WEBSITE PRIVACY NOTICE
Huxley Corporate Finance Ltd is committed to protecting and respecting your privacy.
Huxley Corporate Finance Limited are a Commercial Finance Broker. We are based in Tarporley, Cheshire and our registered business address is The Old Coach House, 32B High Street, Tarporley, Cheshire, CW6 0DX. Registered in England No. 07069918. Huxley Corporate Finance Limited is authorised and regulated by the Financial Conduct Authority. FCA No. 654160
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting our websites you are accepting and consenting to the practices described in this policy.
We operate under the Data Protection Act 2018 (‘DPA’) and the European General Data Protection Regulation (‘GDPR’)
For the purpose of the GDPR and DPA, the data controller is Huxley Corporate Finance Limited (Company Number 07069918 and ICO Registration Number Z2171109) The Old Coach House, 32B High Street, Tarporley, Cheshire, CW6 0DX. Telephone 01829 730062 www.huxleycf.co.uk
Data Protection Officer is Donna Evans – Telephone – 01829 730062. The DPO can be contacted at any time if you have queries about this privacy notice or wish to exercise any of the rights mentioned in it.
This Privacy notice explains how we process your information and your rights under both DPA and GDPR.
The DPA and GDPR apply to ‘personal data’ we process, and the data protection principles set out the main responsibilities we are responsible for.
We must ensure that personal data shall be:
a) processed lawfully, fairly and in a transparent manner;
b) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
c) adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d) accurate and where necessary kept up to date;
e) kept for no longer than is necessary for the purposes for which the personal data are processed. We operate a data retention policy that ensures we meet this obligation. We only retain personal data for the purposes for which it was collected and for a reasonable period thereafter where there is a legitimate business need or legal obligation to do so. For detail of our current retention policy contact our privacy officer at firstname.lastname@example.org
f) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
To meet our Data Protection obligations, we have established comprehensive and proportionate governance measures.
We ensure data protection compliance across the organisation through:
a) implementing appropriate technical and organisational measures including internal data protection policies, staff training, internal audits of processing activities, and reviews of internal HR policies.
b) maintaining relevant documentation on processing activities.
c) implementing measures that meet the principles of data protection by design and data protection by default including data minimisation, pseudonymisation, transparency, deploying the most up-to-date data security protocols and using data protection impact assessments across our organisation and in any third party arrangements.
The data we collect about you may include the following:
Personal data, or personal information, means any information about a individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
• your personal details (such as your name and/or address);
• details of contact we have had with you in relation to the provision, or the proposed provision, of our services;
• details of any services you have received from us;
• our correspondence and communications with you;
• information about any complaints and enquiries you make to us;
• information we receive from other sources, such as third parties and/or publicly available resources (for example, from Companies House).
How is your personal data collected
We use different methods to collect data from and about you including through:
Direct interactions. You may give us your Identity, Contact Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
Complete our enquiry form on our website or by telephone
Contact us by telephone or email to seek a quote; and
When you instruct us to provide services for you by telephone or email and you become our client.
Third Parties or publicly available sources. We may receive personal data about you from various third parties including Technical Data from analytics providers such as Google based outside of the EU.
How we may process your personal data we hold about you
We may process your personal data for purposes necessary for the performance of our contract with you and to comply with our legal obligations.
We may process your personal data for the purposes of our own legitimate interests provided that those interests do not override any of your own interests, rights and freedoms which require the protection of personal data. This includes processing for marketing, business development, statistical and management purposes.
We may process your personal data for certain additional purposes with your consent, and in these limited circumstances where your consent is required for the processing of your personal data then you have the right to withdraw your consent to processing for such specific purposes.
Please note that we may process your personal data for more than one lawful basis depending on the specific purpose for which we are using your data.
We may use your personal data in order to:
• carry out our obligations arising from any agreements entered into between you and us (which will most usually be for the provision of our services);
• provide you with information related to our services and our events and activities that you request from us or which we feel may interest you, provided you have consented to be contacted for such purposes; and
• notify you about any changes to our services.
If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Alternatively, we may be unable to comply with our legal or regulatory obligations.
We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.
We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.
When assessing what retention period is appropriate for your personal data, we take into consideration:
• the requirements of our business and the services provided;
• any statutory or legal obligations;
• the purposes for which we originally collected the personal data;
• the lawful grounds on which we based our processing;
• the types of personal data we have collected;
• the amount and categories of your personal data; and
• whether the purpose of the processing could reasonably be fulfilled by other means.
Change of purpose
Where we need to use your personal data for another reason, other than for the purpose for which we collected it, we will only use your personal data where that reason is compatible with the original purpose.
Should it be necessary to use your personal data for a new purpose, we will notify you and communicate the legal basis which allows us to do so before starting any new processing.
Why we may share your personal data with third parties?
We will share your personal data with third parties where we are required by law, where it is necessary for the performance of our contract with you, to administer the relationship between us or where we have another legitimate interest in doing so. In particular we will share your personal data with potential lenders and financial intuitions, as they clearly need to receive information about you and your transaction in order to give your application for finance proper consideration. All lenders we approach on your behalf have their own Privacy Policies which are designed to offer you the protection required by law and we anticipate that each lender we approach will provide you with a copy of or access to its Privacy Notice.
Which third-party service providers process my personal data?
“Third parties” includes third-party service providers. The following activities are carried out by third-party service providers: database hosting services, professional advisory services, administration services and marketing services.
All of our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal data. We only permit our third-party service providers to process your personal data for specified purposes and in accordance with our instructions.
Other third parties?
We may share your personal data with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal data with a regulator or to otherwise comply with the law.
Transferring personal data outside the United Kingdom (UK)
We will not transfer the personal data we collect about you outside of the UK.
Information we receive from other sources
We may combine this information with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above (depending on the types of information we receive).
How we store your data
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have
chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to features to try to prevent unauthorised access.
We have put in place commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
You have the right to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Under the GDPR You have the following specific rights in respect of the personal data we process:
This Privacy Statement explains who we are; the purposes for which we process personal data and our legitimate interests in so doing; the categories of data we process; third party disclosures; and details of any transfers of personal data outside the UK.
1. The right to be informed about how we use personal data.
2. The right of access to the personal data we hold. In most cases this will be free of charge and must be provided within one month of receipt.
3. The right to rectification where data are inaccurate or incomplete. In such cases we shall make any amendments or additions within one month of your request.
4. The right to erasure of personal data, but only in very specific circumstances, typically where the personal data are no longer necessary in relation to the purpose for which it was originally collected or processed; or, in certain cases where we have relied on consent to process the data, when that consent is withdrawn and there is no other legitimate reason for continuing to process that data; or when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
5. The right to restrict processing, for example while we are reviewing the accuracy or completeness of data, or deciding on whether any request for erasure is valid. In such cases we shall continue to store the data, but not further process it until such time as we have resolved the issue.
6. The right to data portability which, subject to a number of qualifying conditions, allows individuals to obtain and reuse their personal data for their own purposes across different services.
7. The right to object in cases where processing is based on legitimate interests, where our requirement to process the data is overridden by the rights of the individual concerned; or for the purposes of direct marketing (including profiling); or for processing for purposes of scientific / historical research and statistics, unless this is for necessary for the performance of a public interest task.
8. Rights in relation to automated decision making and profiling.
Please contact our data protection officer at firstname.lastname@example.org for more information about the GDPR and your rights under Data Protection law.
If you have a complaint about data protection at Huxley Corporate Finance Ltd contact our data protection officer at email@example.com
Alternatively contact our supervisory authority for data protection compliance (www.ico.org.uk):
27 Information Commissioner's Office
Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Cookies are pieces of information that a website transfers to your computer’s hard disk for record-keeping purposes. Cookies can make the internet more useful by storing information about your preferences on a particular site, such as your personal preference pages.
We Use the following Cookies:
_ga Analytics This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gid Analytics This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
-gat Performance This cookies is installed by Google Universal Analytics to throttle the request rate to limit the colllection of data on high traffic sites.
Last updated: April 2021