
Google Analytics __utmb 30 mins from set/update Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
Google Analytics __utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
Google Analytics __utmz 6 months from set/update Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
ifrs.org cb-enabled 1 Year Used to record the acceptance of our terms and conditions.

 

eifrs.ifrs.org

 

What are they’re used for Cookie Name Default Expiration Time Description
Timezone CMS_TimeZoneOffset End of browser session Saves the time zone for the current user.
eifrs.ifrs.org JSESSIONID (Encrypted) End of browser session Used to keep the visitor’s logged in eifrs.ifrs.org and keep the session active but only for the duration of the logged in period.
eifrs.ifrs.org search-language 1 Year Used to remember the language choice for your searches.
eifrs.ifrs.org cb-enabled 1 Year Used to record the acceptance of our terms and conditions.
eifrs.ifrs.org TandCsV2 10 Years Used to record the acceptance of our terms and conditions for using eIFRS website. It will also record the version of the T&C, in case they are changed you will be required to read and agree again.

 

eifrs.ifrs.org/mobile

 

What are they’re used for Cookie Name Default Expiration Time Description
eifrs.ifrs.org JSESSIONID (Encrypted) End of browser session Used to keep the visitor’s logged in eifrs.ifrs.org/ eifrsmobile and keep the session active but only for the duration of the logged in period.
eifrs.ifrs.org/ eifrsmobile eifrsmobile_rememberme 1 Year Used to remember users of the mobile app, this will work on any mobile device that it may be compatible with.
eifrs.ifrs.org/eifrsmobile Application cache End of browser session Used to identify the user and to allow caching pages for the mobile app

 

7. European Economic Area (EEA)

Please note that information displayed on this Site or sent to the Foundation over the Internet may be transferred outside of the EEA, where data protection laws are not as strong as within the EEA. By providing your contact details through the Site, you are consenting to such transfers.  If you have any concerns in relation to such transfers, please contact us via this link.

8. Continued Processing

The Foundation may continue to process your personal data after you have ceased to be a customer or eIFRS Basic, eIFRS Professional or eIFRS Comprehensive user, ceased to otherwise engage with the Foundation, or if we have sent you any information requested by you for as long as is necessary and whilst there is a condition from the DPA which permits the Foundation to process your personal data.

9. Surveys

From time to time we ask eIFRS Basic, eIFRS Professional and eIFRS Comprehensive users to complete research surveys so we can improve the service given to them. Your response to such surveys will be used only for internal planning and development purposes.

10. Changes to the Privacy Statement

From time to time, we may amend the way in which we process personal data to enhance the level of service that we offer to you. This may lead to changes in how we collect and/or use your personal information. Any such changes will be notified to you either at the point any new personal information is collected or by us updating this Privacy Statement. Your subsequent use of this Site or submission of personal information to us will be deemed to signify your acceptance to the changes.

Security and confidentiality

Any personal information you send to us will be treated in confidence unless you are informed otherwise.

Where you are required to submit sensitive information to us, e.g. banking or credit card details, we use encryption technology to minimise the risk of unauthorised access to and improper use of your personal information. However, please be aware that despite the security measures we have in place, no computer system is completely secure and there is always some degree of risk whenever personal information is transferred.

Links to other websites

The Site provides links to other websites that offer products, services and materials we think will be of interest to you. Some of these websites are operated in conjunction with other organisations and some are operated solely by independent organisations.

13. Disclaimer

The Site sets out our views on various topics which you may wish to consider. The views expressed on the Site are not intended to constitute advice and readers should not rely on them as such. We accept no responsibility for the accuracy of our information on the Site or the use to which it is put.

The Site contains links to other websites. We have included these links, because we believe the information contained in them may be of interest to visitors to the Site. The Foundation does not endorse these websites and does not necessarily accept or agree with their content. Moreover, we do not monitor these websites and have no control over their content. Users should take this into account and the Foundation accepts no responsibility for their content. The Foundation is not responsible for the privacy policies and practices of any website which is linked to the Site.

The information on the Site is available to anyone, subject to copyright and the necessary credits to the Foundation and the individual authors. We make every attempt to ensure its accuracy and the content of the Site is based on our best judgement. However, it will not be appropriate for every person and/or organisation in all circumstances.

If you have any comments, suggestions or queries in respect of the Site please send these to publications@ifrs.org.

14. Monitoring of telephone calls and e-mails

Your telephone calls and e-mails to us may be recorded and monitored for quality control purposes. We may also intercept communications made to individual members of staff at the Foundation when this is required for business purposes.

Contact us

If you have any queries relating to this Privacy Statement or you wish to notify us about any of the matters set out above, please feel free to contact us via this link or  by writing to:

The Data Protection Officer, IFRS Foundation, 30 Cannon Street, London, EC4M 6XH, United Kingdom.

This Privacy Statement was last updated: 15 October 2014.

16. DEFINITIONS

Please find below definitions of some of the terms used in the above Privacy Statement for your information and assistance.

Processing
In the DPA “processing” means obtaining, recording, or holding the information or data or carrying out any operation or set of operations on the information or data, including:

  • organisation, adaptation or alteration of the information or data;
  • retrieval, consultation or use of the information or data;
  • disclosure of the information or data by transmission, dissemination or otherwise making available; or
  • alignment, combination, blocking, erasure or destruction of the information or data.

Personal Data

Personal data is:

  • any data from which the identity of a living individual can be determined, either by itself or with other data processed by data controller;
  • any information such as name and address, email address, telephone number and general contact details, personal data includes images on film (e.g. CCTV images), photographs and telephone voice recordings.

Sensitive Personal Data

Sensitive Personal Data means personal data consisting of information as to:

  • the racial or ethnic origin of the data subject;
  • his political opinion;
  • his religious beliefs or other beliefs of a similar nature;
  • whether he is a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992);
  • his physical or mental health or condition;
  • his sexual life;
  • the commission or alleged commission by him of any offence; or
  • any proceedings for any offence committed or alleged to have been committed by him, the disposal of such proceedings or the sentence of any court in such proceedings.