Under the GDPR (General Data Protection Regulation) we control and/or process any personal information about you electronically using the following lawful bases – Contractual and Consent.
During the course of our normal business, we need to collect and use certain types of personal information ( including but not limited to name, address, contact information, email address, bank account details , Date of birth, identity documents like passport, driving license, educational qualifications, information to assess whether you may represent a politically exposed person or money laundering risk) about the people we deal with, such as current and past clients, owners of the business and their employees, vendors and others with whom we communicate. The basis for collection is by voluntarily consent by you and /or for performance of a contract with you.
This information is collected from the following sources
- Information you provide to us when you communicate to us either by electronic means (telephone/ email/ fax). In this respect we may record and store any such communication.
- From publicly available sources or from third parties who are credit rating agencies etc. when we need to conduct background checks about you
We do not collect any personal or identifiable information about our website users other than information provided by users voluntarily when completing forms on the website including but not limited to the contact details and email address on our website registration form.
We may use third party services such as Google Analytics to monitor the traffic on our website. These are to help process the information received by us for the purpose of allowing us to cater to our customer needsWe process your information in the following ways:
- To contact you to provide the information you searched for on our website or requested us when you completed the form
- To prepare a proposal for you for the services offered by us
- To prepare a Services Engagement Letter with you
- To perform the services as agreed with you
- To analyse the use of the website in order to improve our content and services;
- For any other purpose for which you provide us with your personal data
- For compliance to meet our compliance and regulatory obligations such as compliance with anti-money laundering laws and any request from tax authorities or any other Government body
We can confirm that:
- your personal data is treated with utmost care and all measures are taken to protect sensitive information
- we have specific procedures in handling personal information
- all staff who have access to personal information are aware of their responsibilities and have been appropriately trained and supervised
- we regularly review the work and performance of staff who handle personal information
- there is someone with specific responsibility for data protection in the organisation, Data Protection Officer (telephone +44 (0) 2920 660 181; email firstname.lastname@example.org)
- You have the right to request details of personal information that we hold about you. To do so please write to Nucleus Newport Limited, Severn House, Hazell Drive, Newport, Gwent, NP10 8FY
Data retention period: We will continue to hold your personal information as long as we have a lawful reason to do so.
Sharing your information: We will only share your information with our affiliates or employees who require the information to help us to deliver the services in the ordinary course of business. When this is outside of the European Economic Area (EEA), appropriate steps are included to ensure adequate protection of your data.Your individual rights
Under the GDPR your rights are as follows:
- the right to be informed;
- the right of access – to obtain the personal data that we hold about you;
- the right to rectification – to rectify the incorrect data we hold about you;
- the right to erasure – to erase the personal data we hold about you;
- the right to restrict processing – to restrict processing/ using the data we hold about you;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
We will handle subject access requests in accordance with the guidelines set out in GDPR. Data security and protection We ensure any personal information we hold are in secured form, and are stored and managed in compliance with GDPR regulations. Privacy Notice Policy Base: v.4.0 May 2018