Privacy Notice – July 1st 2018
The new GDPR legislation requires The Merchant Club UK Limited (the “Company”) to provide this notice, which sets out how the Company will process personal information which it receives. Where your details are provided to the Company as a consequence of your engagement with it, we will process your personal information or, if applicable, that of your directors, officers, employees and/or beneficial owners.
PURPOSES OF PROCESSING AND LEGAL BASIS FOR PROCESSING
Your personal data may be processed by the Company (or any of its subsidiaries, affiliates, agents, employees or delegates) to comply with regulatory legislation for the following purposes:
- In order to carry out anti-money laundering checks and related actions which the Company considers appropriate to comply with legal obligations imposed upon it.
- To record electronic communications for the verification of instructions, investigations and fraud prevention purposes; crime detection prevention, investigation and prosecution; to enforce rights or defend the Company and its affiliates directly or through third parties to comply with any legal obligation imposed; to pursue the Company’s legitimate interest in relation to such matters or where the processing is in the public interest.
- To disclose information to other third parties such as service providers of the Company including regulatory authorities, payroll bureaus, technology providers, auditors and advisors in order to comply with any legal obligation imposed on the Company or to fulfil the services included in your engagement letter(s) with the Company.
- To update and maintain records.
THE COMPANY MAY DISCLOSE YOUR PERSONAL INFORMATION:
- To its service providers and affiliates and other third-party service providers engaged by the Company in order to process the data for the above-mentioned purposes.
- To competent authorities (including tax authorities), courts and bodies as required by law or requested by any regulatory authority, where there is a legal obligation to report.
The disclosure of personal information to any third party may involve the transfer of data to jurisdictions outside the European Economic Area, in accordance with the requirements of GDPR. Such countries may not have the same data protection laws as the EEA. The Company has not verified the compliance of those third parties and cannot be held responsible if any party does not comply with GDPR.
The Company will retain your personal information for as long as required for it to perform services included within your engagement letter with the Company, or such longer period as may be required by its legal, professional and other obligations.
DATA SUBJECT RIGHTS
You have the following rights, in certain circumstances, in relation to your personal information:
- The right to access your personal information;
- The right to rectify your personal information;
- The right to restrict the use of your personal information (in certain specific circumstances);
- The right to object to processing of your personal information (in certain specific circumstances);
You have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data relating to you, carried out by the Company, or its service providers, infringes the General Data Protection Regulation.
- Safeguarding measures
- We take your privacy seriously and take every reasonable measure and precaution to protect and secure your Personal Data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including, without limitation, encryptions.
- Legitimate Interests (if applicable)
- We occasionally process your personal information under the Legitimate Interests’ legal basis. Where this is the case, we have carried out a LIA to ensure that we have weighed your interests and any risk posed to you against our own and that such interests are proportionate and appropriate such as for the purposes of HR, marketing and day-to-day operations.
When sending marketing materials to customers, we may have the option to rely on your consent or legitimate interest.
We only use legitimate interests for marketing if we have assessed that the information being sent is beneficial to the customer, and have weighed our interests against your own and there is little to no risk posed, the method and content is non-intrusive, and the material being sent is something you would usually expect to receive.
COOKIES, ANALYTICS AND TRAFFIC DATA
We provide the following information with some explanations to ensure transparency to our users:
- what types of cookies are set;
- how long they persist on your user’s browser;
- what data they track;
- for what purpose (functionality, performance, statistics, marketing, etc.;
- where the data is sent and with whom it is shared;
- how to reject cookies, and how to subsequently change the status regarding the cookies.
HOW TO CONTACT THE MERCHANT CLUB
Should you have any questions about our use of your personal information, please contact Laurent ZMIRO at firstname.lastname@example.org / Tel: +44 203 953 1833