We are Downing Strategic Micro-Cap Investment Trust plc and its subsidiaries (the "Group") and to use your personal data we rely on third parties to develop our business under our directions. For this reason your personal data will normally be directly processed by our service providers, and we will not access or otherwise process your data unless it is strictly necessary.
Some data collected by this website, mainly concerning website users contacting for general enquiries, are under Downing LLP's (who will be our Investment Manager) control and we are not responsible for the processing of such data. Please ensure you read their privacy notice if you believe it applies to you.
We process your personal data for the management and administration of shareholdings, to enable us to promote and supervise the management of the Group, to monitor the performance of the Company’s investments, to maintain our accounts and records, to communicate with directors and past, current or prospective shareholders and contractors and co-investors, and to deal with any enquiries or requests you raise.
This notice explains what data we process, why, how it is legal and your rights and it is important you read the whole notice because this section only summarises the relevant points.
About us and this notice
This Privacy Notice is provided by Downing Strategic Micro-Cap Investment Trust plc and its subsidiaries as may be from time to time, (all of us together, the "Group" or "we" or "us") and to the extent we process your personal data directly or by a contractor doing it under our instructions, we are the data controller and responsible for processing your data.
We are based in the United Kingdom and we comply with the data protection laws applicable in the United Kingdom and in any other country where we operate or otherwise process your data, including the European General Data Protection Regulation where applicable.
We take your privacy very seriously. We ask that you read this Privacy Notice carefully as it contains important information about our processing and your rights.
In this Privacy Notice, there are references to various pieces of European Union legislation, for instance the European Union General Data Protection Regulation. While the UK remains subject to a transitional and implementation period ("TIP") following its exit from the EU, during which EU law continues to apply to the UK as if it were still a member of the EU, references to EU legislation should be construed as references to that legislation as enacted by the EU. Should the TIP come to an end, references to EU legislation should be construed as references to that legislation as transposed into UK law by the European Union (Withdrawal) Act ("EUWA") and as further amended by secondary legislation made under EUWA.
How to contact us
If you need to contact us about this Privacy Notice, or would like this Privacy Notice in another format (for example: audio, large print, braille), please contact us using our contact details which can be accessed on our website.
Changes to this Privacy Notice
The latest version of this Privacy Notice can always be found here at (Insert Link)
We may change this Privacy Notice from time to time. Regularly reviewing this page ensures that you are always aware of what information we collect, how we use it and under what circumstances, if any, we will share it with other parties.
Current version: 24 January 2023
Useful words and phrases
Please familiarise yourself with the following words and phrases (used in bold) as they have particular meanings in the Data Protection Laws and are used throughout this Privacy Notice:
What personal data do we collect?
Information we process about you
We, or our processors, collect your contact details such as name, email address, address, telephone number, bank account details, KYC (know your customer) documents such as your passport and credit history, personal identifiers, such as social security number and national insurance number, age, professional title, occupation, financial information and tax status. We do not directly process most of the information you give to our service providers and other third parties, and when they collect your personal data, or any personal data you provide to them, they will inform you about the processing of this data for their own purposes or on our behalf if appropriate.
How Personal Data is collected from you
Your personal data will be collected when buying shares in Downing Strategic Micro-Cap Investment Trust plc or through interactions with us or our contractors in the course of our business, investments, or interests in common, or as part of the services we deliver to you.
Your personal data may also be collected from a third party adviser (such as an introducing agent), from publicly available sources (such as Companies House) or an identification verification database.
Sensitive Personal Information or Special Categories of Data
We do not envisage the use of your sensitive personal data as part of our business and will only request for it if it is strictly necessary in order to comply with a legal obligation or otherwise according to the law.
In case we request for this information we will inform you at the time this is requested for, if necessary we will ask for your consent, and we will protect this information with greater care.
Personal information about other individuals
If you provide us with information about other individuals you confirm that you are mandated by them and thus act under their instructions and have informed them about this Privacy Notice as appropriate.
Why do we process your personal data?
We use your personal data for the following purposes listed in this section. We are allowed to do so on certain legal bases (please see section ‘How is processing your data lawful’ for further detail):
- To facilitate share transactions
- To manage and administer share holdings
- To carry out AML checks
- To make and administer investments
- To enable us to promote and supervise the management of the Group
- To maintain our accounts and records
- To communicate with prospective, current or former directors, shareholders, contractors, other service providers and investors
- To comply with regulatory and tax requirements and other legal obligations
- To deal with any enquiries or requests you raise
Neither us nor any of our processors make decisions about you based on automated processing of your personal data.
How is processing your data lawful?
We are allowed to process your personal data for the following reasons and on the following legal bases:
We have a legitimate interest in sharing data about you:
- between our group entities if necessary for internal administrative purposes; and
- with our contractors when it is necessary for them to deliver the services we are contracting.
We do not share information about you with these third parties in a context other than where it is necessary to perform a contract or for us to run and manage our business efficiently as you expect us to do.
You can object to processing that we carry out on the grounds of legitimate interests as long as it is not linked to another legal ground (for example if it is necessary to perform a contract we have in place with you). See the section headed "Your Rights" to find out how.
It is necessary for our performance of the contract you have agreed to enter with us. If you do not provide your personal data to us, we will not be able to carry out our obligations under the terms of your contract.
We are subject to legal obligations to process your personal data for the purposes of complying with applicable regulatory, accounting and financial rules, health and safety and to make mandatory disclosures to government bodies, tax administrators and law enforcement agencies.
Who will have access to your personal data?
Certain of our service providers will directly collect and process your personal data as our processors.
In addition, we share your personal data with the certain of our service providers who act as separate controllers of your personal data because although they are our contractors, they decide why and how to use your data when providing services for us.
Transfers of your personal data outside the territories where we operate
Where we transfer your personal information outside the United Kingdom and/or the territories where we operate, we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the information. This can be done in a number of different ways, for instance:
- the country to which we send the personal information may be approved according to the United Kingdom law parameters, or by the European Commission as providing adequate protection for personal data;
- by having in place a contract based on “model contractual clauses” approved by the European Commission;
- where the recipient is located in the US, it may belong to the EU-US Privacy Shield scheme; or
- where the law permits us to otherwise transfer your personal information to another country.
If you would like further information about the safeguards we have in place to protect your personal information, please contact us at email@example.com.
How we keep your personal data secure
We strive to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognised industry practices for protecting our IT environment and physical facilities and we ensure that the companies processing your data on our behalf provide an adequate level of protection to secure both your personal data and other confidential information.
When will we delete your personal data?
Our main rule is not to keep your data for longer than we need to in order to meet all the purposes we included in the section "Why do we process your personal data?"
With this in mind, your personal data will generally be retained for the longest of the following periods:
- for us and the processors and/or any authorised third parties to carry out the purposes for which the data was collected or as long as is set out in any relevant agreement you enter into with us;
- in order to establish or defend legal rights or obligations or to satisfy any reporting or accounting obligations; and/or
- any retention period that is required by data protection laws and any applicable laws or regulatory requirements.
For example, if you are a shareholder, we will keep your data during the time you are in such position after which, we will keep your personal data if we need it to comply with a legal obligation or if we need it to meet other purposes, but if we do not need all the data you provided at first instance, we will delete the remaining data. For most of the purposes and legal obligations we have stated a retention period of six years although this might vary depending on the agreements we have in place with you, or other legal obligations. A detailed retention schedule is available upon request.
As a data subject, in certain circumstances, you have the following rights under the Data Protection Laws:
- the right to object to processing of your personal data;
- the right of access to personal data relating to you (known as data subject access request);
- the right to correct any mistakes in your information;
- the right to ask us to stop contacting you with direct marketing;
- the right to restrict your personal data being processed;
- the right to have your personal data ported to another controller;
- the right to withdraw your consent;
- the right to erasure; and
- rights in relation to automated decision making.
These rights are explained in more detail below. If you want to exercise any of your rights, please contact us (please see "How to contact us".
We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex, in which case we will respond within three months.
Please be aware that there are exceptions and exemptions that apply to some of the rights which we will apply in accordance with the Data Protection Laws.
Right to object to processing of your personal data
You may object to us processing your personal data where we rely on a legitimate interest as our legal grounds for processing.
If you object to us processing your personal data we must demonstrate compelling grounds for continuing to do so. We believe we have demonstrated compelling grounds in the section headed "How is processing your personal data lawful".
Right to access personal data relating to you
You may ask to see what personal data we hold about you and be provided with:
- a copy of the personal data;
- details of the purpose for which the personal data is being or is to be processed;
- details of the recipients or classes of recipients to whom the personal data is or may be disclosed, including if they are overseas and what protections are used for those overseas transfers;
- the period for which the personal data is held (or the criteria we use to determine how long it is held);
- any information available about the source of that data; and
- whether we carry out an automated decision-making, or profiling, and where we do information about the logic involved and the envisaged outcome or consequences of that decision or profiling.
To help us find the information easily, please provide us as much information as possible about the type of information you would like to see.
Right to correct any mistakes in your information
You can require us to correct any mistakes in your information which we hold. If you would like to do this, please let us know what information is incorrect and what it should be replaced with.
Right to restrict processing of personal data
You may request that we stop processing your personal data temporarily if:
- you do not think that your data is accurate. We will start processing again once we have checked whether or not it is accurate;
- the processing is unlawful but you do not want us to erase your data;
- we no longer need the personal data for our processing, but you need the data to establish, exercise or defend legal claims; or
- you have objected to processing because you believe that your interests should override our legitimate interests.
Right to data portability
You may ask for an electronic copy of your personal data which we hold electronically and which we process when we have entered into a contract with you. You can also ask us to provide this directly to another party.
Right to withdraw consent
You may withdraw any consent that you have given us to process your personal data at any time. This means that we will not be able to carry out any processing which required use of that personal data.
Right to erasure
You can ask us to erase your personal data where:
- you do not believe that we need your data in order to process it for the purposes set out in this Privacy Notice;
- if you had given us consent to process your data, you withdraw that consent and we cannot otherwise legally process your data;
- you object to our processing and we do not have any legitimate interests that mean we can continue to process your data; or
- your data has been processed unlawfully or has not been erased when it should have been.
Rights in relation to automated decision making
You have the right to have any decision that has been made by automated means and which has a significant effect on you reviewed by a member of staff and we will consider any objections you have to the decision that was reached.
What will happen if your rights are breached?
You may be entitled to compensation for damage caused by contravention of the Data Protection Laws.
Complaints to the regulator
It is important that you ensure you have read this Privacy Notice – and if you do not think that we have processed your data in accordance with this notice – you should let us know as soon as possible. You may also complain to the Information Commissioner’s Office, which regulates and supervises the use of personal data in the UK, via their helpline on 0303 123 1113.
Cookies – Privacy and Your rights
Cookies are used to uniquely identify a person and therefore we treat them as personal identifiable information. Cookies are used for analytics and advertising to improve the experience and relevance of the website. We want users of our website to understand what cookies are by being jargon free, whilst also being transparent regarding how we use them, please see the What are cookies? What cookies do we use? and How do I turn cookies off? so you are fully aware.
What are cookies?
Cookies are small text files that are stored on your browser or device by websites, apps, online media, and advertisements. There are different types of cookies. Cookies served by the entity that operates the domain you are visiting are called “first party cookies.” Therefore, cookies served by the Company while you visit Insert Link are first party cookies.
Cookies served by companies that are not operating the domain you’re visiting are called “third party cookies.” For example, we may allow Google to set a cookie on your browser while you visit www.aboutcookies.org, and that would be a third-party cookie. Cookies may also endure for different periods of time. “Session Cookies” only last only as long as your browser is open.
These are deleted automatically once you close your browser. Other cookies are “persistent cookies” meaning that they survive after your browser is closed. For example, they may recognise your device when you re-open your browser and browse the internet again.
What cookies do we use?
We use the following cookies:
Analytical and performance cookies. We may use analytics service providers in relation to our websites’ traffic analysis and reporting. Analytics service providers generate statistical and other information about the use of our website by using cookies. They allow us to recognise and count the number of visitors and to see how often visitors return to our website, how long they stay and how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. The information generated relating to our website may be used to create reports about the use of the website and the analytics service provider will also store this information.
Advertising and targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed to other websites. We will use this information to try and make the website and other websites that you visit more relevant to your interests. We may also share this information with carefully selected third parties for this purpose.
Functionality cookies. We may use functional cookies that allow us to remember choices you have made in relation to our website so as to provide a more personalised experience and enhanced user experience by delivering content specific to your interests.
Strictly necessary cookies – Third party cookies
How do I turn cookies off?
You can use your browser settings to accept or reject new cookies and to delete existing cookies. You can also set your browser to notify you each time new cookies are placed on your computer or other device.
If you would like to opt out of cookies, you can change the settings on your internet browser to reject cookies. You can find more detailed information about how you can manage cookies at the All About Cookies and Your Online Choices websites. Please note that if you do set your browser to reject cookies, you may not be able to use the features of our website.