Privacy Notice

Quadrature Climate Foundation (“QCF”, we”, “us”, “our”) is a company limited by guarantee registered in England and Wales with registered number 12194319 and a registered charity (charity number 1187301). Its registered office is at 10 Queen Street Place, London EC4R 1AG, United Kingdom.

Privacy is very important to us. This privacy notice is provided by QCF and sets out our policies with respect to the collection, storage, sharing and use of personal data. We will only use personal information when the law allows us to, in accordance with applicable data protection law including, where relevant, the General Data Protection Regulation (EU) 2016/679 (“EU GDPR”), the EU GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 No. 419, the UK Data Protection Act 2018 (“UK GDPR”) and any other legislation applicable to QCF (each as amended from time to time).

It is important that you read this privacy notice so that you are aware of how and why we are using your information.

We will make changes to this privacy notice where we need to from time to time, so please revisit this page for any updates. You can check when this privacy notice was last updated by scrolling to the bottom of the page.


‘Personal data’ describes any information relating to an individual, where the individual is identified or identifiable, directly or indirectly, by reference to that information.

Examples of personal data include:

  • names;
  • residential and email addresses;
  • identification card numbers;
  • location data (for example the location data function on a mobile phone); and
  • internet protocol (IP) addresses.


We may collect personal data about you through:

  • through information provided by you directly to us or by another person acting on your behalf (by email, through websites such as LinkedIn and other recruitment portals, by post, telephone or in person);
  • through this website or any website we operate in the future;
  • through our grant management system, GivingData, where you are an applicant or recipient of grant funding by QCF;
  • through publicly available sources such as your organisation’s website;
  • through recording and monitoring electronic communications with you as described below.

We may also, in some circumstances, receive personal data about you from third parties, such as current or prospective service providers, mission-aligned organisations, charitable business partners, grantors, grantees, regulatory or law enforcement agencies, credit reference agencies or agencies conducting background checks. Personal data may also be obtained from publicly accessible sources of information, such as professional publications and works, public databases, industry associations, social media and online professional networks.


The categories of personal data we may collect will depend on the nature of our relationship with you and the purpose for which information is being collected.

We collect the following information about you as an applicant or participant (e.g. sponsor, supervisor, collaborator), when you apply for grant funding, including through GivingData, our grant management systems:

  • first name, last name, title;
  • passport / identification numbers;
  • professional titles/roles;
  • email address, residential address, telephone numbers;
  • criminal and administrative offences; and
  • bank details (where you are a recipient of grant funding, supplier or consultant acting in your individual capacity).

Where necessary, we may also collect additional information about you relating to your application from external sources e.g. grant outputs such as publications and works as well as citations of these outputs collected from sources such as publicly or privately curated databases. We may also collect information about you (including opinions about your grant application) from external reviewers and advisors (e.g. peer reviewers and committee members).

Where you are a candidate for employment or a prospective contractor/consultant with QCF, in addition to the types of personal data listed above, we may also collect the following:

  • any personal information you include in your CV;
  • your nationality and immigration status;
  • date and place of birth;
  • national insurance or other tax identification number;
  • interview notes, including materials you have created for or during an interview process;
  • passport details (where we are making travel arrangements on your behalf to attend interviews with us); and
  • references.

In other cases, the information we collect about you will vary according to the nature of our relationship, but in addition to the information above, it may also include signature, photographs, copies of identification documents, information about assets, political offices, credit history, source of funds details, or other sensitive information, such as certain special categories of personal data contained in relevant documents or materials (including, in some circumstances, information about a person’s ethnic origin, religious beliefs or health). With your consent, we may also collect information relating to gender, ethnicity and race and disability for diversity monitoring purposes.


We may collect and use your personal data for the purposes of:

  • developing or managing the relationship between the two of us;
  • considering potential recipients of, and administering, grant funding;
  • considering job applications from candidates to work for us;
  • inviting you to events or sharing strategic insights with you;
  • monitoring and analysing our activities; and
  • complying with applicable legal or regulatory requirements.

Under no circumstances will we sell your personal data or use it for direct marketing purposes.

We will use one of the permitted legal bases for collecting and processing personal data, as set out in the UK GDPR. Such bases include instances where you have given your consent and cases where your consent is not required under applicable law, such as where we are required to comply with a contract, a legal obligation, or where we, or a third party, determines that it is necessary for our legitimate interests to collect and use your personal data. We’ve set out below the lawful bases we typically rely on when processing your personal information.


Consent is where we ask you if we can use your information in a certain way, and you agree to this. We use consent as a legal basis where:

  • you have given us your consent to use the diversity monitoring information you provide to us;
  • you have given us consent to record video/audio of meetings/webinars/presentations that you attend with us (including the use of Zoom AI in order to produce meeting transcripts);
  • you have given us your consent to sending you marketing communications or insights to keep you up to date with funding opportunities and what we’re doing; and
  • you have given us consent to publish funding application information (i.e. your project title, name and details of your proposal plus a short summary of whether or not you have been awarded funding).

Where we use your information on the basis of your consent, you have the right to withdraw your consent at any time by:

  • in the case of marketing communications, unsubscribing using the ‘unsubscribe option’ in any communications sent to you;
  • in all other cases, contacting us at

Legitimate Interests

We have a basis to use your personal information if it is reasonably necessary for us (or others) to do so and it is in ours (or their) legitimate interests, and in doing so, we are not unduly impacting your rights, freedoms and interests.

A lot of our day-to-day data-processing activities rely on legitimate interests, including where we:

  • consider potential recipients of, and provide advice and support to those seeking, funding from QCF;
  • ensure that applications for QCF funding are peer reviewed and appraised by subject matter experts;
  • provide grant funding and undertake grant management activities;
  • report to our stakeholders on what we are funding and how we are doing so;
  • need to ensure that awarded funds are applied for their approved purposes in accordance with our grant conditions;
  • make informed decisions about recruitment and assess candidates’ suitability for roles (including verifying details you have supplied and conducting pre-employment background checks);
  • need to ensure that claims of bullying, harassment, abuse and wider harms are investigated appropriately.

Performance of a contract

We have a basis to use your personal information where we are preparing to enter into a contract with you or where we are performing our obligations under that contract.

Examples of this would be using your information to provide you with funding, and sharing your information with peer reviewers or other external advisers before we offer you funding.

In addition to your rights set out in the “What are your rights?” section below, you may request more information on the legal basis that we are relying on to collect and process your data in a specific circumstance, or how we balance our legitimate interests with your interests as an individual. To do this, please contact us at


As a registered charity, we are subject to legal and regulatory obligations that may require us to collect and store your personal data, such as the requirements to comply with the applicable law on prevention of financial crime and tax and regulatory audits. We may also need to collect and use your personal data for the purposes of entering into and/or performing of a contractual arrangement (such as a grant agreement) between the two of us.

A refusal to provide us with personal data may, depending on the purpose for which your personal data is required, have various consequences such as us being unable to communicate with you, the termination of any grant, service or other contractual arrangement between us, or, where we have a reasonable suspicion of illegal activity, we may be required to make a report to regulatory or enforcement agencies in the UK or overseas.




We may (to the extent necessary for the purposes for which we collect your information), share your personal data with third parties, such as:

  • our employees and officers and those of our affiliates, including Quadrature Capital Limited (“QCL”), or other entities that are part of ours or QCL’s group;
  • any person to whom we have a right or obligation to disclose personal data, or where we determine that disclosure is necessary to protect or defend our rights or property, including with tax authorities, regulators, courts of law, governmental, regulatory or law enforcement agencies;
  • our internet, IT, telecommunications and other service providers, including legal advisers, accountants, payroll administrators, insurance and employee benefits providers, travel agencies, administrators and providers of software such as customer relationship management and accounting tools;
  • service providers and charitable business partners, including other charities and not-for-profit entities, external/peer reviewers, advisors and committee members;
  • credit reference agencies and other third parties conducting background checks in the context of grantor, grantee or supplier due diligence or recruitment activities;
  • any person to whom we transfer any of our rights or obligations under any agreement, or in connection with a sale, merger or consolidation of our operations or other transfer of our assets, whether voluntarily or by operation of law, or who is otherwise deemed to be our successor or transferee; or
  • any other person, as directed by you.


Due to the international nature of our operations, your personal data may be transferred to countries outside of the UK or EEA, such as to jurisdictions where we conduct business or have a service provider or peer reviewer, including jurisdictions that may not have the same level of data protection as that afforded by the EU or UK GDPR or other data protection rules applicable to us (collectively, ”Data Protection Law“).

In these circumstances, we take steps to ensure that the recipient agrees to keep your information confidential and that it is held securely in accordance with the requirements of Data Protection Law, such as by requesting appropriate contractual undertakings in our legal agreements with service providers.


We will generally keep personal data about you for as long as necessary in relation to the purpose for which it was collected, or for such longer period as required under applicable law.

The applicable retention period will depend on various factors, such as any legal obligation to which we or our service providers are subject as well as on whether you decide to exercise your right to request the deletion of your information from our systems. At a minimum, information about you will be retained for the entire duration of any professional relationship we may have with you, and for a minimum period of three years after the termination of any such relationship, subject to any statutory or regulatory retention periods required under applicable law.

Where we obtained your consent to use your personal data, we will cease to use this information within a reasonable period following you withdrawing your consent.

We will, from time to time, review the purpose for which we have collected information about you and decide whether to retain it, update it, or securely delete it, if the information is no longer required.


If you are a resident of the UK or the EU, you have the right to:

  • request that we provide you with a copy of your personal data (in a structured, machine-readable format);
  • request that we correct any inaccurate, incomplete or otherwise incorrect personal data we hold about you;
  • request that we delete the personal data we hold about you (where we have no legitimate reason to keep the data or you’ve exercised your legal right to object to processing);
  • object to processing in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement);
  • request the restriction of processing of your personal data, which enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it; and
  • request the transfer of your personal data to another person.

Where we have asked for your consent to process your personal data, you may withdraw consent at any time. If you ask to withdraw your consent to QCF processing your data, this will not affect any processing that has already taken place at that time. These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep.

If you wish to exercise any of your rights under this section, you may submit your request by emailing us at

We will confirm receipt of your request within five days, and we will respond within 30 days (or, if your request is complex or we receive numerous requests within a short period of time, within 90 days).

In almost all circumstances, you can exercise any of these rights free of charge. However, in circumstances where your request for access is unfounded or excessive, we reserve the right to charge you a reasonable administrative fee or simply refuse to respond.


Please contact us by email at or by writing to Quadrature Climate Foundation, 10 Queen Street Place, London EC4R 1AG, United Kingdom for any questions about this privacy notice or requests with regards to the personal data we hold.


If you have unresolved concerns, you have the right to complain to your local data protection authority.

The UK’s data protection authority is the ICO and you can make complaints at Further information is available on the ICO’s website.


We record electronic communications (including emails) with you for the purposes of:

  • ascertaining the details of instructions given, the terms on which any transaction was executed or any other relevant circumstances;
  • ensuring compliance with our regulatory obligations; or
  • detecting and preventing the commission of financial crime.

Copies of recordings will be stored for a period of seven years, or such other longer period as we (or relevant legislators or regulators) may determine from time to time.


When we update this privacy notice, we will update the date at the bottom of this privacy notice. On some occasions, we may also actively advise you of specific data handling activities relevant to you or significant changes to this privacy notice, as required by applicable law.

Last updated: April 2024