PRIVACY POLICY

The following privacy policy applies from the 21st May 2018

1. What do you do with my organisations and employees data?

We use the data to provide you, your employees services that includes the following:

• Providing you with information, keeping you up-to-date and informed and responding to your enquiries;

• Legal, regulatory or business reasons such as keeping up to information for the purposes of adhering to KYC (Know your Client) legislation and assisting with crime and fraud prevention. We may use information about you to: Provide you with information

• To manage your investments;

• Contact you if necessary;

• Send you information by email or other means; Satisfy our legal, regulatory and business requirements

• Help us keep your organisations or employees data safe, eg: checking your identity;

• Investigate any complaints or other enquiries that you raise;

• Crime, fraud and money laundering detection and prevention.

We are allowed to use your information in these ways because:

1. We need it to manage your investments with us;

2. We need to use some of your information to comply with legal and regulatory obligations;

2. How long will you keep my data?

We keep information while you are an investor and after you’ve left us to stop fraud and abuse, prove that you had investments or follow our legal obligations. Or the police may need it as evidence.

In each case, the length of time that we need to keep the information may be different, but we will only keep the information for as long as we need it.

3. Who do you share my personal data with and why? We will share your information in the following situations:

• With partners, banks, lawyers and employees who help us deliver the investments;

• When you have provided your consent;

• When we have legal or regulatory requirements such as a request from tax authority or law enforcement agency.

4. What data do you hold about me? (and how do you get it?) We collect information in three ways:

1. Directly from you or your employees;

2. From the investments you have made;

3. Directly from you when communicating with us by email, SMS and other electronic and non electronic methods;

We collect such information as:

• Your contact information including name, address, email address and telephone number;

• Your payment details including banking details and any other means used by yourself;

• Usernames and passwords for access to portals;

• Your communications with us including requests and complaints;

• Your activity/interactions on our website;

• Your use of our services including but not limited to;
o Phone numbers and/or email addresses of calls, texts, MMS, emails and other communications made and received from you and the date, time and cost of such communications;

How we collect information:

We collect information directly from you when you are asked to provide personal details about yourself, including but not limited to when you:

• Submit enquiries or comments to us or contact us;

• Join any of the investment companies;

• When you make changes to your registered details.

5. What rights do I have?

You have the following rights:

• To be informed about how we use your personal data (the purpose of this Privacy Notice);

• To update your personal data, you will need to contact us;

• To ask us to delete your personal data. However, there may be circumstances where we are legally entitled to retain it;
• To get a free copy of your personal data. A subset of your data (limited to data that you have provided to us);

• To object to the processing of your data and have it restricted. There may be circumstances where you ask us to restrict the processing of your information, but we are legally entitled to refuse that request;

• The right to make a complaint to the Information Commissioner (www.ico.org.uk) if you think that any of your rights have been infringed by us. To exercise any of your rights, you will need to contact us. You will need to provide the following information so that we can verify your identity:

• a colour copy of your passport driving licence, birth certificate or utility bill;

• If related to an organisation, the request will be required on company letter head.

Square Bay are required to respond to your request within 1 month. Where requests are complex and excessive, Square Bay is permitted an additional 2 months to process your request. However, in these circumstances we would provide an update on your request within 1 month of receiving it. When requesting a copy of your personal data, you can also do this via post.

6. How do you ensure my data is secure?

Square Bay is committed to keeping your data secure. We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure.

Security of Communications

Please be aware that communications over the Internet, such as e-mails and webmails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered – this is the nature of the World Wide Web/Internet. Square Bay cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

Non-EEA Use of Information

The information you provide to us may be passed to third parties located outside the European Economic Area. Countries outside the European Economic Area do not always have strong data protection laws. However, we will always take steps to ensure that your information is used by third parties in accordance with this policy. This can be done in a number of different ways, for instance:

o The country that we send the data to might be approved by the European Commission;

o The recipient company might have signed up to a contract obliging them to protect your information; or;

o The recipient is located in the US and is a certified member of the EU-US Privacy Shield scheme.

In other circumstances the law may permit us to otherwise transfer your information outside the EEA. In all cases, however, we will ensure that any transfer of your information is compliant with data protection law.

You can obtain more details of the protection given to your information when it is transferred outside the EEA (including a sample copy of the contract used with some recipients of your information) by contacting us.

8. What else can I do to ensure my data is secure?

Along with a section on Privacy, Get Safe Online has plenty of other good advice about protecting yourself online

9. How can I contact you?

If you would like more information or would like to raise any queries with us in relation to your information, you can contact us by writing to the Data Protection Officer at:

By post
Data Protection Officer Square Bay (Property) Ltd
9 Cheval Place
London
SW7 1EW

By email
dpo@squarebay.com

10. Changes to this Privacy Notice

We will check this policy from time to time and post any changes here. We may also let you know about these changes by email, voicemail, text or media message.

11. Resolving Privacy Issues

We will always try our best to resolve any data privacy issue you may have. You have the right to refer any data privacy issue to the Information Commissioner’s Office at any time.