This notice applies to current and past clients of the Quantuma Group who are living individuals and to individuals who work for our clients, debtors or creditors of our clients, persons connected to a business relationship with our client or persons connected to disputes with or other matters involving our clients.  In each case it may involve you directly, or you may work for or be engaged by a person who falls into one of these categories.  References to you, your and yourself in this privacy notice are to either you as an individual or any organisation that you work for.

References to we, our, us or Group Firms in this privacy notice are to the Quantuma Group made up of Quantuma Advisory Ltd and each of its direct and indirect subsidiaries (current and/or future) and joint venture companies trading under the “Quantuma” brand.  Details of our main trading entities are in “Client Facing Entities in the Quantuma Group”.

We are committed to respecting your privacy. This notice is to explain how we may use personal information we collect before, during and after your relationship with us. This notice explains how we comply with the law on data protection and what your rights are.  

For the purposes of data protection whichever of the members of our Group, our insolvency practitioners and joint venture companies which are processing your personal information will be the controller of any of your personal information.

1. PERSONAL INFORMATION

When you interact with us in relation to our work for a client, you may provide us with or we may obtain personal information about you.  The information we may obtain includes: 

  • Contact details: such as name, title, addresses, telephone numbers, and personal email addresses;
  • Details of disputes: such as disputes you are involved in or connected to;
  • Details of contracts, transactions or business dealings: such as contracts, transactions or business dealings you are involved in or connected to;
  • Advice: such as details of the advice that you or your organisation require or receive;
  • Gender and date of birth;
  • Creditworthiness: such as credit history and credit ratings;
  • Identifiers: such as national insurance number, identity documents and other tax or governmental identifiers;
  • Financial information: such as bank accounts, payment details, receipt details and tax status;
  • Work history: such as employment, work and professional details and records (including job titles, work history, working hours, training records and professional memberships);
  • Personal history and information: such as hobbies, interests, marital status, family details, next of kin, dependants, beneficiaries and dietary requirements.
  • Advisors appointed by you: such as mortgage brokers, lawyers, financial advisors, surveyors;
  • Your usage of the IT systems we make available to visitors to our premises: for example our client internet and Wi-Fi facilities.
  • Details of correspondence and communications: such as correspondence you send and receive from us and details of any claims: this includes letters, emails, SMS, MMS and other electronic communication and may in some cases include audio recording of telephone conversations.
  • Your responses: for example to surveys, competitions and promotions: we keep records of any surveys you respond to or your entry into any competition or promotion we run.
  • Subscription information: for example when you subscribe to one of our blogs or other materials.
  • IP address information: your computer's IP address allows us to track your usage of our website.
  • Images and Audio: such as images in photographic or video form and audio recordings on our voicemail system; and
  • Assets: such as shareholdings, investments, resources, property and other assets.

If you are providing information regarding other individuals to us, it is your responsibility to ensure that you have the right to provide the information to us.
 

2. SPECIAL CATEGORIES OF PERSONAL INFORMATION

We do not generally collect, store and use the following “special categories” of more sensitive personal information regarding you:

  • information about your race or ethnicity, religious beliefs, sexual orientation and political opinions;
  • information about your trade union memberships;
  • information about your health, including any medical condition, health and sickness records, medical records and health professional information; and
  • biometric information about you, for example fingerprints, retina scans.

We may not collect all or any of the above types of special category information about you. In relation to the special category personal data that we do process we do so on the basis that:

 

  • the processing is necessary for reasons of substantial public interest, on a lawful basis; 
  • it is necessary for the establishment, exercise or defence of legal claims; 
  • it is necessary for the purposes of carrying out the obligations and exercising our or your rights in the field of employment and social security and social protection law; or
  • based on your explicit consent if required, although we do not currently rely on your consent as a basis for processing special category information about you. 

In the table below we refer to these as the “special category reasons for processing of your personal data”.

We will also generally do not collect, store and use any criminal records information in relation to you.  If we do collect any criminal records information, we do not currently rely on consent as a basis for processing criminal records information and will do so on the basis of complying with our legal obligations. 

Again if you are providing information regarding other individuals to us, it is your responsibility to ensure that you have the right to provide the information to us.
 

3. WHERE WE COLLECT YOUR INFORMATION FROM

We will collect personal information from a number of sources. These may include the following:

  • Directly from you: when you indicate that you may wish to attend an event, complete forms we provide to you, use our website, make a claim, make a complaint, provide money laundering information to us, contact us by phone, email or communicate with us directly in some other way.
  • From referrals and recommendations: usually given by other people who know you or have a working relationship with you.
  • Our website: provides us with information about how you use it and the devices that you use to connect to our website.
  • Providers of information: which may include professional bodies or trade associations, credit reference agencies, money laundering check provider, private investigators, Companies House, the Land Registry, LinkedIn and other web platforms.
  • Journalists or other investigators: they may provide us with details or make enquires about you or matters concerning you or ourselves.
  • Your employer or the organisation you work for: they may provide us with your name, position contact details and background information about you.
  • Our professional advisors: such as lawyers, accountants, financial advisors planning consultants, surveyors, consultants and other advisors. 
  • Your professional advisors: such as lawyers, accountants, financial advisors, planning consultants, surveyors, consultants and other advisors
  • The Government, local authorities or relevant regulators: to assist with investigations, for example the Information Commissioner's Office or applications to the local authority.
     

4. USES MADE OF THE INFORMATION

The table below describes the main purposes for which we process your personal information, the categories of your information involved and our lawful basis for being able to do this.  Which will apply will depend upon the nature of your relationship and interactions with us.

Purpose

Personal information used

Lawful basis

Performing client instructions

All the personal information we collect

We do this to perform our contract with clients

Undertaking client management, including engagement letters, billing and billing management

All the personal information we collect

We have a legitimate interest to properly manage our business
Management of payments on our client’s behalf

Management of payments on our client's behalf

All the personal information we collect

We do this to perform our contract with clients

Ensuring the security of our systems and information as well as client information

All the personal information we collect     We have a legitimate interest to manage the security of our systems
Perform credit checks Contact details and payment information We have a legitimate interest to ensure that we are likely to be paid for our services or products or that our client is likely to be paid for its services or products

To provide you with requested information

Contact details and services and products or other information that you have requested we provide to you or your organisation

To comply with any request made by you

Direct marketing and marketing events

Contact details and services and products that we have determined may be of interest to you or your organisation and/or in which you or your organisation may have previously expressed an interest or purchased or made a referral

We may ask for your consent to process your data for this purpose, you may revoke your consent at any point. Alternatively if you or your organisation has expressed an interest in, may have an interest in or has purchased or made a referral of similar services or products from us previously we may market similar products or services or hold marketing events as a legitimate interest in developing our business.  You have the right to opt out from such marketing at any time

Staff training

All the personal information we collect

We have a legitimate interest to train staff and improve the services we provide

To comply with our legal and regulatory obligations

All the personal information we collect    

To comply with any legal and regulatory obligations or requirements

To prevent and detect criminal or improper acts 

Your usage of our systems (including our extranets)

We have a legitimate interest to ensure that criminal acts are not committed using our systems or on our premises

To manage our relationship with you and to operate our business

All the personal information we collect

We have a legitimate interest to operate our business in an efficient way and to expand our business

To enter into and perform contracts with either yourself or the organisation that you represent

To establish, defend or bring legal claims

Deal with your queries or complaints, claims, legal disputes or raise queries, claims, legal disputes or complaints with you

All the personal information we collect

This may be necessary to perform a contract with a client

We have a legitimate interest to improve the services and/or products we provide

To defend, bring or establish legal claims

Business continuity

All the personal information we collect

We have a legitimate interest in making back-ups and providing for business continuity in the event of an occurrence which affects our ability to trade from one of our offices

Storage of records relating to you and also records relating to our business and work

All the personal information we collect To be able to manage and fulfil any client, we may have a legal obligation to do so and we also have a legitimate interest to keep proper records

For some of your personal information you may have a legal, contractual or other requirement or obligation for you to provide us with your personal information.  If you do not provide us with the requested personal information we may not be able to properly perform our contract with you or the organisation you represent or comply with legal obligations and we may have to terminate our relationship.  For other personal information you may not be under an obligation to provide it to us, but if you do not provide it then we may not be able to properly perform our arrangements with you or the organisation you represent.

Where you have given us your consent to use your personal information in a particular manner, you have the right to withdraw this consent at any time, which you may do by contacting us as described in the “Contacting us” section below.  We will generally only ask for your consent for direct marketing.
Please note however that the withdrawal of your consent will not affect any use of the data made before you withdrew your consent and we may still be entitled to hold and process the relevant personal information to the extent that we are entitled to do so on bases other than your consent.  Withdrawing consent may also have the same effects as not providing the information in the first place, for example we may no longer be able to provide marketing information to you.

We may anonymise and aggregate any of the personal information we hold (so that it does not directly identify you).  We may use anonymised and aggregated information for purposes that include testing our IT systems, research, data analysis, improving our site and developing new products and services.

5. WHO WE SHARE YOUR PERSONAL INFORMATION WITH

We may share personal information with the following parties:

  • Organisations in the same group as us: in relation to joint events or joint work.
  • Your professional advisors: such as lawyers, accountants, planning consultants and surveyors and other consultants and advisors
  • Our professional advisors: such as lawyers, accountants, planning consultants and surveyors and other consultants and advisors
  • Other organisations in our supply chain: so that they can contact you about any issues in the supply chain or where your personal information is relevant to a subcontractor or party above us in the supply chain.
  • Credit reference and other identification agencies: so that we can assess your creditworthiness and to verify your identity.  These agencies may retain a footprint that a search has been undertaken.
  • Third parties who ask for or want referrals: we may provide your details to a third party who is seeking services/products which are the same or similar to those that you provide.
  • Marketing and public relations companies: to help us to develop, carry out and assess marketing and PR campaigns 
  • Other service providers and advisors to us: such as companies that support our IT, help us analyse the data we hold, process payments, send communications to our customers, provide us with legal, property or financial advice and generally help us deliver our products and services to you or the organisation that you represent or for us to purchase them from you or the organisation you represent.
  • Information providers: which may include credit reference agencies, money laundering check provider, Companies House, the Land Registry.
  • Purchasers of our business: buyers or perspective buyers to whom we sell or negotiate to sell our business.
  • The Government, local authorities or relevant regulators: where we are required to do so by law or to assist with their investigations, for example the Information Commissioner’s Office in the UK.  .
  • Police, law enforcement agencies and security services: to assist with the investigation and prevention of crime and the protection of national security.

We also use Google Analytics which sets cookies to collect information about how visitors use our website.  We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited.  To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout
 

6. DIRECT MARKETING

Email, post and SMS marketing: from time to time, we may contact you by email, post or SMS with information about products or services or events we believe you may be interested in.

You can then let us know at any time that you do not wish to receive marketing messages by sending an email to us at marketing@quantuma.com or by using the by using the details set out in the “Contacting us” section below.  You can also unsubscribe from our marketing by clicking on the unsubscribe link in any marketing messages we send to you.

7. TRANSFERRING YOUR PERSONAL INFORMATION INTERNATIONALLY

Our global presence means that your personal data may be transferred to and stored across the Quantuma Group in connection with the purposes described in this privacy statement. Some of these jurisdictions require different levels of protection in respect of personal information and, in certain instances, the laws in those countries may be less protective than the jurisdiction you are typically resident in. Transfers of personal data to another jurisdiction will be only:

  • To a recipient in a country which provides an adequate level of protection for your personal protection; and/ or
  • Under an agreement which satisfies the requirements of the UK GDPR and the EU GDPR for transfer of personal data to data processors or data controllers in another jurisdiction to comply with the 

We also use a number of suppliers and service providers in connection with the operation of our business who may have access to the personal information that we process, e.g. IT suppliers when providing us with software support, or cloud services. In all cases, your personal information is handled and protected in accordance with data protection law.  Where we use cloud services, our data will generally be hosted within the UK or EU, those being the locations which offer the highest level of data protection regulation of all the regions in which we operate. Where any personal data is processed by suppliers outside the EEA in countries that the UK and/or the EU have not assessed as providing an adequate level of protection, we ensure that personal data is adequately protected in accordance with applicable data protection law, and in particular Article 46 of the UK GDPR and the EU GDPR, by using the EU approved model contract clauses to cover the transfer or by ensuring that the supplier has Binding Corporate Rules in place.

If you require more details on the arrangements for any of the above then please contact us using the details in the “Contacting us” section below.
 

8. HOW LONG DO WE KEEP PERSONAL INFORMATION FOR

We will keep your personal information for as long as is necessary for the purpose for which it has been obtained and then for as long as there is any risk of a potential claim, which will be dependent upon the limitation period for the particular type of claim.  We have set out below the main retention periods which will apply:  

  • For individual contacts at customers and suppliers this will be for as long as we continue to have a relationship with that customer or supplier and then for a period of 3 years afterwards.  
  • For marketing contacts it will generally be a period of 2 years after we were last in contact with you.
  • For website users it will generally be a period of 2 years after you used our website.
  • For individuals seeking information, making complaints or otherwise corresponding with us it will generally be 6.5 years.
  • For individuals attending an event it will generally be a period of 2 years after the event.

It is important to ensure that the personal information we hold about you is accurate and up-to-date, and you should let us know if anything changes, for example if you move position or work for a different organisation or change your phone number or email address you can contact us by using the details set out in the “Contacting us” section below.
 

9. SECURITY

We have numerous security measures in place to protect the loss, misuse and alteration of information under our control, such as passwords and firewalls. We cannot, however, guarantee that these measures are, or will remain, adequate. We do, however, take data security very seriously and will use all reasonable endeavours to protect the integrity and security of the personal information we collect about you.

10. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION

You have the following rights in relation to your personal information: 

  • the right to be informed about how your personal information is being used;
  • the right to access the personal information we hold about you; 
  • the right to request the correction of inaccurate personal information we hold about you; 
  • the right to request the erasure of your personal information in certain limited circumstances;
  • the right to restrict processing of your personal information where certain requirements are met; 
  • the right to object to the processing of your personal information;
  • the right to request that we transfer elements of your data either to you or another service provider; and
  • the right to object to certain automated decision making processes using your personal information. 

You should note that some of these rights, for example the right to require us to transfer your data to another service provider or the right to object to automated decision making, may not apply as they have specific requirements and exemptions which apply to them and they may not apply to personal information recorded and stored by us.  For example we do not use automated decision making in relation to your personal data.  However some have no conditions attached, so your right to withdraw consent or object to processing for direct marketing are absolute rights.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Whilst this privacy notice sets out a general summary of your legal rights in respect of personal information, this is a very complex area of law. More information about your legal rights can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public/.

To exercise any of the above rights, or if you have any questions relating to your rights, please contact us by using the details set out in the "Contacting us" section below.

If you are unhappy with the way we are using your personal information you can also complain to the UK Information Commissioner’s Office or your local data protection regulator. We are here to help and encourage you to contact us to resolve your complaint first.
 

11. CHANGES TO THIS NOTICE

We may update this privacy notice from time to time. When we change this notice in a material way, we will update the version date at the bottom of this notice. For significant changes to this notice we will try to give you reasonable notice unless we are prevented from doing so. Where required by law we will seek your consent to changes in the way we use your personal information.

12. CONTACTING US

In the event of any query or complaint in connection with the information we hold about you, please email dataprotection@quantuma.com. You may also contact us using one of the following postal addresses in “Client Facing Entities in the Quantuma Group”. 

13. CLIENT FACING ENTITIES WITHIN THE QUANTUMA GROUP

Quantuma Advisory Limited

 

High Holborn House
52-54 High Holborn
London,
C1V 6RL
England

Information Commissioners Office

https://ico.org.uk/make-a-complaint/

 

 

Quantuma Advisory Limited (Cyprus)

32 Stasikratous Street
4th Floor
1065 Nicosia
Cyprus

Office of the Commissioner for Personal Data Protection

P.O. Box. 23378, 1682, Nicosia, Cyprus

commisssioner@dataprotection.gov.cy

Quantuma Advisory Limited (Cayman Islands)

Suite N404,
Flagship Building
142 Seafarers Way
Georgetown
Grand Cayman
Cayman Islands

Data Protection Office

dpo@govmu.org

 

Quantuma Middle East Limited

 

 

 

 

Quantuma Middle East Limited,
Index Towers,
Office 2205, Level 22,East Entrance,
Al Mustaqbal Street,
Dubai International Financial Center,
Dubai, UAE

 

 

Commissioner of Data Protection’s Office

Dubai International Financial Centre Authority

Level 14, The Gate Building

commissioner@dp.difc.ae

Quantuma Advisory Limited (Mauritius)  

4th Floor Eagle House
15 A5 Wall Street
Cybercity
72201
Ebene
Mauritius

Data Protection Office

dpo@govmu.org