MARWYN GROUP DATA PROTECTION PRIVACY POLICY

1.This policy

In this policy, “Marwyn”, “we”, “us” and “our” refer to Marwyn Group’s data controllers, which include: Marwyn Investment Management LLP, Marwyn Capital LLP and Marwyn Partners Limited in the UK and Marwyn Jersey Limited. This policy is issued by the Marwyn Group and is applicable to all persons with whom we interact, including clients and their employees (together, “you”).

We will only use information about an individual from which such individual is identifiable (“Personal Data”) which is provided to us, or otherwise obtained by us, as set out in this policy. We will ensure that your Personal Data is handled in accordance all laws applicable from time to time relating to the processing of Personal Data and/or privacy as the same may be re-enacted, applied, amended, superseded, repealed or consolidated, including without limitation the UK GDPR (as defined in the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019/419) and any legally binding regulations, directions and orders issued from time to time under or in connection with any such law (“Data Protection Legislation”).

2.Processing of personal data

Marwyn collects Personal Data when it is provided to us either by you, your representatives, a third party or from public sources, including the internet and subscription databases. It is important that the Personal Data Marwyn holds about you is accurate and current. Please keep Marwyn informed if your Personal Data changes during your relationship with them. The categories of Personal Data that we process include:

  • Personal Details: names, dates of birth, copies of passport(s), employment history, tax records and other identification documents and tax identification numbers;
  • Contact Details: residential addresses, telephone numbers and e-mail addresses; 
  • Financial Details: bank account numbers and transaction records; and
  • Technical Data: information about your equipment, browsing actions and patterns – please see our Cookie Policy for more information.  

Marwyn does not routinely seek to collect or otherwise process data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation (“Sensitive Personal Data”) unless:

  • It is necessary for compliance with a legal obligation, including anti money laundering or the combating of the financing of terrorism;
  • You have made the Sensitive Personal Data public; or
  • We have obtained your prior consent.

The purposes for which we may process your Personal Data are:

Processing purpose

Legal basis for processing

Fulfilling our or your legal and regulatory compliance obligations, including those for the prevention of market abuse, tax evasion and money laundering, such as ‘Know Your

Customer’ checks, confirming and verifying identify, and screening against subscription databases (for example, for sanctions and adverse media checks).

  • To comply with a legal obligation; or
  • Necessary in connection with an engagement letter or other contract that you have entered into with Marwyn; or
  • We have a legitimate interest for the prevention of market abuse, tax evasion, money laundering, sanctions violations and protection against fraud; or
  • We have obtained your prior consent.

Business take on.

  • To comply with a legal obligation; or
  • Necessary in connection with an engagement letter or other contract that you have entered into with Marwyn; or
  • We have a legitimate interest in order to take on new business; or
  • We have obtained your prior consent.

Provision of services.

  • To comply with a legal obligation; or
  • Necessary in connection with an engagement letter or other contract that you have entered into with Marwyn; or
  • We have a legitimate interest in order to provide services to you; or
  • We have obtained your prior consent.

 

Processing purpose

Legal basis for processing

Audit, compliance or other risk management procedures.
  • To comply with a legal obligation; or
  • We have a legitimate interest in order to manage the risks to which we are exposed.
Recruitment.
  • To comply with a legal obligation; or
  • We have a legitimate interest in order to carry out recruitment; or
  • We have obtained your prior consent.
Providing physical access to our premises or electronic access to our systems.
  • To comply with a legal obligation; or
  • Necessary in connection with an engagement letter or other contract that you have entered into with Marwyn; or
  • We have a legitimate interest in order to ensure the physical and electronic security of our business, premises and assets; or
  • We have obtained your prior consent.

We may process your Personal Data for more than one lawful ground depending on the specific purposes for which we are using your Personal Data. Please contact us if you require details about the specific legal ground we are relying on to process your Personal Data where more than one ground has been set out in the above table. 

We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please contact us if you require an explanation as to how the processing for the new purpose is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.

3. Disclosure of Personal Data within the Marwyn Group and to third parties

We may disclose your Personal Data to other entities within the Marwyn Group for legitimate business purposes, in accordance with applicable law. In addition, we may disclose your Personal Data to:

  • Clients and their professional advisors;
  • Third parties (for example, banking institutions) who provide services to Marwyn’s clients;
  • Service providers to Marwyn (for example, auditors, legal counsel, IT providers);
  • Governmental, legal, regulatory or similar authorities upon request; and
  • Other parties, if required to comply with legal or regulatory requirements

4. International transfers

In processing your Personal Data, it will sometimes be necessary for us to transfer your Personal Data outside the UK to our staff or third parties such as overseas advisors or service providers. It may also be accessed by staff operating outside the UK who work for us or for one of our suppliers. This includes people engaged in, among other things, the provision of support services to us. We will only transfer your Personal Data outside of the UK in accordance with Data Protection Legislation. We may enter into contracts with entities based outside the UK where this is required by Data Protection Legislation and a copy of such contracts will be available to you on written request to the email provided in the contact details below (subject to certain redactions where necessary for confidentiality purposes).

5. Data security

We have implemented appropriate security measures designed to protect your Personal Data. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6. Data accuracy

We take reasonable steps designed to ensure the Personal Data we process is up to date and you should inform us of any changes to your Personal Data.

Where we need to collect your Personal Data by law, or under the terms of a contract we have with you, and you fail to provide that data where requested, we may not be able to perform the contract we have or are trying to enter into with you. In that case, we may have to cancel the service you have with us but we will notify you if this is the case at the time.

7. Data retention

We take reasonable steps to only retain hard and/or electronic copies of your Personal Data for as long as necessary in connection with the lawful purposes set out in this policy and for the duration required under applicable law, regulatory, tax, accounting or other requirements. Once the retention periods have concluded, we will permanently delete or destroy the relevant Personal Data, archive it so that it is beyond use, or anonymise it. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

8. Your legal rights

i. The right of access to obtain a copy of your Personal Data held by Marwyn;

ii. The right to have inaccurate Personal Data rectified, or completed if it is incomplete;

iii. The right to have your Personal Data erased, unless the data is necessary for Marwyn to comply with a legal or regulatory obligation, or for the establishment, exercise or defence of legal claims;

iv. The right to request the restriction or suppression of your Personal Data;

v. The right to data portability in order for you to obtain and reuse your Personal Data for your own purposes across different services;

vi. The right to object to the processing of your Personal Data, unless there are compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual; or the processing is for the establishment, exercise or defence of legal claims;

vii. The right to withdraw your consent to the processing of your Personal Data at any time, where this is the sole legal basis for the processing; and

viii. The right to lodge complaints with the UK Information Commissioner’s Office regarding our processing of your Personal Data.

9. Fees

You will not have to pay a fee to access your Personal Data (or to exercise any of your other rights) however, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

10. What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to access any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to your request to speed up our response.

11. Contact details

The Marwyn Group’s data controllers are Marwyn Investment Management LLP, Marwyn Capital LLP and Marwyn Partners Limited in the UK and Marwyn Jersey Limited in Jersey.

If you have any comments, questions or concerns about any information in this policy, or any other issues relating to the processing of Personal Data by the Marwyn Group, please contact your regular Marwyn contact or Marwyn-Enquiries@marwyn.com.