The privacy of your data is important to us. Our Privacy Notice describes how we collect and use personal information about you during and after your working relationship with us, in accordance with the data protection legislation (including but not limited to the General Data Protection Regulation (GDPR (Regulation (EEA) 2016/679) (the “GDPR”)). It applies to all clients, candidates, employees, workers, contractors, suppliers, referees and individuals utilising the services of Kennox Asset Management, including website users. We may update this policy from time to time and will make this available through our website. It is recommended that you regularly review our website so that you are aware of any updates made. To ensure we comply with our legal obligations we have detailed the following:
Information Collected and Processed Sharing Data Data outside of EU Data Retention Data Security Your Rights Making a Complaint and Contacting Us
Information Collected and Processed
Kennox Asset Management Ltd is a “Data Controller” and “Data Processor”. This means that we are accountable for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice. We will comply with the data protection law.
As such, the personal information we hold about you must be:
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes
- Relevant to the purposes we have told you about and limited only to those purposes
- Accurate and kept up to date
- Kept only as long as necessary for the purposes we have told you about
- Kept securely
We collect the following data:
personal data for employees of Kennox Asset Management; for recipients of our regular Fund emails: name, email addresses, job title, profession and (where applicable) business addresses/contact details (incl. telephone numbers); technical data for visitors to our website (IP address, browser type, time and location, operating system, usage data including information about duration, referring host and number of pages visited) including that captured by cookies (further information on cookies can be found on our website); individuals submitting unsolicited CVs for employment/trainee/internships availability; personal data for job applicants.
We will only use your personal information in compliance with GDPR. Most commonly, we will use your personal information in the following circumstances:
- Where we need to perform the contract that we have entered with you
- Where we need to comply with a legal obligation
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
We do not collect any sensitive personal data or special categories of personal data about any individual.
We do not share your personal information with third parties. The only time when we would share your data would be in circumstances where we are lawfully required to do so (including for regulatory purposes) or where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so and where your rights are not affected.
Transferring Data Outside of the EEA
In order to perform our services to you, it may be required (although unlikely) to transfer your data outside of the EEA. Any data that is transferred out with the EEA we will take steps to ensure that the country is compliant with data protection legislation and there are appropriate means in place to safeguard your data.
Retention of Data
We keep data according to our retention procedures. Retention periods are determined by the nature of the information and are in line with good practice recommendations.
At Kennox we have taken appropriate steps to secure the personal data it collects and stores. We will use reasonable endeavours to protect the data from unauthorised access (and/or disclosure). Kennox cannot guarantee the security of any data it collects and stores. Any personal data breaches will be handled according to our data protection and cyber security policies. If legally required, Kennox will notify you and any applicable regulator of a data breach.
Changes in Personal Information
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Under certain circumstances, by law you have the right to:
Request access to your personal information (commonly known as a ” subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. Please contact Data Protection Manager at email@example.com
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground.
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Opting out of electronic communications We may use the information we’ve collected about you to send you news and monthly updates about our Fund via email channels. We won’t sell or otherwise provide your personal information to other organisations for marketing purposes. If you prefer not to receive any future marketing communications, you can remove your consent at any time by selecting unsubscribe from the marketing emails issued frequently by Peter Boyle or sending an email to firstname.lastname@example.org
Withdrawing consent In the limited and unlikely circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact email@example.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so by law.
Contact us to exercise your rights If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, please contact:
Data Protection Manager
23 Melville Street, Edinburgh, EH3 7PE
Making A Complaint
You have the right to make a complaint about anything regarding the processing, storage, retention of your data. We would hope to resolve any complaint internally and if you would like to lodge a complaint with us in the first instance please contact our Data Protection Manager at firstname.lastname@example.org
However, you also have the right to lodge a complaint at any time to the Information Commissioner (ICO) in respect of our processing of your personal data. Information can be found at www.ico.org.uk. If you have any queries regarding this policy please email our Data Protection Manager at email@example.com or write to: Data Protection Manager Kennox Asset Management 23 Melville Street, Edinburgh, EH3 7PE
Kennox Asset Management is authorised and regulated by the Financial Conduct Authority (FRN: 475658).
Company Number: SC302037.
When someone visits this site we collect standard internet log information and details of visitor behaviour patterns. For statistical purposes we collect information on website activity (such as the number of users who visit our website, the date and time of visits, the number of pages viewed, navigation patterns, what country and what systems users have used to access the site) through the use of ‘cookies’. This information on its own does not identify an individual but it does provide us with statistics that can be used to analyse and improve our website. A ‘cookie’ is a packet of information that allows the server (the computer that houses the website) to identify and interact more effectively with your computer. When you use our website, we send your computer a cookie that gives you a unique identification number. A different identification number is sent each time you use our website. The cookie does not identify individual users, although it does identify a user’s browser type and your Internet Service Provider (ISP). Cookies assigned by this site expire 31 days after use. This means it no longer exists on your computer and therefore it cannot be used for further identification or access to your computer. If your browser preferences allow it, you can configure your browser to accept all cookies, reject all cookies, or notify you when cookies are set. Each browser is different, so check the “Help” menu of your browser to learn about how to change your cookie preferences.