Where used in this policy, “Inverleith” means Inverleith LLP. For the purposes of applicable legislation, including the EU General Data Protection Regulation, as amended or supplemented (“Data Protection Laws”), Inverleith LLP is the controller of your personal information.
Where we obtain personal information
Personal data comprises information obtained from identification documents and can include name, contact details, nationality, employment history, income and personal wealth, source of wealth, tax status, tax identification numbers, bank account details and other identifiers which may be collected as part of your engagement with Inverleith LLP.
Inverleith LLP collects personal data from the following sources:
I. From information which you or your authorised representative gives to us, including but not limited to:
II. Personal data we receive from you or any third-party sources which may include:
We may also collect and process your personal data in the course of dealing with advisors, regulators, official authorities and service providers by whom you are employed or engaged or for whom you act.
Personal information of business contacts and professional advisors
If you have had contact with Inverleith LLP, for example through emailing us or meeting an Inverleith LLP representative, we may store limited amounts of personal information relating to you, such as your name, job title, employer organisation and contact details.
We will collect and store this personal information for the purposes of:
Personal information of actual or potential management teams
If you are involved in a transaction that Inverleith LLP and/or the funds that it manages or advises enters into, or a potential transaction that Inverleith LLP considers, we may store personal information relating to you. This might include your CV, details of your previous employment history and professional activities, information relating to your financial status and dealings, nationality information (including copies of identity documents, such as a passport), references provided by third parties, and results of other due diligence carried out. We collect and store this information for the purposes of:
We will only use your personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where it is required or permitted by law.
The personal information we hold about actual or potential management teams may be shared with:
Information for marketing purposes
We use your information to identify products and services that we think may be of interest to you.
We will only send you marketing messages where you have consented to such contact, or in the case of products and services, where these are similar to those that we have already provided to you.
You have the right to ask us not to not send you marketing materials by post, telephone or e-mail or any combination of these at any time. To do so, you can either reply directly to the marketing email or else contact us at firstname.lastname@example.org. You can also let us know at any time that you wish to change your mind and to start receiving such messages by the same mean.
Lawful ground for processing personal data
The General Partner and the Administrator are entitled to hold and process your personal data on the following lawful grounds:
Some of the grounds for processing described above will overlap and there may be several grounds which justify our use of personal data.
Mandatory provision of information
We will explain to you when the provision of particular information is mandatory, including the possible consequences of not providing particular information, for example, which prevents us from proceeding with a transaction involving you. Inverleith LLP will only process the personal information you provide to Inverleith LLP for the purposes listed above.
Sensitive or special category personal data
Different rules apply to data concerning race, ethnic origin, political opinions or beliefs, religious or other similar beliefs, trade union membership, physical or mental health, sexual life and any offences committed and sentences or court proceedings relating to actual or potential offences – these are all called sensitive or special category personal data. Please do not send us sensitive personal data as generally we do not need it.
International transfers of personal information
Personal information that we hold may be transferred to, and stored at, a country outside of your country of residence, including countries outside of the EEA, such as North America, Asia and the Middle East. Where we transfer personal information to Inverleith LLP consultants or other third parties outside of the EEA, we will ensure that those transfers take place in accordance with the Data Protection Laws. If you would like more information about how your personal information may be transferred, please contact us using the information below.
Retention of personal information
The period for which Inverleith LLP will retain personal information will be only for as long as necessary depending on the purposes that it was collected for, as well as the requirements of any applicable law or regulation. Inverleith LLP will retain records for at least five years and for as long as is necessary for the purposes for which the information was collected.
Inverleith LLP shall endeavour to store your personal data securely in accordance with accepted market standards and may do so either electronically or manually.
Whilst Inverleith LLP has taken every reasonable care to ensure the implementation of appropriate technical and security measures, the firm cannot guarantee the security of your personal data over the internet, via email or via their websites nor do the General Partner and the Administrator accept, to the fullest extent permitted by law, any liability for any errors in data transmission, machine, software or operating error or any other cause.
Your rights relating to personal information
Individuals whose personal information we hold may be entitled to access their personal information, or to request that it is erased, that its processing is restricted, or that any inaccurate personal information is rectified. You may also have the right to object to the processing of your personal information, or in some circumstances to obtain a copy of the personal information in machine readable format. Any such request should be submitted in writing to the compliance officers (email@example.com). Individuals also have the right to complain about the use of their personal information to the Supervisory Authority, which in the UK is the Information Commissioner’s Office (https://ico.org.uk/global/contact-us/ or 0303 123 1113).
Accuracy and security
Inverleith LLP will take all reasonable steps to keep your personal information accurate and, where necessary, up to date. If you believe that any of the information that Inverleith LLP holds about you is incorrect please notify Inverleith LLP (see contact below).
During regular business hours access to customer records is monitored so that only those with approval may access the files. During hours in which the company is not in operation, the customer records are locked.
Inverleith LLP will take appropriate technical and organisational security measures to protect the confidentiality and security of your personal information, but cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information online over the Internet and will not hold Inverleith LLP responsible for any breach of security unless this is due to Inverleith LLP’s negligence or willful default. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Data Privacy contacts
For all enquiries please email firstname.lastname@example.org or call +44 131 285 1712.
We reserve the right to amend this Privacy Notice at any time without notice, in which case the date of the policy will be revised.