APCS Shareholder Services Europe Limited
Data Privacy Notice
The following data privacy notice explains the circumstances in which APCS Shareholder Services Europe Limited (APCS or Company) will collect personal data from you, why it is being collected, how we will use it and to whom we might disclose it if necessary.
The data controller
APCS is committed to complying with the EU General Data Protection Regulations (GDPR) and data protection regulations of jurisdictions in which we carry out operations for the protection of personal data as well as the principles of data security in the business. If you have questions about this privacy notice or how we use your personal data please contact our Data Protection Officer.
What data is being collected and processed?
If you become a shareholder in the Company we will collect, store and use elements of your personal data. The data is essential to accurately record your interest in the Company and to enable us to process any instructions or transactions that may affect your interest. By becoming a shareholder you are consenting to our collecting, holding and if necessary using this personal data.
To become a shareholder in the Company you will usually need to disclose the following;
• Title
• First name(s) surname
• Address (street, street number or house name, post code, city and country)
• Email address (If completing an online application)
• Bank details (Bank name, account number, account holder)
If we subsequently correspond with you (in written or electronic form) there will be a record of this correspondence. If we have telephonic contact a record may be kept for training purposes to improve our service.
Website Cookies
We do not use cookies on our website currently but this may change in the future. Cookies collect and store the following
• IP address of the accessing computer/device
• Date, time and duration of your visit
• Name and URL of the accessed page(s)
• Identification data of the browser and operating system used
• Website from which the data was accessed
• Name of your internet provider
If we do start to use cookies the information stored will differ as will the length of time the data is retained. The data will only be used to improve our internet presence and will then be deleted. We will not attempt to personally identify you from your IP address unless required as a matter of law or regulation or in order protect our rights.
For how long will data be stored?
As far as possible APCS will erase any personal data that is no longer necessary for the purpose for which it was collected and/or processed.
As a general rule we will use, maintain and update information whilst you are a shareholder and if you cease to be a shareholder we will retain the information for compliance with our general legal obligations and for the exercise or defence of any legal action.
Under GDPR you have a right to “block” or request the deletion or removal of personal data to prevent further processing (the “right to be forgotten”) Circumstances in which you can request the deletion or removal of personal data include
• Where the personal data is no longer necessary for the purpose for which it was collected or otherwise
• When you object to the processing and there is no overriding legitimate interest for continuing processing
• Where personal date was unlawfully processed (ie otherwise in breach of GDPR)
• Where the personal data has to be erased to comply with a legal obligation
• In cases where deletion is not possible due to legal, statutory or contractual retention periods, or if it requires disproportionate efforts or prejudices your legitimate interests the data will be blocked instead of deleted
Sharing of Data with other data controllers
APCS takes your privacy very seriously and the information we hold about you is confidential. We will only disclose information when
• You have given us permission
• It is necessary to obtain professional advice
• We or others need to prevent or investigate crime (e.g. to statutory authorities)
• The law permits or requires it
• Regulatory or governmental body requests or requires it even without your consent
Fraud Prevention
If you give us false or inaccurate information and fraud (in any form) is identified, details will be passed to the fraud prevention agencies. We and other organisations may also share access and use this information to prevent fraud and money laundering.
Protecting your privacy
We protect your personal data by restricting access to selected and trusted employees in the course of their duties. We review security of personal data on a regular basis.
Personal data is stored offline and any legitimate transfer is transmitted in secure format.
Breaches
If at any time we become aware that your personal data has been compromised or that a breach of our systems and controls has occurred which has an impact on the security of your data we will inform the Information Commissioner’s Office and you without delay.
Subject Access Requests
You have the right to request access to a copy of the personal information we hold about you this is known as a “Subject Access Request”. This information is provided to you free of charge, However, we can refuse to respond or charge a “reasonable fee” of (£20) when a request is manifestly unfounded, excessive or repetitive.
We will provide information in a structured, commonly used machine readable form such as a CSV file. This allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way.
If you wish to submit a Subject Access Request please do so in writing to our Date Protection Officer. We aim to respond in not more than one month from receipt of your request.
Rectifying or updating personal data
If you believe the personal data we hold about you is inaccurate or incomplete you have the right to rectification. Where possible we will contact any third party to whom we have disclosed legitimate data about you so that they can rectify their records.
We aim to respond in not more than one month from receipt of your request.
Withdrawing consent
You have the right to withdraw your consent for us to collect, process and store your data at any time. If you wish to withdraw your consent confirm this in writing to our Data Protection Officer.
Right to Complain
If you have a complaint about any aspect of data protection or if you feel your privacy has been breached by us we would like to hear from you. To help us to investigate your concerns as quickly as possible please contact our Data Protection Officer in writing. If you are unhappy with the final response you have received from the Company you have the right to complain to the supervisory authority, the Information Commissioner’s Office (ICO) within three months of the last meaningful contact you had with us. You can contact the ICO on +44 303 123 113 or by visiting their website: https//ico.org.uk.
Data Protection Officer
APCS Shareholder Services Europe Limited, 4th Floor, 59 Piccadilly, Manchester M1 2AQ
Copyright © 2021 APCS Shareholders Services - All Rights Reserved.