This Privacy Notice is issued by ArchOver Limited. We are committed to protecting and respecting your privacy. This Privacy Notice explains how we will use any Personal Data we collect from you when using a website or internet service owned and operated by ArchOver.
Why and on what basis do we process your personal data?
We ‘may’ collect and process personal information about you when you:
- contact us to enquire about any services we offer
- for the purpose of you entering into a contractual relationship with us and for the performance of that relationship
- if you contact us by telephone, email or via our website (chat services) for any other reason
- to perform our legal duties and obligations in respect to such activity as AML/KYC
The Personal Data we collect ‘may’ include:
- Individual details – name, address (including proof of address), other contact details, gender, marital status, date of birth, nationality etc.
- Identification details – identification numbers issued by government bodies or agencies including your national insurance number, passport number, and driving licence number
- Financial information – bank account details, and other relevant financial information as required for the delivery of our services
- Credit and anti-fraud data – credit history, credit score, sanctions and criminal offence and information from anti-fraud databases relating to you if relevant to providing our services to you
- Technical data - includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
The legal basis on which we process your Personal Data ‘may’ include:
- Where it is necessary for the performance of our contract with you or to take steps that you request prior to entering into a contract.
- Where necessary for compliance with a legal obligation to which we are subject, including to meet the requirements of any applicable regulatory authority
- Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests and fundamental rights and freedoms which require protection of personal data
- Where you have given consent to the processing of your special categories of Personal Data or criminal offence data for one or more specified purposes or where such processing is necessary for the establishment, exercise or defence of legal claims or necessary for reasons of substantial public interest.
Retention of your personal data
We will keep your Personal Data only for as long as is necessary and for the purpose(s) for which it was collected, following which it will be deleted. The period for which we keep your Personal Data will include any period which may be necessary for the performance of contractual relationships between us or where we are required to keep your Personal Data for legal or regulatory reasons. By law we have to keep basic information about our customers (including contact and identity details and financial details) for six years after they cease being customers for tax purposes. To determine the appropriate retention period for other personal data, we consider the amount, nature and sensitivity of your personal data, the purposes for which we process it and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Transfers of your data to third parties
We do not disclose your Personal Data to any third parties except as stated in this Privacy Notice, as otherwise permitted by law, or as authorised by you.
We may disclose your Personal Data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and its subsidiaries) insofar as reasonably necessary for the purposes set out in this Privacy Notice.
We may also disclose your Personal Data to other companies who provide services to us including data management, data processing to satisfy legal requirements, IT, email delivery, website hosting, auditing and other third party services, or in the event of any reorganisation, merger, sale or other transfer of all or part of our business. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
It may also be necessary for us to disclose your Personal Data to public or regulatory authorities in order for us to perform our contract with you or to comply with any legal or regulatory obligations to which we or you are subject.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
You can write/email us to obtain further details of the Personal Data we hold about you and the purposes for which we use it. Our contact details are as follows:
Data Protection Executive (DPE)
40 Gracechurch Street
Email: firstname.lastname@example.org or 0203 021 8100
You may also have the right to require us to:
- Provide you with a copy of the Personal Data you have provided to us
- Update any inaccuracies in the Personal Data we hold
- Delete any Personal Data that we no longer have a lawful ground to use
- Where processing is based on consent, to withdraw your consent to that particular processing
- Object to processing based on our legitimate interests unless our reasons for that processing outweigh any prejudice to your data protection rights
Any additional information or requests to exercise your rights should be made in writing to the above contact details.
Your right to complain
If you are not happy with our use of your Personal Data or our response to any request to exercise any of your rights mentioned above, you have the right to make a formal compliant to ArchOver where your complaint will be reviewed by the Data Protection Officer. If, after we have reviewed your compliant and you are still not happy you may complain to the Information Commissioner’s Office (ICO). The contact details of the ICO are:
Information Commissioner's Office
0303 123 1113
Updated: March 2019