The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
The EU General Data Protection Regulation (GDPR) represents a significant change in the data protection compliance regime for data controllers and data processors. These revised regulations come into full effect from the 25th May 2018 and apply to all businesses within WH Ireland Group plc in both the UK and Isle of Man.
Further information on GDPR and the Principles and Rights can be obtained from the UK Information Commissioners website.
What action are WHIreland taking?
To meet the requirements under GDPR we have revised our client Privacy Notice to inform clients of how their personal rights will be applied to data held by WH Ireland Group plc. Please take the time to read the information below.
Privacy Notice: Corporate & Institutional Broking
WHIreland is committed to protecting your personal information. WHIreland recognises that it is important for you to know how we deal with your personal information.
WH Ireland Limited (“WHI”) is wholly owned by WH Ireland Group PLC, and is registered as a data controller with the Information Commissioner’s Office (registration number: Z5442086).
This Privacy Notice contains important information about what personal details we collect; what we do with that information; who we may share it with and why; and your choices and rights when it comes to the personal information you have given us.
What personal data do we collect?
Such personal data typically includes personal information, such as phone numbers, e-mail addresses and financial details, along with identification information such as date of birth, residential address and nationality. We may also hold personal information obtained through publicly available sources such as credit agencies, media publications and company registries. We are under a legal obligation to perform appropriate customer due diligence and in some circumstances enhanced due diligence checks when establishing a business relationship.
We have put in place appropriate security measures and safeguards to protect your personal data and ensure that our retention of your personal data is compliant with GDPR and all relevant UK legislation.
What is the legal basis for our processing your personal data?
The legal basis that we intend to use for the processing of your personal data is for our legitimate business interests in providing corporate and institutional broking services.
Why do we need to collect and use personal data?
The primary reasons that we collect and use your personal data are (i) to enable us to provide corporate and institutional broking services and (ii) for compliance with legal and regulatory obligations to which WHI is subject.
Who might we share personal data with?
We will only share personal data with specialists involved in the due diligence process, or with other parties reasonably involved in the execution of our business.
Where third parties are involved in processing personal data (for example for identity verification purposes), we have contracts in place with them to ensure that the nature and purpose of the processing is clear, that they are subject to a duty of confidence in processing personal data and that they will only act in accordance with our written instructions.
Where it is necessary for personal data to be forwarded to a third party we will use appropriate security measures to protect the data in transit.
We may also forward personal data to third parties located in countries which do not provide the same level of protection as the laws within the European Economic Area for the purposes described above.
We will only ever share your information if we are satisfied that our partner organisations have sufficient data protection measures. The organisations receiving this information are not permitted to use your information for any purpose other than for the specific purpose that it was provided. We will never share your information for marketing purposes.
We will not use or disclose information collected about you otherwise than as described above unless the disclosure is:
- Required by law (e.g. HMRC Tax office),
- Required by law enforcement, credit and identity check agencies for the prevention and detection of crime,
- Required by our regulators or supervisory authority e.g. the Financial Conduct Authority (FCA), AIM, the Takeover Panel and the Information Commissioner’s Office for the UK (the ICO) etc,
- Authorised by law (e.g. to protect our interests or where we have a duty to the public to disclose); or
- With your consent.
WHI recognises how important the privacy of your personal information is to you and has arranged to store such information in a secure environment. Your personal information may be stored both in hard copy and/or electronically.
At all times your personal information is treated as confidential and sensitive. We restrict access to your information by maintaining login and password control on all computer systems and have in place secure, lockable filing cabinets to store hard copies of personal information.
How long do we keep hold of personal data?
We will keep your personal information only where it is necessary to provide you with our products or services while you are a client.
We may also keep your information after this period but only where required to meet our legal or regulatory obligations. The length of time we keep your information for these purposes will vary depending on the obligations we need to meet.
Once your information is no longer needed it will be securely and confidentially destroyed.
Are you required to provide personal data?
As a general principle, you will provide us with your personal data entirely voluntarily. However, there are circumstances in which WHI cannot take action without certain of your personal data, for example because this personal data is required to process your instructions or orders, or to carry out necessary due diligence enquiries.
You have certain rights under the Data Protection Act 1998 and the EU General Data Protection Regulations (GDPR), these are:
- The right to be informed via a Privacy Notice such as this.
- The right of access to any personal information WHI holds about yourself. To request a copy of this information you must make a Subject Access Request in writing, to the address above or by emailing Compliance@whirelandplc.com.
- The right of rectification, we must correct inaccurate or incomplete data within one month.
- The right to erasure. You have the right to have your personal data erased and to prevent processing unless we have a legal obligation to process your personal information.
- The right to restrict processing. You have the right to suppress processing. We can retain just enough information about you to ensure that the restriction is respected in future.
- The right to data portability. We can provide you with your personal data in a structured, commonly used, machine readable form when asked.
- The right to object. You can object to your personal data being used for profiling, direct marketing or research purposes.
Access to Your Personal Information
You may request details of the information we hold about you at any time, by contacting us on the following email address: Compliance@whirelandplc.com. You are generally entitled to access the information we hold about you unless there are certain legal reasons that prevent you from doing so. Where you are entitled to access, the time we require to give you access will depend on the type of information requested. We endeavour to respond to your request as soon as practical (within 30 calendar days) and we may also ask you to identify yourself to our satisfaction.
There are certain conditions under which we may refuse you access to your personal information, such as when your request may unreasonably impact upon another person’s right to privacy. If we refuse to give you access, we will tell you and provide reasons for our decision.
We will not charge a fee for making a request to access your personal information however we may charge a fee for accessing your personal information if your request creates additional administrative burdens. If a fee is applicable, we will disclose this to you prior to providing you with the information.
What can you do if you are unhappy with how personal data is processed?
|If you make a Subject Access Request and are dissatisfied with our response, you may have the right to complain to the Information Commissioners Office (“ICO”) and to seek judicial remedy. A detailed description of the ICO can be found at their website www.ico.org.uk or by contacting them at their address:
Information Commissioner’s Office
0303 123 1113 (local rate)
Changes to our Privacy Notice
We keep our Privacy Notice under regular review and we will place any updates on our web page. This Privacy Notice was last updated on 17 April 2019.
How to contact us
Please contact us if you have any questions about our Privacy Notice or information we hold about you.
You can write to the WHI Data Protection Officer at the address below:
|The Data Protection Officer
WH Ireland Limited
24 Martin Lane