Privacy Policy

Introduction

We, X.0 Advisory are the ‘controllers’ of the information that we collect about you which may include personal data. Being controllers of your personal data, we are responsible for how your data is processed. The word ‘process’ covers most things that can be done with personal data, including collecting, storing, using and destroying that data.

This statement explains why and how we process your data, and explains the rights you have around your data, including the right to access it and to object to the way it is processed.

We are a consultancy firm and our contact details are:

X.0 Advisory
PO Box 449
WILMSLOW
SK9 0GG

07788 441200
hello@x-0advisory.co.uk

Our Data Protection Coordinator is Nick Horrocks.

Personal data

‘Personal data’ is any information that relates to a living, identifiable person. This data can include your name, contact details, and other information we gather as part of our relationship with you. It can also include ‘special categories’ of data, which is information about a person’s race or ethnic origin, religious, political or other beliefs, physical or mental health, trade union membership, genetic or biometric data, sex life or sexual orientation. The collection and use of these types of data is subject to strict controls. Similarly, information about criminal convictions and offences is also limited in the way it can be processed.

We are committed to protecting your personal data, whether it is ‘special categories’ or not, and we only process data if we need to for a specific purpose, as set out below. We collect your personal data mostly through our contact with you, and the data is usually provided by you, but in some instances we may receive data about you from other people/organisations. We will explain when this might happen in this notice.

This statement contains more information about:

  • Contacting you;
  • Our grounds for processing your data when we work with you;
  • With whom we share your data;
  • How we store your data and for how long we keep it;
  • How we use data that is collected from our website cookies;
  • Your rights as a data subject.

Contacting you about events or areas of interest

As an individual we will only send general invitations or updates to you if you have provided your consent for us to do so. If you represent an organisation we may write to you from time to time unless you have told us that you do not wish to receive further mailings. Our marketing and briefing emails will provide you with the option to opt out of or manage future mailings.

If you do not provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may stop providing that service but we will notify you if this is the case at the time.

Personal data received from third parties

Our clients may include personal data about individuals that is relevant to a matter that we are working on. We are committed to protecting all personal data that we hold and will treat this data with the same care that we treat data held about our clients.

Processing your data to provide you with our services

  • In general terms we process your data to fulfil our responsibilities in the relationship that we have with you. Data we may process to provide services to you:
  • Our contact details so that we can share information with you.
  • Information that you provide for our client due diligence checks.
  • Information contained in correspondence/telephone calls/meetings so that we can understand your objectives, provide you with advice, and carry out your instructions.
  • Survey data which you may choose to provide for research.
  • Details of transactions you carry out through us and our services to you so that we can monitor progress, deliver our services, complete financial transactions, issue bills and arrange payment with you.
  • Details of your preferences where you have requested to be contacted about events, products, services, updates, sector/firm news.
    Information about you that we retain on your behalf.

Our legal bases for processing:

  • Processing is necessary to agree your requirements and to deliver the services we have contracted to provide for you.
  • You have provided consent for us to process your personal data.
  • It is a requirement of the court to provide information that we hold about you.

We may also process your data where the data we are processing has already been made public by you, or where you have provided us with your explicit consent to process your data.

At times, we may further process data which we have already collected. We will only do this if the new purpose for processing it further is compatible with the original purpose that the data was collected for. We will tell you about any further processing before carrying it out.

Sharing your data

For some processing purposes we share your data with third parties:

  • Our IT system providers have access to data so that we can ensure that our systems operate effectively and that we are running current versions of software.
  • Financial and quality auditors view data to monitor that we are complying with statutory and regulatory requirements and to confirm that we are complying with our legal requirements.

How we store your data

Your personal data is held in both hard copy and electronic formats.
Electronic data, including emails, are stored in servers, which are hosted in the UK by our IT providers.

How long we keep your data

If we are providing services to you we will notify you about how long we will keep your data for in our terms of engagement or when we close your matter with us. Our document retention approach is based upon statutory requirements, limitation periods or good business practice. Once the applicable retention period expires, unless we are legally required to keep the data longer, or there are important and justifiable reasons why we should keep it, we will securely delete/destroy the data.

Cookies on our website

Please see separate cookie statement.

Your rights as a data subject

As a data subject, you have the following rights in relation to your personal data processed by us:

  • To be informed about how your data is handled;
  • To gain access to your personal data;
  • To have errors or inaccuracies in your data changed;
  • To have your personal data erased, in limited circumstances;
  • To object to the processing of your personal data for marketing purposes or when the processing is based on the public interest or other legitimate interests;
  • To restrict the processing of your personal data, in limited circumstances;
  • To obtain a copy of some of your data in a commonly used electronic form, in limited circumstances;
  • Rights around how you are affected by any profiling or automated decisions.

Withdrawing consent

If we are relying on your consent to process your data, you may withdraw your consent at any time.

Exercising your rights, queries and complaints

For more information on your rights, if you wish to exercise any right or for any queries you may have or if you wish to make a complaint, please contact our Data Protection Coordinator at nick@x-0advisory.co.uk or 0161 xxx xxxx

Complaints to the Information Commissioner

You have a right to complain to the Information Commissioner's Office (ICO) about the way in which we process your personal data. You can make a complaint on the ICO’s website https://ico.org.uk.