JTW Consulting Group Limited (‘we’, ‘our’ or ‘us’) may process personal data about you, depending on the scope of your specific relationship with us. This processing of personal data is regulated under the General Data Protection Regulation (2016/679) (‘GDPR’) and the e-Privacy Directive (2002/58/EC), as entrenched in UK law under the Data Protection Act 2018 (‘DPA18’) and the Privacy and Electronic Communications Regulation (‘PECR’), respectively. We are responsible as a ‘controller’ of your personal data for the purposes of those laws.
This Privacy Notice applies to the following three circumstances:
1. personal data processed when you visit and use our website (“Website”)
2. personal data processed to service our potential and existing clients (“agents”)
3. personal data processed to service our potential and existing customers (“customers”).
We will comply with the principles set out in the DPA, which states that the personal data we hold about you must be:
● used lawfully, fairly and in a transparent way,
● collected only for valid purposes that we have clearly explained to you,
● relevant to the purposes we have told you about and limited only to those purposes,
● accurate and kept up-to-date,
● kept only as long as necessary for the purposes we have told you about, and
● kept securely.
Personal data means any information about an individual from which that person can be identified. It does not include data where your identity has been removed, such as anonymous data.
4.1 Personal data gathered from you
We acquire minimum personal data at this stage when you visit our website. The personal data we collect includes the following:
● Information about your computer or device, including browser type and settings,
● log data - the webpage you were visiting before you came to our site, pages you visit on our site, time spent on those pages, the information you search for on our site, IP address, access times/dates, and other statistics,
● history of interaction with our web pages, including traffic data relating to your internet connection and/or
● other personal data that does not directly identify you, such as actions taken on our website.
Providing your data is optional, but it may be necessary for certain services we offer and other processing activities, e.g., to access content or qualify your suitability as a new customer. In such cases, if you do not provide your personal data, we may be unable to provide you with the requested services.
As a business, any data solely connected to the legal enterprise is not personal data. However, we collect the following personal data on directors and ultimate beneficial owners that you provide to us at onboarding:
● name,
● email address,
● telephone number,
● address,
● nationality,
● date of birth,
● security credentials,
● professional data (through a CV), and
● identification documents (and their attached personal data).
When registering with us, we collect this personal data from the directors and ultimate beneficial owners.
We collect the following personal data that you provide to us throughout the business relationship:
● account activity, including payment instructions,
● communications with our staff, and
● usage of online portals.
We collect this personal data from you when:
● Communicate to our staff through any medium and
● access our online systems.
We collect the following personal data that you provide to us at onboarding:
● name,
● email address,
● telephone number,
● address,
● nationality,
● date of birth,
● security credentials, and
● identification documents (and their attached personal data).
We collect this personal data from you when registering for an account.
We collect the following personal data that you provide to us throughout the business relationship:
● account activity, including payment instructions,
● communications with our staff or our agents’ staff; and
● usage of online systems.
We collect this personal data from you when you:
● Communicate to our staff through any medium, and
● access the online systems directly or through one of our agents.
We do not collect or process personal data from other sources, and any personal data we collect, in the context of the website, is provided by you directly or indirectly.
We may receive personal data about you from other sources, where applicable. This information includes primarily legal and compliance checks.
We will add this information to the personal data we hold about you for the following purposes:
● to check fitness and probity,
● to check for possible fraudulent activity,
● to comply with our legal obligations, and
● to improve and personalise our service.
Please note that we will ask for your explicit consent before performing any credit search.
We may receive personal data about you from other sources, where applicable. This information includes primarily legal and compliance checks.
We will add this information to the personal data we hold about you for the following purposes:
● to check for possible fraudulent activity,
● comply with our legal obligations, and
● to improve and personalise our service.
Cookies are small text files placed on your computer or device by websites you visit or HTML-formatted emails you open. You can access our Cookies Policy on our website [insert link].
We use your personal data to:
● interact with you,
● to provide you with support services,
● to make it easy to navigate our website,
● to improve our website and our products, and
● to offer you content and services that might interest you.
We use your personal data as follows,
● where the processing is necessary to establish or administer our agreement with you:
● communicate with you regarding support services and provide you with critical service updates,
● allow you to register for our services,
● provide you with technical and customer support, and enable the provisioning of services; and
● determine the entity you are connecting from.
We may also use your personal data where processing is necessary to comply with our legal obligations, including responding to legal processes or lawful requests. Lastly, we may use your personal data where required by applicable law.
We collect personal data about your directors and ultimate beneficial owners for the following purposes:
● Onboarding,
● identify you and manage any accounts you hold with us,
● complying with regulations,
● process your contractual protected requests, and
● statistical analysis and behavioural analysis.
We may monitor and record communications such as emails and telephone calls for the following purposes:
● quality assurance,
● training,
● fraud prevention,
● gathering statistical data for management information, and
● compliance with relevant laws.
We collect personal data about you for the following purposes:
● onboarding,
● identify you and manage any accounts you hold with us,
● sending contract notes,
● complying with regulations,
● process your payment instructions, and
● statistical analysis and behavioural analysis.
We may monitor and record communications such as emails and telephone calls for the following purposes:
● quality assurance,
● training,
● fraud prevention,
● gathering statistical data for management information and
● compliance with relevant laws.
We may share your personal data with:
● our agents, depending on your requested products and services,
● contractors and service providers that help us perform day-to-day business functions,
● credit reference agents in accordance with our credit checking policy below,
● law enforcement agencies in connection with any investigation to help prevent unlawful activity,
● legal representatives and consultants in situations where expert advice and legal opinions are required, and/or
● processors that maintain our IT systems.
This data is never sold or passed on to other companies to market services not offered by us.
We collect and use personal data to provide you with a service or product you have requested, or, where necessary, to comply with a legal obligation. We may also collect and use personal data under our legitimate interest if your data protection rights do not override these interests. Additionally, we may collect and use personal data where you have consented. Where we ask for consent, you can withhold or revoke your consent by opting out.
We rely on the legal basis of ‘legitimate interest’ and ‘consent’ to market to you, considering the e-Privacy Directive and its requirements under consent.
We will keep your personal data in line with our Data Retention Policy. This allows us to perform the activities listed in this Privacy Notice. We will maintain your personal data throughout the lifecycle of the contract. We may need to keep your data for extended periods and retain personal data to comply with legal or regulatory requirements, such as to help us respond to complaints or prevent fraud and financial crime. If we are not required to retain the personal data, we will destroy, delete, or anonymise it at the point it is no longer required.
We store your personal data in a secure environment. We have appropriate security measures to prevent personal data from being lost, accessed, or used unauthorised, including encryption and other forms of security. We limit access to your personal data to those with a genuine business need to know it. Those processing your personal data will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Whilst we will use all reasonable efforts to secure your personal data, you acknowledge that the internet is not entirely secure in using the website. Therefore, we cannot guarantee the security or integrity of personal data that is transferred from you.
Your personal data may be transferred to and stored outside the UK or EEA. When we do this, we will ensure the recipient entity has appropriate protection and that the transfer is lawful through controls, such as Standard Contractual Clauses. We may need to transfer your data in this way to fulfil our contractual obligations to you, to fulfil a legal obligation and/or for our legitimate interests. In such instances, we will only share the personal data with those with the right to see the personal data.
We want to send agents information about products, services, and our business, which may be of interest to agents. Such information could be sent by post, email, or telephone.
We will ask whether you would like us to send you marketing messages on the first occasion that you provide any relevant contact information (i.e. on signing up with us). If you opt-in to receive such marketing from us, you can opt out at any time (see ‘13. What rights do you have?’ below for further information). If you have any queries about how to opt out or if you are receiving messages, you do not want, you can contact us using the details provided below.
We want to ensure you are fully aware of all your data protection rights.
The right to access – You have the right to request us for copies of your personal data and how we process the data.
The right to rectification – You have the right to request that we correct any personal data you believe is inaccurate. You also have the right to request we complete personal data you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data under certain conditions. If you enforce this right at the same time as you object to the processing, we will have to maintain basic identification data to ensure we do not contact you again.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data. If you do not want to be contacted for the purposes set out in this notice, we will stop processing your data.
The right to data portability – You have the right to request that we transfer the data collected to another organisation or directly to you under certain conditions.
If you make a request, we have one month to respond.
Occasionally, we may have other methods to unsubscribe (opt-out) from any direct marketing, including, for example, unsubscribe buttons or web links. If such are offered, please note that there may be some period after selecting to unsubscribe in which marketing may still be received while your request is being processed.
We may update or amend this Privacy Notice from time to time. You should check this Privacy Notice frequently to ensure you are aware of the most recent version that will apply each time you access this website. We will also attempt to notify users of any changes by:
● email if you have opted to receive emails and/or
● a notice on the website header.
If you have any questions about this Privacy Notice or the personal data we hold about you, please get in touch with us by:
Email – info@jtwconsult.co.uk
If you have any complaints about this Privacy Notice or the personal data we hold about you, please get in touch with us by reaching out to the above contact information.
If you are unsatisfied with our response, you can contact the Information Commissioners Office (ICO) by contacting:
Contact number: 0303 123 1113
Website: https://ico.org.uk/make-a-complaint/