We are registered with the Information Commissioner’s Office, and we take our obligations under the EU’s General Data Protection Regulation (GDPR), and all other applicable rules and regulations on data protection, privacy and confidentiality, very seriously. If you have any questions about privacy or the use of data, or if there is anything in this policy which you find unclear, misleading or incomplete, please let us know and we will respond promptly and fully.
What do we mean by ‘personal information’?
Personal information, or data, may include your name, address, telephone and email contact details, and gender, and your background and biographical details, whether personal or business. It can also include financial information about you, your family or your business, including assets, sources of wealth and funds, and bank account details.
How do we collect data?
When you use this site, we may use ‘cookies’, which are technological tools that collect information about the number and frequency of visits to this site, your geographical location, the type of operating systems and browsers you use, and the search terms you use.
In the course of doing business with you, we may collect personal data about you, your family members, associates, advisers, employees, and others closely connected to you. When doing business with a professional adviser or intermediary (such as trustees, private banks, lawyers, accountants and others), we may also collect personal data about your clients.
If relevant, we may also collect data relating to your health, ethnic and racial origins, religious and political/philosophical beliefs and preferences, sexual orientation, and/or other information which is categorised by GDPR as a special category of personal information.
How do we process data?
We use personal data to provide advisory and/or mediation services to clients, and to manage our relationships with clients, their professional advisers, and others closely connected to them. We also use it to issue invoices and collect payment.
We also use personal data to comply with any legal, regulatory or risk management obligations to which we, as a business, are subject. This may include compliance with anti-money laundering and other anti-financial crime legislation, which may require us to obtain and keep copies of your passport and other identification documents.
We may also use personal data to help us exercise or defend our legal rights, including for the purposes of taking legal advice, notifying insurers, or engaging in legal proceedings.
If you are, or have been, a client or professional contact, or have indicated that you may wish to become a client, we may also send you occasional marketing materials, such as updates that we think may interest you, and you can at any time let us know if you are happy to receive such updates, or would prefer not to.
Do we share your data?
We will disclose data to third parties only if this is reasonably necessary in the course of providing services to you, or if you request or authorise us to do so. For example, we may need to share your data with professional advisers who you have asked (or authorised) us to deal with on your behalf. You may also specifically request us to share certain data with some other third party.
By doing business with us, you are authorising us to share such information as is reasonably necessary with third-party providers and contractors who provide services or support to us as a business, including our bank, our insurers, our accountants, auditors and legal advisers, our IT support, our credit control/management agencies, and others having similar roles.
We may also be under an obligation to share data with governmental agencies and authorities, regulatory bodies and/or law enforcement agencies. We will notify you before doing so, if we are permitted by the relevant law or regulation to do so.
Please note that, if your data is shared outside the European Economic Area (EEA), it may be subject to less stringent rules on data protection.
The basis on which we process data
We will only process your data in order (a) to provide services to you in accordance with the terms of any contract between us, (b) to manage and administer our business and (c) to comply with legal, regulatory and risk management obligations which apply to you or to us; occasionally we may have some other legitimate interest which is not among those categories. By doing business with us, you are consenting to this and authorising us to process your data in the ways set out in this policy.
Data retention and security
We will keep your data in our IT system and/or paper files. We will retain it for whatever period is reasonably necessary or appropriate, taking into account the purpose for which it was given to us, our legal, regulatory and risk management obligations, limitation periods for claims, and general good business practice.
We have appropriate security in place to protect your data and believe that our policies are appropriate to safeguard it. In the event of any breach, we will notify you, and the Information Commissioner’s Office or any other regulatory or supervisory body, as soon as possible if we are legally obliged to do so.
Please note that, where you and we use email to communicate, email may not be a fully secure means of communication.
The law gives you rights to access the data we hold about you, and how we process it. You also have the right to request that we delete your data, or limit our use of it, or transfer it to a third party. If you have any questions about your rights, or wish to exercise any of them, please let us know and we will respond as promptly and fully as we are able (and generally within one month, in the case of a ‘Subject Access Request’, that is, a request to access the data we hold about you and how we process it). There may be legal or regulatory reasons why we cannot comply in full, or at all, but we will explain these unless the law or regulation prevents us from doing so.
Please note that, if you do ask us to delete your data, or limit our use of it, it may affect our ability to continue to offer or provide services to you.
You have the right to complain at any time, or ask questions, about the use of your data. You can do this either by contacting us, or by contacting the Information Commissioner’s Office (www.ico.gov.uk).
If you wish to contact us about this policy at any time, please see the ‘Contact’ page on our website.