Effective Date: January 1, 2021
This Privacy Notice describes how Gelfand Rennert and Feldman UK Limited, doing business as Skeet Kaye Hopkins, (‘we’, ‘us’, and ‘our’) will collect, retain and use your personal data.
Personal Data Collection
In our role as data controller, we may obtain personal data about you from multiple sources, including information that you provide directly to us through our website (www.grfllp.com) (the ‘Website’) or information that you provide directly to us in relation to our services (e.g., accountancy, business management, tax or royalty services). We may provide further details about additional personal data we collect from you at the time of collection.
The personal data we collect about you may include:
- Contact Data. You may provide your contact details, such as your name, address, phone number, email address or other similar information.
- Device Information. We may obtain information about devices that access the Website, including the type of device, its operating system and the unique device identifier.
- Client or Prospective Client Information. If you are a client of ours, or a prospective client of ours, you may provide us personal data related to your client relationship or prospective client relationship with us. This information includes your identification information, family history, tax details, employment history, financial transaction history, investment history, information about your assets and liabilities, insurance policy information or other similar information. We may also obtain information about you from other sources in connection with providing you services, such as publicly available information, information provided by third parties and information from Gelfand, Rennert & Feldman, LLC, our affiliate.
- Other Information You Provide. This includes emails and other communications that you send us or otherwise contribute, such as answers to surveys or polls.
Personal Data Processing
We may process your personal data to:
- Contact you, transact with you, or respond to your comments, questions or requests;
- Provide services to you or to an entity that has engaged us to provide services on your behalf;
- Make recommendations of services to you;
- Provide you with information that you request or which we feel may interest you related to our services and our events and activities;
- Process payments;
- Facilitate, manage, personalize and improve our client and partner relationships;
- Seek your thoughts and opinions on our services;
- Prevent and address fraud, breach of policies or terms of business, and threats or harm;
- Ensure the security and integrity of the personal data we process; and
- Comply with legal requirements.
These processing activities are carried out according to the following legal bases:
- The processing is necessary for us to provide you with services as set forth in a contract we have with you or your employer, or prior to entering into a contract with you at your request.
- We have a legal obligation to process your personal data, such as to comply with a court order or binding law enforcement request.
- To protect your vital interests, or those of others.
- We have a legitimate interest in using your personal data. For example, we have a legitimate interest in the following cases: o To provide services to you or to the entity that has engaged us to provide the services.
- To market our services to you.
- To make recommendations of other service providers to you.
- To support the management of our client engagements.
- For statistical and management purposes.
- To evaluate and improve our services.
- If you have consented to the processing of your personal data. When you consent, you have the right to withdraw your consent at any time.
Disclosure of Personal Data
We may share your personal data:
- With those you have requested us to share information.
- With our affiliates, including Gelfand, Rennert & Feldman, LLC, when it is reasonably necessary or desirable, such as to provide services to you or to further develop our relationship with these entities.
- With third parties to whom we disclose information in the course of providing services to you or to the entity that has engaged us to provide the services.
- With third-party service providers and other entities who perform functions on our behalf. For example, services include IT and cloud services, accounting and tax services, professional advisory services, Human Resources administration services, marketing services and banking services.
- To abide by applicable law or protect rights and interests. For example, we may disclose personal data if we determine that such disclosure is reasonably necessary to comply with the law, protect our or others’ rights, or interests, or to prevent fraud or abuse.
- If we are involved in a business transaction, such as a reorganization, merger, acquisition or sale of some or all of our assets, including negotiations of such transaction.
Personal Data Transfers out of the European Economic Area (EEA)
We may transfer your personal data out of the EEA to provide services that you request such as when we provide your personal data to overseas promoters, booking agents, managers, accountants, lawyers, service providers and revenue authorities in relation to your overseas business activities, including an international tour or royalty examination. We also may transfer your personal data to Gelfand, Rennert & Feldman, LLC, our affiliate in the United States, for them to provide services to you and as part of our business relationship with them.
If we transfer your personal data out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal data protection, we will ensure there are measures in place to safeguard your personal data. We may transfer personal data in accordance with standard contractual clauses approved by the European Commission, which impose data protection obligations on the parties to the transfer. For further information on the mechanism(s) used to transfer your personal data, please contact us at email@example.com.
We maintain appropriate administrative, technical, physical and organisational safeguards designed to help protect personal data from unauthorised disclosure or access and accidental or unlawful destruction, loss or alteration. Although we use reasonable efforts to safeguard personal data, we cannot guarantee the security of personal data obtained or stored electronically.
We will store your personal data for no longer than is necessary for the performance of our obligations or to fulfil the purposes for which the information was collected, or as may be permitted under applicable law.
To determine the appropriate retention period, we consider:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data and whether we can achieve those purposes through other means;
- the lawful basis for the processing;
- the amount, nature and sensitivity of the personal data; and
- the potential risk of harm from unauthorised use or disclosure of the data.
Under our terms of engagement, we retain records for six years from the provision of our services or for six years from the end of the accounting/tax year to which the data relates. In other cases, we retain data until six years after our relationship with the data subject ceases to be active or relevant.
Unless otherwise required by applicable law, at the end of the retention period we will remove personal data from our systems and records.
Collection of Personal Information
Rights and Choices
You have the right to access personal data maintained about you by us and to impose certain limits on the use and disclosure of such personal data. Subject to certain conditions, you may request us to take the following actions in relation to your personal data that we hold:
- Provide you with information about our processing of your personal data and give you access to your personal data;
- Update or correct inaccuracies in your personal data;
- Delete your personal data;
- Transfer a machine-readable copy of your personal data to you or a third party of your choice;
- Restrict the processing of your personal data;
- Object to our processing of your personal data for direct marketing purposes; and/or
- Object to reliance on our legitimate interests as the basis for processing of your personal data.
You can submit these requests by email to our Data Protection Point of Contact at firstname.lastname@example.org. We may need to request specific information from you to help us confirm your identity prior to processing your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
We will provide you with appropriate opportunities to opt out of sharing your personal data as required by law, and will request opt-in consent prior to using personal data for a purpose other than the purpose for which it was originally collected.
For more information about your choices concerning opting out of online behavioural advertising, please visit http://www.youronlinechoices.eu/.
If you provided your consent to the processing of your personal data, you have the right to withdraw your consent at any time. To withdraw your consent, please contact us at email@example.com.
You also have the right to lodge a complaint with a supervisory authority. You can find iinformation about your data protection regulator at https://edpb.europa.eu/about-edpb/board/members_en.
Changes to this Notice
We reserve the right to modify this Privacy Notice at any time. Changes will be effective immediately upon posting of the revised Privacy Notice, as indicated by the ‘Last Updated’ date at the top of this page. In accordance with applicable law, we will seek your consent to material changes in how we process your personal data. We encourage you to periodically review this page for the latest information on our privacy practices.
Our Head of Privacy is our Data Protection Point of Contact and is responsible for assisting with enquiries in relation to this Notice and our processing of your personal data. You may contact our Head of Privacy at firstname.lastname@example.org or by telephone on 020 7430 9777.