The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
The EU General Data Protection Regulation (GDPR) represents a significant change in the data protection compliance regime for data controllers and data processors. These revised regulations come into full effect from the 25th May 2018 and apply to all businesses within WH Ireland Group plc in both the UK and Isle of Man.
Further information on GDPR and the Principles and Rights can be obtained from the UK Information Commissioners website.
What action are WHIreland taking?
To meet the requirements under GDPR we have revised our client Privacy Notice to inform clients of how their personal rights will be applied to data held by WH Ireland Group plc. Please take the time to read the information below.
Privacy Notice: Corporate & Institutional Broking
WH Ireland Limited (“WHI”) is wholly owned by WH Ireland Group plc, the data controller.
WHI is committed to protecting your privacy.
This privacy notice explains how the Corporate and Institutional Broking Division of WHI uses any personal information we collect in connection with the services we provide.
What personal data do we collect?
We primarily collect information about individuals in the corporate client take on process, when conducting due diligence on corporate and institutional clients and individuals, and in the course of certain transactions.
Such personal data typically includes personal information and in some cases sensitive personal information, such as phone numbers, e-mail addresses and financial details, along with identification information such as date of birth, residential address and nationality. We may also hold personal information (including sensitive personal information) obtained through publicly available sources such as credit agencies, media publications and company registries. We are under a legal obligation to perform appropriate customer due diligence and in some circumstances enhanced due diligence checks when establishing a business relationship.
We have put in place appropriate security measures and safeguards to protect your personal data and ensure that our retention of your personal data is compliant with GDPR and all relevant UK legislation.
What is the legal basis for our processing your personal data?
The legal basis that we intend to use for the processing of your personal data is for our legitimate business interests in providing corporate and institutional broking services.
Why do we need to collect and use personal data?
The primary reasons that we collect and use your personal data are (i) to enable us to provide corporate and institutional broking services and (ii) for compliance with legal and regulatory obligations to which WHI is subject.
Who might we share personal data with?
We will only share personal data with specialists involved in the due diligence process, or with other parties reasonably involved in the execution of our business.
Where third parties are involved in processing personal data (for example for identity verification purposes), we have contracts in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing personal data and that they will only act in accordance with our written instructions.
Where it is necessary for personal data to be forwarded to a third party we will use appropriate security measures to protect the data in transit.
We may also forward personal data to third parties located abroad for the purposes described above. WHI will use appropriate safeguards as required by applicable law to ensure the integrity and security of your personal data when engaging such third parties. Third parties may be located in countries which do not provide the same level of protection as the laws within the European Economic Area. We will ensure that any such international transfers are in accordance with the General Data Protection Regulation (EU) 2016/679 or other relevant laws. You may contact us anytime using the contact details below if you would like further information.
We will not share personal data for marketing purposes with companies outside our group of companies/other companies.
How long do we keep hold of personal data?
In principle, personal data should not be held for longer than is required for our business. However, we are subject to regulatory requirements to retain certain data for specified minimum periods. In the majority of cases, once the regulatory retention periods have passed we will not retain your personal data.
Individuals have the right to request deletion of their personal data. We will comply with this request, subject to the restrictions of our regulatory obligations noted above.
Are you required to provide personal data?
As a general principle, you will provide us with your personal data entirely voluntarily. However, there are circumstances in which WHI cannot take action without certain of your personal data, for example because this personal data is required to process your instructions or orders, or to carry out necessary due diligence enquiries.
How can individuals access the information we hold about them?
Individuals have the right to request a copy of the information that we hold about them. If they would like a copy of some or all of your personal information he or she should email or write to us using the contact details noted below.
We have an obligation to ensure that personal information is accurate. Please ask us to correct or remove any information that you think is incorrect.
What can you do if you are unhappy with how personal data is processed?
You also have a right to lodge a complaint with the supervisory authority for data protection.
|Information Commissioner’s Office
0303 123 1113 (local rate)
How to contact us
You can write to the WHI Data Protection Officer at the address below:
|The Data Protection Officer
WH Ireland Limited
24 Martin Lane