What is personal information?
“Personal information” is any information relating to an identified or identifiable individual.
“Special category personal information” is personal information revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership, genetic and biometric data, or data concerning health, sex life or sexual orientation.
Who we are
“We”, “us”, “our” refers to IW Capital Ltd. When we collect, store and use personal information we are subject to the General Data Protection Regulation as the controller of that personal information.
Personal information we collect
We may collect and use the following personal information:
Personal information is required to provide services to you. If you do not provide personal information we ask for, it may delay or prevent us from being able to do so.
How we collect personal information
We will collect personal information directly from you in person, by telephone, text or e-mail and via our website.
We may also collect information from publicly accessible sources; or directly from a third party; or from a third party with your consent; from cookies on our website See our cookies policy on our website; via our IT systems, for example automated monitoring of our websites and other technical systems, such as our computer networks and connections, access control systems, communications systems, email and instant messaging systems;
How we use personal information
Under data protection law, we can only use your personal information if we have a lawful reason for doing so. This can be:
Our lawful reasons for using personal information
Use of special category personal information
The reasons listed above do not apply to special category personal information, which we will only process with your explicit consent.
Marketing or promotional communications
We may use your personal information to send you updates by e-mail, text message, telephone or post about our services.
We have a legitimate interest in processing your personal information for marketing or promotional purposes, so we usually do not need your consent. However, where consent is needed, we will ask for consent separately and clearly.
You have the right to opt out of receiving marketing or promotional communications from us at any time.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business.
How we share personal information
We will share personal information with:
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you. We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
Where we store personal information
Information may be kept at our offices, and those of our group companies, third party agencies, service providers, representatives and agents.
How long we retain personal information
We will retain your personal information while we are providing services to you.
After that, we will keep your personal information for as long as is necessary to respond to any questions, complaints or claims made by you or on your behalf; to show that we treated you fairly, and to keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy.
Transfer of personal information out of the EEA
We will not share your personal information outside the European Economic Area (EEA).
Your rights under data protection law
You have the following rights under data protection law:
If you would like to exercise any of your rights, please contact us.
How we keep personal information secure
We have appropriate security measures to prevent personal information from being lost or used or accessed unlawfully. Only those who have a genuine business need to access personal information can see it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. We also have procedures to deal with a suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to contact us
If you have any questions or concerns about use of personal information, please contact our Data Protection Officer by emailing firstname.lastname@example.org.
How to make a complaint
We hope that we will be able to resolve any questions or concerns you may have about use of your information.
The supervisory authority for data protection complaints in the UK is the Information Commissioner who may be contacted at their website: https://ico.org.uk/concerns, or by telephone on 0303 123 1113.