Privacy Notice

1. Terms and Definitions

“Company” means NORTH WIND CAPITAL LTD, a private limited company incorporated in England and Wales under registration number 13559798, having its registered office at Office 404 33 St James’s Square, London, United Kingdom, SW1Y 4JS.

“Data Subject” means an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data Protection Lawsmeans Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR) as it forms part of domestic law in the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 (including as further amended or modified by the laws of the United Kingdom or of a part of the United Kingdom from time to time) and the Data Protection Act 2018.

“Group Company” means the Company and/or any of its subsidiaries;

“Personal Data” means any information relating to a Data Subject;

“Privacy Notice” means this document with any additions and modifications hereto made from time to time;

2. Collected Data

The Company acts in compliance with its Data Protection Policy adopted by Written Resolutions of the Director of the Company on April 7, 2022.

The Company may collect the following Personal Data: personal identification information such as name, passport and/or ID details including number, date of issue, date and place of birth, etc., utility bills containing your name, residential address, postal address, email address, phone number, employment information, CV, IP-address or another kind of online identifier, etc.

3. Purpose and means of collecting data

The Data Subjects directly provide the Company with most of the data the Company collects, otherwise the Data Subject’s explicit consent must be given to the Company to enable the Company to collect and process such Data Subject’s Personal Data. The Company collects data and processes data, each time in the scope necessary for the purposes of collection and processing, when the Data Subject:

  • Acts as a counterparty under an agreement / contract / other engagement with the Company and processing is necessary for:

    • the fulfilment of a contract to which the Data Subject is party – for example, a contract to provide services or an employment agreement between the Data Subject and the Company;

    • compliance with a legal obligation – for example anti-money laundering regulations;

  • Has provided consent – for example, opted in to receiving marketing information from the Company;

  • Accedes to the Company’s website.

The Company may also receive Personal Data indirectly, for example, from the Data Subject’s employer if it is a Group Company.

The Company may request the Data Subject to update their Personal Data from time to time, in order to have up-to-date information on the record.

4. How the data may be used

The Company collects and processes Personal Data so that it can:

  • Protect the Company’s legitimate interests in connection with compliance, legal and statutory regulations, claims, audit functions, etc.;

  • Disclose information, as may be necessary, in connection with acquisition, merger or sale of the Company’s business;

  • Carry out obligations or exercising the specific rights of the Company or the Data Subject in connection with employment;

  • Provide Data Subjects with other services and otherwise protect their legitimate rights and interests;

  • Contact the Data Subject by post or email with important notices or other essential information relating to the nature of our engagement.

The Company will not share Personal Data with any third parties unless it is required by law or the Company is under a duty to disclose or share Personal Data in order to comply with any legal obligation, or in order to enforce or apply our standard terms of business and other agreements; or to protect the rights, property, or safety of the Company, its clients, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and risk reduction.

Prior to sharing Personal Data with such partners, the Company will procure binding non-disclosure and data protection obligations to be undertaken by such partners. Such partners may be:

  • entities providing legal, accounting, banking, payroll, audit, tax advice, migration, compliance, corporate and fiduciary services;

  • Consultants, advisors, potential purchasers, investors, as necessary, in connection with the sale, merger or transfer of all or a portion of the Company’s shares or business.

Data Subjects have the right at any time to stop the Company from sharing their Personal Data with third parties under certain conditions, however, this may affect the services provided to such Data Subjects.

In limited circumstances, the Company may be required to share Personal Data with government authorities, or others, to protect the interests of the Company or others, or as required by applicable law or court order.

5. How the Personal Data is stored

Any Personal Data that the Company holds about individuals will be kept safe, secure and confidential.

The Company takes Personal Data appropriate technical and organisational security measures to protect the security of Personal Data against loss, misuse, unauthorized access, disclosure or alteration.

The Company shall not sub-contract any processing of personal data unless that Personal Data continues to be subject to an appropriate level of protection. To the extent that the Company acts as data processor for the Data Subject, the Company shall only process Personal Data in accordance with the Data Subject’s instructions.

If Data Subject is located outside of the UK, provision of Personal Data to the Company constitutes transfer of such data to the UK, a jurisdiction that may not provide a level of data protection equivalent to the laws in the home country of the Data Subject.

The Company will keep Personal Data for 5 years upon termination of the rights and obligations arising out of the engagement. Once this time period has expired, the Company will delete Personal Data of the relevant Data Subject from the relevant folders on its server.

6. Data protection rights

The Company would like to make sure Data Subjects are fully aware of all of their data protection rights. Every Data Subject is entitled to the following:

  • The right to be informed – the right to know what Personal Data is being processed and why, who else the Personal Data can be transferred to.

  • The right to access – the right to request the Company for copies of a Data Subject’s Personal Data.

  • The right to rectification – the right to request that the Company correct any information the Data Subject believes is inaccurate. The Data Subject also has the right to request the Company to complete the information they believe is incomplete.

  • The right to erasure – the right to request that the Company erase Personal Data, under certain conditions.

  • The right to restrict processing – the right to request that the Company restrict the processing of the Data Subject’s Personal Data, under certain conditions.

  • The right to object to processing – the right to object to the Company’s processing of Personal Data, under certain conditions.

  • The right to data portability – the right to request that the Company transfer the data that it has collected to another organization, or directly to the Data Subject, under certain conditions.

  • The rights in relation to automated decision making and profiling – the right not to be subject to a decision based solely on automated processing.

The Company has one month to respond to a request by a Data Subject. If you would like to exercise any of these rights, please contact us.

7. Governing law and changes to our Privacy Notice

This Privacy Notice is governed by English law. The Company keeps its Privacy Notice under regular review and places any updates on this web page. This Privacy Notice was last updated on June 7, 2022.

8. Contact information

If you have any questions about the Company’s Privacy Notice, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: [email protected] 

Or write to us at:

104A Park Street

London W1K 6NY

9. How to contact the appropriate authority

Should you wish to report a complaint or if you feel that the Company has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office at:

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone number: 0303 123 1113

Website: https://ico.org.uk/make-a-complaint/