Privacy Policy

Introduction

You will hopefully be very familiar with the General Data Protection Regulation or GDPR as it is more commonly referred to. Nevertheless, we would strongly encourage you to read this privacy policy (“this Policy”) and to be familiar with its contents. It explains how Hassium Asset Management LLP collects, uses and shares the information you provide to us and the information we collect about you in the course of operating our business (we refer to this as “Personal Data”).

In this Policy, references to Hassium or “we”, “us”, or “our” are references to Hassium Asset Management LLP. Our registered office is at Europa House Gerrards Cross, Marsham Way, Gerrards Cross SL9 8BQ, FCA Reg no: 458250.  We are supervised by the Financial Conduct Authority (“FCA”).

The Types of Personal Data We Process?

Expanding on what we have said above, Personal Data is any information that can be used to identify you or that can be linked to you and which we have in our possession or control. Due to the nature of the services we provide, the types of personal data we process can be exceptionally varied. It may include:

The information you provide to us:

  • Personal details (e.g. your name, date of birth, gender and employment details)
  • Contact details (e.g. your address, email, landline number and mobile number)
  • Information about your identity (e.g. your nationality, passport information, driver licence and National Insurance number)
  • Your bank details (e.g. your account name, number and sort code)
  • Details of trades you may have with other investment providers and which you provide us with or input into our system for comparison purposes

Information we collect about you:

  • Transactional information (e.g. details about your accounts, trades executed by you, payments made to and from your accounts but also information in relation to suspicious and unusual activities)
  • Communication records (e.g. emails and records of telephone conversations)
  • Publicly available information (e.g. information made available on websites such as LinkedIn)
  • Information from investigatory agencies (e.g. anti-money laundering reports, credit reports, external intelligence reports and other due diligence reports)
  • Risk rating information (e.g. credit risk rating and transactional behaviour)
  • Information gathered when you visit our websites. (For more information on this, please see our Cookie Policy below)

How We Collect Personal Data?

At various stages in our interaction with you or in relation to our dealings with you, we may collect Personal Data. These can include:

  • When you register with us online, subscribe to our services, fill in forms (whether physically or on our website), by corresponding with us (by telephone or email), or in any documents you provide us with
  • From cookies on our website (please see our Cookie Policy)
  • From feedback provided by you in relation to our services and/or website
  • From various third parties 
  • Our partners (e.g. individuals or companies who introduce you to us)
  • Our clients (e.g. if you are a third-party payee and we are making a payment to you)
  • Credit reference agencies
  • Fraud prevention agencies
  • Identity verification agencies
  • Government and law enforcement agencies (e.g. Companies House, HMRC and NCA)

How We Use Personal Data?

We use it to:

  • Provide investment management and related services to you or our client
  • Engage in marketing and business development activity in relation to our services
  • Discharge our legal and regulatory obligations
  • Establish, exercise or defend our legal rights or for the purpose of legal proceedings
  • Record and monitor your use of our websites or our other online services for business purposes which may include analysis of usage, measurement of site performance and generation of marketing reports
  • Share with a prospective buyer or seller in the event that we buy or sell any business or assets, or substantially all of our assets are acquired by a third party
  • Undertake legitimate business interests, such as business research and analysis, managing the operation of our websites and our business
  • Look into any complaints or queries you may have
  • Prevent and respond to actual or potential fraud or illegal activities

The basis for Processing Personal Data?

We will only process your Personal Data where we have a lawful basis for doing so. Our lawful basis will be one of more or the following:

  • Consent – if we have obtained your consent to use your Personal Data. You can withdraw your consent by contacting us at any time
  • Performance of a contract – we may need to collect and use your Personal Data for the performance of a contract to which you are a party or in order to take steps at your request prior to entering a contract
  • Legitimate interest – we may use your Personal Data as is necessary for the purposes of pursuing our legitimate interests (this includes carrying out the business of providing foreign exchange and related services and pursuing our general business interests)
  • Compliance with law or regulation – we may use your Personal Data as is necessary to comply with applicable law/regulation

Sharing Information with Third Parties

In providing services to our clients and in complying with our legal obligations, we may share your Personal Data, insofar as we are permitted by law to do so, with the following:

  • Third party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your Personal Data for the purposes described in this Policy. This may include IT service providers (e.g. providers of software as a service, data room and server providers and communications service providers)
  • Third parties relevant to the services we provide which may include our counterparties, other professional advisers, service providers, regulators, authorities, governmental institutions and stock exchanges; and/or
  • A designated third party to the extent that we are required by law, regulation or court order to disclose your Personal Data

Transmission and Keeping Your Information Safe

Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our website. Any transmission by you of your Personal Data is made at your own risk.

Once we have received your Personal Data, we will use strict procedures and security features, in line with the standards set out in the GDPR, to try to prevent unauthorised access.

How Long We Keep your Information

Whenever we collect your Personal Data, we will only keep it for as long as necessary for the purpose for which it was collected. This will vary and depend principally on:

  • The purpose for which we are using your Personal Data. For example, if we collect your Personal Data so that we can provide investment services to you, we will keep your Personal Data for as long as we continue to do so; and
  • Legal obligations – the laws and regulations to which we are subject, set minimum periods for which we have to keep your Personal Data. Again, by way of example, the Money Laundering Regulations 2017 and the Companies Act 2006, required us to hold your Personal Data up to a maximum of 6 years after our business relationship with you ends

In all cases, at the end of the relevant retention period, your Personal Data will either be deleted or anonymised to ensure that it can no longer identify you.

What Are Your Rights?

You have certain rights in relation to your Personal Data and we will use our best endeavours to respect any requests from you to exercise them.

Access: You may request access to your Personal Data by sending us a Subject Access Request (SAR). Once we have confirmed your identity, we will comply with your SAR free of charge within 30 days, unless we deem the request to be unfounded or excessive. In this case, we will contact you and explain why we have decided not to action your request.

Correction: You may request that we correct the Personal Data we hold on you when it is incorrect, out of date, or incomplete.

Erasure: You may request that we destroy, delete or discontinue using your Personal Data when it is no longer necessary for the purpose, we originally collected it (subject always to our legal or regulatory right to retain your Personal Data (explained above)).

Restriction: You may request that we stop processing your Personal Data when you contest its accuracy or the lawfulness of the processing.

Withdrawing Consent: Whenever you have given us your consent to use your Personal Data, you have the right to change your mind at any time and withdraw your consent.

Marketing: You have the right to stop our use of your information for direct marketing activities. To do so, all you need do is log on to Your Account and reset your marketing preferences.

Submitting a request

You can request to exercise these rights at any time by contacting us at info@hassium.co.uk

To protect the confidentiality of your information, we will always ask you to verify your identity before proceeding with any request you have made. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.