This Privacy Notice explains how CRUX Asset Management Limited (“CRUX”, ”we”, ”us”, “our”) collects, uses, shares and otherwise processes your Personal Data in accordance with applicable data privacy laws including the EU General Data Protection Regulation (‘GDPR’).
This notice applies to any personal data we have received from you, create or obtain from other sources and explains how it will be used by us. It is important that you read and understand this notice so you understand how we will use your personal data and your rights in relation to your personal data. If you do not agree with our use of your personal data as set out in the Privacy Notice, you should not submit or send us your personal data. However, if you do not wish to submit your personal data, or if you wish to exercise your rights to prevent us from using your data, you should be aware that we may not be able to do business with you.
We are CRUX Asset Management Limited, Company Number 08697189, registered at 48 Pall Mall, London, SW1Y 5JG. For the purpose of data privacy legislation, we will be both a data ‘processor’ and a data ‘controller’.
The nature of our use of Personal data means that we are not required to have a data protection officer. However, you can contact us with any questions regarding your Personal Data or this notice:
Via post: CRUX Asset Management Limited, 48 Pall Mall, London, SW1Y 5JG
Via email: firstname.lastname@example.org
Via Phone: + 44 (0)20 7499 4454
Please allow 30 days for us to respond to any request.
What personal data we collect and how we collect it?
We collect personal information from a variety of sources: directly from you, indirectly from third parties or through the use of our website.
We may collect the following Personal Data from or about you:
- Such as name, email address, mailing address, phone number
- Information about your business function, such as job function or job title and company name
- Information about your interests in our products
We will retain and use your data only where a legitimate business interest exists, such as:
- In order to respond to your enquiries regarding our offering, this would include sending you our quarterly newsletters or information regarding new or existing products which would be of interest to you. We will process this under the legal basis that a legitimate business interest in relation to CRUX or, if you are an individual for data protection law purposes, your express consent.
- In order for CRUX to fulfil its obligation to execute and manage the delivery of our services or products to you. The legal basis under which we will be processing this is as a result of our contract with you.
- For recruitment.
- Where it is deemed appropriate to carry out “Know your Client” checks as part of a review process before you become a client of our and in the course of our ongoing business relationship, and
- for legal and regulatory compliance purposes, including as necessary to respond to governmental, regulatory or law enforcement agencies.
We are required to record telephone conversations, which we will do without a warning, and to keep copies of any e-communications. Please refer to section 9 for details in relation to the retention period.
Sharing your information
We may share your personal data with our third-party suppliers as part of our business process, for instance in the process of maintaining our client relationship management system. In this, and whenever we share your information with our suppliers, we will have formal processor agreements with these providers. The agreement covers in particular, the security measures in place to protect your personal data and that your data may only be used in line with the agreement and with our instruction.
We may also share your information in the following circumstances:
- Required by law – for legal and regulatory compliance purposes, including as necessary to respond to governmental, regulatory or law enforcement agencies
- Corporate transaction – should CRUX be involved in any transaction relating to all or any of its business, we may where necessary share your personal data.
- In addition, and on request, we may share your information if required in connection with legal claims, investigations or to protect your safety.
- There may be other circumstances whereby we may want to share your information, but we will only do so with your express consent.
In all circumstances CRUX will only share your personal data once appropriate security measures are in place including details such as country to which the data is being transfer, the use and the retention period of any data which is shared.
In circumstances where CRUX transfers your data outside of the EEA we will confirm suitable security measures are in place including legal reason for the transfer, under European law, and that the appropriate legal agreement is in place which details the controls and how your data will be processed.
Curriculum Vitae (CV) privacy
When you apply for an open position through the career page of our website or directly via email (email@example.com) you request us to collect and process your personal data through your job application in view of a potential employment.
In some cases, and when your application is successful, we will process your data to ensure we are complying with our mandatory legal obligations to check your eligibility to work in the UK. We will also collect and process your data to obtain further references from your former employers and obtain necessary background check.
Your information may be shared internally for the purposes of our recruitment process.
Your personal data will only be accessed by our CRUX internal career team who are GDPR trained and will only be used for which you have sent it to us, with the view of potential employment.
Data subject access rights
You have a number of rights in relation to the personal data that we hold about you. These rights include:
- The right to request any personal data we process in relation to you,
- The right of request a copy of your personal data we process in relation to you,
- The right to request that we rectify any errors in the data we process in relation to you
- The right to object to us process your data or to restrict the processing of your personal data.
- The right to request that we port your personal data to another controller.
- The right to object
- Where processing is based on your consent, you may also withdraw your consent at any time.
However, if you wish to exercise your rights to prevent us from using your data, you should be aware that we may not be able to do business with you
You can exercise your rights by contacting us using the details set out in the section 2 above.
You can find out more information about your rights by contacting the data protection regulator, the Information Commissioner, or by searching its website at https://ico.org.uk/
The cookies used on www.cruxam.com are based on the International Chamber of Commerce guide for cookie categories.
We currently use:
Strictly necessary cookies
These cookies assist with pages navigation and website functionalities. They don’t gather any personal information about you.
Cookies can be removed or disabled altogether
You can control the use of these cookies either by changing the settings in your web browser or by using the 3rd parties’ own tools. Please note that disabling these cookies may prevent you from certain services and access to pages.
Duration for which we will retain your personal data
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
- The purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
- Legal obligations – laws or regulation may set a minimum period for which we have to store your personal data.
Links and other websites
Our website contains links to other websites maintained by third parties over whom CRUX has no control, and where data privacy practices may be different to that of CRUX. Please be aware that CRUX is not responsible for the privacy practices of other sites. Visitors should consult specific websites’ privacy policies. The privacy statement you are reading applies solely to CRUX Asset Management Ltd (www.cruxam.com) and concerns the information and the data we collect directly via this website or receive through other means.
We know the information you provide may be confidential and we will maintain it in accordance with our normal procedures and in accordance with all applicable laws.
We employ appropriate technical and security measures to help protect your personal data against loss and to guard against access by unauthorised persons.
We have in place procedures to deal with any suspected data security breach and we will notify you of any suspected data breach where we are legally required to do so.
If we are unable to satisfactorily deal with your complaint you can complain to the ICO which is the UK supervisory authority. You have the right to claim compensation for damages caused by a breach of data protection legislation.
Last updated 23rd May 2018