Welcome to the Blue Horizon website (“Site”), which is owned and operated by Blue Horizon Asset Management Limited, a company incorporated in England and Wales with company number 07612319, whose registered office is at 118 Piccadilly, Mayfair, London, England, W1J 7NW (referred to in this policy as “we”, “us” or “our”). We are authorised and regulated by the Financial Conduct Authority (FRN: 570942).
This policy explains how we use personal data and provides details regarding your data protection rights. It should be read in conjunction with any other documentation provided directly to you.
According to the Information Commissioner’s Office (ico.org.uk), UK data protection laws apply to ‘personal data’ meaning any information relating to a living individual that has been (or can be) identified, including by reference to an online identifier. The personal data we collect is detailed below.
A controller decides why and how personal data is processed and is responsible to you for that processing under the law. For the purposes of this policy, Blue Horizon Asset Management Limited is a controller in respect of any personal information we hold about you.
How We Obtain Your Personal Data
We collect personal data through services that we provide and receive. Typically, it comes from the following sources:
- Contractual agreements or other material provided during our relationship.
- Correspondence received from you such as email, telephone conversations, facsimiles, letters, face to face discussions, text messages, contact through our website and other forms of communication. We may keep a record of all correspondence received. We are required to record telephone and electronic communications that contain order execution instructions.
- Depending on our business relationship, we may use third party firms for credit reference and money laundering checks.
Personal Data We Collect
If you are a customer, we collect information to assist in the provision of services to you. This information may include:
- Your full name including title, maiden name, marital status, date of birth and gender.
- Contact details such as residential address, email and telephone numbers.
- Financial information, including your bank account and details of investments held with us and elsewhere. We may also record details of financial transactions placed across your accounts, whether held with us or elsewhere.
- Identifiers such as your national insurance number or equivalent in overseas jurisdictions, tax reference, driving licence number, passport number, internet protocol address and our own internal identifiers.
- Data used to access our client portal such as username, password, online preferences, and usage information.
- Information required to conduct ‘know your client’ checks such as details relating to your passport or other photographic identification, your credit history, current and previous addresses and source of funds.
If you are a business associate, we collect information to monitor services we have contracted for, or to assess services that are available to us. This information may include:
- Your full name including title.
- Your occupation and job title.
- Contact details for you at your place of business such as address, email and telephone number.
Please note, we do not request any special categories of personal data. Under UK data protection laws, special category data is more sensitive and therefore needs more protection. Categories include race; ethnic origin; politics; religion; trade union membership; genetics; biometrics (where used for ID purposes); health; sex life; sexual orientation.
When requested, you are not required to provide personal information, however, in doing so, we may not be able to proceed with a business relationship.
Our Use Of Your Information
We will only process information that is necessary for the purpose for which it has been collected.
We only process your information where we have a legal reason (known as a ‘lawful basis’) to process it. We collect and use information to establish a relationship with you, and to provide services to you, or to receive services from you, in accordance with contractual obligations.
We use your personal information for the following purposes and rely on the following lawful bases:
Where you have provided CONSENT
We may use and process your personal information for the following purposes where you have consented for us to do so including, where required by law, to contact you via email or SMS (as you have indicated) with marketing information about our products and services.
Where necessary for us to carry out PRE-CONTRACT STEPS you have requested or for the performance of our CONTRACT
Where our contractual relationship is with you in an individual capacity, we will use your personal information where this is necessary for us to perform our contract with you or to carry out any pre-contract steps you’ve asked us to so that you can enter into that contract.
Where necessary for us to pursue a LEGITIMATE INTEREST
We may use and process your personal information as set out below where it is necessary for us to carry out activities for which it is in our legitimate interests as a business to do so, including processing necessary for us to:
- administer and operate customer account(s) and to provide regulated activities including order execution, advisory and investment management services.
- provide information relevant to the services we provide.
- support clients with their enquiries
- respond to understanding our clients’ needs
- operate the administrative and technical aspects of our business efficiently and effectively
Where necessary to comply with our LEGAL OBLIGATIONS
We will use your personal information to comply with our legal obligations, including to:
- facilitate our business operations and to ensure compliance with any legal and regulatory requirements that we are subject to; and
- keep a record relating the exercise of any of your rights relating to our processing of your personal information;
We may disclose your information to our third party service providers, agents, subcontractors and commercial partners and associates (collectively, “Third Parties”) for the purposes of providing services to us or directly to you on our behalf, including the operation and maintenance of our Site.
Personal information may be disclosed to Third Parties who provide us with professional, legal, accounting or other services. This may include providing personal data to third parties to comply with anti-money laundering regulations. Where such processing involves the use of purely automated decision-making to confirm your identity, we will provide you with further information in a supplementary notice. The Third Parties we work with can be categorised as follows:
|Recipient / relationship of Third Party to us||Industry sector (& sub-sector)||Location|
|Cloud software system providers, including database, email and document management providers||IT (Cloud Services)||UK/EEA|
|Credit referencing agencies and identity verification service providers||CRAs/ID Verification (Finance)||UK/EEA|
|Delivery and mailing services providers||Logistics (Delivery Service)||UK/EEA|
|Facilities and technology service providers including scanning and data destruction providers||IT (Data Management)||UK/EEA|
|Insurers and insurance brokers||Insurance (Underwriting & Broking)||UK/EEA|
|Legal, security and other professional advisers and consultants||Professional Services (Legal & Accounting)||UK/EEA|
|Website developers||IT (Software Development)||UK/EEA|
|Website hosting services providers||IT (Hosting)||UK/EEA|
All Third Parties are required to maintain the confidentiality of your personal data and to treat it in accordance with the law. Third Parties are not permitted to use your data for any purpose other than that covered by their contractual arrangements with us except where permitted otherwise by law.
We may disclose the personal information to other third parties as follows:
- any third party who is restructuring, selling or acquiring some or all of our business or assets or otherwise in the event of a merger, re-organisation or similar event; and
- if we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation or request, including by the police, courts, tribunals or regulators and supervisory and other governmental bodies.
Your personal data is not shared with any other organisations for marketing purposes and will not be used by us for marketing purposes unless consent has been provided by you.
Data protection laws provide you with the following rights:
- The right to check if we hold personal information about you and the right to see the information we hold about you.
- You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
- The right to have inaccurate information rectified.
- The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the details described at the end of this policy.
- The right to be forgotten and to have certain information erased.
- In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.
- The right to restrict processing of your personal data.
- You may ask us to restrict the processing your personal information in the following situations: where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
- The right to request that your personal information is transferred to a commonly used machine-readable format and provided to you or a third party.
- Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with a contract in place directly with you, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file. You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
- The right to object to the use of your information, including the right to restrict marketing.
- Where we rely on our legitimate interests as the legal basis for processing your personal information for particular purposes, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
- You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool.
- The right to restrict automated decision making including profiling.
- You have rights regarding automated decisions (including profiling) which have a legal or other significant effect on you. We do not envisage that any significant decisions will be taken about you by us using purely automated means, however we will update this policy if this position changes.
- The right to withdraw consent previously provided to us to handle your information.
- Where we rely on your consent as the legal basis for processing your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can also do so using our unsubscribe tool. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
To exercise any of these rights, please get in touch using the contact details at the bottom of this policy.
Please note, if you are a client, by executing some of these rights, we may not be able to continue providing services to you.
If you are not satisfied with how we have handled your information you have a right to complain to the Information Commissioner’s Office (ico.org.uk).
We can retain your personal information for as long as required to provide services to you. After the termination of contracts, we may retain data for a period of six years to comply with legal and regulatory requirements. After the expiration of six years, your personal data will be deleted.
The exceptions to the retention period mentioned above are where:
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law;
- you exercise your right to require us to retain your personal information for a period longer than our stated retention period;
- we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible;
- we archive the information, in which case we will delete it in accordance with our deletion cycle; or
- in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period, including where we are compelled to do so by statutory, regulatory or governmental bodies.
Third Party Websites
Our website may include links to others, but we are not responsible for the accuracy or completeness of information supplied by third party sites. We suggest you read the individual privacy policies for any websites visited.
UK data protection laws impose restrictions on the transfer of personal data outside the UK and European Economic Area (EEA). The EEA is comprised of the EU countries plus Iceland, Liechtenstein and Norway. The UK and European Commission have decided that certain countries and territories, including Jersey, Guernsey, Isle of Man and Switzerland, also have an adequate level of protection for personal data.
We do not anticipate sending your personal data outside the UK and EEA to countries that may not have similar data protection laws to the UK and EEA.
If we do transfer your information outside the UK and EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected in the ways required by data protection law as outlined in this policy. These steps include imposing contractual obligations on the recipient of your personal information using standard clauses issued by data protection regulators or other relevant bodies and relying on decisions issued by the UK Secretary of State or other relevant bodies declaring that a country is adequately protective of personal information to a degree that allows us to safely transfer your personal information to that country. Please contact us using the details at the end of this policy for more information about the protections that we put in place and to obtain a copy or access to the relevant documents.
If you have any questions, or wish to exercise any of the rights detailed above, please contact us. You can email the Data Protection Manager of the company on email@example.com
118 Piccadilly, Mayfair, London, W1J 7NW, United Kingdom
Last revised September 2022
If you would like to understand how our services could help your specific requirements, please get in touch and one of our experts will be happy to talk.