Privacy

This Privacy Notice (“Notice”) explains how we collect, use, share and protect your personal data. Casson Capital Holdings Limited is committed to protecting and respecting your privacy. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Notice.

Definitions

As used in this Notice:

“controller”: an entity or person who determines the purposes and means of the processing of personal data.
“criminal convictions data”: personal data relating to criminal convictions and offences or related security measures.
“DPL”: the Data Protection (Bailiwick of Guernsey) Law, 2017.
“EEA”: the European Economic Area.
“EU GDPR”: the EU General Data Protection Regulation 2016/679.
“GDPR”: as applicable, the EU GDPR and/or the UK GDPR.
“personal data”: information from which it is possible to identify a natural person (an individual).
“processing”: anything done with personal data such as collection, recording, organisation, structuring, storage, retrieval, consultation, use, disclosure, alignment, restriction, erasure or destruction.
“processor”: a person or entity which processes personal data on behalf of the controller.
“sensitive personal data”: special category data, criminal convictions data, or any other information deemed sensitive under applicable law.
“special category data”: data about an individual’s race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, health, sexual life or orientation.
“UK”: the United Kingdom.
“UK GDPR”: the EU GDPR as it forms part of UK law under the European Union (Withdrawal) Act 2018, and as amended.

1. Who is the Controller of Your Personal Data?

We are Casson Capital Holdings Limited, registered in the Isle of Man with Company Number 131964C. For the purposes of data privacy legislation, we will be acting as the “controller”.

This Notice describes the processing of personal data by us and our authorised agents, subcontractors and processors.

2. What Information Do We Collect?

We collect personal data from a variety of sources, including:

2.1 Information you provide

Identity information: name, title, gender, nationality, date of birth, ID numbers.
Contact details: home/work address, phone numbers, email addresses.
Family details: place of birth, marital status.
Financial data: bank details, tax/social security numbers, wealth sources, assets.
Records of communications.
Employment/education history (e.g. job applications).
Information required under law (e.g. AML/KYC, FATCA, CRS).
Sensitive personal data where required by law (e.g. AML checks).

2.2 Information from other sources

Basic contact details.
Background checks (criminal record, credit history).
AML, PEP, sanctions checks.
Fraud enquiries.
Information from recruitment agents.

2.3 Information from website use

IP address, browser, operating system, time zone.
Visit information: URLs clicked, pages viewed, time spent, interactions.

3. How Is the Data Collected?

Directly from you (forms, contracts, correspondence).
From entities in which you hold an interest.
From legal/financial advisers.
From banks and financial institutions.
From credit reference agencies and AML databases.
From your use of our website.

4. How Is the Data Used?

We use data to:

Communicate with you in connection with business activities.
Conduct due diligence and credit checks.
Manage IT, legal, audit, risk, and accounting.
Monitor communications for quality, training, fraud prevention.
Disclose to lenders and financial institutions as necessary.
Detect and prevent financial crime and comply with AML regulations.
Liaise with regulators, tax authorities, and professional advisers.
Conduct business analysis and record keeping.

We do not make decisions about you based on automated processing.

5. On What Basis Is the Data Used?

To fulfil contracts with you.
To comply with legal/regulatory obligations.
To pursue our legitimate interests (e.g. risk management, business operations).
Occasionally with your consent.
Rarely, where it is needed in the public interest.

6. Is It Necessary to Provide Personal Data?

Yes, in many cases it is necessary to meet contractual, statutory or regulatory requirements. Refusal to provide certain information may affect our ability to do business with you.

7. Disclosure of Personal Data and Transfers Overseas

We may disclose data to:

Administrators, custodians, banks, lenders.
Service providers (including IT).
Professional advisers (tax, legal, compliance).
Regulators, courts, tax authorities, law enforcement.

Transfers outside the Isle of Man, UK or EEA are made in accordance with GDPR safeguards such as standard contractual clauses.

8. Retention of Personal Data

We retain your data for as long as required to:

Fulfil the purposes for which it was collected.
Meet legal or regulatory requirements.
Establish or defend legal rights.

We use appropriate technical and organisational measures to protect your data, but transmission over the internet is at your own risk.

9. Your Rights

You have the following rights (subject to applicable law):

Access: obtain a copy of your data.
Portability: request transfer of your data.
Correction: rectify inaccurate data.
Restriction: limit processing in certain cases.
Erasure: request deletion in some circumstances.
Objection: object to processing or withdraw consent.

You may also lodge complaints with your local supervisory authority.

10. Security

We maintain appropriate technical and organisational security measures to protect your personal data. In the event of a breach, we will notify you and the relevant regulator where legally required.

11. Contact

Questions, comments and requests regarding this Notice are welcomed.

office (at) cassoncap (dot) com

12. Changes to This Notice

We may amend this Notice from time to time at our discretion. Updates will be posted on our website.