OUR GROUP
PERSONAL DATA PROTECTION POLICY STATEMENT (“POLICY”)
This Policy sets out the way in which each member of our Portcullis Group of companies (“our”, “we”, “us”) collect, use and/or disclose Personal Data (as defined herein).
Members of our Portcullis Group of companies can be found at our website: www.portcullis.co.
“Personal Data” refers to any data and/or information, whether true or otherwise, about an individual who can be identified either (a) from that data; or (b) from that data in combination with other information which we have access to. Personal Data may include personal particulars such as passport or other identification number, telephone number(s), mailing address, email address, an online identifier, one or more factors specific to the identity of the individual.
Generally, we may collect Personal Data through the following ways:
a) Documents containing Personal Data submitted to us (e.g. application for services, proof of identity, proof of address, source of wealth, reference letter, resumes etc); and
b) When Personal Data is provided to us for any other reason.
Generally, we collect, use and/or disclose Personal Data for various purposes including but not limited to the following:
a) To perform any function relating to our services;
b) To comply with our internal policies and procedures;
c) For documentation and record keeping;
d) To conduct and complete transactions; and
e) To comply with applicable laws, regulations and notices.
Subject to the provisions of the applicable laws, Personal Data may be provided, for the purposes listed above, to third party organisations (some of which may be situated outside of the jurisdiction where the Personal Data is collected) including:
a) Our related group companies, where they are directly or indirectly involved in the provision of the relevant services;
b) Financial Institutions, where we are required to assist in the opening of financial accounts in the course of the provision of our services;
c) Our External service providers where the sharing of your Personal Data is to enable us to perform the relevant services;
d) Professional service providers (e.g. Thomson Reuters, Jumio, Refinitiv etc);
e) Any person to whom we are obliged or otherwise required to make disclosure to under the requirements of any law binding on or applying to us, or any disclosure under and for the purposes of any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations with which we are expected to comply;
f) Any other party to whom we have been authorised to disclose the Personal Data to;
g) Providing you with regulatory updates or notices where such updates or notices may be relevant to you or our provision of the relevant services; and
h) Unless you have instructed us otherwise, sending you our Portcullis newsletters, updates and information regarding products and services that we have to offer and which we think will be of interest to you.
You may withdraw your consent to the collection, use and/or disclosure of Personal Data by submitting a notice in writing to us. If consent relating to any or all use of Personal Data is withdrawn, we may not be in a position to continue provision of our services.
To obtain access and/or make corrections to Personal Data which is currently in our possession or control, please submit a request to us and we will make the necessary arrangements. Unless reasonably satisfied that a correction should not be made, we will correct the Personal Data as soon as practicable. Where we determine it is reasonably required by applicable law to do so, we may forward the corrected data to every other organisation to which such disclosure was made within 12 months prior to such correction.
Maintaining confidentiality of Personal Data is of utmost importance to us. As part of efforts to safeguard Personal Data in our possession, we have reasonable security arrangements and technology risk management policies in place to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal and/or similar risks. We also subject our employees to confidentiality obligations under their terms of employment.
We retain Personal Data only for as long as the purposes for which such data is collected or used continues, or where necessary for our legal or business purposes. Generally, we do not retain Personal Data for a period longer than necessary after the original purpose(s) for which the Personal Data was collected ceases to be applicable, unless otherwise required by law or other mandatory government authorities or for purposes of legal proceedings.
This Policy also applies to Personal Data we collect via our websites. “Cookies” may be used on some pages of our websites. “Cookies” are used by many websites to improve the user’s navigational experience. Most web browsers are initially set up to accept “cookies” but you may choose to “not accept” cookies by changing the settings on your web browser. In most cases, you may refuse a “cookie” and still fully navigate our website although some functionality in the site may be impaired. You may also delete the “cookie” from your system on termination of your visit to our site.
If you have any concerns or queries about how your personal data is handled by any of our offices, you may send your notice or request by mail or email addressed to our data protection officer in that office. The contact details and the email address of the data protection officer of each office can be found on our website: https://www.portcullis.co/en/contact-us/.