Gleacher Shacklock LLP
This privacy notice explains how the firm (“we” or “Gleacher Shacklock”), use any personal data (“information”) as a data controller that we collect about you (including for the purposes of the General Data Protection Regulation (”GDPR”). It describes:
- what information we collect about you;
- how we use your information;
- the legal basis for our use of your information;
- who we share your information with;
- your rights regarding our use of your information;
- how long we keep your information; and
- how to contact us.
We acknowledge that any information you provide may be confidential and accordingly we will maintain the confidentiality of, and protect, your information in accordance with our normal procedures and all applicable laws. As set out below, we employ appropriate technical and organisational security measures to help protect your personal data against loss and to guard against access by unauthorised persons. We regularly review our security policies and procedures to ensure our systems are secure and protected.
2. What information do we collect about you?
Depending upon your relationship with Gleacher Shacklock, we may collect personal information about you in the following circumstances:
2.1. Business development
We collect personal information about prospective clients as part of our business development initiatives and our new business approval process. The type of personal information we may collect includes your name, address, nationality, business interests and employment history. We obtain this information from publicly available open sources, either directly or through a third party.
2.2. Business contacts
We collect information that you voluntarily provide during your business relationship with us; for example, through e-mail, from business cards or following a meeting with representatives of the firm. The type of personal information that we may collect includes current and historical information including your name and contact details (such as your address, email address, telephone numbers) and identifiers such as your organisation, employment history and positions held. We will also collect personal information you choose to provide to us.
We may also collect personal information from third parties such as your employer, other organisations that you have dealings with, regulators, government agencies, credit reporting agencies, publicly available records (including electronic data sources to carry out checks to enable us to comply with applicable law), information or service providers (some of whom may process your personal information on our behalf), recruitment agencies and other professional advisers.
If you apply for a full time role or other work experience opportunity at Gleacher Shacklock you may need to provide personal data as part of the recruitment process (and, if successful, once you join the firm). Your application directly to us, or via a recruitment agency, will constitute your express consent to our use of this information. We will use this information to consider your application for a position with Gleacher Shacklock. We may also use the information to carry out checks to verify the information provided by you (including reference, background, identity, suitability and criminal record checks). We may also disclose it to recruiters, screening check providers, health service providers, professional associations, government and law enforcement agencies, referees and your current and previous employers.
3. How do we use your information?
We will only use your personal information if and to the extent that applicable law allows. We will, therefore, only process your personal information if:
- it is necessary for the performance of a contract with you or the organisation you work for;
- it is necessary in connection with a legal obligation;
- you have given your consent (where necessary) to such use or the organisation you work for has obtained consent (where necessary) to share information with us; or
- if we (or a third party) have a legitimate interest which is not overridden by your interests or your rights and freedoms Such legitimate interests include the provision of financial advisory services, running the firm’s business and marketing relevant services directly to you.
We use personal data we collect for communication and business development purposes, including:
- to consider whether we can pursue certain business development opportunities;
- to comply with our legal obligations to identify and verify the identity of our clients and their beneficial owners;
- to communicate with, and deliver services to, you as part of our ongoing business relationship (including, as appropriate, in accordance with the terms of any engagement letter with you);
- to send you information relating to recent transactions undertaken by us;
- to send you invitations to Gleacher Shacklock events;
- to maintain our list of business contacts; or
- to process and respond to requests, enquiries or complaints received from you.
4. The legal basis for our use of your information
We use your information where we are permitted to do so by law, in reliance upon the following legal bases:
- legitimate interests (although only where our interests are not overridden by your interests, rights or freedoms);
- performance of a contract; and/or
- compliance with a legal or regulatory obligation.
Our legitimate interests, where relevant, are:
- to operate our business as a corporate finance advisory firm;
- to manage business relationships with our clients and to optimise the services we provide to them;
- to promote and market our corporate finance advisory services; and
- to comply with laws and regulations applicable to our business.
5. Who do we share your information with?
We may share your personal information with third parties who provide services on our behalf for example, a technology supplier may have access to your personal information when providing software support, or a company we use for a communications campaign may process the personal information of our contacts for us. We may also have to share your personal information with regulators, government agencies, and other third parties.
We may share your personal information with third parties where:
- you have consented to us doing so or the organisation that you work for has obtained your consent for us to do so (where necessary);
- we are under a legal or regulatory obligation to do so (for example, to comply with anti-money laundering requirements);
- it is necessary for the purpose of, or in connection with, legal proceedings or in order to exercise or defend legal rights; or
- it is appropriate to disclose the information to parties with whom we have promotional arrangements.
We do not currently transfer any of your personal data outside the EEA. In the event that any changes occur to our processes requiring such transfer, we will notify you through updating this notice and will ensure that any transfer of data outside the EU/EEA made in line with data protection laws.
6. Using our website
You are able to browse the Gleacher Shacklock website without actively providing us with your personal information. We do not collect personal information when you browse the website, such as your email address.
7. What are your rights in relation to our use of your information?
You have rights under data protection law in relation to our use of your information, including to:
- request access to your information;
- update or amend your information if it is inaccurate or incomplete;
- object to certain uses of your personal data (which includes direct marketing, and processing based on legitimate interests) on grounds relating to your particular situation;
- request the deletion of your information, or restrict its use, in certain circumstances (for example, you can request that we erase your information where the information is no longer necessary for the purpose for which it was collected unless certain exceptions apply);
- withdraw any consents you have provided in respect of our use of your information; and
- request the return of information you have provided to us, to use for your own purposes (often called your right to data portability) where the processing is based on your consent or for the performance of a contract; and the processing is carried out by automated means.
More information about these rights can be found at https://ico.org.uk/for-the-public/. If you have any questions about these rights, or you would like to exercise any of them, please contact us at firstname.lastname@example.org – additional details of how to get in touch are set out in paragraph 11 below.
We use up-to-date data storage and security to hold your personal information securely in electronic and physical form to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. Our premises are access controlled and our electronic databases require logins and password authentication.
All our members, employees and third party service providers who have access to confidential information (including personal information) are subject to confidentiality obligations.
However, the transmission of information via the internet is not completely secure. Although we take appropriate and proportionate steps to manage the risks posed, we cannot guarantee the security of your information transmitted to our online services.
9. How long do we keep your information?
As a general matter, your personal data will be saved for the specified purposes mentioned above for as long as you are a business contact of the firm and, where applicable, will be held for no longer than is required under the terms of our engagement letter with you. However, the period for which we will retain different categories of personal information may vary depending on the requirements of applicable law or regulation. For example, if you provide us with your information in connection with a new business approval, under FCA rules, we must keep your information for up to five years from the date of last contact with you.
Subject to the above, under the firm’s data retention policy, we will not hold personal information for longer than 10 years before it is destroyed.
We will give you the opportunity to unsubscribe if you no longer wish to receive communications and invitations from us. If you choose to unsubscribe, we will cease to send you such communication and invitations as mentioned above.
10. How to contact us?
Please contact us if you have any questions regarding this notice or the information we hold about you by email to email@example.com or by post to the Compliance Officer, Gleacher Shacklock LLP, Cleveland House, 33 King Street, London, SW1Y 6RJ.
We would hope that the firm’s Compliance Officer can resolve any query or concern you might raise about our use of your personal information. However, if you feel we have not handled your query or concern to your satisfaction, you can contact the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at ico.org.uk/concerns or telephone 0303 123 1113.
11. Changes to this privacy notice
We keep this privacy notice under regular review and we will place any updates on this webpage. This privacy notice was last updated on 24 May 2018.