Asper Investment Management Limited (“Asper”) respects the privacy of every individual whose personal information it handles. We are committed to respecting and protecting personal data and will process personal data provided to Asper only in accordance with applicable data protection and privacy laws.
Personal data includes information relating to natural persons who can be identified or who are identifiable, directly from the information in question or who can be indirectly identified from that information in combination with other information.
When this Statement mentions “company”, “we”, “us”, “our” all of those terms refer to Asper Investment Management Limited (company number: 10075247) with registered offices located at 24/25 The Shard, 32 London Bridge Street, London SE1 9SG.
This Statement is not an exhaustive description of how we process the personal information of natural persons. If you have any questions about this Statement, or our privacy related practices, please contact us at: firstname.lastname@example.org.
This Statement has been approved by the Board of Asper.
Data protection laws
Asper Investment Management processes data in line with UK laws and regulations; more specifically the General Data Protection Regulation.
This regulation became effective on 25 May 2018.
How do we collect personal information?
We will collect information from you when you interact with us in person, in writing, by telephone and by email. For example, when you are an actual or potential investor or an actual or potential business partner, advisor, consultant or supplier. If you email us your CV, or if you have a meeting with a representative of Asper and provide us with your business card, or if you visit our office where your image is recorded by the building’s CCTV systems operated for security purposes.
We may also receive information from other sources, such as third parties who collect personal information from you and pass it on to us. For example, where we conduct verification or antimoney laundering checks as part of our AML policies and procedures.
What types of personal information do we collect?
Personal information that we hold about you (including through our website) may include names, work addresses, email addresses, contact numbers, job title, employer organisation. Information required to verify your identity, for example passports, identification documents and proof of home address for anti-money laundering and Know Your Customer, references, background and other similar checks, or any other personal information that you provide to us.
Asper will take all reasonable steps to keep your personal information accurate and, where necessary, up-to-date. Please notify us at: email@example.com if you believe that any of the information Asper holds about you is incorrect.
Grounds for processing
To process your data lawfully we will use your information on one or more of the following grounds:
- you are a party to a contract and processing your personal data is necessary for the performance of contract;
- it is in our legitimate interests to do so and where such interests are not overridden by your privacy interests;
- it is required for our or our funds’ compliance with legal and regulatory obligations, including our FCA duties to our clients, or where disclosures are requested by authorities, regulators or governmental bodies;
- we have obtained your consent where one of the above grounds cannot reasonably be relied upon.
Your personal data will not be sold to third parties, marketing agencies or processed in an unlawful manner. If we seek to use your personal data for a purpose beyond that for which it was originally collected, we will seek your consent or look to rely on another valid legal ground to process your personal information in accordance with applicable law.
How do we use your personal information
We will use your personal information, and may share your personal data with other third parties acting on our behalf (as detailed below) in respect of:
- maintaining contact records and providing business updates;
- communicating with you about and sending invitations for presentations, events and meetings with representatives of Asper;
- communicating with you about potential business or career opportunities;
- obtaining professional services from our third parties, including consultants, auditors, accountants and lawyers;
- complying with anti-money laundering and Know Your Customer, references, background and other checks;
- compliance with our regulatory and legal obligations, including fiduciary duties and FCA obligations to clients, or requests for disclsosures from a court, regulatory or governmental body;
- conducting due diligence with regard to potential or actual investment opportunities;
- improving marketing materials;
- evaluating potential candidates for future recruitment and assessing your application if you have applied for a job with us;
- responding to your enquiries and resolving your complaints.
Who might we provide your personal information to?
There are circumstances where we may be compelled or wish to disclose your personal information to third parties. This will only take place in accordance with applicable law and on the basis of one or more of the lawful grounds for processing (detailed above). This may include sharing your personal information with companies who process personal information on our behalf, such as third party outsourced service providers to facilitate the provision of our services, providers of cloud hosting solutions and professional advisers, such as lawyers, fund administrators, accountants or other consultants and group entities. Asper will ensure that, where a third party is used for specific reasons, the service provider has agreed to protect and maintain the security and confidentiality of the information that Asper shares with them.
Sensitive or special category personal data
Certain types of data require extra safeguards, in particular information about children, the “special categories” of personal data including racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sexual orientation, genetics, and biometrics, and criminal offences (including allegations and sentencing). We generally do not need this information so please do not send it to us.
Retention and deletion
Asper will retain personal information for a period that will vary depending on the purposes that it was collected for, as well as the requirements of any applicable law or regulation.
Destruction of data will be carried out in accordance with Asper’s data retention policy. Where the retention schedule requires destruction instead of archival, the following shall apply:
- Paper records will be shredded by a provider who grants documented evidence of its destruction in the form of a certificate or video evidence.
- Electronic records shall be deleted from live systems but may be retained on back-ups in line with the back-up retention schedule.
- Physical equipment capable of storing data shall be disposed of either by (i) physical destruction (crushing) or (ii) by government certified levels of electronic shredding. All electronic shredding shall come with a certificate of destruction.
Third parties and overseas transfers
When your personal data needs to be transferred to an overseas country that is not part of the EEA (European Economic Area) we will always ensure that there are adequate levels of protection and a similar legislation with regards to data protection; each country might have different laws and regulations with regards to data protection. Overseas transfers outside the EEA will only be possible when we have the appropriate safeguards in place.
Measures put in place to safeguard your personal data
We have put in place several technical and organisational measures aimed at protecting the confidentiality, the integrity and the availability of your personal data:
- All the endpoints of the company are protected with antivirus and firewalls.
- Encryption technology is in use to protect the integrity of the personal data we process. Encryption prevents data from being easily accessible and recoverable in the event of theft or computer misuse.
- A password policy is currently in place to ensure that the data stored on our systems is only accessible to authorised personnel. The passwords are changed on a regular basis.
- We regularly make backups of our data to ensure that it is readily available in the event of technical problems or disaster recovery.
- We restrict access to personal information to those employees and third parties who need to know that information for the purposes set out in this Statement.
While Asper takes appropriate technical and organistaional measures to safeguard the personal information that you provide, no transmission over the internet can ever be guaranteed secure and Asper cannot guarantee its security by this method of transmission.
Under data protection laws you have certain rights, including the right to: access, rectify, withdraw consent, erase, restrict, transport and object to the processing of your personal information. You also have a right to lodge a complaint with the Information Commissioner’s Office (see further details below) if you believe your information is not being processed in accordance with the law. Should you wish to exercise any your rights, please contact: firstname.lastname@example.org. We will do our best to respond within 30 days, but if it is going to take longer we will contact you to ask for further time.
Privacy and the internet
The main objective of cookies is to provide us with data that we can use to improve our website in
order to provide you with a better service. Google Analytics is in use to collect information about
how visitors use our website.
When using our website without adjusting your web browser to block them, you are consenting to
these types of cookies being stored on your device.
would like to exercise any of your rights under the General Data Protection Regulation, please
contact email@example.com or in writing to Debbie Hudgell, Asper Investment Management
Limited, 24/25 The Shard, 32 London Bridge Street, London SE1 9SG.
The Information Commissioner’s Office
If you would like to learn more about the General Data Protection Regulation, you can visit the
ICO’s website following this link: https://ico.org.uk/. You can also find an overview of the GDPR
following this link: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-thegdpr/
Notification of changes
This Statement is dated July 2018. We may amend this Statement from time to time without notice. An amended Statement will be posted and available on our website. We may change the Statement for a number of reasons, including changes in law, market practice or our treatment of your personal information.
24/25 The Shard
32 London Bridge Street
Registered in England no: 10075247 Registered office as above, VAT no: 243080339
Authorised and regulated by the Financial Conduct Authority