Advisors & Partners (Advisors & Partners LLP and Advisors & Partners G.P., S.à R.L., together “Advisors & Partners”, the “Company” or the “Firm”) understands and respects our stakeholders’ desire for privacy and we extend that courtesy to all visitors to our website. To this end, we would like you to know how we use any personal information you entrust to us.
Article 5 of the General Data Protection Regulation (GDPR (EU) 2016/679) states that Personal Data must be processed lawfully, fairly and in a transparent manner. In line with the GDPR changes, we are updating our Privacy Notice so you can better understand why and how we collect, process and destroy your data. We are committed to protecting and respecting your privacy. This policy sets out the legal basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.
We may control, process and use your Personal Data, which may include names, postal addresses, email addresses, telephone numbers or any other Personal Data that you provide to us. We may also, in appropriate cases and to the extent permitted by law, control, process and use certain special categories of Personal Data which are more confidential in nature (e.g. when undertaking “Know Your Customer” (KYC) or anti-money laundering (AML) checks, we may collect information about any criminal conviction offence that you or the directors of any company might have committed). We do not intend to intentionally collect or process any Sensitive Data. By Sensitive Data we mean: (a) data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life; and (b) any other information that falls within the definition of “special categories of data” under Data Protection Laws or any other applicable law relating to privacy and data protection.
Advisors & Partners LLP is a limited liability partnership registered in England and Wales with registered number OC368708 with registered office at 20 Old Bailey, London, EC4M 7AN, United Kingdom.
Advisors & Partners G.P., S. à R.L. is a Société à responsabilité limitée with registered number B216483 with registered office at 2 rue Jean Monnet, Luxembourg L-2180, Grand Duchy of Luxembourg.
Where we act as Data Controller, we rely on the following legal basis for Processing your Personal Data:
Where we act as Data Processor, we process Personal Data on behalf of Data Controllers and we act on their written instructions.
The Firm has no regulatory obligations under the GDPR to appoint a DPO; the Firm has no data protection officer (DPO) currently appointed. The GDPR sets out guidelines on when the appointment of a DPO shall be required as follows:
The Firm has instead agreed to name a Responsible Officer who may be reached at info@advisors&partners.co.uk
The Firm controls and processes Personal Data when using a Client Relationship Management (CRM) system.
The Firm collects information about Clients, Prospects and other business contacts like Stakeholders and Industry Participants from existing contacts, registered users, industry events, etc.
Names, professional mailing addresses, professional telephones numbers, notes, emails (“Contacts”). The Firm does not intentionally collect or process any Sensitive Data into its Client Relationship Management (CRM) tool.
The personal information collected by the Firm is for the following legitimate interest:
Your data is stored using cloud-based applications and ISP software applications. Most of Personal Data is stored in a CRM system.
All processing takes place in the European Union or in the US (only where the Sub-Processor is an EU-US Privacy Shield Framework participant).
We will keep your Personal Data for no longer than reasonably necessary. We will retain your personal information in accordance with legal and regulatory requirements.
Personal Data shall not be kept for a period longer than is necessary for serving its purpose. Personal Data shall be deleted upon request or after 5 years if it doesn’t have a legitimate purpose (e.g. after a business relationship ends). Record keeping to evidence KYC must not be extended over the 5-year retention period as required by the AML Directive that focuses on fighting money laundering and terrorist financing.
We will not share personal information about you with third parties without your consent. We are required, by law, to sometimes pass on some of this Personal Data to:
To fulfil our contract with you, the Firm may sometimes pass information to:
The Firm does not transfer your personal information outside of the European Economic Area (EEA) unless the transfer is necessary for one of the reasons set out in the GDPR including the performance of a contract between the Firm and the Data Subject, reasons of public interest, to establish, exercise or defend legal claims or to protect the vital interests of the Data Subject where the Data Subject is physically or legally incapable of giving consent and, in some limited cases, for our legitimate interest.
In these cases, we will follow the GDPR Guidelines in protecting the transfer of data to countries outside the EEA to ensure that the level of data protection afforded to individuals by the GDPR is not undermined.
The Firm will only transfer Personal Data outside the EEA if one of the following conditions applies:
You have a right:
Where we may seek to further process your data other than for the original purpose for which it was collected, the Firm shall only further process such data where the new Processing is compatible with the original purpose.
We take your privacy seriously and take every reasonable measure and precaution to protect and secure your Personal Data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including, without limitation, encryptions.
Owing to the products and services that we offer, such as the performance of KYC and other background checks, we sometimes need to process special categories of data which are deemed to be more confidential in nature. Where we collect such information, we will only request and process the minimum necessary for the specified purpose and identify a compliant legal basis for doing so. Where we rely on your consent for Processing Special Categories Data, we will obtain your explicit consent through electronic means.
We occasionally process your personal information under the Legitimate Interests’ legal basis. Where this is the case, we have carried out a Legitimate Interests’ Assessment (LIA) to ensure that we have weighed your interests and any risk posed to you against our own and that such interests are proportionate and appropriate such as for the purposes of Human Resources management such as payroll data if applicable, marketing and day-to-day operations.
When sending marketing materials to customers, we may have the option to rely on your consent or legitimate interest.
We only use legitimate interests for marketing if we have assessed that the information being sent is beneficial to the customer, and have weighed our interests against your own and there is little to no risk posed, the method and content are non-intrusive, and the material being sent is something you would usually expect to receive.
Cookies are small text files – typically of letters and numbers – originating from the websites visited which are stored on your computer (either your browser or your computer’s hard drive) when you visit such websites. In general, cookies help identify you through your IP address, without collecting information about your identity. Cookies are used to store a variety of information about you and your preferences which is afterwards sent back to the visited website.
We use two types of cookies on our website:
Session cookies – These are temporary cookies that remain in the cookie file of your browser until you close the browser. This is to ensure connections to our servers are distributed evenly to provide optimal performance.
Analytical cookies – Our website uses Google Analytics cookies (third-party cookies) in order to: record the time of your first visit to website, the time of your most recent visit to the website and the duration of your visit to record how you located our website (i.e. Google search, links from other pages etc.)
We only share the information obtained through the use of Google Analytics with Google. The cookies we use for these purposes do not track your Internet usage after leaving our website and do not store your personal information. They will not be used in connection with any other information to identify you in any way. We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
The Firm reserves the right to change this Policy at any time. Material changes will be notified to affected parties as appropriate.