Macaulay Capital Plc (“we”, “us” or “our”) respects your privacy and is committed to protecting your personal data.
This Policy does not apply to any other data, including personal data, that we collect offline. By accessing this Site, you acknowledge that you have read and agree to the practices described in this Policy. Personal data is any information that enables us to identify you, either directly or indirectly in conjunction with any other information we hold, by reference to an identifier such as name, address, date of birth or government identification number.
For the purposes of the EU General Data Protection Regulation 2018 (the “GDPR”) we are the controller of personal data and responsible for the Site.
WHAT PERSONAL DATA DO WE COLLECT?
We use different methods to collect personal data from and about you including through:
• Personal data you give us. You may give us your personal data including name and contact details, by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you ask us about, or apply for, our products or services; subscribe to our services or publications; request marketing to be sent to you, or give us some feedback.
HOW DO WE PROCESS PERSONAL DATA?
We comply with the obligations under the applicable data protection law by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorized access and disclosure and by ensuring that appropriate technical and organisational measures are in place to protect personal data.
We will use your personal data for the following purposes:
• To confirm your identity;
• To respond to your questions and provide related customer services;
• To detect and prevent fraud or other financial crime;
• To monitor and protect the security of our information, systems and network;
• For internal business intelligence purposes, to conduct research, product development and enhancement;
• To inform you of changes made to our Site and other services;
• To conduct marketing and commercial activities and to market relevant offers and promotions to you;
• To ensure that content from our Site is presented most effectively for you and your computer;
• To display content based on your interests;
• Enable you to search information on our Site;
• Assess your needs and interests in order to better tailor offers and/or advertising; and
• Improve our Site.
WHAT IS OUR LEGAL BASIS FOR PROCESSING PERSONAL DATA?
Under Article 6 (1b) of the GDPR, the legal basis that we employ for processing your personal data is that processing of your personal data is necessary for the performance of a contract to which you, the ‘data subject’ is party, or in order to take steps at your request prior to entering into such a contract.
We also process your personal data under Article 6(1f) of the GDPR where processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.
SHARING YOUR PERSONAL DATA
Your personal data will be treated as being strictly confidential. We may share your personal data with the parties set out below for the purposes set out in this Policy:
• Companies that provide services to help us confirm your identity, meet our compliance and regulatory obligations, and to detect and prevent fraud or other financial crime;
• Our professional advisors such as auditors, accountants and lawyers, etc.;
• Companies that provide services to help us with our business activities, such as data storage, maintenance services, database management, web analytics and payment processing;
• Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Policy.
We may also disclose your personal data as required by law, such as to comply with a subpoena, or a similar legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, and to any other third party with your prior consent to do so, unless notification is prohibited by the applicable law.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Where personal data relating to European based data subjects is shared with a third party located in a non-EU country that has not received an adequacy decision by the European Commission, we rely on appropriate safeguards.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, after which time it will be destroyed securely if it is no longer needed for the lawful purposes for which it was obtained. In some limited cases, it may be necessary to retain your personal data for longer if we need to hold it for liability claim purposes (e.g. if any complaints were to be made to an ombudsman service), and for example to hold and provide to a regulatory body. If you consent to receive marketing from us, any information we use for this purpose will be held by us until such time as you notify us that you no longer wish to receive marketing information from us.
ACCESS TO YOUR PERSONAL DATA AND CORRECT
You have the right to request a copy of the information that we hold about you. If you would like a copy of all or some of your personal data, please email or write to us at the addresses provided in the “Contact Details” section of this Policy. In some exceptional cases, we may make a small charge for this service (for example multiple claims for the same information), but usually this data will be provided free of charge. We want to make sure that your personal data is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
YOUR DATA PROTECTION RIGHTS
Unless subject to an exemption under the GDPR, you may have the following rights with respect to your personal data:
• to request a copy of your personal data which we hold about you;
• to request that we correct any of your personal data if it is found to be inaccurate or out of date;
• to request your personal data to be erased where it is no longer necessary for us to retain such data;
• to withdraw your consent to the processing of your personal data at any time;
• to request that we provide you with your personal data, and where possible, to transmit the data directly to another data controller (known as the right to data portability);
• where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
• to object to the processing of your personal data with regards to Direct Marketing;
• to lodge a complaint with an EU Data Protection Authority, such as the Information Commissioner’s Office (ICO) in the UK.
We would like to send you information about products and services of ours and other companies within our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date. You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other entities within our group. If you no longer wish to be contacted for marketing purposes, please email or write to us at the addresses provided in the ‘Contact Details’ section of this Policy.
AUTOMATED DECISION MAKING
We do not use automated decision making to segment and target product offers based on our customers’ demands and needs. For further details, you may contact our Data Protection Officer whose details are provided in the ‘Contact Details’ section of this Policy.
If we wish to use your personal data for a new purpose, not defined by this Policy, then we will provide you with a new notice explaining this new use prior to the commencement of the new processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
We will update this Policy from time to time, so please check back periodically. The provisions contained in this Policy supersede all previous notices or policies regarding our use personal data.
To exercise all relevant rights, or to raise queries or complaints, please in the first instance contact the Data Protection Officer, Clive Milner
By email: email@example.com
By post: The Data Protection Officer (Clive Milner), Macaulay Capital Plc, 11 Laura Place, Bath BA2 4BL