Privacy Policy

This Privacy Policy explains how Audley Capital Management (“ACE”, “we”, “us”, “our”) collects, uses, stores and shares personal data, and how we keep it safe. It applies when you:

  • visit our website www.audley-capital.com;
  • contact us or request information;
  • use our services or become a client/supplier; or
  • otherwise interact with us.

We act as a data controller in respect of the personal data described in this policy, unless we state otherwise.

2. Controller details and contact

Controller: Audley Capital Endowment Ltd.
Registered address: 71-75 Shelton Street, Covent Garden, London WC2H 9JQ
Email: privacy@audley-capital.com
 

If you have questions, or want to exercise your rights, contact us using the details above.

3. The personal data we collect

We may collect and process the following categories of personal data (as applicable):

3.1 Identity and contact data

name, job title, employer/organisation

postal address, email address, telephone number

3.2 Communication and relationship data

enquiries, messages, call notes, meeting notes

preferences (for example, preferred contact method)

3.3 Service and transaction data

information relevant to providing our services (which may include personal data about you or others, depending on the matter)

billing and payment details (typically limited to what is necessary for invoicing and accounting)

3.4 Website and technical data

IP address, device identifiers, browser type/version, operating system

usage data (pages visited, time spent, referring pages)

cookie and similar technology data (see section 12)

3.5 Special category data
We do not intentionally collect special category data (such as health data) unless it is necessary for a specific purpose and we have a lawful basis (and, where required, a condition) to process it.

4. How we collect personal data

We collect personal data:

directly from you (for example when you contact us, engage us, or fill out forms);

from your employer/organisation (for example where you are a representative);

from publicly available sources (for example company websites, professional directories);

through our website and technical systems (including cookies, logs and analytics); and

from third parties connected to a matter or service (for example counterparties, advisers, service providers) where appropriate.

5. How we use personal data (purposes)

We use personal data for the following purposes:

  • to respond to inquiries and communicate with you;
  • to provide our services and manage our relationship with you;
  • to administer contracts, billing, payment, accounting and audits;
  • to operate, maintain and improve our website, systems and security;
  • to comply with legal obligations (including tax, regulatory and record-keeping duties);
  • to protect our rights and manage disputes, claims or complaints; and
  • to send service-related messages (for example policy updates or important notices).

If we carry out marketing, we will do so in accordance with applicable law and your preferences (see section 11).

6. Lawful bases for processing

We process personal data under one or more of the following lawful bases (as applicable):

  • Contract: processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
  • Legal obligation: processing is necessary to comply with a legal obligation.
  • Legitimate interests: processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Our legitimate interests may include: operating our business, providing efficient services, improving systems, ensuring network and information security, preventing fraud, and managing disputes.
  • Consent: where required (for example certain marketing or non-essential cookies), we will rely on your consent and you can withdraw it at any time.
  • Vital interests/Public task: these are uncommon for most private organisations, but may apply in limited circumstances.

7. Sharing personal data

We may share personal data with:

  • our staff and contractors who need it for their role;
  • professional advisers (for example lawyers, accountants, insurers) where necessary;
  • service providers / processors who support our operations (for example IT hosting, cloud storage, email, CRM, analytics, payment providers);
  • third parties involved in delivering services (for example counterparties, translators, couriers) where relevant to your request or a matter; and
  • public authorities and regulators where required by law or to protect rights.

Where we use processors, we require them to process personal data only on our instructions and to protect it with appropriate security measures.

8. International transfers

Your personal data may be transferred outside the UK and/or European Economic Area if we use service providers or systems located elsewhere.

Where an international transfer occurs, we will ensure appropriate safeguards are in place, such as:

  • an adequacy decision (where applicable);
  • standard contractual clauses / the UK International Data Transfer Agreement (as applicable); and/or
  • other lawful transfer mechanisms permitted under data protection law.

9. Data security

We use appropriate technical and organisational measures designed to protect personal data against accidental loss, unauthorised access, alteration or disclosure. Measures may include access controls, encryption, secure backups and staff confidentiality obligations.

No system is completely secure. Where required, we will notify relevant authorities and affected individuals of a personal data breach in accordance with applicable law.

10. How long we keep personal data (retention)

We keep personal data only for as long as necessary for the purposes described in this policy, including to meet legal, accounting, tax, regulatory and reporting requirements.

Retention periods vary depending on the nature of the data and why it is held. We may retain certain records:

  • for the duration of a contractual relationship;
  • for a period after the relationship ends to deal with queries, claims or legal requirements; and
  • longer where required by law or where necessary to establish, exercise or defend legal claims.

You may request further information about our retention approach using the contact details in section 2.

11. Marketing and communications preferences

Where permitted by law, we may send you updates about our services or relevant information.

You can opt out of marketing at any time by:

  • using the unsubscribe link (where provided); or
  • contacting us using the details in section 2.

We will still send non-marketing, service-related communications where necessary (for example important notices about services or policy updates).

12. Cookies and similar technologies

Our website may use cookies and similar technologies (for example pixels and analytics tags) to:

  • enable core website functionality;
  • understand how users interact with our website; and
  • improve performance and user experience.

Where required, we will obtain your consent for non-essential cookies. You can control cookies through browser settings and, where available, our cookie preference tools.

13. Your data protection rights

Depending on your location and the applicable law, you may have rights including:

  • access to your personal data;
  • rectification of inaccurate or incomplete data;
  • erasure (in certain circumstances);
  • restriction of processing (in certain circumstances);
  • data portability (in certain circumstances);
  • objection to processing based on legitimate interests or direct marketing; and
  • withdrawal of consent (where processing is based on consent).

To exercise your rights, contact us using the details in section 2. We may need to verify your identity.

14. Complaints

If you have concerns about our processing of personal data, we encourage you to contact us first so we can try to resolve the issue.

You also have the right to complain to the relevant supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO). In the EU/EEA, it is your local data protection authority.

15. Third-party links

Our website may include links to third-party websites. We are not responsible for the privacy practices of third parties. You should review their privacy policies before providing personal data.

16. Changes to this policy

We may update this Privacy Policy from time to time. We will post the latest version on our website and update the effective date above

We need your consent to load the translations

We use a third-party service to translate the website content that may collect data about your activity. Please review the details in the privacy policy and accept the service to view the translations.