This Privacy Notice tells you what to expect in relation to your personal information which is collected, handled, and processed by Gerald Edelman LLP.
Gerald Edelman LLP of 73 Cornhill, London EC3V 3QQ is a data controller and data processor.
We acknowledge and agree that any personal data of yours that we handle will be processed in accordance with all applicable data protection laws in force from time to time.
All of our staff, contractors, consultants, and partners are familiar with GDPR and their personal responsibilities. You may request to see our GDPR policy via email@example.com. All staff are trained on induction and every three years (or sooner if there is a major change in legislation).
The information we may collect and the legal basis for processing the data
We will collect personal data for a variety of purposes:
1. To enable us to provide a variety of professional services to our clients
Personal data may include financial or non-financial information necessary for us to provide our services. This may include contact details, payroll data, employee information, lists of shareholders, customers, and suppliers, tax identifiers, information about business activities, investments, financial interests, and any other relevant data.
The legal basis for holding the data is to enable us to carry out our contractual obligations.
2. To provide information to business contacts and potential clients
We may hold data to promote our services, provide technical updates, and host events.
Personal data may include contact details and notes of any meetings.
The legal basis for holding the data is having obtained consent.
We will seek to rely upon the consent you have given us to offer you our newsletters, similar content alerts, etc., and you have the option to opt out at any time.
3. To receive goods and services from our suppliers
We collect and process personal data about our suppliers, subcontractors, and individuals associated with them. The data is held to manage our relationship, to contract and receive services from them, and in some cases to provide professional services to our clients.
4. To carry out our obligations as an employer
We may hold personal data on our staff and partners, which is set out in the staff handbook.
The legal basis for holding the data is to enable us to perform our legal obligations.
How long do we hold the data?
We will retain the data for as long as is required for the purposes for which it was intended. This will reflect any legal or regulatory time limits, which is generally six years. Data is then deleted or destroyed.
How do we hold the information?
Personal data is held in a ‘live’ or archived format. Electronic data is stored on our databases or on cloud-based facilities in the UK.
Paper-based personal data is held in secure offices or if archived, held at secure third-party locations.
Reports download form
Gerald Edelman LLP will use the data provided in this form to provide you with relevant communications and to better understand how people interact with our website. You have the right to object to this processing or to opt-out of the communications we send to you at any time. If you opt in to receiving communications, we will use your information to keep in touch with you regularly and to provide updates via email. You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us.
Disclosure of your information
We may share your information with HM Revenue and Customs and other government agencies such as Companies House. We may also share your information with professional or legal advisers.
You have the right to ask for a copy of the information about you that we hold. If you would like to make a request for information please email firstname.lastname@example.org.
In addition to this right of access, you have the following rights: erasure, restriction of processing, objection, and data portability.
Retention of your data
Your data will be retained for no longer than is necessary and in accordance with our Data Retention Policy.
Withdrawal of consent
If you have provided us with your consent to process your data, for the purpose of using our services, you have the right to withdraw this at any time. In order to do so, you should contact us by emailing email@example.com.
We have a notification process in place for any breach.
If you have a concern about the way we are collecting or using your personal data, you should raise your concern with us in the first instance or directly to the Information Commissioners Office at https:\\ico.org.uk\concerns\.
Please address any questions, comments, and requests regarding our data processing practices to our GDPR administrator firstname.lastname@example.org.
Changes to the Privacy Notice
This Privacy Notice may be changed by us at any time and will reflect any future changes in legislation.