This website accessible at www.theinvestmentcompany.com (the “Site”) is operated by Chelverton Asset Management Limited, (“we”, “us” or “our”) for and on behalf of The Investment Company plc.
This Policy does not apply to any other data, including personal data, that we collect offline or that is processed by us, Chelverton UK Dividend Trust plc or any other third parties in relation to any other products or services provided to you.
By accessing this Site, you acknowledge that you have read and agree to the practices described in this Policy.
Our full company name is Chelverton Asset Management Limited. We are incorporated and registered in England (company number 3429348), with our registered office at 11 Laura Place, Bath, BA2 4BL.
We are authorised and regulated by the Financial Conduct Authority.
For the purposes of data protection laws, including the Data Protection Act 2018 and the General Data Protection Regulation 2018, as incorporated into UK law (the “GDPR”) we are the controller of personal data processed in connection your access to and use of the Site.
We have appointed a Responsible Person, who can be contacted via firstname.lastname@example.org.
WHAT PERSONAL DATA DO WE COLLECT?
Personal data is any information that enables us to identify you, either directly or indirectly in conjunction with any other information we hold, by reference to an identifier such as name, address, date of birth or government identification number.
We use different methods to collect personal data from and about you including through:
- Personal data you give us. You may give us your personal data including name and contact details, by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you ask us about, or apply for, our products or services; subscribe to our services or publications; request marketing to be sent to you or give us some feedback.
- Personal data we collect. As you interact with our Site, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
HOW AND WHERE DO WE PROCESS PERSONAL DATA?
We comply with the obligations under the applicable data protection law by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorized access and disclosure and by ensuring that appropriate technical and organisational measures are in place to protect personal data.
We will use your personal data for the following purposes:
- To confirm your identity;
- To respond to your questions and provide related customer services;
- To monitor and protect the security of our information, systems and network;
- For internal business intelligence purposes, to conduct research, product development and enhancement;
- To inform you of changes made to our Site and other services;
- To conduct marketing and commercial activities and to market relevant offers and promotions to you;
- To ensure that content from our Site is presented most effectively for you and your computer;
- To display content based on your interests;
- To enable you to search information on our Site;
- Assess your needs and interests in order to better tailor offers and/or advertising; and
- Improve our Site.
We will store and process your personal data on servers located in the United Kingdom.
WHAT IS OUR LEGAL BASIS FOR PROCESSING PERSONAL DATA?
Under Article 6 (1b) of the GDPR, the legal basis that we employ for processing your personal data is that processing of your personal data is necessary for the performance of a contract to which you, the ‘data subject’ is party, or in order to take steps at your request prior to entering into such a contract.
We also process your personal data under Article 6(1f) of the GDPR where processing is necessary for the purposes of our legitimate commercial interests, except where such interests are overridden by your rights and interests.
SHARING YOUR PERSONAL DATA
Your personal data will be treated as being strictly confidential. We may share your personal data with the parties set out below for the purposes set out in this Policy:
- A member of our group;
- Companies that provide services to help us confirm your identity, meet our compliance and regulatory obligations, and to detect and prevent fraud or other financial crime;
- Our professional advisors such as auditors, accountants and lawyers, etc;
- Companies that provide services to help us with our business activities, such as data storage, maintenance services, database management, web analytics and payment processing;
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Policy.
We may also disclose your personal data as required by law, such as to comply with a subpoena, or a similar legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request, and to any other third party with your prior consent to do so, unless notification is prohibited by the applicable law.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Where personal data subject to UK data protection laws is shared by us with a third party located in a country that has not received an adequacy decision from the UK Government, we will only share such personal data subject to appropriate safeguards, which comply with the data protection laws and provide you with enforceable rights and remedies.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, after which time it will be destroyed securely if it is no longer needed for the lawful purposes for which it was obtained.
In some limited cases, it may be necessary to retain your personal data for longer if we need to hold it for liability claim purposes (eg if any complaints were to be made to an ombudsman service), and for example to hold and provide to a regulatory body.
If you consent to receive marketing from us, any information we use for this purpose will be held by us until such time as you notify us that you no longer wish to receive marketing information from us.
ACCESS TO YOUR PERSONAL DATA AND OTHER RIGHTS
You have the right to request a copy of the information that we hold about you. If you would like a copy of all or some of your personal data, please email or write to us at the addresses provided in the “Contact Details” section of this Policy.
In some exceptional cases, we may make a small charge for this service (for example multiple claims for the same information), but usually this data will be provided free of charge.
We want to make sure that your personal data is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
You may also have the following rights with respect to your personal data:
- to request that we correct any of your personal data if it is found to be inaccurate or out of date;
- to request your personal data to be erased where it is no longer necessary for us to retain such data;
- to withdraw your consent to the processing of your personal data at any time;
- to request that we provide you with your personal data, and where possible, to transmit the data directly to another data controller (known as the right to data portability);
- where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- to object to the processing of your personal data with regards to Direct Marketing;
- to lodge a complaint with your local data protection authority, such as the Information Commissioner’s Office (ICO) in the UK.
Please note that the exercise of some of the rights above are subject to exceptions. We will inform you if we intend to rely on one of those exceptions in our response to your request.
We would like to send you information about products and services of ours and other companies within our group which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other entities within our group. If you no longer wish to be contacted for marketing purposes, please email or write to us at the addresses provided in the ‘Contact Details’ section of this Policy.
AUTOMATED DECISION MAKING
We do not use automated decision making in connection with the data processing activities described in this Policy
If we wish to use your personal data for a new purpose, not defined by this Policy, then we will provide you with a new notice explaining this new use prior to the commencement of the new processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
We will update this Policy from time to time, so please check back periodically.
The provisions contained in this Policy supersede all previous notices or policies regarding our use personal data.
To exercise all relevant rights, or to raise queries or complaints, please in the first instance contact the Responsible Person, Vivien Langford.
By email: email@example.com
By post: Vivien Langford, Chelverton Asset Management Limited, 11 Laura Place, Bath BA2 4BL