Privacy policy

Last updated: 20th February 2026

Investor AI Resource Hub (“we”, “us”, or “our”) is committed to protecting your privacy.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and interact with our services.

If you have any questions, please contact us at:
Email: laurie@investorairesourcehub.org
Postal address: Scrutiny Hub Ltd, 3rd floor, 86-90 Paul Street, London EC2A 4NE

1. Who we are

The Investor AI Resource Hub is a non-profit initiative that curates independent research and resources on AI risks, opportunities, and governance for institutional investors based in the United Kingdom. We operate this website and are responsible for the personal data collected through it.

If you are located in the UK/EU, we are the “data controller” of your personal data for the purposes of applicable data protection laws.

2. What information we collect

We may collect and process the following types of information:

2.1 Information you provide directly

When you interact with our website or contact us, you may provide:

  • Contact details: name, email address, job title, organisation, country/region, and similar information.
  • Communication content: messages you send us via forms, email, or other channels.
  • Preferences: your communication preferences (e.g., which updates you wish to receive).

2.2 Information collected automatically

When you use our website, we may automatically collect:

  • Usage data: pages visited, links clicked, time spent on pages, referring website, and general browsing behaviour.
  • Device and technical data: IP address, browser type and version, operating system, and device identifiers.
  • Cookie data: information collected through cookies and similar technologies. For more detail, see our Cookie Policy (or “Cookies” section below if you don’t have a separate policy).

2.3 Information from third parties

We may receive limited information about you from:

  • Email marketing or CRM tools that help us manage our communications.
  • Analytics providers that help us understand how people use our website.
  • Event or registration platforms, if you sign up for our events through those services.

3. How we use your information

We use your personal data for the following purposes:

  • To operate and improve our website – including troubleshooting, data analysis, testing, and enhancing the user experience.
  • To respond to enquiries – answering questions, providing information or resources you request.
  • To send you communications – such as newsletters, updates, event information, or resources, where you have signed up or where we are otherwise permitted to do so.
  • To manage events and programmes – including invitations, reminders, and follow-up communications.
  • To comply with legal obligations – such as responding to lawful requests from authorities or regulatory bodies.
  • To protect our rights, security, and property – including preventing or investigating potential misuse or security incidents.

Where applicable law requires a legal basis for processing (e.g., UK/EU GDPR), we generally rely on:

  • Your consent (e.g., for certain marketing communications or non-essential cookies).
  • Legitimate interests (e.g., to operate our services, engage with stakeholders, and improve our content) where these interests are not overridden by your rights.
  • Legal obligation (e.g., to keep certain records).

4. Cookies and similar technologies

We use cookies and similar technologies to:

  • Remember your preferences.
  • Understand how visitors use our website.
  • Improve the performance and relevance of our content.

You can usually control cookies through your browser settings and, where provided, through our cookie banner or preference centre. Disabling some cookies may affect how our website functions.

If you use HubSpot’s cookie banner, you can add a short line such as:
“Details about the specific cookies used on this site are available via our cookie banner/settings.”

5. When we share your information

We do not sell your personal data. We may share your information with:

  • Service providers and partners who support our operations (for example, website hosting, email delivery, CRM, analytics, or event tools). These providers are only allowed to use your data to provide services to us and must protect it appropriately.
  • Professional advisers (such as legal, accounting, or compliance advisers) where necessary.
  • Authorities or other third parties where required by law, or to protect our rights or the rights and safety of others.
  • Successor organisations in the event of a merger, reorganisation, or similar structural change, where allowed by law and with appropriate protections.

6. International transfers

Because we may use service providers in other countries, your personal data may be transferred to and processed in countries outside your own, which may have different data protection laws.

Where required, we take appropriate steps to ensure that such transfers comply with applicable law and that your information remains protected (for example, by using standard contractual clauses or equivalent safeguards where relevant).

7. Data retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including:

  • For as long as you remain subscribed to our communications (and for a limited period afterwards to record your preferences).
  • For the period needed to respond to your enquiries.
  • For as long as required by law or necessary to establish, exercise, or defend legal claims.

After these periods, we will delete or anonymise your personal data, unless we are required by law to retain it for longer.

8. Your rights

Depending on your location and subject to applicable law, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate or incomplete personal data.
  • Delete your personal data in certain circumstances.
  • Restrict or object to our processing of your personal data.
  • Withdraw consent where we rely on consent (this will not affect the lawfulness of processing before withdrawal).
  • Data portability – request a copy of certain information in a structured, commonly used, and machine-readable format.
  • Opt out of marketing communications at any time by using the unsubscribe link in our emails or contacting us directly.

To exercise any of these rights, please contact us at [privacy@yourdomain.org]. We may need to verify your identity before responding.

You may also have the right to lodge a complaint with your local data protection authority if you are concerned about how we handle your personal data.

9. Security

We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, or alteration. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

10. Third‑party links

Our website may contain links to third‑party websites, services, or content. These sites are not controlled by us, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third‑party sites you visit.

11. Children’s privacy

Our website and services are not directed to children under the age of 16, and we do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us so we can take appropriate action.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top indicates when it was most recently revised. Significant changes will be communicated where appropriate (for example, via our website or email). We encourage you to review this page periodically to stay informed about how we protect your information.

Back to top
AgencyForGood

Copyright 2026. All Rights Reserved