Privacy Policy - Misca Advisors

Misca Advisors Ltd. is a registered company in England and Wales (Company Number: 10699450)

Last Updated – May 2021

Data Protection Officer

Name: Rahzeb Chowdhury

Address: 20-22 Wenlock Road, London N1 7GU

The type of personal information we collect

We may collect, record and use your personal data in physical and electronic form, and will hold, use and otherwise process that data in line with the Data Protection Legislation and as set out in this statement.

When we provide services to you or our clients and perform due diligence checks in connection with our services (or discuss possible services we might provide), we will process personal data about you. We may also collect personal data from you when you use this Website.

We may process your data because:

• You give it to us (for example, in a form on our Website such as the contact us page)

• other people give it to us (for example, your employer or adviser, or third- party service providers that we use to help operate our business); or

• it is publicly available.

We may process personal data from you because we observe or infer that data about you from the way you interact with us or others. For example, to improve your experience of this Website and to make sure that it is working effectively. For example, we (or our service providers) may use cookies (small text files stored in a user’s browser) or Web beacons to collect personal data. Cookies used are in full compliance with GDPR. This includes a standard GDPR-compliant cookies policy for the website, which explains what cookies are, how cookies are used, what types of cookies the website uses, and how visitors can control their cookie preferences on the website.

The personal data we process may include your:

• Name, gender, age and date of birth;

• contact information, such as address, email, and mobile phone number;

• country of residence;

• lifestyle and social circumstances (for example, your hobbies);

• family circumstances (for example, your marital status and dependents);

• employment and education details (for example, the organisation you work for, your job title and your education details);

• financial and tax-related information (for example your income, investments and tax residency);

• postings or messages on any blogs, forums, platforms, wikis or social media applications and services that we provide (including with third parties);

• IP address, browser type and language, your access times;

• information in any complaints you make;

• details of how you use our products and services;

• details of how you like to interact with us, and other similar information relevant to our relationship.

If you choose not to provide, or object to us processing, the information, we may not be able to process your instructions or continue to provide some or all of our services to you or our client.

How we get personal information

• Directly. We obtain personal data directly from individuals in a variety of ways, including obtaining personal data from individuals who provide us with their business card(s), complete our online forms, subscribe to our newsletters and preference centre, register for webinars, attend meetings or events we host, visit our offices or for recruitment purposes. We may also obtain personal data directly when, for example, we are establishing a business relationship, performing professional services through a contract, or through our hosted software applications.

• Indirectly. We obtain personal data indirectly about individuals from a variety of sources, including recruitment services and our clients. We may attach personal data to our customer relationship management records to better understand and serve our business clients, subscribers and individuals, satisfy a legal obligation, or pursue our legitimate interests.

• Public sources — Personal data may be obtained from public registers (such as Companies House), news articles, sanctions lists, government intelligence and crime prevention agencies and internet searches.

• Social and professional networking sites — If you register or login to our websites using social media (e.g., LinkedIn, Google, or Twitter) to authenticate your identity and connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want shared with us.

• Business clients — Our business clients may engage us to perform professional services which involves sharing personal data they control as part of that engagement. For example, we will review payroll data as part of an audit and we often need to use personal data to provide global mobility and pension services. Our services may also include processing personal data under our clients’ control on our hosted software applications, which may be governed by different privacy terms, policies and notices.

• Recruitment services — We may obtain personal data about candidates from an employment agency, and other parties including former employers, and credit reference agencies.

What we use your information for

We aspire to be transparent when we collect and use personal data and tell you why we need it, which typically includes. We process information about you and/or your business to enable us provide our services to you or our clients, and to meet our legal or regulatory obligations. Some examples include:

• Providing professional advice and delivering reports related to our complete range of services. Our services may include reviewing client files for quality assurance purposes, which may involve processing personal data for the relevant client.

• Promoting our professional services, products and capabilities to existing and prospective business clients.

• Sending invitations and providing access to guests attending our events and webinars or our sponsored events.

• Personalising online landing pages and communications we think would be of interest based on your preferences

• Administering, maintaining and ensuring the security of our information systems, applications and websites.

• Authenticating registered users to certain areas of our sites.

• Seeking qualified candidates, and forwarding candidate career inquiries to our People team, which may be governed by different privacy terms and policies.

• Processing online requests, including responding to communications from individuals or requests for proposals and quotations.

• Complying with legal and regulatory obligations relating to anti-money laundering, terrorist financing, fraud and other forms of financial crime.

• Collecting health data to assess, monitor and control spread of infectious diseases and to provide a safe environment for our employees, clients and suppliers.

We may occasionally share personal data with trusted third parties to help us deliver efficient and quality services. These recipients are contractually bound to safeguard the data we entrust to them. We may engage with several or all of the following categories of recipients:

• Parties that support us as we provide our services (e.g., providers of telecommunication systems, mailroom support, IT system support, archiving services, document production services and cloud-based software services).

• Our professional advisers, including lawyers, auditors and insurers.

• A potential buyer, transferee, merger partner or seller and their advisers in connection with an actual or potential transfer or merger of part or all of our business or assets, or any associated rights or interests, or to acquire a business or enter into a merger with it.

• Payment services providers.

• Marketing services providers.

• Law enforcement or other government and regulatory agencies (e.g., HMRC) or to other third parties as required by, and in accordance with, applicable law or regulation.

• Health government bodies and external service providers (health, facilities, estate management) to assess, monitor and control the spread of infectious diseases.

• Recruitment services providers.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

• Contract – We may process personal data in order to perform our contractual obligations owed to (or to enter into a contract with) the relevant individuals.

• Consent – We may rely on your freely given consent at the time you provided your personal data to us. You can withdraw your consent by contacting:

Address: 20-22 Wenlock Road, London N1 7GU

E-mail: [email protected]

• Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced. These may include:

• Delivering services to our clients – To deliver the professional services our clients have engaged us to provide including information on new products and services.

• Direct marketing – To conduct and analyse our marketing activities. To deliver timely market insights and speciality knowledge including tailor-made online experience we believe is welcomed by our business clients, subscribers and individuals who have interacted with us.

• Monitor our IT systems – Prevent fraud or criminal activity and protect our IT systems.

• Corporate responsibility – Comply with our corporate and corporate social responsibility commitments.

• Legal obligations – We may process personal data in order to meet our legal and regulatory obligations or mandates.

• Public Interest – We may process personal data in order to perform a specific task in the public interest or in the exercise of official authority vested in us.

• Vital Interests – We may process personal data to protect the vital interests of the individual or another natural person.

How we store your personal information

Personal information is stored on secure servers in the United Kingdom. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable supervisory authority or regulator of a breach where we are legally required to do so

How long we keep your information for

We retain personal data to provide our services, stay in contact with you and to comply with applicable laws, regulations and professional obligations that we are subject to. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. No customer data is being stored by the website itself, except for as long as it takes for the information to be transmitted to Misca.

Your data protection rights

Under data protection law, you have rights including:

Your right to be informed – You have the right of what data is being collected about you, how it is being used, how long it is being kept, and whether it will be shared by any third parties.

Your right of access – You have the right to ask us for copies of your personal information.

Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.

Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

Your right to automated decision-making including profiling – You have the right to ask for details of our processing activities if you believe your data is being processed unlawfully

You are not required to pay any charge for exercising your rights.

If you wish to make a request, please contact us at:

Address: 20-22 Wenlock Road, London N1 7GU

E-mail: [email protected]

How we Protect Your Personal Information

We use a range of measures to ensure we keep your personal data secure, accurate and up to date. These include:

• administrative and technical controls to restrict access to personal data to a ‘need to know’ basis;

• technological security measures, including fire walls, encryption and anti- virus software

The transmission of data over the internet (including by e-mail) is never completely secure. So although we use appropriate measures to try to protect personal data, we cannot guarantee the security of data transmitted to us or by us.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at:

Address: 20-22 Wenlock Road, London N1 7GU

E-mail: [email protected]

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.