Your trust is important to us. So we have compiled this Privacy Notice to explain how we collect, store and handle your personal data.
We know there's a lot of information here, but we want you to be fully informed about your rights, and how MD One Ventures Limited uses your data.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
MD ONE VENTURES LIMITED:
For the purpose of the General Data Protection Regulation (GDPR) and its predecessor legislation The Data Protection Act 1998 (the Act), MD One Ventures Limited is categorised as a data controller.
MD One Ventures Limited is an Appointed Representative of AQ1443 Limited (FRN 978496), a firm authorised and regulated by the Financial Conduct Authority. MD One Ventures Limited is Registered in England and Wales No. 14253378.
WHAT IS PERSONAL DATA?
Personal data, or personal information, means any information about an individual from which that person can be identified and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual.
It does not include data where the identity has been removed (anonymous data).
WHAT PERSONAL DATA DO WE COLLECT?
We may collect and process the following data about you:
· Your contact details, such as your name, address, telephone number and email address;
· Your date of birth, nationality, country of residence, employment status and tax identification number (i.e. National Insurance Number);
· Passport details, driving licence and utility bills;
· Details of the services you request from us;
· Any records held by financial crime prevention agencies, on the Electoral Register and by providers of utility services; and
· Details of your employment status, income and source of wealth.
In some cases, you are not obliged to provide any personal data to us, but if you have requested information or a service from us, we will not be able to provide it without certain information, such as your contact details. Before we can begin providing you with our services, we need to obtain certain information about you, so that we can verify your identity to meet our obligations under the Money Laundering Regulation 2017, Terrorist Financing and Transfer of Funds Regulations and any other applicable legislation and for the purposes of crime prevention and fraud prevention.
You are obliged to provide this information to us and if you do not provide it, we will be unable to provide you with our services.
WHEN DO WE COLLECT YOUR PERSONAL DATA?
· When you visit our website.
· When you sign up to our terms of business;
· When you engage with us on social media;
· When you contact us by any means with queries, complaints etc;
· When you've given a third party permission to share with us the information they hold about you.
· If you contact us, we may keep a record of that correspondence.
HOW WE USE YOUR PERSONAL DATA:
We use information held about you in the following ways:
· To undertake checks such as identification verification checks with fraud prevention agencies to enable us to comply with our anti-money laundering obligations and for the purposes of crime prevention and fraud prevention;
· To carry out our obligations arising from any contracts entered into between you and us;
· To notify you about changes to our service;
· To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes. You may opt out of receiving information at any time by notifying us.
If you wish to change how we use your data, you'll find details in the 'What are my rights?' section below.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you've asked for.
EXPLAINING THE LEGAL BASES WE RELY ON:
Data collected will be processed fairly and lawfully, and will only be processed where we comply with Article 6(1) of the GDPR. The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
· Consent Where you have given consent we can collect and process your data for one or more specific purposes.
· Contractual obligations In certain circumstances, we may need to process your personal data to provide the services under our contract with you.
· Legal compliance If the law requires us to, we may need to collect and process your data.
· Legitimate interest In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We may disclose your personal information to third parties:
· In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
· If MD One Ventures Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
· Our appointed auditors, accountants, lawyers and other professional advisers (e.g. compliance consultants), to the extent that they require access to the information in order to advise us;
· Fraud prevention agencies and other organisations to allow us to undertake the checks set out below. We will supply details of such agencies on request;
· If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and other agreements; or to protect the rights, property, or safety of MD One Ventures Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
· For the provision of services to you.
WHERE IS YOUR PERSONAL DATA STORED AND PROCESSED?
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
Whenever we collect or process your personal data, we'll only keep it for as long as is necessary for the purpose for which it was collected; including in order to:
· provide you with the services you have requested;
· comply with other laws, including for the period demanded by our tax authorities;
· in support of a claim or defence in court.
WHAT ARE YOUR RIGHTS OVER YOUR PERSONAL DATA?
The Act gives you rights about the information held about you. Your right of access can be exercised in accordance with the Act and is known as a Subject Access Request.
Right of Access:
You will have the right to obtain, on request, confirmation as to whether your personal data is being processed, together with the following information:
The purpose of processing your data;
· Information about the recipients of your data;
· Recipients or categories of recipient to whom the personal data will be disclosed (in particular third countries or international organisations);
· The right to lodge a complaint with a data protection authority;
· In cases of automated processing, details of profiling;
· Information about the sources of data.
Information must be provided to you within one month at no cost to you. However we have the right to refuse or charge a reasonable fee when a request is manifestly unfounded or excessive, particularly if it is repetitive.
Under the GDPR, you also have the following rights:
· Right to be informed;
· Right to rectification;
· Right to be forgotten (erasure);
· Right to restrict processing;
· Right to data portability;
· Right to object;
· The right not to be subject to automated decision-making, including profiling.
· You have the right to withdraw consent at any time. This must be provided in writing.
We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.
If you have any questions that haven't been covered, please contact our Data Protection Officer who will be pleased to help you:
Data Protection Officer
One Connaught Place