PRIVACY & SECURITY
Who Are We?
We are Renewable Connections Developments Limited (Company number 12351905) (‘Renewable Connections’).
Our address is Renewable Connections, Level 4, LDN:W, 3 Noble Street, London, EC2V 7EE.
Renewable Connections ICO registration number is ZB352939.
The person responsible for data protection and privacy for Renewable Connections is Michael Hughes.
What is this Policy about?
The purpose of this policy is to provide you with information of how we collect and process your personal data and the reasons for doing so. This policy also tells you how to raise concerns about our processing of your data and how to make complaints.
What personal data do we collect?
We may collect and process the following personal data about our customers:
- Full name and Title, including any previous names
- Photographic proof of identity (typically passports or photo driving licences)
- Proof of address (utility bill)
- Marital status
- Contact details such as postal address, residential address, email address and telephone numbers
- Tax information (Unique tax reference number and national insurance number)
- Information regarding your investment experience, wealth, source of funds and bank details
- Information regarding your knowledge of investment and types of transactions undertaken
- Employment history and salary details
- Marketing preferences which include the type of information you wish to receive and how.
- Information we learn from you such as requests, transactions, services provided or offered, any advice or recommendations made, a log of meetings, telephone recordings (where permitted and required for regulatory purposes) complaints and dissatisfaction notes, as well as email exchanges.
This list is not exhaustive and, from time to time, we may need to ask for additional information in order to satisfy our legal and regulatory obligations. Where this is required we will provide you with a reasonable explanation of why it is required unless we are prevented from doing so by law.
Where we hold personal data, we may sometimes do so pseudonomously. In other words, we may sometimes seek to anonymise your personal data by removing identifiers from it. We may do this where we are required to retain certain types of information for clients, such as, for example, the number of females and males employed, jobs created and average salaries paid. This type of statistical data is often required for ESG (Environmental, social and governance) investment purposes by clients to show value added investments made by the firm on behalf of its clients.
What about my browsing data?
In addition to the categories of personal data we may request and collect, we also collect data when you visit our website. The types of data we collect this way may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site as well as the types of products and services and searches you conduct on our site.
What about Cookies?
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Cookies used to collect information about how our visitors use our site.
We use this information to improve your experience.
What about my sensitive personal information?
Under the GDPR, your sensitive personal information (also known as Special Category data) is subject to additional protection. Special category data may include information regarding: Criminal convictions and offences, race, ethnicity, religious or philosophical beliefs, political opinions, sexual orientation, trade union membership and information about your health, genetic and biometric data.
As a general rule we do not collect any Special Category Data about you. However, we are required to request information relating to criminal convictions as part of our recruitment process for staff and contractors undertaking regulated activities and as such we require consent from the individual for this. If we are required by law to request any special category data from you, asides from the reasons mentioned above we will provide you with a reasonable explanation as to the nature and purpose for this request and obtain your consent. We would not be able to proceed without your consent unless there was a lawful reason for doing so.
How do we collect your personal data?
Typically, where we are required to obtain your personal data we will request it from you. However, we may also from time to time receive your personal data through intermediaries where you have authorised the sharing of your personal data with us. Intermediaries may include Accountants, Solicitors, Independent financial advisors, Tax advisors, Distribution companies and wealth managers who may be working on your behalf. Personal data may be provided to us via post, in person, email or via a specially created secure data room / platform. The data collection may be facilitated by way of completing an application form or questionnaire or by responding to information requests from us. We may also receive information from publicly available resources.
Why do we collect your personal data?
We only collect your personal data where we believe we have a legitimate business interest with you or we have a lawful purpose to do so. These reasons may include but may not be limited to circumstances where you:
- Are a shareholder in one of the companies to whom we have an administration and / or management agreement with;
- Consent to receiving communications from us;
- Have a contractual agreement with us;
- Request resources or marketing be sent to you; and
- Give us feedback or some other form or legitimate business interest with you.
How and why do we use your personal data?
Typically, we only use your data to be able to perform our duties under contracts we may have with you or where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at email@example.com
We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please email us at firstname.lastname@example.org if you need details about the specific legal ground we are relying on to process your personal data.
What about marketing communications?
You may receive marketing communications from us if you have:
- requested information from us or have a contractual agreement with us; or
- if you provided us with your details and have positively consented to us sending you marketing communications;
- or if you live within the vicinity of a project that we believe may be of interest to you as a local resident; and
- in each case, you have not opted out of receiving that marketing.
If you have given us your data we will get your express opt-in consent before we share your personal data with any third party for marketing purpose, you should be advised that consent is not infinitive and you can opt-out from receiving marketing communication from us at any time by emailing email@example.com .
Where you opt out of receiving our marketing communications, this will not apply to communication we make with you in relation to a legitimate business interest or lawful purposes, such as the performance of a contract we may have with you.
What if you decide to use my data for a different purpose?
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal grounds for this. We may process your personal data without your knowledge or consent only where this is required and permitted by law.
When will you share my personal data with others?
We may share your personal data with the parties set out below for legitimate business interests and lawful purposes, these may include but are not limited to:
- other companies in our group who provide IT and system administration services and undertake leadership reporting. Service providers who provide IT and system administration services.
- professional advisers including lawyers, bankers, auditors, tax advisors and insurers who provide consultancy, banking, legal, insurance, tax and accounting services.
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances which may include but is not limited to The Financial Conduct Authority.
- Fraud prevention agencies.
- Planning authorities
- Third parties to whom we sell, transfer, or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
What about sharing my data overseas?
We do not share or transfer your data outside of the United Kingdom or the European Economic Area (EEA).
Countries outside of the United Kingdom and European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so UK law has prohibited transfers of personal data to third countries unless the transfer meets certain criteria.
How secure is my personal data?
We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with data breaches in accordance with the UK GDPR (General Data protection regulation) and we will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will you keep my personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years for tax purposes and for at least five years after a client ceases to be a client under the UK money laundering regulations 2017.
In some circumstances we may pseudonymise your personal data for statistical purposes in which case we may use this information indefinitely without further notice to you.
What are my legal rights?
Under the UK GDPR and Data Protection Act 2018, you have certain rights in relation to your personal data. These include the right to:
- Request access to your personal data (Subject access request).
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
For further information visit or if you wish to exercise any of the rights set out above, please email us at firstname.lastname@example.org
You will not have to pay a fee to access your personal data (or to exercise any of your rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. In order to respond to a subject access request, we will need to confirm your identity as a security measure to safeguard you from your personal data from being disclosed to non-authorised third parties.
Please provide us with as much information as possible to enable us to comply with your request within an acceptable timeframe. We are required to respond to subject access requests where practically possible within 30 days and if this is not possible we will provide you with a reasonable explanation as to why this cannot be achieved.
What if I have a complaint or a query?
If you are not happy with any aspect of how we collect and use your data, please contact email@example.com and we will do our best to resolve your issue. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
What if I am concerned that the data you hold about me is inaccurate?
We will make all reasonable efforts to ensure the data we hold on you is accurate and up to date and to correct any inaccuracies that we become aware of. Please help us to comply with our obligations by letting us know of any changes in relation to the data we hold about you as it is very important that the information we hold about you is accurate and up to date. Please email firstname.lastname@example.org with any required updates or amendments.