At Prompt Inc and Prompt Communications Ld. we respect your privacy and we are committed to keeping your personal data secure. This notice (the “Privacy Notice”) explains how we use personal data that we collect or is provided to us.

“Prompt”, “we” or “us” means Prompt Inc. and Prompt Communications Ltd.


This Privacy Notice governs and explains the handling and processing of personal data by Prompt in the course of carrying out our business activities.

Prompt is responsible for ensuring that we use your personal data in compliance with applicable data protection and privacy laws.


The nature of our relationship with you will determine the kind of personal data we might ask for. Such information includes:

Information about you: your name, date of birth, contact details, personal email address, home address, professional information or employment related information, educational information or background, passport details, driver’s license details or other similar identification numbers and documents.

Information that is automatically collected: details about your use of Prompt website which may include internet browser history, IP addresses, and access to application forms.

Information about our contact with you and information we generate internally about our relationship with you:

files that we may produce as a record of our relationship with our clients and prospective clients, including, but not limited to, preferences and contact history;

any personal data that you provide during telephone and email communications with us which we may monitor and record in order to resolve complaints, improve our service and in order to comply with our legal and regulatory requirements;

commercial information, such as records of the products or services our clients currently use from Prompt or have inquired about obtaining from Prompt.

Information that we obtain from other sources:

information from publicly available sources (including third party agencies such as credit reference agencies; fraud prevention agencies; law enforcement agencies; public databases, registers and records such as Companies House and the FCA Register; and other publicly accessible sources);

information obtained from sanctions checking and background screening providers.

Information classified as ‘sensitive’ personal data: information about your nationality, place of birth, medical and health related information, disability status, biometric data, or details of political affiliations.


Your personal data may be stored and processed by us in the following ways and for the following purposes:

to manage your relationship with Prompt;

to assess clients’ and prospective clients’ applications or contracts for Prompt products and services;

to keep our records up to date;

for ongoing review and improvement of the information provided on Prompt’s websites to ensure they are user friendly and to prevent any potential disruptions or cyber-attacks;

to monitor IT systems in order to protect against cyber threats or malicious activity including abuse and misuse;

to communicate with clients and prospective clients in order to provide services or information about Prompt’s products and services;

to effectively manage and strengthen client and prospective client relationships, understand client and prospective client needs and interests and learn more about our clients and prospective clients in order to develop, improve and manage the products and services we can offer;

for the management and administration of Prompt’s business; or

in order to comply with and in order to assess compliance with applicable laws, rules and regulations, and internal policies and procedures.


We may use your personal data in these above described ways for a variety of reasons, namely:

we are performing our contractual obligations with you

we have obtained your consent

we have legal and regulatory obligations that we have to discharge

we may need to in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings:

the use of your personal data as described is necessary for legitimate business interests:, such as:

allowing us to effectively and efficiently manage and administer the operation of our business;

maintaining compliance with internal policies and procedures; and

enabling quick and easy access to information on Prompt products.


We may share your personal data within Prompt for the purposes described above. We may also share your personal data outside of the Prompt as further described below or as permitted by law:

with our business partners who will be subject to appropriate data protection obligations;

with representatives, agents, custodians, administrators, intermediaries and/or other third-party product providers (such as accountants, auditors and professional advisors);

with third party agents and contractors for the purposes of them providing services both to us (for example, Prompt accountants, professional advisors, IT and communications providers, background screening providers, credit reference agencies) and to clients, or prospective clients. These third parties will be subject to appropriate data protection obligations; and

to the extent required by law or regulation, for example if we are under a duty to disclose your personal data in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators, auditors or public authorities), or to establish, exercise or defend our legal rights.


In the course of business, Prompt does not sell or disclose our clients’ personal information to other businesses or third parties for monetary or other valuable consideration. The information we provide to third parties are for the business purposes described in this Privacy Notice.


Prompt is a global business and as a result we or our external service providers collect and transfer personal data globally and may transfer your personal data to locations outside of your country. Your personal data may also be processed by individuals operating outside of your country who work for Prompt or for one of our external service providers. Prompt shall ensure that in case of transfer and processing of personal data outside the EU/EEA and the UK (which are not subject to the Commission’s adequacy decisions), such processing is carried out only where allowed by an adequacy decision of the European Commission and/or Prompt Inc. has provided for appropriate safeguards which provide you with enforceable data subject rights and effective legal remedies.


Prompt has extensive controls in place to maintain the security of personal data. As a condition of employment, Prompt employees are required to follow all applicable laws and regulations, including in relation to data protection law. Unauthorized use or disclosure of confidential client information by a Prompt employee is prohibited and may result in disciplinary measures. We also maintain a variety of physical, electronic, and procedural safeguards in an effort to protect confidential information.


We hold Personal Data for the duration needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine retention periods include:

The duration of our contractual relationship with our client and the provision of related services;

The legal obligations to which we are subject – laws or regulation may set a minimum period for which we have to keep your personal data.


Where permitted by applicable law and regulation, you have a number of legal rights in relation to the personal data that we hold about you. These rights include, without limitation:

the right to obtain information regarding the processing of your personal data and access to your personal data which we process at the time of your request;

where you have actively provided your consent for us to process your personal data, the right to withdraw your consent to our processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so, such as a legal or regulatory obligation. If you decline to provide or withdraw your consent to our use of the data and we are relying on consent as the legal basis for its processing, there are circumstances in which we will not be able to provide you with services or take action on your behalf;

the right to request that we rectify your personal data if it is inaccurate or incomplete;

subject to the conditions and scope set forth in Art. 17 para. 1 GDPR and sec. 35 of the German Federal Data Protection Act (“BDSG”) the right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it;

subject to the conditions and scope set forth in Art. 18 GDPR the right to request that we restrict, our processing of your personal data;

subject to the conditions and scope set forth in Art. 21 GDPR, the right to object to the processing of your personal data by us;

subject to the conditions and scope set forth in Art. 20 GDPR, the right to port and/or get your data portability by us to another data controller;

the right to lodge a complaint with the data protection supervisory authority competent at the place of your residence, working place or place of an alleged infringement of data protection laws, if you think that our processing of your personal data has infringed upon any applicable data protection regulations. We are always open to dialogue to resolve issues short of formal disputes.


At this time, there is no worldwide uniform or consistent industry standard or definition for responding to, processing, or communicating Do Not Track signals. Thus, like many other websites and online services, our Online Services are currently unable to respond to Do Not Track Signals. To find out more about “Do Not Track”, you may wish to visit our cookies tracking notice.


If you wish to exercise any of your rights, please email with the phrase “Data Subject Rights” in the subject line. We will review your requests and respond accordingly. The rights herein are not absolute, and we reserve all of our rights available to us at law in this regard. Additionally, if we retain your personal information only in de-identified form, we will not attempt to re-identify your data in response to a Data Subject Rights Request.

If you make a request related to personal information about you, we will need to verify your identity. To do so, we will request that you match specific pieces of information you have provided us previously, as well as, in some instances, provide a signed declaration under penalty of perjury that you are the consumer whose personal information is the subject of the request. If it is necessary to collect additional information from you, we will use the information only for verification purposes and will delete it as soon as practicable after completing the request. For requests related to particularly sensitive information, we may require additional proof of identification.

If you make a Data Subject Rights request through an authorized agent, we will require written proof that the agent is authorized to act on your behalf.

We will process your request within the time provided by applicable law.


This Privacy Notice may be updated periodically to reflect changes in our information practices or as may be required by law. Any material changes to this Privacy Notice will be communicated to you through an appropriate channel depending on the services you receive from us. If you have any questions about this notice, please contact us at