Privacy Policy
Our Privacy Policy
Northland Capital Partners Limited (the “Company”) is committed to protecting personal information and our Privacy Policy contains information about what personal details we collect; what we do with that information; who we may share it with and why; and the choices and rights of individuals (Data Subjects) when it comes to that personal information. This version of our Privacy Policy was last updated May 24, 2018. For the purpose of the General Data Protection Regulation (Regulation (EU) 2016/679) (“the GDPR”), The Company is a data controller in respect of any personal data we collect.
How to contact us
Questions about our Privacy Policy or the information we collect and use: Data Protection Officer, Northland Capital Partners Limited, Prince Frederick House, 35-39 Maddox Street London W1S 2PP or Email on: northland@ncpluk.com
Information that is collected and used
Personal Information that is collected and used includes information:
-
about the individual Data Subjects themselves such as name, date of birth and contact details
-
connected to the services provided e.g. bank account details, company director data
-
about contact with the Company including notes of meetings, phone calls, emails / letters etc.
-
classified as ‘sensitive’ personal information e.g. relating to marital or civil partnership status and potentially credit histories etc. This information will only be collected and used where it’s needed to provide service requested and to comply with legal and regulatory obligations
-
that may be provided about other people e.g. business partners, references, lists of family members.
Where information is collected
Information is provided by clients and business counterparts and resulting from any checks performed to meet legal and regulatory obligations. Individuals may provide personal data in a number of ways including:
-
As part of an overall corporate application process for a product or service
-
telephone conversations
-
emails or letters sent
-
meetings with staff members.
Information collected and used could be provided by the management of the Company’s corporate clients on behalf of other individuals as part of standard procedures and as required under regulatory obligations.
What personal information is collected and used for
The Company takes the privacy of individuals seriously and information which is personal will only ever be collected and used where necessary, fair and lawful to do so. Such information will be collected and used only where:
-
permission to gather and store such information has been given;
-
it’s necessary to provide the service requested or contracted where, for example, in conducting procedures as expected by the regulators some personal information including name, address, date of birth, bank account details and other relevant data is required;
-
it’s necessary to meet legal or regulatory obligations e.g. to meet exchange, legal and regulatory standards, and, for the detection and prevention of fraud
-
it’s in the legitimate interests of the Company to do so.
Who the information could be shared with
Information may be shared with third parties for reasons outlined in 'What personal information is collected and used for.' These third parties include:
-
Companies chosen to support us in the delivery of our services including research, data checking etc.;
-
Our regulators and Supervisory Authority i.e. the Financial Conduct Authority (FCA), the Information Commissioner’s Office for the UK (the ICO) and the exchanges on which corporate clients are traded such as the London Stock Exchange;
-
Law enforcement, credit and identity check agencies for the prevention and detection of crime;
-
HM Revenue & Customs (HMRC) e.g. for the prevention of tax avoidance.
We never sell personal details and whenever we share such personal information, we do so in line with our obligations to keep such information safe and secure.
Where information is processed
All personal information that we collect and control is processed in the UK.
How personal information is protected
The Company takes information and system security very seriously and strives to comply with its obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with data protection obligations.
Such personal information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Employees also protect sensitive or confidential information when storing or transmitting information electronically and undertake annual training on this. Security controls are aligned to industry standards and good practice providing a control environment that effectively manages risks to the confidentiality, integrity and availability of the personal information.
How long personal information is retained
Personal information is retained only where it is necessary for the Company to provide products or services and conduct business in line with legal and regulatory obligations. Such information may be retained for a period of time after a business relationship ceases but only where required to meet legal or regulatory obligations. The length of time such personal information is kept for these purposes varies depending on the obligations needed to meet.
The rights of Individual ‘Data subjects’
Right to be informed
To receive information on what personal information we have, why and who we share it with.
Right of access
To access the retained personal information that we hold, individuals may make a data subject access request (DSAR) to the northland@ncpluk.com email address.
Right to request that personal information be rectified
To request the correction of personal information if it is inaccurate or incomplete.
Right to request erasure
To ask for personal information to be deleted or removed if there is no compelling reason for the Company to continue to have it.
Right to restrict processing
To ask that we block the processing of personal information for certain reasons. This means that the Company is still permitted to keep the information but only to ensure that it is not used in the future for those restricted reasons as long as it is allowable under our legal and regulatory obligations.
Right to data portability
To ask for a copy of the personal information and in certain circumstances, to move, copy or transfer the personal information we hold to another company in a safe and secure way.
Right to object
To object to the Company processing the personal information if not based on our legal obligations;
How to make a complaint
We strive to collect, use and safeguard personal information in line with data protection laws. If it is believed that the Company has not handled such information as set out in our Privacy Policy, individuals can email the Company at northland@ncpluk.com and we will do our utmost to make things right. If the complaint remains unsatisfied a complaint can be made to the Supervisory Authority at: UK – ICO