Privacy Notice concerning customer and other business-related personal data

Effective Date of this version: 25 May 2018

  1. INFORMATION ABOUT US AND INTRODUCTION

Maxwell Davies Limited (“MDL” or “we” or “us” or “our”) is a UK-incorporated company. We offer a range of professional insolvency services to UK-based and international customers. In the course of providing these services, we process relevant personal data about our customers, related individuals, vendors and other business and marketing contacts.

This Privacy Notice contains important information about the way in which we collect, use, disclose, retain and otherwise process personal data. MDL is committed to protecting the personal data of our customers and business contacts and respecting their privacy. We have in place a robust information security management programme which relies on technical and organisational security measures that are reviewed and updated on a regular basis.

Data Controller: For the purpose of the General Data Protection Regulation 2016/679 and any implementing legislation (the “GDPR”), Maxwell Davies Limited is the data controller responsible for any personal data that we process. The address of our registered office is: The Kinetic Centre, Theobald Street, Elstree, Borehamwood, Herts, WD6 4PJ.

  1. DSO CONTACT DETAILS

Questions, comments, and other communications regarding this Privacy Notice, or our privacy practices in general, are welcomed and should be addressed to our Data Security Officer. Any queries and requests regarding this privacy notice may be emailed to data@maxwelldavies.com or sent by post to Vinters Business Park, New Cut Road, Maidstone, Kent, ME14 5NZ.

  1. WHAT PERSONAL DATA DO WE COLLECT AND WHY?

This section covers the different sources and categories of personal data that we collect and process, why we do so, and the lawful bases for processing by MDL.

Depending on your relationship with MDL, please see the relevant section below where we describe how we obtain your personal data and how we will treat it.

This privacy notice covers the processing of information for the following categories of individuals:

Where customers are legal entities, this covers employees, shareholders or representatives of our existing or prospective customers (or an employee, officer, shareholder, or other individual associated with it).

Service Providers (covers employees or representatives of our existing or prospective service providers, suppliers and contractors).

3.1 If you are our customer (or an employee, officer, shareholder or other individual associated with it)

A – SOURCES OF PERSONAL DATA

MDL may obtain your personal data from the following sources:

  1. from you directly (for example, by telephone, via our website, by e-mail, when you fill out our forms, or in the course of carrying out services for you if applicable);
  2. from a company that employs you, if you are our corporate customer,
  3. from other parties (or their advisers);
  4. from credit reference agencies (who may search the UK Electoral Register);
  5. fraud prevention agencies, CIFAS, or other organisations;
  6. from our own affiliates;
  7. from various subscription services; and/or
  8. from publicly available sources (for example, governmental websites, company registries, credit reference agencies, search engines and social media sites).

In considering any application from you or making lending decisions, we may search files held by credit reference agencies, which may keep a record of the search. We reserve the right to carry out further checks from any of these sources from time to time for fraud prevention and credit control purposes.

B – PERSONAL DATA THAT WE COLLECT AND PROCESS

As a financial institution, MDL has a legal obligation to carry out due diligence on its customers in compliance with various anti-money laundering, counter terrorism, anti-bribery and anti-corruption, tax and other similar legislation prior to providing services to a customer. To do this, MDL may request personal data relating to an individual customer, a corporate customer’s officers, authorised signatories, direct/indirect shareholders, trustees, settlors, protectors and beneficial owners. This may include:

  1. a copy of a passport, ID card or any other equivalent identity document;
  2. proof of residential address (for example, a copy of a utility bill, bank statement or any other equivalent document confirming the residential address);
  3. a specimen signature;
  4. a completed “politically exposed person” questionnaire;
  5. source of funds;
  6. income levels and other financial data; and/or.
  7. video footage of you if you visit our premises.

MDL may conduct real-time and/or automated screening against politically exposed persons and prohibited and/or sanctioned persons lists published by various regulators from time to time or checks through certain subscription services. This may include information relating to your partner or other members of your household.

If you are an individual customer, or an officer or authorised signatory of a corporate customer, MDL may also collect your contact details (including your name, title, postal address, telephone number(s) and email address) and other verification details, such as call-back contact details.

In providing our services to you, we will process the details of your transactions, account summaries, and other financial details relevant to the management of your account with us.

If you are using our online services, please see the details we may collect in Section 3.4 below.

C – WHY DO WE COLLECT YOUR PERSONAL DATA AND WHAT ARE OUR LAWFUL GROUNDS FOR IT?

Contract

If you are a customer of MDL, the above personal data is necessary for the purposes of entering into a contract with us as a customer and providing you with the following services:

  1. provision of products services that are requested from us;
  2. managing, operating and giving and receiving instructions in respect of accounts held with us or our affiliates under the transactions documentation;
  3. sending you statements,
  4. communicating with you about changes to services,
  5. planning visits to our and / or your premises, or other locations,
  6. maintaining a commercial relationship with you,
  7. responding to any queries that you may submit to us.

Legal obligations

We need to collect your personal data to comply with our legal obligations:

  1. for assessment and analysis necessary to prevent and detect money laundering, including but not limited to carrying out any relevant anti-money laundering and sanctions checks and fulfilling our obligations under any relevant anti-money laundering law or regulation (including under The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017); and / or
  2. to comply with any other professional, UK or EU legal and regulatory obligations which apply to us.

Where you are unable to provide us with your personal data that is a legal or a contractual requirement in relation to the provision of our services to you, we may be compelled to refuse to offer our services.

Legitimate interests

Finally, the personal data we collect is used to protect our business interests including the following:

  1. to develop and improve our services to you and other customers;
  2. to learn from the way you use and manage your account(s), from transactions you make and from the payments which are made to your account;
  3. to assess and analyse in order to prevent and detect fraud and other crime,
  4. to carry out regulatory checks;
  5. to meet our obligations to any relevant regulatory authority;
  6. to carry out operational and administrative actions;
  7. to exercise or to defend legal claims;
  8. to inform you of products, services and events that may be of interest to you by letter, telephone, messages, e-mail and other electronic methods, provided that we have your permission, where necessary.

You may tell us at any time if you do not wish your personal data to be used for the purposes of our legitimate interests listed above, including to receive marketing communications from us by contacting our DSO (see the contact details in section 2 above).

Where we rely on legal obligations or performance of our contractual obligations as the lawful bases, MDL may not be able to move forward with providing services if:

  • the documents listed above are not provided to complete our checks required by law; or
  • the documents and/or screening checks are not satisfactory to MDL in its sole opinion.
D – WHO DOES MDL SHARE YOUR PERSONAL DATA WITH?

Credit reference and fraud prevention agencies

In some cases, where you are an individual customer of MDL or an individual associated with a corporate customer, we may need to share your personal data with authorised credit reference and fraud prevention agencies in order to obtain information from them that is necessary to make credit assessments and to prevent and detect fraud, money laundering and other crimes.

Should an unaffiliated third party request a credit reference from us, or any other request for a reference that concerns you, we will not provide such a reference without your written permission unless agreed within our transaction documentation.

Government or regulatory authorities

We may also disclose information about you if we have a legal duty to do so or if we are required or requested by any governmental, banking, taxation or other regulatory authority or similar body, or by the rules of any relevant stock exchange or pursuant to any applicable law or regulation or if the law allows us to do so. Otherwise, we will keep information about you confidential.

MDL’s service providers

We may give information about you and how you manage your account to organisations that provide a service to us or are acting as our agents, subject to contractual measures that we put in place obligating such organisations, on the understanding that they will keep the information confidential and will comply with applicable data protection laws.

For example, we may share your information with the following types of service providers that we engage with:

  1. Technical support providers who assist with our website and IT infrastructure;
  2. Third party software providers, who may include ‘software as a service’ solution providers, where the provider hosts the relevant personal data on our behalf;
  3. Professional advisers such as solicitors, accountants, tax advisors, auditors and insurance brokers;
  4. Money laundering and compliance search providers;
  5. Providers that help us store, collate and organise information effectively and securely, both electronically and in hard copy format, and for marketing purposes;
  6. Providers that assist us in transferring information effectively and securely for HMRC and Court purposes; and/or
  7. Providers that help us generate and collate reviews in relation to our services.

Please see further detail on the sharing of personal data in Section 4 below.

E – HOW LONG WILL YOUR PERSONAL DATA BE KEPT BY MDL?

MDL keeps the personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.

We will generally hold personal data collected for the purposes described in the section “why do we collect your personal data and what are the lawful grounds for it?” above for the entire duration of our relationship with our customer with regard to the provision of services and any applicable regulatory or retention period prescribed by law. We will retain information about you after the closure of a customer account or if your application is declined or abandoned for as long as required for legal, regulatory, fraud prevention and legitimate business purposes.

3.2 If you are a prospective customer

A – SOURCES OF PERSONAL DATA

If you are a prospective customer or an individual associated with a prospective customer (e.g. an employee, shareholder or a representative) and not our existing customer, we will mainly process the business contact details.

These details may have been provided:

  1. by you directly (for example, when you fill out our forms);
  2. via our website;
  3. by email;
  4. by telephone;
  5. during networking events that we have either hosted, or sponsored, or attended;
  6. if you visit our premises; and /or
  7. from publicly available sources (for example, your company website).
B – PERSONAL DATA THAT WE COLLECT AND PROCESS

MDL may process your contact details, including your name, title, postal address, telephone number(s) and email address. MDL may also process video footage if you visit our premises.

C – PURPOSES FOR PROCESSING YOUR PERSONAL DATA

We may process personal data for the purposes below:

  1. To provide you with information, products or services that you request from us or that we feel may interest you. Where we use your email to communicate marketing information to you we will seek your prior consent, where required to do so by law.
  2. To enable us to plan visits to prospective customer premises and establish commercial relationship with the customer.
  3. For the fulfilment of marketing campaigns online, by letter, telephone, messages, email or other electronic methods.
  4. To provide security of our offices, when you visit us.
D – LAWFUL BASIS FOR PROCESSING

We process the types of personal data identified above on the basis of our legitimate interests or those of our customers or suppliers where relevant.

If you wish to withdraw your consent, or object to our using your contact details for any of the purposes listed above, including direct marketing, please send us an email at: ruth@maxwelldavies.com.

E – WHO DOES MDL SHARE YOUR PERSONAL DATA WITH?

MDL may share your personal data with MDL’s affiliates with whom we may carry out joint marketing campaigns or events.

MDL may, from time to time, share your personal data with our advertising and promotional agencies and consultants and those organisations selected by us to carry out marketing campaigns on our behalf subject to appropriate contractual safeguards

Please see further detail on the sharing of personal data in Section 4 below.

F – HOW LONG WILL YOUR PERSONAL DATA BE KEPT BY MDL?

MDL will retain your business contact details for as long as it is necessary for the purposes set out above (e.g. for as long as we have a relationship with you as our business contact).

We review the information we retain regularly and when there is no longer a legal or business need for us to hold it, we will either delete it securely or, in some cases, anonymize it in a way that no longer identifies you.

Any contact details that are stored on our customer relationship management database will be removed from our mailing lists if they are more than 3 years old and there has been no interaction with them during that period, following which they will be deleted permanently.

3.3  Service Providers (covering their employees, authorised signatories, officers, directors and representatives)

A – SOURCES OF PERSONAL DATA

MDL may obtain your personal data from the following sources:

  1. from you directly (for example, when you fill out our forms, sign agreements with us, or in the course of carrying out services for us);
  2. from a company that employs you, if you are a representative of one of our corporate service providers; and/or
  3. from publicly avaiMDLe sources (for example, your company website).
B – PERSONAL DATA THAT WE COLLECT AND PROCESS

MDL may request personal data relating to our service providers’ officers, authorised signatories, and other associated individuals. This may include:

  1. name;
  2. job title; and
  3. business contact details.
C – WHY DO WE COLLECT YOUR PERSONAL DATA AND WHAT ARE OUR LAWFUL GROUNDS FOR IT?

Legal obligations

We may need to collect your personal data to comply with any professional, legal and regulatory obligations which apply to us.

Legitimate interests

The personal data we collect may also be used for the following of our legitimate interests:

  1. to communicate with you in relation to the services provided to us;
  2. to carry out regulatory checks;
  3. to meet our obligations to any relevant regulatory authority;
  4. to carry out operational and administrative actions;
  5. to exercise or to defend legal claims;
  6. to prevent illegal activity, and/or
  7. to invite you to events and inform you of products and services that may be of interest to you by letter, telephone, messages, e-mail and other electronic methods. Where we send you direct marketing by email, we will obtain your consent where we are required to do so by law.

If you object to us using your contact details for these purposes, including direct marketing, please send us an email here: ruth@maxwelldavies.com.

Website visitors

3.4 If you are our website visitor

A- SOURCES OF PERSONAL DATA

We may obtain your personal data from the following sources:

  1. from you directly (for example, at the time of subscribing to any services offered on our website (www.maxwelldavies.co.uk), including but not limited to email mailing lists, interactive services, posting material or requesting further goods or services);
  2. from your device or browser; and/or
  3. if you contact us, we may keep a record of that correspondence.

B- PERSONAL DATA THAT WE COLLECT AND PROCESS

  1. name;
  2. username;
  3. email address
  4. operating system;
  5. browser type;
  6. cookie data (for more information please see our Cookie Policy)
  7. IP address.

C – WHY DO WE COLLECT YOUR PERSONAL DATA AND WHAT ARE OUR LAWFUL BASES FOR IT?

MDL processes your personal data for the following purposes:

  1. to allow you to participate in interactive features of our service when you choose to do so;
  2. to ensure that content from our website is presented in the most effective manner for you and for your device;
  3. to allow us to share information in order to provide any product or service you have requested;
  4. for the provision of support services;
  5. for the management of our customer records;
  6. for system administration purposes;
  7. for generating and monitoring statistical data about our users’ browsing actions and patterns, the number of visitors to our website, the pages visited and how long they stayed; and/or
  8. to exchange personal data for the purpose of reporting, management, carrying out monitoring, analysing business, complying with group regulatory requirements and any other purposes that is incidental to or connected with the foregoing purposes.

As described in our Cookie Policy, we will not set cookies on a user’s device unless they have consented to our doing so, unless the cookies in question are necessary for the performance or navigation of our website.

It is in MDL’s legitimate interests, and that of our website visitors, for us to process data about their use of our website in order to improve the services and information that we provide on it and for the security of our website operation.

Please do not submit your information to via our website, if you do not want us to process your personal data for the above purpose.

If you do not want us to process your personal data for the purposes above, please send an email to our DSO as set out in Section 2 above.

D – WHO DOES MDL SHARE YOUR PERSONAL DATA WITH?

We may share your information with companies that provide the following services to MDL:

  1. Analyse or evaluate our data collection process or customer service fulfilment;
  2. Service providers, such as website hosting companies or those that operate the website on which information about you is collected.

Please see further detail on the sharing of personal data in Section 4 below.

E – HOW LONG WILL YOUR PERSONAL DATA BE KEPT BY MDL?

We keep your personal data for as long as necessary to respond to your queries and/or to maintain a relationship with you. When our relationship ends, we will delete your personal data or aggregate the data we collect about our website use, so that the data no longer identifies you.

4. SHARING OF YOUR INFORMATION

Data that we collect may be shared with our affiliated companies, suppliers or service providers as mentioned specifically in each relevant section above. Also, we may share your personal data in the following cases:

  1. as permitted by law in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law; and/or
  2. in the context of mergers and acquisitions, MDL may transfer your personal data to potential purchasers and their advisors, subject to appropriate confidentiality obligations, in the event MDL decides to dispose of all or parts of its business.

5.TRANSFERS OUTSIDE THE EUROPEAN ECONOMIC AREA (EEA)

In general, when transferring your personal data outside the EEA (which consists of EU member states and Iceland, Lichtenstein and Norway), we will only do so using one of the following safeguards:

  1. the transfer is to a non-EEA country which has an adequacy decision by the EU Commission (e.g. Israel);
  2. the transfer is covered by a contractual agreement, which covers the GDPR requirements relating to transfers to countries outside the EEA.
  3. the transfer is to an organisation which has Binding Corporate Rules approved by an EU data protection authority; or
  4. the transfer is to an organisation in the US that is EU-US Privacy Shield certified.

You may request a copy of the relevant document by contacting our DSO as indicated in Section 2 above.

6. YOUR RIGHTS

You have the following rights in relation to your personal data under the GDPR:

  1. to obtain information on how we handle your personal data and access documents which contain your personal data;
  2. to request us to correct or update your personal data if it is inaccurate or out of date;
  3. to object to the processing of your personal data for the purposes of our legitimate interests, as discussed above;
  4. to erase personal data about you that is held by us:
    i     which is no longer necessary in relation to the purposes for which is was collected,
    ii    to the processing of which you object, or
    iii   which may have been unlawfully processed by us;
  5. to restrict processing by us, i.e. to restrict processing to storage only:
    i     where you oppose to deletion of your personal data and prefer restriction of processing instead, or
    ii    where you object to the processing by us on the basis of its legitimate interests;
  6. to transmit personal data that you submitted to us back to you or to another organisation in certain circumstances; and
  7. to withdraw your consent at any time, if we rely on your consent (for example, when setting cookies on your device or for direct marketing).

If you at any time decide that you do not want to be contacted for direct marketing purposes or if you would like to exercise any of these rights, please contact our DSO as indicated in Section 2 above.

If you are unhappy with how we have dealt with your request or concern, you have the right to file a complaint with the Information Commissioner’s Office, the UK supervisory authority.

For more details, please visit the ICO’s website: https://ico.org.uk/concerns/handling/.

Personal identification information

We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our website, register on the website, place an order, subscribe to the newsletter, respond to a survey, fill out a form, and in connection with other activities, services, features or resources we make avaiMDLe on our website. Users may visit our website anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain website related activities.

Information that is gathered from visitors

In common with other websites, log files are stored on the web server saving details such as the visitor’s IP address, browser type, referring page and time of visit. This information is not used to track individual visitors to this website.

Cookies may be used to remember visitor preferences when interacting with the website.

What are cookies?

Cookies are small digital signature files that are stored by your web browser that allow your preferences to be recorded when visiting the website. Also they may be used to track your return visits to the website.

Where registration is required, the visitor’s email and a username will be stored on the server.

How the information is used

Cookies may be used to enhance the visitor’s experience when using the website and/or to enable a shopping basket system or features such as expanding menus. These session cookies expire after a browser session so would not be stored longer term. For this reason session cookies may sometimes be considered less privacy intrusive than persistent cookies. They are sometimes known as benign cookies.

Sharing your personal information

We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third party service providers to help us operate our business and the website or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.

E-mail may be sent to inform you of news of our services or offers. You will always be given the chance to opt out of any periodic mailings.

If you have subscribed to one of our email services, you may unsubscribe by following the instructions which are included in e-mail that you receive.

How we protect your information

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our website.

Our website operates on a secure linux server which is updated on a daily basis with any operating system updates or security patches that need applying. 

Third party content

Users may find advertising or other content on our website that links to the websites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these websites and are not responsible for the practices employed by websites linked to or from our website. In addition, these websites or services, including their content and links, may be constantly changing. These websites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our website, is subject to that website’s own terms and policies.

Opting out of cookies from our website

You may be able to block cookies via your browser settings but this may prevent you from access to certain features of the website.

Cookies and our use of Google Analytics

If a page of our website contains a link to the Google Analytics tracking code we are using Google, as a third party vendor of visitor logging.

These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.

We do not share personal data with Google.

Changes to this privacy policy

We reserve the right to update this privacy policy at any time. We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Your acceptance of these terms

By using this website, you signify your acceptance of this policy and terms of service. If you do not agree to this policy, please do not use our website. Your continued use of the website following the posting of changes to this policy will be deemed your acceptance of those changes.

Call us now

Free to call - click here
0800 118 2948