PRIVACY NOTICE
Share Registrars Limited - Privacy Notice
This Privacy Notice is issued by Share Registrars Limited, registered in England and Wales No. 4715037 and whose registered office is 27/28 Eastcastle Street. London W1W 8DH.
We understand how important your personal data is and are committed to protecting and respecting your privacy.
‘Personal Data’ means any information relating to or which identifies you. This can include items such as your name, address, phone number, identification numbers (such as a shareholder reference number or your national insurance number), location data or online identifiers. Personal data can be held electronically or in certain paper records.
The General Data Protection Regulation (GDPR) regulates the processing of personal data. The GDPR seeks to protect your rights to your personal data by setting out, amongst other things, the conditions under which the processing of personal data is lawful, the rights of data subjects and the standards that organisations handling personal data must adopt.
We are a ‘Data Processor’ and we use Personal Data in the obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transmitting or transferring Personal Data to third parties. We obtain personal data from ‘Data Controllers’ who are responsible for deciding how and why we hold and use personal data about you.
It is a legal requirement that a shareholder’s name, address and the number of shares held are made available on a Register of Members. We therefore hold your data to (i) maintain the Register of Members according to these legal requirements; (ii) undertake activities such as payments of dividends and (iii) to communicate with shareholders.
We are committed to keeping your data safe and always seek to use your data in ways you would expect. We also hold your data to ensure that we meet legal and regulatory requirements.
The personal data we hold may include the contents of our investor data-key, names, home addresses, shareholdings, share transactions, dividend payments, financial information and, where such personal data is provided by the shareholder to the Registrar, the email addresses, national insurance numbers, date of birth and bank account details of natural persons who are shareholders on the Company’s shareholder register in accordance with the applicable laws and regulations together with any web-registration passwords. Passport and driving licence details may also be held where required for verification of identity purposes.
We collect personal data in a variety of different ways:
Information you provide to us By using our website
By corresponding with us by post, phone, e-mail or otherwise; and
Application and registration forms/identification documentation
Information we collect about you when you use our services
Information about how you logged on and off of our website, including your IP address, information about your visit, your browsing history, your device information and how you use our website.
If you contact us electronically, we will collect details about the date and time of contact, and the contact details such as the call reference number and your telephone number;
Information we receive from third parties
As part of our identity and financial crime checking procedures with credit reference agencies, fraud detection agencies and registration or stockbroking industry exchanges as well as public information sources;
From third parties when you have instructed or agreed for them to pass information to us, such as:
• Your employer if you are subject to personal dealing reporting;
• Your broker, agent, Trustee or Investment Company and companies that introduce you to us;
• Where we as share registrar are informed of a change in details on the share register
Special types of data - The law and other regulations treat some types of personal information as special. We will only collect and use this information if the law allows us to do so. Special types of data are
• Criminal convictions and offences;
• Genetic and bio-metric data;
• Health data including gender;
• Racial or ethnic origin;
• Religious or philosophical beliefs; and Trade union membership.
Keeping your personal data up to date
It is important to us that the personal data we hold about you remains accurate and up to date at all times, but we need your help in doing this. Please help us by ensuring that you review the information held about you regularly and let us know as soon as anything needs updating or correcting.
Other people’s personal data
The information you give us or that we collect through your use of our services, may contain your or another person’s personal data. If you provide us with information about another person, you confirm that they have appointed you to act for them, they consent to you providing their personal data to us and any processing of their personal data and that you
have informed them of our identity and the purpose for which their personal data will be processed – as set out in this Privacy Notice.
In the below we demonstrate why and how we use your personal data as well as providing the legal reasons which we rely upon.
We use your personal data to manage and operate your account with us to facilitate the administration of your shareholding. This includes:
o Retaining records of your instructions and telephone calls and keeping your shareholder records up to date.
o Completing transactions that you instruct us to undertake, and any legal obligations we have in relation to the transactions.
o To provide you with dividends / certificates and notices.
o To respond to any complaints and / or data rights that you invoke.
o To notify you about changes to the way we manage our Register of Members, such as a corporate action.
o To keep our websites secure and permit you safe access to our services.
The legal reasons for this are to comply with legal requirements placed upon us, such as the Companies Act, Stock Exchange requirements and Financial Crime regulations, and our legitimate interests, such as the proper administration of our service and business.
If you choose not to give personal information
We need to collect personal information required by law or under the terms of service you have elected to use. If you choose not to give us the personal data we need, it can mean that we have to cancel or decline a service that you request or have with us. So that you know what information is optional, we make it clear at the time we collect your personal data.
Personal data will not be retained for longer than necessary for us to achieve the purpose for which we obtained your personal data. We will then either securely delete it or anonymise it so that it cannot be linked back to you. We review our retention periods for personal data on a regular basis.
We will retain personal data for the duration of your entry on the Register of Members for a period of up to 12 years following your last entry on the Register or completion of service e.g. payment of unclaimed dividends, to meet regulatory requirements.
We can keep your data for longer than 12 years if we cannot delete it for legal, regulatory or technical reasons. We can also keep it for research or statistical purposes. If we do, we will make sure that your privacy is protected and only use it for those purposes
The information we hold about you is confidential and we will only share your personal information to enable us to deliver the product(s) or service(s), examples are as follows:
o At your request, or with your consent or the consent of any party linked to your shareholding;
o Third parties including:
• Banks and other payment service providers to process your entitlements and payments;
• Printers in order to supply you with documentation and certificates;
• Insurance companies – where we need to provide details of your account when we make a claim;
• Stockbrokers and market makers who execute transactions on your behalf;
• Service suppliers to facilitate email, IT and administration services;
• Our professional advisors, for example, our lawyers and technology consultants, when they need it to provide advice to us;
• Your employer or agent(s), in accordance with any specific instructions you provide to us;
• Third party providers, for example, your solicitor, when you have requested their services;
• Credit reference agencies and fraud detection agencies as part of our identification procedures;
• Fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies, can be obtain by contacting Share Registrars Ltd; and
• Your Official Receiver or appointed insolvency practitioner if we receive notice of your insolvency, bankruptcy or insolvency proceedings / arrangement.
We will only transfer your personal information to trusted third parties who provide sufficient security guarantees and who demonstrate a commitment to compliance with applicable law and this policy. Where third parties are processing personal information on our behalf, they will be required to agree, by contractual means, to process the personal information in accordance with the applicable law. This contract will stipulate, amongst other things, that the third party and its representatives shall act only on our instructions, or as permitted by law.
We are also required to share your personal data with external third parties as follows (but not limited to):
o Regulators and supervisory authorities e.g. His Majesty’s Revenue and Customs (HMRC), domestic or foreign tax authority, the Department for Work and Pensions (DWP), Her Majesty’s Courts and Tribunals Service (the courts), Tax advisors, Credit Industry Fraud Avoidance System (Cifas); Financial Ombudsman Service (FOS), the London Stock Exchange plc or the operator of any market on which you may hold investments, as part of our legal obligations in providing the products / services;
o Where the law requires or permits disclosure, or there is a duty to the public to reveal it;
o When we need to defend or exercise our legal rights or those of a third party;
o Debt collecting, debt chasing or another agent for enforcing payment of monies owed to us;
o Efforts to trace you if we lose contact with you e.g. to reunite you with your assets;
o Police and other law enforcement agencies for the prevention and detection of crime and where a valid permission is applicable;
o As a result of a court order or other regulatory instruction;
o Our insurers and insurance brokers where required for underwriting our risks and as part of ongoing risk assessments;
Personal data may be shared outside of the European Economic Area (EEA) and the European Union (EU) and will be subject to Model Clauses recognised by the European Commission.
We understand how important your personal data is to you and we take its security very seriously.
We safeguard your personal data across all our computer systems, networks, websites and offices as much as possible through appropriate procedures and technical security measures (including strict encryption).
You must immediately inform us if you become aware, or suspect, that someone else has knowledge of your account details.
You have rights in respect of the personal data that we hold about you. They include the right to request a copy of the information that we hold about you, to know about any automated decisions that are made about you and to change your marketing preferences at any time. Details about all of your rights are provided below.
Some of these rights are conditional and depend upon why we are processing your personal data. This means that we cannot always be able to respond to your request in the way that you want. For example if you ask us to erase your personal data and we are processing the information because we are required to do so because of a legal requirement, we will not be able to delete your personal data.
Your right - The right to be informed about how we use your personal data.
Explanation - This Privacy Notice provides you with the details on how we use and process your data.
Your right - The right of access to a copy of any personal data process about you.
Explanation - If you request to see your personal data, your initial request will be free of charge; subsequent requests may attract an administration fee.
Your right - The right to request us to rectify or update it.
Explanation - This will be relevant where the personal data we hold is or has become inaccurate or incomplete.
Your right - The right to request us to erase your personal data in certain circumstances.
Explanation - The circumstances when erasure can apply include when we no longer need it to meet a lawful basis for processing.
Your right - The right to request us to restrict processing it.
Explanation - This request can be used to stop us processing your personal data.
Your right - The right to request a copy of your information for data portability purposes.
Explanation - In certain circumstances you have the right to instruct us to transmit that personal data to you or another data controller in a machine-readable format.
The right to object to us processing your personal data.
Explanation - You have a right to object to us processing your data where we are processing it for the purpose of legitimate interests. You have the right to withdraw your consent at any time. However, this will not affect the lawfulness of processing before the withdrawal.
Your right - Right to lodge a complaint with a supervisory authority.
Explanation - If you wish to raise a complaint on how we have handled your personal data, please contact our Data Protection team who will investigate the matter and report back to you. If you remain unsatisfied with our response, you are able to contact the Information Commissioner’s Office (ICO).
We review our use of your personal data regularly. In doing so, we can change what personal data we collect, how we keep it and what we do with it. As a result, we can change this Privacy Notice from time to time to keep it relevant and up to date.
Contacting Us
If you have any questions about our Privacy Policy or your information, or to exercise any of your rights as described in this Privacy Policy or under data protection laws, you can contact us as follows:
By post:
Peter Ronayne, Share Registrars Limited, 3 The Millennium Centre, Crosby Way, Farnham GU9 7XX
By email: