James Hambro & Partners LLP (“JH&P”) and James Hambro & Company Limited (“JH&C”) (together ‘we’) are committed to protecting your privacy and ensuring you are fully aware of the information we may hold on you and how that information might be used in the course of providing services to you. This policy explains how we collect, process and safeguard your personal data.
Personal data means information that relates to an identified person or a person who could be identified directly from that information or indirectly together with other information.
For the purposes of data protection legislation, the Data Controller in respect of your personal data is JH&P or JH&C, depending on which one is providing the relevant service to you. For information about which is the applicable data controller please contact us.
We have appointed a Data Protection Officer (DPO) who can be contacted at: email@example.com.
Information you provide us
We record different types of information that you provide to us, including:
- Name, address, date of birth, contact details, national insurance number, tax identification number;
- Financial information, including details of your assets and income and your bank account details;
- Information about contact with us – Meeting notes/hard copies etc.
- Information about other people (such as family members, including children, beneficiaries, representatives or professional advisers);
- Information about your health, political affiliations or religious beliefs;
- Education and employment details.
The information may be gathered during meetings or phone calls, or by completion of printed or online forms. We may also record information you provide to us about another person, if we have a legitimate interest in doing so.
Information we gather from other sources about our clients
During the setup of the account or providing our services, we may gather information in the following ways;
- Through online services such as website access or access to online valuations;
- Collected from third parties acting on your behalf, such as professional advisers.
- Information collected by third parties such as credit agencies, background check agencies and other online sources, and other publicly available information.
If you have authorised a third party to contact us or authorised us to contact a third party on your behalf, we may receive and store additional information about you that they provide to us. When dealing with any third party in relation to your details, we will always undertake appropriate security clearance prior to any discussion.
Information collected from those visiting the website
We record information when visitors use our website. This includes:
- Information provided to us by visitors who fill out the contact form on the website;
- Information relating to visitors’ IP addresses including browser, time zone, plugins when connecting to our website;
- Information relating to the website usage, including the date and time of access, length of visit and interaction with pages; and
Recording phone calls
We may monitor or record phone calls with you in case we need to check we have carried out your instructions correctly, to resolve queries or issues, for regulatory purposes, to help improve our quality of service, and to help detect or prevent fraud or other crimes. Conversations may also be monitored for staff training purposes.
What do we use the information for?
We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We share information between JH&P and JH&C in order to facilitate the uses set out below by each of them as appropriate. We will collect and use your information only where:
- required to carry out our obligations as a result of any contracts/investments entered into between you and us;
- it is in our legitimate interest, namely providing you with information that you request and with updates and marketing materials selected by you, and enabling the management of all matters relating to our business, but only where your interests and fundamental rights do not override those interests;
- to comply with our legal obligations, such as in respect of money laundering and financial crime legislation as well as any requirements issued by our regulators such as the FCA, SEC or HMRC;
- to provide you with information (by various means including but not limited to post, email and phone), products and services that you have requested from us or which we may reasonably believe would be of interest to you;
- where we need to protect your interests or someone else’s;
- for research and development of products and services;
- where you have given consent and that consent has not subsequently been withdrawn; and
- to protect our legal rights.
Failure to provide certain information may mean we are unable to perform both our legal obligations and our contractual duties to you, such as executing transactions or making payments on your behalf.
Where we provide investment services, your personal data will be shared with our underlying custodian on an ongoing basis.
We will not use your information to make any automated decisions about you.
What do we use the information collected on our website for?
- To administer the site and may include maintenance, data analysis;
- To improve the navigation and content of the site;
- For security purposes; and
- To allow you to participate in any interactive features which we may make available, should you choose to do so.
Do we share data with anyone else?
In certain circumstances, we may share information with third parties, including in the following cases;
- where we have a legal obligation to do so or for the purposes of fraud protection and credit risk reduction;
- to banks, sub-custodians, brokers, investment exchanges, transfer agents, product providers or other similar parties in order to provide our services to clients;
- to protect us or our clients;
- to professional advisers or other representatives and service providers appointed by you;
- third party service providers, including contractors, or professional advisers appointed by us;
- regulatory bodies and government agencies, such as the FCA, HMRC, the SEC and the US Internal Revenue Service;
- law enforcement agencies.
Where is the Information Stored and Processed?
Your information is mainly stored and processed in the UK.
We and, where relevant, our agents and delegates, may sometimes transfer your personal data to other countries outside of the UK, including the United States. This may be, for example, in order to process transactions on your behalf, to provide reports or filings to relevant authorities and regulators, or where third party suppliers host their systems or have technical support teams overseas. In those situations, the transfers will be in accordance with the legal requirements, such as:
- the country has been approved by the Information Commissioner’s Office (ICO), the UK regulator for data protection for this purpose;
- the recipient has signed a contract based on “model contractual clauses” approved by the ICO, obliging them to protect your data; or
- in other circumstances permitted by law.
You can obtain more details about the protection given to your personal data when it is transferred outside the UK by contacting us (see below for contact details).
How long will you keep the information?
Personal information that we process will be kept for no longer than necessary for the purposes for which we collected it. The retention period will be dependent on our legal obligations, the nature of your relationship with us, the purpose for which it was processed, and the nature and sensitivity of the information. For our clients, the retention period is based on our statutory obligations and most information will be held for a minimum of five years after our relationship with you ends.
How are we protecting the information?
We take information security extremely seriously and any information collected, processed or used in any way, whether online, through telephony, paper or by any other means, will have appropriate security procedures covering the storage and disclosure of your personal data to prevent unauthorised access and to comply with our legal obligations. We use technologies such as (but not limited to) data encryption, firewalls and server authentication to protect the security of your data.
What are your rights?
In certain circumstances you have rights in relation to the personal data that we hold about you:
- You have the right to ask us not to use your personal data for direct marketing purposes.
- You have a right to obtain information on what personal data we have and how we process it.
- You have the right to access a copy of the personal data we hold. If you wish to receive this, you may make a data subject access request. We will not charge you for this request.
- You can ask for your information to be corrected if this is inaccurate or incomplete.
- You may ask for your information to be deleted. However, in certain circumstances we may be legally required to keep it.
- You can ask that we restrict the processing of your personal information for certain purposes. However, in certain circumstances we may be legally required to continue processing it for those purposes.
- In some circumstances you can ask to receive your data in a structured, commonly used and machine-readable format or ask for your data to be transferred to a third party where this is technically feasible. This only applies to data which you have provided to us.
- You can make a complaint to the data protection regulator (details below), if you think that we have infringed any of your rights.
Changes to the Policy
What if you are not happy?
You also have the right to make a complaint at anytime to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues, through their website at https://ico.org.uk/make-a-complaint/.
This was last updated on 2 February 2022.