Privacy and Use Policy
Who We Are
This is the privacy statement of Yendall Hunter Limited.
Types of Information We Collect
If you are one of our clients, suppliers, a potential employee, work within one of our client or supplier organisations or you are a visitor to our website we may collect, use and store different types of personal information about you, which we have grouped together as follows:
| Types of Information | Description |
|---|---|
| Financial | Banking details including Bank name, account numbers, sort codes, international payment details to effect or receive payments and VAT details, details about payments to and from you. |
| Identity Data | ID information including your name, title, date of birth, gender, and National Insurance Number. |
| Contractual | Details about the services we provide to you or the services provided to us. |
| Professional Contact Details | Your name, title, and contact details (including your business address) |
| Communication Data | What we learn about you from letters, emails, and conversations between us. |
| Publically Available Data | Details about you that are publicly available, such as on Companies House or elsewhere on the internet. |
| Consensus Data | Any permissions, consents or preferences that you give us. |
| Usage Data | Information about how you use our website, products and services. |
| Marketing Data | Details about your preferences in receiving marketing communications from us and our third parties. |
How We Use Your Personal Information
In general terms, we collect and use personal information to:
- deliver our services and meet our legal responsibilities;
- run our business in an efficient and proper way, including managing financial administration, business capability, planning, communications, corporate governance and audit;
- carry out financial administration, including calculating and managing payments, benchmarking, calculating fees and interest and collecting and recovering money that is owed to us;
- conduct marketing and business development activities, including seeking new business, promoting our business and events management;
- verify your identity where this is required;
- contact you by post, email or telephone in the course of our professional relationship with you;
- understand your needs and how they may be met;
- maintain our records;
- process financial transactions;
- prevent and detect crime, fraud or corruption;
- receive the products or services you provide to us;
- establish, enforce and defend legal claims;
More specifically, the table below explains how we use your personal information and the reasons that we rely on in doing so. Where these reasons include legitimate interests, we explain what these legitimate interests are.
| What we use your information for | Our reasons | Our legitimate interests |
|---|---|---|
| To deliver our services To make and manage customer payments To manage fees, charges and interest due on customer accounts To collect and recover money that is owed to us | Contractual performance Legitimate interests Legal obligations | Being efficient about how we fulfil our legal and contractual duties Complying with regulations that apply to us |
| To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, tax compliance, corporate governance and audit | Legitimate interests Legal obligations Consent Contractual Performance | To manage credit control and debt recovery To bill for the services we provide and deal with funds transfers For financial reporting To manage complaints and claims To be efficient about how we manage our relationship with you and fulfil our responsibilities generally To improve our efficiency and provide clients with new or improved products and services |
| To undertake assessment of potential conflict checks and Anti Money Laundering Verifications. | Legitimate interests Legal obligations | Understanding whether we can act on behalf of a potential client Complying with regulations that apply to us |
| To receive the products or services you provide to us | Contractual performance Legal obligation Legitimate interests | To enjoy the benefit of the products and services we receive and to manage and administer any contract under which they are provided For firm management To maintain access and control records For incident/breach reporting, management and investigation |
| For procurement purposes, including supplier due diligence, background checks and the assessing of tenders To carry out credit checks | Legitimate interests | To carry out supplier due diligence To ensure our contracts provide us with best value To assess the financial worthiness and reliability of those with whom we deal |
| To establish, enforce and defend legal claims | Contractual performance Legitimate interests Our legal duties | To meet our contractual obligations to you or your organisation To ensure that we benefit from the terms of the contracts we have entered into and properly manage the risks and liabilities associated with them To comply with laws and regulations that apply to us |
| For marketing and business development activities, including seeking new business, promoting our business and events management | Consent Soft opt-in (i.e. where we have an existing relationship that allows us to send electronic marketing communications to you on an opt-out basis) Legitimate interests | To develop our relationship with you and others To attract new business To promote our business To hold events, such as seminars or corporate hospitality to promote our business and its services To seek your consent if we need it to contact you |
| To provide you with information you may ask for | Consent Legitimate interests | To fulfil enquires you might make of us |
Where we collect your personal information from
We may collect personal information about you (or your business) from the following sources:
- Data you give to us: when you email us, correspondence you send us, business cards or when you call us.
- Data we collect when you use our services: For example, payment and transaction data.
- Data from third parties: Publicly available resources (for example, the internet), companies that introduce you to us (for example recruitment agencies).
- Cookies (the About Cookies website which offers guidance for all modern browsers.)
Who we share your information with
We may share your personal information with the following third parties:
- Other companies associated with the engagements we undertake (for example, Counsel, Solicitors or other Consultants); and
- Our group companies, YH Holdings (UK) Limited, Yendall Hunter Corp. (USA) and Yendall Hunter (NZ) Limited (New Zealand) who act as processors for us;
- Our professional advisers including external accountants, insurance brokers and underwriters;
- Government and regulatory agencies as required; and
- Professional associations.
How we use your information to make automated decisions
We do not envisage taking any decisions about you based solely on automated processing (i.e. without human involvement), which have a legal or similarly significant effect on you.
If you choose not to give your personal information
If you choose not to give your personal information it may delay or prohibit us from meeting our obligations or lead us to cancelling the service you have with us.
How long we keep your personal information
Clients or individuals within client organisations
We will only retain your personal information as a client for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
In relation to matters in which we act for clients, we will retain client files and your personal information for 10 years. However, dependent on the jurisdiction of our engagements, this period may be longer. This means that we will retain those files (and your personal information within them) for a minimum period of 10 years from the date on which the matter on which you have instructed us has completed. The rules that apply to determine how long it is appropriate to hold records for particular matters can be complex and varied. If you wish to know how long we may hold your particular personal information as a record of a particular matter then please e-mail privacy@yendallhunter.com.
Suppliers or individuals within supplier organisations
Regarding our suppliers, we will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In general terms, we will hold your personal information for so long as you or the organisation for whom you work continue to provide us with products and services and for an additional period of 10 years thereafter.
If you use our website
Where we use your personal information for marketing purposes we will retain your personal information for so long as we have your consent to do so (where we use your personal information with your consent in order to send you marketing messages) or, in other cases, for so long as we have a legitimate business or commercial reason to do so (unless you ask us to stop).
Where you withdraw your consent to receiving marketing materials or otherwise ask us to stop marketing we will add your details to a suppression list which ensures that we remember not to contact you again.
For further information as to how to withdraw your consent or to ask us to stop other marketing activities please email us at privacy@yendallhunter.com.
If you withdraw your consent to receiving marketing materials or ask us to stop our marketing activities, we will still communicate with you for other purposes in the normal course of any other relationship we may have with you.
Where we hold your personal information internationally
We use a global cloud-based documents storage company to store your electronic information. Your information is stored internationally and it is protected under General Data Protection Regulation (“GDPR”). Dropbox, Inc. Privacy Policy can be found here:
https://www.dropbox.com/privacy2018
Dropbox, Inc. is an active participant in the EU-US Privacy Shield Framework.
In addition to Dropbox Inc., we store your information on our securely encrypted computers.
Your personal information may be processed by Yendall Hunter (NZ) Limited in New Zealand. There is an adequacy decision by the European Commission in respect of that country, meaning that it is deemed to provide an adequate level of protection for your personal information.
Your personal information may also be processed by Yendall Hunter Corp in the United States of America. We have put in place with Yendall Hunter Corp standard data protection clauses recognised by the EU Commission to protect that information. For further information, please contact us – see Contact information and further advice below.
Your rights
Under the General Data Protection Regulation (“GDPR”) you have the following rights:
Access to your information – You have the right to request a copy of the personal information about you that we hold.
Correcting your information – We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
Deletion of your information – You have the right to ask us to delete personal information about you where:
- You consider that we no longer require the information for the purposes for which it was obtained;
- We are using that information with your consent and you have withdrawn your consent – see Withdrawing consent to using your information below
- You have validly objected to our use of your personal information – see Objecting to how we may use your information below
- Our use of your personal information is contrary to law or our other legal obligations.
Objecting to how we may use your information – You have the right at any time to require us to stop using your personal information for direct marketing purposes. In addition, where we use your personal information to perform tasks carried out in the public interest or pursuant to the legitimate interests of us or a third party then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
Restricting how we may use your information – in some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where this is no longer a basis for using your personal information but you don’t want us to delete the data. Where this right to validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Portability – if we process personal information that you provide to us on the basis of consent or because it is necessary for the performance of a contract to which you are party, and in either case that processing is carried out by automated means, then you have the right to have that personal information transmitted to you in a machine-readable format. Where technically feasible, you also have the right to have that personal information transmitted directly to another controller.
Withdrawing consent using your information – Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Changes to our privacy statement
We keep this privacy statement under regular review and will place any updates on this website. Paper copies of the privacy statement may also be obtained by contacting us on our registered offices of 75 Park Lane, Croydon, Surrey, CR9 1XS, United Kingdom.
This privacy statement was last updated on 25th May 2018.
Contact information and further advice
If more information is required please contact:
Alternatively, please write us to:
Privacy
Yendall Hunter Limited
21 Lime Street
London EC3M 7HB
Complaints
We seek to resolve directly all complaints about how we handle personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office:
Online: https://ico.org.uk/global/contact-us/email/
By phone: 0303 123 1113
By post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.