About this policy
Downing LLP (“we” or “us”) a limited partnership in England and Wales, CRN: OC341575. Our office is registered at St Magnus House, 3 Lower Thames Street, London, EC3R 6HD.
The purpose of this notice is to let you know how we look after your personal information, including what we learn through third parties, by having you as a customer (or potential customer) and information you provide to us directly or through our websites. This notice also informs you of your rights regarding personal information and how the law protects you.
‘Personal information’ is any information that can be used to identify an individual.
The privacy of your personal information is very important to us. Other than as expressly set out below or advised as part of product specific terms and conditions, we confirm that your personal information will not be disclosed or sold to third parties without your authorisation.
This privacy notice covers the following websites:
Personal information we collect
Personal information that you provide to us directly
You may provide us with personal information through a variety of mechanisms including over the phone (including recorded messages), face to face, hardcopy or electronic forms or surveys, email correspondence and/or our websites. Examples of the information you may provide us includes information on your financial position, socio-demographics and contact information.
Information about you from outside organisations
- Financial advisers
- Organisations which introduced you to us
- Public information sources (e.g. companies house)
- Fraud prevention agencies
- Credit reference agencies
- Market researchers
- Other sources which you may directly authorise us to source information from
Information about you when you use our products and services
This includes information when you use our services, for example profile and usage data as well as transactional and payments data for your accounts and products. Our websites collect information via your account when you’re logged in as well as through cookies other internet tracking software. Please see our cookies policy below for more information on cookies.
How we process your personal information and our legal basis
In addition to our own policies, the privacy of your personal information is protected by law. This section outlines the legal reasons we rely on to collect and process your personal information. We are legally required to meet one or more of the following reasons to hold and process your personal information:
- Legal obligation – where we need to use some of your information to comply with relevant legislation
- Legitimate interest – where we may process your data where we have a legitimate interest to do so. Legitimate interest may include commercial interests; before we do this we will also consider your rights and interests
- Contractual requirement – where we may process your personal information to fulfil a contraction obligation
- Consent from you – where we ask you for permission to use your personal data in a certain way
Our legal reasons for processing your personal information vary depending on the information and the means for which we are using it. These uses include:
- Development and provision of services
- Maintain and deliver products and services
- Management of customer relationships and resolving complaints
- Manage and conduct marketing of products and communicate with you
- Research, develop, test and deploy new products
- Effectively present content to you on our websites
Legal basis for using your personal information: Contractual requirements, legal obligation, consent, legitimate interest
- Managing and improving our operations
- Manage fees and charges on client accounts
- Conduct business efficiently and manage our financial position
- Plan, develop and maintain business capability
Legal basis for using your personal information: Contractual requirements, legal obligation, legitimate interest.
- Managing risk and preventing crime
- Managing risk both to us and you
- Complying with legal requirements and regulations
- Managing & preventing financial crime
- Maintaining and improving corporate governance
Legal basis for using your personal information: Contractual requirements, legal obligation, legitimate interest.
We have legitimate interests in processing personal data we collect from you to:
- Develop and price products and services
- Comply with regulatory guidance and recommendations
- Reduce and manage risks to you and us
- Evaluate if we have products which may interest you, and to communicate these to you
- Maintain and develop efficiencies in the way we meet our legal and contractual obligations
How long do we keep your personal information
By providing you with products or services, we create records that contain your information and/or data such as customer account records, activity records, tax records and lending and credit account records. Records can be held on a variety of media (physical or electronic) and formats.
We manage our records to help us to serve our customers well (for example for operational reasons, such as dealing with any queries relating to your account) and to comply with legal and/or regulatory requirements. Records help us to keep evidence of our business activities and demonstrate that we are meeting our responsibilities.
Retention periods for records are determined based on the type of record, the nature of the activity, product or service, applicable local legal or regulatory requirements. Retention periods may be changed from time to time based on business or legal and regulatory requirements.
We may, on exception, retain your information for longer periods, particularly where we need to withhold destruction or disposal based on an order from the any courts of competent authority, or in relation to an investigation by law enforcement agencies or our regulators. This is intended to make sure that we are able to produce records as evidence, if needed to those respective authorities.
Personal data we share with third parties
We will not sell the personal information that we collect from you. Some data processing in relation to personal information we collect from you may be carried out for us by a third party so that we can provide you with products and services, run our business, and obey rules that apply to us. We may share your information with:
- Regulators (e.g. the Financial Conduct Authority, Information Commissioner etc)
- HMRC and other tax authorities
- Law enforcement and other enteral and local government
- Other governing bodies e.g. ICO
- Agents, suppliers and other contractors and services providers which help us run our business
- Reference checking agencies
- Other companies which helps us meet our legal obligations
- Organisations or advisors which introduce you to us
- Member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries
- Market researchers or advisers which help us develop new ways of doing business
- Other organisations as part of a sale, merge or transfer of our business
We may also share your information with companies you ask us to share your information with or other third parties you explicitly authorise us.
How we store and transfer your personal information
European Economic Area
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice. All information you provide to us or our third-party suppliers is stored on secure servers. For our online platforms, any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of this site, you are responsible for keeping this password confidential. Please do not share this password with anyone.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website(s); any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access (although, as is the norm, no guarantees can be given).
Where you have given us your consent to collect and process information for a specific purpose you retain the right to rescind the consent at any time. In addition, there are other rights you are entitled to as the owner of personal information we collect and process, these rights are:
- Right to object – you may object to us keeping or using your personal information
- Right to be forgotten – you may ask us to delete remove or stop using your personal data if there is no legal reason for us to have it and it impinges on your privacy
- Right to rectification – if your personal information is inaccurate or incomplete you may request this information is rectified
- Right of access – this is the right to obtain a copy your personal data, if you wish we will provide this in an electronic format
We will try to keep personal information which we hold about you up to date, but if you think that we are holding information which is inaccurate, or you are otherwise unhappy about our use of your personal information then please send us an email us at email@example.com. You also have the right to complain and lodge appeals to the Financial Ombudsman Service (FOS) if you are unhappy with the outcome of a complaint.
What is a cookie?
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
What cookies do we use?
We use several different cookies to help us run and improve our website, including:
- Strictly necessary or functionality cookies
These are cookies that are required for the operation of this site. They include, for example, cookies that enable you to log into secure areas of this site, use a shopping cart or make use of e-billing services.
- Functionality cookies
These are used to recognise you when you return to this site. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).
- Analytical / performance cookies
They allow us to recognise and count the number of visitors and to see how visitors move around this site when they are using it. This helps us to improve the way this site works, for example, by ensuring that users are finding what they are looking for easily.
- Targeting and third party cookies
These cookies record your visit to this site, the pages you have visited and the links you have followed. We use this information to make this site more relevant to your interests. We may also share this information with third parties for this purpose in accordance with the statements set out above.
Third party cookies used on our website include cookies from:
- Google Analytics
These cookies help to understand how users interact with out website, details of their cookies can be found here.
These cookies help us to understand our customers and website users, details of their cookies can be found here.
For a comprehensive list of cookies operating on our websites or for more information about a specific cookie please email firstname.lastname@example.org.
How to turn cookies off
You can block cookies by adjusting the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of this site. For more information on how to do this please refer to: https://www.aboutcookies.org/.
This site logs your Internet Protocol (I.P.) address. All computers that are linked to the internet have an I.P. address. An I.P. address does not provide identifiable personal information.
Data Protection Officer at Downing LLP
St Magnus House,
3 Lower Thames Street