Privacy
Privacy laws have changed to give individuals more protection and rights in terms of how their personal information is collected and used.
It is one of our fundamental responsibilities as an investment and wealth management business to ensure that we protect the information provided to us by our clients, prospective clients and our website visitors.
About this policy
This privacy notice explains how Rathbones Investment Management Limited ("we", "our", "us") collects, uses and shares your personal data, and your rights in relation to the personal data we hold. This privacy notice concerns our processing of personal data for past, prospective and present clients of Rathbones Investment Management Limited ("you", "your").
Rathbones Investment Management Limited (a UK registered company, registered in England with company number 01448919).
For the purposes of data protection law, we are a data controller in respect of your personal data. We are responsible for ensuring that we use your personal data in compliance with data protection law.
For our International privacy notice The Rathbones Investment Management International privacy notice can be found here.
How do we gather and use your personal information?
We collect your personal information in a number of ways:
- this begins with any interactions we have before you become a client. Such examples include when you communicate with us over the phone, by letter, via email or the website, rathbones.com;
- from information you provide to us when you interact with us before becoming a client, for example when you contact us about our services;
- when you ask us to provide services to you and subsequently provide us with the necessary information;
- from third parties, for example when we carry out our routine checks on you before we can accept you as a client;
- where you provide us with personal data relating to others (e.g. your family members), we understand that you either have their consent or are entitled to provide this information to us for subsequent use; and
- in the other ways you interact with us during your time with us, for some of the reasons set out below.
What information do we collect about you?
We collect the following types of personal data about you:
- your name, and contact information such as address, email address and telephone number;
- your date of birth, national insurance number (or other tax identification number) due diligence information; and financial information.
We may also collect more sensitive personal data (“special category”) about you such as information concerning your health and medical conditions. Where necessary we will obtain your explicit consent to collect and process this information. We will ensure you are provided with clear information as to why this information is required and the purposes for which it will be used. For example, we may collect information concerning your health and medical conditions so that we can recommend suitable service(s) for you and continue to tailor them to meet your financial objectives.
Use of "Cookies"
By using our website, the online service or any other online facility or service provided by us, you acknowledge that we may:
- collect information about your computer or device (for example your IP address, operating system and browser type) for security purposes and to administer and monitor our online services; and/or
- use cookies and similar technologies (including those referred to in the Online Terms in relation to the online service) for security purposes, and where this is essential to provide you with services you have requested; and to monitor and personalise our online services.
The use of cookies are more fully set out in our Online Cookie Policy, which is available on our website.
How we use your information and our basis for processing that information
Performing a contract
We may process your personal data because it is necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract. Under these circumstances, we use your personal data for the following:
- to interact with you before you become a client, for example when you express your interest in our services (for example, to answer enquiries about our services);
- to gain a more complete understanding of your personal finances and investment objectives before you become a client so that we may provide the most suitable service(s) to you;
- once you have become a client, to provide you with the services as set out in our Terms of Business or any other contractual document (including, but not limited to, the provision of our online service in accordance with our Online Terms and including, where applicable, the processing of your sensitive personal data, for example where your health and/or medical details are relevant to the calculation of annuities, pensions or other benefits);
- to deal with any concerns or feedback you may have; and
- for any other purpose for which you provide us with your personal data.
Legitimate Interests
We may also process your personal data because it is necessary for our or a third party's (this is a person or organisation external to Rathbones) legitimate interests. Our "legitimate interests" include our commercial interests in operating our business (and the business of Rathbones Group Plc more generally) in a client focused, efficient and sustainable manner, in accordance with all applicable legal and regulatory requirements. In this respect, we may use your personal data for the following:
- to monitor and evaluate the performance and effectiveness of our services, including by training our staff or monitoring their performance, and for the monitoring of communications, as set out in the ‘Monitoring of communications’ section below;
- outsourcing selected 'back office' functions to third parties (for example, vendors of hosted software solutions or cloud storage providers) for the purposes of efficient, fast and secure access to information across Rathbones Group Plc;
- to seek advice on our rights and obligations, such as where we require our own legal advice;
- as part of a reorganisation, sale or negotiations for sale of all or part of our business;
- to follow up with you after you request information to see if we can provide any further assistance and for more general marketing purposes, including to inform you about events, send you our economic commentary and general interest articles, and to keep you informed (by letter, telephone, email and other electronic means) of services from us and other Rathbones Group Plc members, which we think may be of interest to you. If you do not wish to receive such information, please let us know now or at any time in the future, and your details will be removed from our mailing list(s). We will not provide your personal data (or sensitive personal data) to organisations other than members of the Rathbone Group to use for their own marketing purposes without your consent.
Compliance with our legal obligations
We may also process your personal data to comply with our legal obligations. In this respect, we may use your personal data for the following:
- to confirm your identity, carry out background checks and to confirm your credit history for anti-money laundering and 'know your client' purposes (including as part of our checks to prevent fraud and other crimes, or checks in advance of us providing a loan or any kind of credit to you). Such checks may be carried out before we begin to provide services to you, and we reserve the right to use your information to carry out further checks at any time while you are a client of ours.
Please note that we may use credit reference agencies to do this, which may record that a search has been made and share the fact of the search and results (including the information that we provide) with other organisations. Any use of your personal information by such agencies will be subject to those agencies' own privacy policies and terms of use, unless they are acting only on our behalf when processing your personal information:
- to fulfil our obligations under any reporting agreement entered into with any tax authority or revenue service(s) from time to time, including but not limited to HMRC and the US Internal Revenue Service (IRS), as is necessary for compliance with our legal obligations under UK or European law;
- in order to assist with investigations (including criminal investigations) carried out by the police and other competent authorities; or
- to meet our other compliance and regulatory obligations, including in order to comply with any requirement of any applicable statute, regulation, regulatory rule and good practice requirement to which we are subject.
Other Purposes
We may also process your personal data where:
- it is necessary to protect your or another person’s vital interests;
- it is necessary for the establishment, exercise or defence of legal claims (for example, to protect and defend our rights or property, and/or the rights or property of our clients, or of third parties, including where applicable relying on recordings or monitored observations from communications with you);
- we have your specific or, where necessary, explicit consent to do so.
Monitoring of communications
As a matter of course, Rathbones records and monitors the use of company communications equipment by its employees and other staff. This means that when you speak with your investment manager (or another member of our staff) by telephone, your calls may be recorded and/or monitored. In the same way, the content of email communications may be monitored for the following purposes:
- for training purposes, allowing us to improve the quality of our communications;
- as evidence of your instructions and to ensure that we are providing a high quality service to you;
- in pursuit of our legal obligations or in compliance with regulatory rules or requirements;
- for the establishment, exercise or defence of disputes or legal claims (where relevant); and
- for preventing or detecting crime (including fraud).
Disclosure of your information (when it may be shared with others)
In addition to sharing your personal data with other members of Rathbone Group Plc, we may also disclose your personal data:
- to any other organisations that we may engage to perform, or assist in the performance of, our services or to advise us, provided that they will only be given access to your personal data (including your sensitive personal data, where applicable) to perform such assistance, services or advice and not for other purposes. We shall aim to ensure that any such organisation undertakes to adopt appropriate security measures in respect of your personal data;
- to counterparties where disclosure is reasonably necessary for the purpose of effecting transactions in connection with our Terms of Business or any other contractual document or for establishing a dealing relationship with a view to such transactions;
- where we have your permission to reveal the information;
- to any 'connected person' as set out in our Terms of Business or any other contractual document, unless you expressly instruct us in writing to do otherwise;
- if you are a joint client, to the other client named in any relevant Terms of Business or any other contractual document;
- as part of a reorganisation, sale or negotiations for sale of all or part of our business (subject to appropriate security and confidentiality measures);
- in circumstances in which we are required or authorised by law (including, but not limited to, data protection legislation), court order, regulatory or governmental authorities to disclose your personal data; or
- where you are a beneficiary or policyholder in respect of a portfolio, fund or account which is legally owned by a third-party provider, to such third-party provider.
Transferring your information outside of Europe
We operate globally, and therefore your personal data may be transmitted to and processed outside of the UK in countries that do not provide the same level of data protection as the UK. Where we do so, we will put appropriate measures in place to ensure the adequate protection of your data when it is transferred outside of the European Economic Area ("EEA") and shall endeavour to ensure that any such contractual arrangements comply with the standards required by the UK Information Commissioner.
In these circumstances, your personal data will only be transferred on one of the following bases:
- the country or territory to which the transfer is made ensures an adequate level of protection;
- Rathbones and the recipient of the personal data have signed standard data protection clauses endorsed by the UK Information Commissioner. Where applicable, we may adopt approved model clauses between us and non-EEA parties; or
- there exists another situation where the transfer is permitted under applicable law (for example, where we have your explicit consent to make the transfer).
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA (including a copy of the standard contractual clauses which Rathbones has entered into with recipients of your personal information) by contacting us using the details set out below.
How long your information is kept
We will retain your personal data for as long as we are providing you with the services referred to in any relevant Terms of Business or any other contractual document, and for as long as permitted or required for legal, regulatory, fraud prevention and our legitimate business purposes (or those of Rathbones Group Plc) after the closure of your account, if the investment, advisory or banking relationship between you and us has terminated, or if your application for a particular service or services is declined or abandoned.
Your rights
Under data protection law you have the following rights:
- to obtain access to, and copies of, the personal data that we hold about you (this is commonly known as a ‘Data Subject Access Request' (DSAR));
- to require that we cease processing your personal data if the processing is causing you damage or distress;
- to require us not to send you marketing communications;
- to require us to correct the personal data we hold about you if it is incorrect;
- to require us to erase your personal data;
- to require us to restrict our data processing activities (and, where our processing is based on your consent, you may withdraw that consent, without affecting the lawfulness of our processing based on consent before its withdrawal);
- to receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and
- to require us to comply with your objection, to any of our particular processing activities where you feel this has a disproportionate impact on your rights.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
If you have given your consent and you wish to withdraw it, please contact us using the contact details set out below. Please note that where our processing of your personal data relies on your consent and where you then withdraw that consent, we may not be able to provide all or some aspects of our services to you and/or it may affect the provision of those services.
If you are not satisfied with how we are processing your personal data, you can raise a concern with the Information Commissioner. You can also find out more about your rights under data protection legislation from the Information Commissioner's Office website available at: www.ico.org.uk
Contact us
If you have any questions you would like to raise about how we process your Personal Data, you can contact our Data Protection Team by emailing dataprotection@rathbones.com or writing to our registered office: Data Protection Team, Rathbones Investment Management Limited, Port of Liverpool Building, Pier Head, Liverpool L3 1NW.
To comply with Article 27 of the GDPR, we have appointed a representative which can accept communications on behalf of Rathbones, in relation to personal data processing activities falling within the scope of the GDPR. If you wish to contact them, their details are as follows:
GDPR Representative:
Bird & Bird GDPR Representative Services SRL
Avenue Louise 235
1050 Bruxelles
Belgium
EURepresentative.Rathbones@twobirds.com
Key contact:
Vincent Rezzouk-Hammachi