Financial Times and the General Data
Protection Regulation (GDPR)
The Financial Times takes the privacy of its users seriously. We’ve put together some frequently asked questions to help customers understand more about GDPR and the FT.
Frequently Asked Questions
If you haven't found the answer you're
looking for please contact support.
Users are asked to set their preferences when they register on FT.com. These determine the majority of communication we send. Users can update these preferences at any time here: https://www.ft.com/myft/alerts/.
Services messages are sent to all users and users cannot opt out of these.
The communications we send to readers are split into three categories:
- Top stories & features
- Invites & offers from the FT
- Service messages
Top stories & Features: This category of communication includes personalised special reports, recommended reads and the latest feature announcements.
Invites & offers from the FT: This category of communication includes exclusive personalised event invitations, carefully-curated offers and promotions from the Financial Times.
Service Messages: Service messages are sent to a reader when an important update is relevant to them and will impact their subscription or usage of FT.com.
Within ‘Top stories & Features’ and ‘Invites & offers from the FT’, readers can manage their contact preferences by each channel - email, phone and post, separately. Or they can choose to opt out of all communications, except service messages.
The preferences provided by individuals on an FT Group Subscription supercede policies agreed with the customer organisation or employer.
Readers can review and amend their personal preferences for marketing and communications at https://www.ft.com/myft/alerts/.
The FT and its suppliers host customer data in the UK, EEA, US and elsewhere in the world. In all cases, the FT ensures that appropriate access, encryption and security features are in place to protect customer data and information processing facilities. Where customer data is hosted outside the UK or EEA, the FT takes steps (such as use of the UK International Data Transfer Agreement or EU Standard Contractual Clauses, as applicable) to ensure that users’ rights are protected.
The FT has formal policies in place to ensure compliance with all relevant legislation including data protection and misuse of computer legislation. All personal data are systematically encrypted to strong industry standards. Our IT compliance team conducts regular security reviews and security technology/processes are audited by a third party twice a year.
The FT has deployed a Network Intrusion Detection System (IDS) on internet facing systems and internal systems. A central logging and alerting system is in place for processing security logs and we perform regular vulnerability scans of internal and internet facing systems.