Skip navigation

Editions Publishing Limited (trading as Editions Financial) is part of the Paragon Group. For information on how Paragon Group processes personal data, please click here .

Editions is committed to protecting the personal data of all individuals that we interact with. This notice details the ways in which we collect and use your personal data, as well as the rights you have over its use. It also allows us to provide you with key transparency information about why we collect certain personal data and who it may be shared with.

If you have any questions about how we process your personal data, please contact our Head of Data Protection or Data Protection Officer at:



This privacy notice applies to the activities of Editions Financial (‘Editions’), a legal entity operating in the UK, and part of the Paragon Group.

Paragon’s various businesses are also registered as Data Controllers with the ICO under Z9590394, Z6941941 and Z9471827.


How do we collect personal data?

We may process your personal data when we collect it directly from you. This is likely to be:

  • When you apply for a job with us
  • When you become a freelance partner of ours (such as writers, videographers, editors, designers)
  • When you make an enquiry (via live events, when you give us your business card, post, email or phone or via our website)
  • When you subscribe to any of our newsletters
  • When you visit our website and interact with our cookie banner

We also process personal data when we collect it indirectly from another source. Examples of this include:

  • When one of our clients shares your personal data with us
  • When we are sent your CV by one of our recruitment partners
  • When we receive complaints or reports through our Whistleblowing process
  • When one of our employees includes your details as part of their emergency contact
  • When you visit one of our sites and are captured on CCTV


What personal data do we process about you?

We process the following personal data:

  • Contact details – your name, email address, postal address, and telephone number.
  • Login/Credentials – your username and password.
  • Financial – your payment card details, including card number, expiry date and security number. We may also process your bank account information so that we can pay you directly.
  • Device details – information that helps identify the type of device used to access our website, such as model, age, and operating system.
  • IP address – this is a unique address assigned to your device. We obtain this when you visit our website.
  • CCTV images – your image may be captured on our CCTV should you visit any of our sites.


Our purposes for the processing of your personal data
Purpose Our lawful basis Our legitimate interests (if applicable)
Direct marketing Article 6 (1) (f) – legitimate interest To promote our own products and services to B2B customers.
Detection and prevention of fraud or other unlawful activity Article 6 (1) (f) – legitimate interest To protect us and our clients against any suspicious or potentially fraudulent activity, as well as situations where we may need to defend our legal rights.
Client relationship management Article 6 (1) (f) – legitimate interest To set up and manage client accounts so that both Editions and our clients can interact efficiently.
Network and information security Article 6 (1) (f) – legitimate interest To protect the confidentiality and integrity of information (including personal data) on the Editions network.
Crime prevention Article 6 (1) (f) – legitimate interest To assist with any lawful request received from a law enforcement organisation.
Responding to and managing Subject Access Requests Article 6 (1) (c) – legal obligation N/A
Improving our products and services Article 6 (1) (f) – legitimate interest. To better understand our clients’ needs and to help tailor our product offering in the future.
Arranging access to our sites Article 6 (1) (f) – legitimate interest. To ensure the security and safety of our sites.
To assist with auditing requirements Article 6 (1) (f) – legitimate interest To help us maintain our certifications and relationship with our clients.
Maintaining our website (necessary cookies) Article 6 (1) (f) – legitimate interest To help us maintain the security and performance of our website and to give you the best possible browsing experience.
Maintaining our website (all other types of cookies) Article 6 (1) (a) – consent N/A

Please note that the information above isn’t necessarily an exhaustive list and we may from time-to-time process different types of personal data, depending on the circumstances. We will, however, always aim to ensure you are aware of the personal data we are processing and the reasons why.

In addition to the above, there may be occasions where we need to rely on one of the following lawful bases. These may be applicable where we process sensitive information (known as ‘special category’ data):

  • processing is necessary for the establishment, exercise or defence of legal claims.
  • processing is necessary to protect your vital interests (for example, where there is a medical emergency).
  • processing is necessary for reasons of substantial public interest (for example, for the purposes of equality monitoring).


Who do we share your personal data with?

As a principle, we only share your personal data where it is necessary and where there is a business reason to do so. We will share your personal data internally within Editions as well as external third parties, only where necessary.

In order for us to provide some of our products and services, we may share your personal data with our third-party suppliers. For example, this may include suppliers of our marketing and financial record-keeping systems. When we engage a third-party supplier to process personal data on our behalf, we put in place contracts that ensure that they can only process the data as we instruct and not use it for any other purpose.

We would typically share personal data with the following:

  • Freelancers – these are usually sole traders that specialise in content such as video editing, writing or creative design.
  • Recruitment agencies -we may receive your CV from one of our partner recruitment agencies
  • Paragon Group – we may, from time to time, share data with our parent company when necessary. This may include personal data relating to prospective employees (as part of our onboarding process or for our own internal auditing purposes)

In certain circumstances, it may be necessary to share your personal data with law enforcement organisations, or when we need to exercise or defend any of our legal rights.


Where is my personal data shared?

Most of our core processing activities take place within the UK and the EEA. There are occasions where we may need to transfer your data overseas to either one of our overseas group companies, or to one of our third-party suppliers. Where we do transfer your personal data overseas, it will only be for the same purposes as stated in this notice.

We only transfer your personal data overseas where we are satisfied that appropriate safeguards are in place. These ensure that your personal data is processed to a similar standard as it would be in the UK. Where Standard Contractual Clauses are used, we undertake an assessment of the recipient country to satisfy ourselves that there would be no impingement on your data protection rights.


How long do we keep your personal data?

We only retain personal data for as long as it is required. If we no longer have a purpose for it, or that purpose has been fulfilled, we will no longer process your personal data. We’ll only process your data for the purposes set out in this privacy notice unless we are required by law or process it for a different purpose or to retain it for longer than usual.


What data protection rights do I have?

You have the following rights in relation to the processing of your personal data:

  • To be informed of how and why we process your personal data. This privacy notice covers our core processing activities.
  • Ask that we amend any inaccurate (or incomplete) data about you.
  • Object to certain uses of your personal data.
  • Ask that we temporarily restrict the processing of your personal data. We would generally apply this when we need to investigate further.
  • Ask that we provide you a copy of your personal data.
  • Ask that we erase or delete certain personal data. This is context specific, and we may not always be required to comply.
  • Withdraw any consent that you have given us.
  • Ask that we provide a copy of your personal data in common machine-readable format (such as CSV).

Please note that we don’t conduct any ‘automated decision making’ as defined by the UK GDPR, so rights in relation to this type of processing wouldn’t apply.


How to complain

If you have any questions or concerns about how your personal data is being processed, please contact the Head of Data Protection, or alternatively you can email your concerns to

If you are not satisfied with the response we give you, you have the right to make a complaint to the Information Commissioner’s Office, the UK regulator. Further details can be found here: