River Capital
Let's Talk

Privacy Policy

Privacy Policy 

 

The information contained in this privacy policy statement is intended to provide you with details of how we may collect and process your personal data from time to time and the circumstances giving rise to the request and receiving of data.

  1. About us:

We are part of a group of companies (“the Companies”) who act as data controllers and/or processors for the purposes of the Data Protection Act 2018 and the UK Data Protection Regulation (UK GDPR). We are referred to as “we”, “us” or “our” in this privacy policy.

The information contained in this privacy policy applies to all of the Companies individually and/or collectively, as the case may be.

The Companies are:

River Capital Management Limited (River Capital) is authorised and regulated by the Finance Conduct Authority, FRN 180891, (company registration number 03099944), based at Suite 6C, The Plaza, 100 Old Hall Street, Liverpool L3 9JQ. Our ICO registration number is ZA135393.

Merseyside Special Investment Fund Limited (“MSIF”) (company registration number 02981031), based at Suite 6C, The Plaza, 100 Old Hall Street, Liverpool L3 9JQ. Our ICO registration number is ZB244964.

The information in this privacy policy also applies to the LCR Finance Hub (including its website and any other platform or application), which is operated by MSIF and Liverpool City Region Growth Company Limited (company number 02753023 and based at Suite 6C, The Plaza, 100 Old Hall Street, Liverpool L3 9JQ) (“LCR Growth Company”).

Where approved, data may be shared and processed by LCR Growth Company for the purposes of their LCR Growth Hub. You can read their privacy policy here. If you have any questions about your privacy or our use of your personal data, please contact us.

  1. The personal data we may collect about you:

You are not required (by law or by any contract with us) to provide personal information to us. We will only require you to provide personal information to us where it is necessary for us to provide you with a service at your request.

The types of personal data we may collect in these circumstances are:

  • Full name and title including any previous names
  • Photographic proof of identity (typically passports or photo driving licences)
  • Proof of address (utility bill)
  • Marital status
  • Contact information such as postal address, residential address, email address and telephone numbers
  • Tax information (Unique tax reference number and national insurance number)
  • Information regarding your investment experience, wealth, source of funds and bank details
  • Information regarding your knowledge of investment and types of transactions undertaken
  • Employment history and salary details
  • Marketing preferences which include the type of information you wish to receive and how.
  • Information we learn from you such as requests, transactions, services provided or offered, any advice or recommendations made, a log of meetings, telephone recordings (where permitted and required for regulatory purposes) complaints and dissatisfaction notes, as well as email exchanges.
  • Business organisation/address

The above list is not exhaustive and we may from time-to-time request additional information in order to satisfy our legal and regulatory obligations. Where additional information is requested, we will provide you with a reasonable explanation and lawful basis for why it is required, unless we are prevented from doing so by law.

  1. Special Category data:

Special Category data refers to any data which is sensitive and is subject to additional rules and requirements under data protection law. Special Category data may include information regarding: criminal convictions and offences, race, ethnicity, religious or philosophical beliefs, political opinions, sexual orientation, trade union membership and information about your health, genetic and biometric data. As a general rule we do not collect any Special Category data about you. However, we are required to request information relating to criminal convictions as part of our recruitment process for staff and contractors undertaking regulated activities. We may also request Special Category data from you for the purposes of statistical analysis and reporting on our equality, diversity and inclusion performance. We require consent from the individual to collect this information. If we are required by law to request any Special Category data from you, aside from the reasons mentioned above, we will provide you with a reasonable explanation as to the nature and purpose for this request and request your consent. We would not be able to proceed without your consent unless there was a lawful reason for doing so.

  1. How do we collect your personal data?:

Typically, where we are required to obtain your personal data, we will request it from you. However, we may also from time to time receive your personal data through intermediaries where you have authorised the sharing of your personal data with us. Intermediaries may include: accountants, solicitors, independent financial advisors, tax advisors and wealth managers who may be working on your behalf. Personal data may also be provided to us via post, in person, email or via a specially created secure data room/platform. The data collection may be facilitated by way of completing an application form or questionnaire or by you responding to information requests from us. We may also receive information from publicly available resources.

  1. Why we collect your personal data:

We have a legitimate interest in efficiently and effectively managing and operating our business, and improving the services that we offer, to give you the best client/partner experience that we can. Sometimes we need to use your personal information to do this, including (but not limited to) circumstances where you:

  • are a shareholder in one of the companies with whom we have an administration and/or management agreement with;
  • are a limited partner or an investor in one of the funds to which we are appointed manager/operator, or any other such investment schemes under our management;
  • are actively receiving investment services or products from us under a contractual arrangement or engagement;
  • are a controller, shareholder or an authorised signatory of a business we have provided a loan to;
  • consent to receiving communications from us; have a contractual agreement with us;
  • request resources or marketing be sent to you;
  • give us feedback or other form; and/or
  • where we have any other legitimate business interest with you.
  1. How we use your personal data:

Typically, we only use your data to be able to perform our duties under contracts we may have with you or where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. Please refer to section 7 (Marketing communications) below for more information about this. You have the right to withdraw consent to marketing at any time by contacting us. We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data. Your data will also be shared with LCR Growth Company for other purposes for which they have a legitimate basis and for which they will notify you of, such as is set out in their policy here.

  1. Marketing communications:

You will receive marketing communications from us if you have:

(i) requested information from us or have a contractual agreement with us; or

(ii) provided us with your details and have positively consented to us sending you marketing communications; and

(iii) in each case, you have not opted out of receiving that marketing.

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes. Please note that you can change your mind and you can opt-out from receiving marketing communication from us at any time by contacting us. Where you opt out of receiving our marketing communications, this will not apply to communication we make with you in relation to a legitimate business interest or lawful purposes, such as the performance of a contract we may have with you.

  1. Change of purpose:

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for a purpose unrelated to the original purpose for which we collected the data, we will notify you and we will explain the legal grounds for this. We may process your personal data without your knowledge or consent only where this is required and permitted by law.

  1. How long we keep your personal information for:

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. Where we provide you with any service, we need to retain the information we hold about you for at least as long as we continue to provide that service to you. By law, we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years for tax purposes. We must keep this information for at least five years after a client ceases to be a client under the UK money laundering regulations 2017. We may use methods such as pseudonymisation which is a process whereby we replace identifying fields of data with other non-identifying data fields. This anonymises the data so that it is no longer personal data. We may use this method where we are required to retain certain types of information to perform business activities, such as statistical analysis and reporting on our equality, diversity and inclusion performance. This type of statistical data is often required for ESG (Environmental, social and governance) investment purposes by clients.

  1. Keeping your personal data secure:

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data in accordance with our instructions and on a strictly confidential basis. We have put in place procedures to deal with data breaches in accordance with data protection law. We will notify you and any applicable regulator of a breach where we are legally required to do so. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. When using our website, always check for the padlock symbol in your browser and “https” in the URL before submitting information. Our website host is Siteground and you can read their privacy policy here.

  1. Sharing your personal data:We may share your personal data with the parties set out below (amongst others) for legitimate business interests and lawful purposes:
  • The other Companies, namely: River Capital and MSIF, including for the purposes of the LCR Finance Hub
  • LCR Growth Company for the purposes of their LCR Growth Hub and the LCR Finance Hub
  • Our web hosting provider, Siteground, to host the website and related services and applications (click here to read their privacy policy)
  • Google Analytics, which we use to track user interaction on our website (click here to read their privacy policy). You can find more information about this in section 13 (Using our website).
  • Other companies in our group who provide IT and system administration services and undertake leadership reporting
  • Third-party service providers who provide IT and system administration services
  • Our trusted professional advisers including lawyers, bankers, auditors, tax advisors and insurers who provide consultancy, banking, legal, insurance, tax and accounting services
  • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
  • Fraud prevention agencies
  • Third parties to whom we sell, transfer, or merge parts of our business or our assets.

We require all third parties to whom we transfer your data to handle your personal data securely and in accordance with the law. We only allow such third parties to process your personal data for specified purposes, in accordance with our instructions and on a confidential basis. We do not share or transfer your data outside of the UK or the European Economic Area (EEA).

  1. Your rights:Under certain circumstances, you have rights under data protection laws in relation to your personal data. If you would like any further information or to exercise any of your rights, please contact us. In most cases, we will not charge you any fee if you wish to exercise any of these rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. In order to respond to a subject access request, we will need to confirm your identity as a security measure to safeguard you from your personal data from being disclosed to non-authorised third parties. If you wish to exercise any of your rights, please provide us with as much information as possible to enable us to comply with your request within an acceptable timeframe. We are required to respond to subject access requests where practically possible within 30 days and, if this is not possible, we will provide you with a reasonable explanation as to why this cannot be achieved.

Your rights include:

  1. a) The right to be informed

We have a legal obligation to provide you with concise, transparent, intelligible and easily accessible information about your personal information and our use of it. We have written this policy to comply with this right, but please contact us if you require further information.

  1. b) The right to access your personal data

You have the right to ask us to confirm whether or not we hold any of your personal data. If we do, you have the right to access a copy of your data, as well as information about how, and why, we use it. In order to prevent your data being disclosed to someone who is not authorised to access it, we may have to verify your identity before we provide you with a copy of the data that we hold.

The first copy of your information that you request from us will be provided free of charge, if you require further copies we may charge an administrative fee to cover our costs. Please contact us if you wish to request access to our data.

  1. c) The right to correct any inaccurate or incomplete personal data

If the information that we hold about you is inaccurate or incomplete, you have the right to require us to correct that data (or complete it by supplementing it with other information).

  1. d) The right to be forgotten

You have the right to require us to delete or destroy your personal data in the following circumstances:

  • The information is no longer needed for the purposes we collected it for.
  • Where we rely on your consent, and you withdraw that consent
  • You object to us using your information for marketing purposes, or
  • for our legitimate interests, and we have no overriding reason to keep using it
  • We have used your information unlawfully
  • We are required by law to delete your information

If these situations apply, you may contact us to request that we erase your data from our systems. e) The right to have your data transferred to you or a third party in a common format

Where your personal data is processed by automated means, you may have the right to obtain a copy of your personal data in a structured, commonly used and machine-readable format, and to ask us to transfer this data to another organisation in a safe and secure way.

  1. f) The right to object to direct marketing

You can ask us at any time to stop using your information for direct marketing purposes, even if we do not rely on your consent to do this. You may exercise this right by following the instructions in any of the emails that we send to you, or by contacting us.

  1. g) The right to object to us using your information for our own legitimate interests

Sometimes, we use your personal information to achieve goals that will help our business – these are our legitimate interests, and they are explained in more detail in this policy.

We aim to always ensure that your rights and information are properly protected. If you believe that the way we are using your data is not justified due to its impact on you or your rights, you have the right to object to our use of your data in these ways. If you do object to this, unless we have a compelling reason to continue we will stop using your personal data for these purposes.

  1. h) You have the right to restrict how we use your personal data

You have the right to ask us to stop using your personal data in any way other than simply keeping a copy of it. This right is available where:

  • You have informed us that the information we hold about you is inaccurate, and we have not yet been able to verify or update this
  • You have objected to us using your information for our own legitimate interests and we are in the process of considering your objection
  • We have used your information unlawfully, but you do not want us to delete it
  • We no longer need to use the information, but you need it for a legal claim
  1. i) You have rights related to automated-decision making and profiling You have the right not to be subject to decisions made based on automated decision-making, including profiling, which will have a legal effect upon you or otherwise significantly affect you. We do not currently use any automated decision-making or undertake any profiling of our customers or other individuals.
  2. Using our website:

The type of data we collect when you visit our website may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site as well as the types of products and services and searches you conduct on our site. This site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages, and to see their journey through the website. Google Analytics records data such as your geographical location, device, internet browser and operating system. However, none of this information personally identifies you to us. Google Analytics also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third-party data processor. Google Analytics makes use of cookies. Disabling cookies on your internet browser will stop Google analytics from tracking your visit to pages within this website. The Google Analytics privacy policy can be read here. Please see our cookie policy for more information.

  1. Contact forms and email links:

If you contact us using the contact form or via our email link, none of the information that you supply will be stored by this website or be passed to/processed by any third-party data processors. Instead, the information will be collated into an email and sent to us via the ‘Simple Mail Transfer Protocol’ (SMTP). The information you provide in this way will be encrypted so that it is secure. It will then be decrypted via our local computers and devices.

Accurate data:

  1. Complaints and queries:

If you are not happy with the way we collect and use your data, please contact us in the first instance so that we may seek to resolve your complaint. You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the statutory body which oversees data protection law in the UK. Please visit the ICO website if you wish to lodge a complaint with the ICO. If you are based in an European Union member state, you may instead lodge a complaint with the supervisory authority in your country.

  1. Changes to our privacy policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy. This version was last updated on 20 October 2021 and historic versions can be obtained by contacting us.

  1. Contact us:

If you wish to speak to us regarding your privacy, or our use of your personal data, please contact us using the following details:

River Capital Management Limited

Post:Suite 6C, The Plaza, 100 Old Hall Street, Liverpool L3 9JQ
Email: info@rivercapitaluk.com
Website: https://rivercapitaluk.com/
Data Protection Manager:  Marc d’Abbadie

Merseyside Special Investment Fund Limited

Post:Suite 6C, The Plaza, 100 Old Hall Street, Liverpool L3 9JQ
Email: info@msif.co.uk
Website: https://www.msif.co.uk/
Data Protection Manager:  Marc d’Abbadie