Scope
This Privacy Policy demonstrates how Prime Corporate Advisory (PCA) handle the Personal Data you provide to us:
• by you interacting with us a prospective, current or former client and in connection with ongoing services we are providing to you or your organisation;
• by you submitting information to us through our website https://www.primecorporateadvisory.com or when you subscribe to our newsletter;
Identify and contact details of the Data Controller
For the purposes of the DPA and the GDPR, PCA is the controller of your data. If you have any queries regarding this policy or complaints about our use of your data, please contact us at the address below and we will do our best to deal with your complaint or query as soon as possible.
Data Processing Controller
Prime Corporate Advisory Limited
3 Warners Mill
Silks Way
Braintree
CM7 3GB
Your Data
When we collect personal data about you, this will comprise a combination of one or all of the following:
• your name;
• your contact details, consisting of professional / work telephone / mobile number, email address and office address;
• your job title;
• the name of your employer.
If you engage us in a mandate, PCA will follow standard Know Your Client rules and will request further personal information to verify your identity including:
• formal identification documents
• proof of your private residential address
During the course of a mandate PCA will conduct due diligence on key individuals from the company and in doing so may research your business history and background including;
• company ownership and registration history
• registration with industry bodies
• educational history
• publicly available online data
We may in exceptional circumstances collect data about any past criminal convictions where you have disclosed this to us in the course of business.
We neither collect not hold any other personal data relating to any of your personal financial situation, ethnicity, religion or other data that might be described as sensitive.
What we use your data for
The below sets out the purposes for which we may process your data and the legal basis for the processing:
To provide services to you
We are unable to provide services to you unless you disclose personal data to us. That may include the services set out in our Engagement Letter with you, the provision to you of our Newsletter or our response to any enquiry you have submitted.
As such, your disclosure of personal data to us is on the legal basis of our performance of our contract with you and our legitimate interest in so doing.
To collect and verify due diligence material required for counter parties brought into any transaction process.
As part of a mandate, counter parties will look to do due diligence on key individuals from the company. This information will be shared directly by you and only to counter parties you approve of and who have entered into confidentiality agreement, however part of PCA’s service would normally be to guide you through what will be required and collect and verify the data to ensure there are no anomalies that could come up.
To respond to requests for information from regulated bodies or government agencies
Very exceptionally we may be requested or required to disclose to details about you and the services we provide. As such, our disclosure of your personal data to us is on the legal basis of our performance of our compliance with a legal obligation or our legitimate interest in so doing.
To keep you informed of any activities undertaken by us which we believe may be of interest to you
This use will include sending you email and postal marketing, including a Newsletter, from time to time. Your consent will be requested when you submit your data to us online.
Website analysis
For further details on the technology we use in order to analyse our website’s performance, please see our separate policy on cookies. We rely on your consent – this will be obtained when you click on the banner at the bottom of our website to accept certain cookies.
How we secure your data
We recognise the need to ensure that your data remains secure. Our web site has security measures in place to protect against the loss, misuse and alteration of the personal information under our control. Our security measures include the use of a hardware firewall to prevent unauthorised access. You acknowledge that although we exercise adequate care and security there remains a risk that information transmitted over the Internet and stored by computer may be intercepted or accessed by an unauthorised third party.
Our data protections controls include the following processes:
• password / access controls over all firm devices to ensure that they are only accessed by PCA staff;
• dedicated PCA hardware to ensure that only PCA staff have access to your data;
• screen savers which activate after five minutes of inactivity. These are password controlled on mobile devices;
• routine and periodic back-ups to external storage media.
PCA do not as a rule produce hard copy information disclosing your personal data.
Who we share your data with
Please note that we may on occasion be required to share your information with the following categories of recipients:
Third parties who provide services on our behalf such as marketing automation services.
Any of our service providers are subject to data processing agreements that are compliant with the requirements set out in the GDPR. Further details regarding any third parties who are located outside the EEA are set out below.
In relation to any other third parties, we will only disclose your information in the following circumstances:
• where you have given your consent;
• where we are required to do so by law or enforceable request by a regulatory body;
• where it is necessary for the purpose of, or in connection with legal proceedings or in order to exercise or defend legal rights; and
• if we sell our company, go out of business, or merge with another company.
International transfer
In certain circumstances, we may transfer your data to countries outside the EEA, which may not adhere to the same levels of data protection to which countries within the EEA are subject. Any such transfers are, at all times, made in accordance with the DPA and the GDPR.
Retention period
Your data will be stored for a maximum period of 6 years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information, unless we request your consent to store it for a longer period.
Your rights relating to your data
Under the GDPR, you will have the following rights in relation to how we process your data:
• Right to request access – you may obtain confirmation from us as to whether or not your data is being processed and, where that is the case, access to your data.
• Right to rectification and erasure – you have the right to obtain rectification of inaccurate personal data we hold concerning you and to obtain the erasure of your data without undue delay in certain circumstances.
• Right to restriction of processing or to object to processing – you may require us to restrict the processing we carry out on your data in certain circumstances or to object to us processing your data.
• Right to data portability – you have the right to receive your data in a structured, commonly used and machine-readable format.
• Right to withdraw consent – where you have provided your consent to us processing your data, you have the right to withdraw your consent at any time. This can be done by contacting us at the above address at any time or by clicking the “unsubscribe” link on any marketing communications you receive from us.
• Right to lodge a complaint – you may lodge a complaint with the Information Commissioner’s Office.
For further information on your rights, please see the Information Commissioner’s website at https://ico.org.uk.
Additional information
There is no statutory or contractual requirement for you to provide your data to us and you are not obliged to do so. Please note, however, that we may not be able to provide you with the services you have requested if you do not provide your contact details. As set out in our cookies policy, our website may not be able to function fully if you do not agree to certain cookies being set on your computer.
We do not undertake automated decision-making or profiling on your data.
We keep our privacy policy under constant review and may change it from time to time to reflect our practices or to remain compliant with relevant legislation. We will notify you of any material changes to our privacy policy via a notification on our website. Your continued use of this website or our other marketing services, following the posting of changes to these terms, will mean you accept these changes.
