‘Personal data’ is defined as:
any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
How We Use Information We Collect
We use your Personal Information where it is necessary for the performance of a contractual duty or to comply with our legal obligations (e.g., financial investments require certain actions to be before approval); for our legitimate interests, such as to establish, exercise or defend legal claims, prevent fraud and/or enhance our products or services; or where we have obtained your consent, such as for marketing purposes. More specifically, we use and disclose your information as follows:
- To send you information, including marketing communications;
- For our legitimate interests in conducting our business, such as:
- To fulfill your requests for products, services or support;
- To respond to questions service enquiries;
- To communicate with you;
- To carry out certain marketing activities;
- To prevent fraud;
- To comply with applicable laws and respond to lawful requests from public authorities.
We will use your information as described in this policy. We will not use your information for any other purpose than what it was obtained for. If we want to use your information for a purpose for which it was not collected, we will first get your consent to do so.
We will not share your information with any third parties for the purposes of direct marketing.
We do not share your information with anyone except as described below. We will share your information only with your consent or as required or permitted by law, such as with:
- Regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and law enforcement requests
- Our service providers who perform services for us and help us operate our business.
- Our business partners, to provide, deliver, offer, products and services to you, either jointly or separately. We will not share your contact information with business partners for them to independently market their own products or services to you without your consent. With your consent we may send you offers on their behalf.
Your Rights – Access & Control Your Information
By law you have the right to ask us what information we hold about you, you have all the following rights under the General Data Protection Regulation (GDPR 2018);
- Right of Access the information we hold about you
- Right of Rectification of any information that may be inaccurate.
- Right of Erasure of your information (the right is not absolute and only applies in certain circumstances)
- Right to Restrict processing of your personal data
- Right to Data Portability allows you to obtain and reuse your personal data for your own purposes across different services (If you provided the data directly to us in the first instance)
- Right to Object to the processing of your personal data in certain circumstances.
To access, correct, or raise requests about your information, please contact us at the address above. You may be asked to prove your identity with approved identification before we can fulfill your request.
We take information security very seriously and We have a range of information security polices and have implemented the necessary administrative, technical, and physical security controls to help prevent unauthorized access to our information systems and data. Despite these controls, no data can be entirely secure, and we cannot and do not guarantee or warrant the security of any information you transmit via our websites. We take necessary steps to restrict access to information to only those employees, contractors, and third parties who need such access to operate, develop, improve, or deliver our products, and services.
You can withdraw your consent at any time and we will stop sending you our newsletter and where applicable stop processing your personal data.
We will respect your wishes not to receive marketing materials or communications . You can change your marketing preferences by contacting us at the addresses above. If you provided us with your email address to receive marketing materials or communications, you can opt out at any time by contacting us at the address above.
International Data Transfers
Arch Henderson LLP does not send any of your personal information to other countries.
We will keep your Personal Information only as long as we need to deliver the products and services that you requested, unless we are required to keep it for longer periods because of law, regulation, litigation or regulatory investigation purposes. Our retention policy dictates when how long we keep specific types of information.
Contacting us is easy
We want to ensure you understand what data we collect and how we process it; you can contact us via the following methods to find out more about how your data is processed and secured:
Post: Arch Henderson LLP
Data Controller, 26 Rubislaw Terrace, Aberdeen, AB10 1XE
Tel: +44 (0)1224 631 122
Any complaints about our adherence to the practices described in this Policy or our use of your information, please contact us in the first instance so we may address your complaint directly. We can be contacted at the any of the addresses above. We wish to satisfy your concerns in a timely manner.
Formal complaints regarding our data protection practices and related actions regarding your information should be addressed directly to the Information Commissioners Office, Scotland.
The Information Commissioner's Office - Scotland
45 Melville Street
Telephone: 0303 123 1115