Privacy policy notice for clients

Date last updated January 2025.

Where our Clients or Prospects have chosen to engage with “AKQA”, (“we”, “us”, or “our”), either before or after entering into a business agreement, we are the controller of any personal data about your business or employees that you choose to give us and are therefore responsible for processing it in accordance with the law. This excludes any personal data that you specifically ask us to process as part of the “services” we will provide.

We respect the privacy of our clients and those individuals working for our clients and recognise that when you choose to provide us with personal data, you trust us to act in a responsible manner with that information. This privacy policy contains important information about how we use personal data for the following data subjects:

  • Our clients, either historical, existing or prospective, who are natural persons; and
  • representatives or contact persons of our clients who are legal entities.

We will refer to the above together as the “clients”. If you are considered a client of AKQA we invite you to read and understand the contents set out in this privacy policy.

Applicants who are California residents should read our California consumer privacy notice for clients here.

What information do we collect?

At times we may request that information is voluntarily supplied to us by our client themselves or by the legal entity appointed by the client.

We may gather the following information about you during our engagement:

  • Identification and contact information (full name, title, email, phone, address etc)
  • Job Title, position, and name of company
  • Ownership of shares in the company
  • Business Financial information (e.g., bank account details), insofar our client is a natural person
  • Identification data relating to the delivery of products or services to our company (e.g., login details, passwords, visitor pass, IP address, online identifiers/ cookies, logs, access times, correspondence) and
  • Information required for due diligence and background checks necessary for us to conduct business with you. This may include sanctioned individuals information, information of any criminal convictions and offences, politically exposed person information (e.g. exposure to public offices or positions), adverse media reports and information in public records or news archives.

Clients should ensure their employees are aware that their data is being shared with us, as described in this policy.

How do we use it?

The primary reason we process your personal data is to approve, manage, administer or effect an agreement between AKQA and the client you represent or work for. In this respect, we use your personal data, to, issue invoices, perform accounting, manage our contract or review the services or products we supply to you. In addition, we process personal data to meet our legal obligations (such as record keeping obligations, sanction list, screening or anti-corruption obligations), as well as to manage our risks and operations (e.g. prevent and detect security threats, exercise or defend legal claims).

We are also required by law to state a “legal basis for processing”, i.e., to tell you on what grounds we are allowed to use your information, and this is also set out below:

Privacy Policy Notice for Clients 2880

Do we pass your information to third parties?

We may send your personal data to other WPP and AKQA Group companies, affiliates and third parties to help us process your personal data for the purposes set out in this policy. Further details of our group companies can be found here.

We may disclose your personal data if we or any of our assets are the subject of a sale or similar corporate transaction. We will ensure that the third parties who receive your personal data are required to keep it confidential.

We may disclose personal data to third parties when we reasonably believe we are required by law, and in order to investigate, prevent, or take action regarding suspected or actual unlawful or otherwise prohibited activities, including, but not limited to, fraud.

Our third-party business partners, including RELX (UK) Limited, trading as LexisNexis (“LexisNexis”), may provide us with your Personal Data in order to enable us to conduct background checks and screening activities, comply with our legal obligations and for other purposes as described in this Policy. LexisNexis is responsible for any Personal Data which they may collect and hold about you until it is received by us. To learn more about how LexisNexis collects and uses your Personal Data please see their privacy policy at: https://www.lexisnexis.com/global/privacy/en/article-14-bis.page.

Where do we send your information?

We are a global company and therefore we may transfer your personal data to countries around the world including the US and other countries outside Europe. We will, where the country to which your data is transferred has not been found to provide an adequate level of protection, put in place appropriate safeguards (we use standard contractual clauses) to ensure your information is protected.

How long do we keep your information?

We will keep your information for as long as is necessary to fulfil the purpose for which it was collected. The retention time is the term of the clients’ contract until any legal claims under the contract expire, unless an overriding legal or regulatory obligation arises.

How do we protect your information?

We take appropriate measures to ensure that your personal data disclosed to us is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used.

Your rights

Depending on the purposes of processing you may be entitled to ask:

  1. for a copy of the personal data we hold about you, and details about how we are processing your personal data;
  2. to have any inaccuracies in your personal data corrected;
  3. if we are processing your personal data by automated means and on the basis of your consent (see “How do we use it?”, above), for us to provide your personal data to you in a structured, commonly-used and machine-readable format. You can also ask us to provide your personal data directly to a third party in this format, and, if technically feasible, we will do so;
  4. to withdraw your consent at any time. The withdrawal of your consent will not affect the lawfulness of processing based on consent before withdrawal
  5. to object, on grounds relating to your particular situation, at any time which is based on our legitimate interest; and
  6. to have your personal data erased, or for our use of it to be restricted (for example, if your preferences change, or if you don’t want us to send you the information you have requested).

Please contact us using the details set out below if you would like to exercise any of these rights.

You may also have the right to make a complaint to the supervisory authority in your country or jurisdiction if you’re not happy with how we’ve handled your personal data.

How to contact us

If you wish to exercise any of your rights in relation to your personal information or if you have any queries about how we use your personal information, please let us know by contacting us at the following address: AKQA, 1 St John’s Lane, Clerkenwell, London, EC1M 4BL, United Kingdom or by email at yourdata@akqa.com.

Changes to this privacy policy

We review this privacy policy on a regular basis to ensure that it is up-to-date with our use of your personal data, and compliant with applicable data protection laws.

We reserve the right, at our discretion, to revise this privacy policy at any time. The updated privacy policy will be posted on our website. You are encouraged to review this privacy policy from time to time.