We think it is important that you know what information we collect about you and how we use it.

This policy sets out full details of the information we collect about you and how we use it. Please read this policy carefully. By using our Website, contacting us by telephone, by emailing us or otherwise providing information to us (for example through our social media), you agree to its terms.

We’ve included some links to other websites in this policy. Please note that these websites are controlled by other people, not us, and we are not responsible for them.

Definitions used in this Privacy Policy

The definitions used in our Terms and Conditions and used here in addition to the definitions below.

Data Controller – an individual, company or other organisation who determines how and for what purpose Personal Data is processed. We act as a Data Controller when processing Personal Data relating to our customers;

Data Processor – any person or organisation which processes Personal Data on behalf of a Data Controller (except for an employee of the Data Controller);

Data Subject – a person who is the subject of Personal Data. If you are one of our customers, you are a Data Subject and we are responsible for processing your Personal Data;

EEA European Economic Area

Terms and Conditions the terms and conditions applying to customers available at [URL of AllBright];

Investments the investments which you may purchase, or subscribe using our Service, details of which are set out on the Website [link];

Personal Data – data which relates to a living person, who can be identified from the contents of that data, or from that data when it is combined with information which is in or is likely to come into the possession of the Data Controller, and includes any expression of opinion about the individual and any indication of the intentions of the data controller or any other person in respect of the individual;

Platform the Website on which Our Services are available;

Service – the services we provide in accordance with the Termsand Conditions available here;

Website – means our website that appears at www.allbrightcollctive.com and associated subdomains; we, us, our, means The Allbright Group Limited. For ease of reading these words we, us, our, you and your are not shown in capitals.

1. Your Login Details

If you choose to access the secure areas of our Website, which are designed for Accountholders or Companies only, you are able to access these only with your login details. Your login details should never be shared with anyone else and we recommend that any password or PIN you set is not easily guessable, and changed frequently (at least once a month).

Because we cannot guarantee the confidentiality of information sent on the internet, you should never send your login details via email. Should you wish to contact us about your Account, you should do so by e-mail or by telephone.

2. How We may Communicate with You

Unless you have specified that you do not wish to receive such marketing communications, we may from time to time send you information regarding new products and promotions by email, post or SMS. Additionally, unless you have instructed us not to do so, we may occasionally also contact you by telephone regarding such products or promotions.

You can specify that you do not wish to receive marketing emails from us by sending an email with unsubscribe in the subject field to unsubscribe@allbright.co. If you have registered more than one email address with us, please list all your email addresses to be removed from our marketing emails in the body of the email. Please note that, while we will remove you from future marketing emails, any marketing emails already in production may still be received for a short time after you send us your request.

If you have specified that you do not wish to receive marketing emails from us, we will still send you email messages which you specifically request to receive, or which relate to the provision of the Service you currently receive from us, such important information about your account and regulatory information.

If, having specified that you do not wish to receive marketing communications from us, you then wish to do so, you should email us at unsubscribe@allbright.co or contact Customer Services on the contact details available on our ‘Contact’ page.

3. Security of Communications

If you ever receive a communication from us that you are concerned may be from a third-party impersonatingone of our staff, please contact us immediately. If you are ever concerned that the person calling may not be from us, you can always ask to call us back on telephone number available here.

We will never ask for your client number or password but will ask security questions to confirm your identity before we can discuss matters relating to your Account.

4. How we comply with the Data Protection Act

The Data Protection Act 1998 (the Act) regulates the processing of Personal Data. The Act seeks to protect your rights to your Personal Data by setting out, amongst other things, the conditions under which the processing of personal data is lawful, the rights of Data Subjects and the standards that organisations who deal with Personal Data must adopt.

5. What Personal Data do we Collect?

We only collect information that we will genuinely use for the purposes set out in this policy. Specifically, we collect:

(a) all of the information you choose to submit to us including any information provided by you to us when making an application or registering your interest for our Service along with the information you send us in emails and text messages, or interacting with us on social media platforms (such as Facebook or Twitter);

(b) all of the information provided to us by third-parties such as information provided by your employer or organisations who enable us to carry out identity checks and/or other fraud prevention services;

(c) information otherwise obtained in conjunction with your use of the Website, including any information that you post to your Profile, a Companys Profile, to your weekly watch lists, virtual portfolios, any alerts that you set, questions and answers that you view, widgets used and any preferences listed in my dashboard;

(d) technical information about the devices you use to access our Website. We may collect each device’s unique identifying code (MAC address), relevant IP address, operating system and version, web browser and version, and/or geographic location;

(e) information you provide to us in response to surveys or competitions;

(f) information you send us on email or secure message;

(g) information you give us when you contact via the telephone;

(h) information about the Service you use including on our Website, or via our telephone service, including the time and date of purchase, the Service that you use and details of any relevant payment card (such as a credit or debit card) you use;

(i) information that you send to us as part of the know your client compliance checks;

(j) information on what you view, click on and access in and through our marketing emails and text messages(SMS or MMS), Website. We may collect the time and geographic location of your device when you do so. For our Website, this information may also include where you came to our Website from, and where you went when you left it. We also track how often you visit and use our Website. We do this through the use of email and website cookies. We make cookie policies available on our Website to give you more detailed information on how we use them. The cookie policy for this website is displayed upon first visit and available upon request.

(k) information collected independently by online advertising networks through whom we place advertisements(eg Google Analytics). The information we obtain varies from network to network. It often summarises the actions of lots of people and so does not enable us to identify you individually. It relates to what you view, click on, and access to websites in their network, including the subject matter of the website you started at and where you subsequently go. It may also include their analysis of your behavior across the wider internet and a profile of you. If you are unhappy about this happening you should look out for settings and Do Not Track options in online advertisements and in the privacy and cookies functionality on your devices and consider changing your settings to block third party cookies in particular. We do not control the information on you that such networks obtain or the technology they use to do so.

(l) the information you give us in your application form or other related documents or your use of our Service, may contain your or another person’s Personal Data. If you provide us with information about another person, you confirm that they have appointed you to act for them, they consent to you providing their Personal Data to us and any processing of their Personal Data and that you have informed them of our identity and the purpose (as set out below) for which their Personal Data will be processed (as set out in this policy).

6. How do we use Your Personal Data

The Purposes for which we may process your Personal Data include:

(a) providing our Service to you;

(b) where you have requested a service from third-party providers, introducing you to third-party providers and sharing your Personal Data with such third-party providers, (e.g. a third party who will store your payment card details where you have opted to store those details with us) for this purpose;

(c) unless you have specified that you do not wish to receive marketing communications from us, marketing to you of our financial services and products, or other products of a similar or complementary nature;

(d) the release of your name, address, email address and telephone number to market research organisations for the purpose of confidential market research surveys carried out by post, telephone or electronically on our behalf(but only when you have told us you are happy for us to do so);

(e) the compliance with a request you make of us;

(f) verification of identity checks and bank details, including use of the services of a credit reference agency or fraud prevention agencies;

(g) the transfer of information to the Official Receiver or appointed insolvency practitioner(s) for the administration of your Account, if we receive notice of or are informed of your insolvency or bankruptcy, or of any insolvency proceedings/arrangements;

(h) enforcing or obtaining settlement of debts owed to us or in relation to investments made on your behalf, including sharing your information with any debt collection, debt tracing or other agent for these purposes;

(i) any use of your Personal Data to comply with legal or regulatory obligations, including disclosing Personal Data to a third party if we are required (or reasonably believe we are required) to do so by law, or if we are requested to disclose information to the Financial Conduct Authority, HM Revenue & Customs or any other regulatory or fiscal authority in any country, the London Stock Exchange plc and ICAP or the operator of any market on which you may hold investments;

(j) sharing with HM Revenue & Customs and/or any domestic and/or any foreign tax authority any information or documentation that you have provided to us with respect to your liability to tax in any jurisdiction (both within the UK and, if applicable, internationally) and/or in response to requests from such authorities;

(k) where you have requested to take part in an initial placement offering (IPO), retail Bond offering, any similar offering, or hold any investment, we may provide such information relating to your request or holding as may be reasonably requested by the issuer of that investment, or any managers acting on their behalf, in connection with the offer or issue of that investment;

(l) to provide you with our Website, which requires a certain amount of technical information to be collected in order to work properly;

(m) to power security measures and related services relating to your access to our Website, for example, to enable us to recognise your username and password, but also reset those if you forget them;

(n) to gather feedback from you about our products, Website, other services and activities from time to time. We may invite you to provide this feedback on occasion, for example by emailing you to ask you if you would like to review a product you have bought or a service you have used. We may use independent research and feedback providers to do so on our behalf;

(o) to contact you from time to time about things you have told us you want to hear about, for example our products, news, offers, new competitions and sponsored events;

(p) to respond to any questions, suggestions, issues or complaints you have raised with us;

(q) to communicate with you about operational changes to our products, services, Website, for example if we were to withdraw one of our products, or change this privacy policy;

(r) to gather statistics about how you and other people use our Website, and what you think of our adverts, offers, news, product information, competitions, sponsored events, social media and other digital content. We then analyse these statistics to understand if these things appear interesting and meet most peoples needs, or if they should be improved, and if so, what design or other changes (e.g. around the nature and timing of communications) would be most beneficial both for our customers and for our business;

(s) to carry out segmentation of our customer database, along with propensity modeling (a customer insight technique which involves analysing past observations to predict future customer behavior) and create event triggers for specific categories of customer for marketing and servicing purposes;

(t) to make national declarations which we have to provide to CREST for onward transmission to the registrar;

(u) to monitor use of our Website to see if they are being abused or threatened for example by people posting inappropriate comments on our community boards or by potential hackers looking to undermine their security;

(v) to protect you and our business against any other potentially criminal behavior, including potential identity theft and fraud;

(w) to maintain administrative and statutory records about our business to enable us to understand what we have sold, how, when, where and at what price and account to the tax authorities for the related taxes that we have to pay;

(x) in the process of anonymising your information so that you are no longer identifiable to us; and

(y) to test new systems and processes as we roll them out (but generally only in anonymous form to make sure they work and will meet the high expectations we set for ourselves).

7. Who do we Share Your Information with?

In order to run our business and provide you with many of our products and service, we sometimes have to pass your information to other people and businesses as set out below.

We share the information we collect with:

(a) all of our group companies, brands and business units that have relationships with our customers and users.

(b) third-party service providers where this is necessary for the purpose of continuing to provide the Service to you;

(c) other people and businesses who help us provide our Website, and related services to you, for example, information technology companies who design and host our Websites, and payment services companies who enable us to store details of and allow you to use payment cards with us;

(d) our insurers and insurance brokers, where required in order for us to be able to obtain insurance against risks we face in running our business. They may retain this information for the purpose of ongoing risk assessment and insurance broking and underwriting services;

(e) credit reference agencies and banks and finance companies who provide anti-fraud and identity information to us. Where we do so for anti-fraud purposes, the recipient organisation may hold your information on file for the purposes of their fraud-prevention services in the future;

(f) our professional advisors, for example, our lawyers and technology consultants when they need it to provide advice to us;

(g) the Police, local authorities, Her Majestys Revenue and Customs (HMRC) the Courts and any other central or local government bodies where they request it and we may lawfully disclose it, for example for the prevention and detection of crime;

(h) other people who make a subject access request to us, where we are allowed to do so by law (see subject access requests below); and

(i) any new business partners we may have over time, for example a joint venture, reorganisation, business merger or sale affecting us.

We also may share the information we collect where we are legally obliged to do so, for example e.g. to comply with a court order.

8. Social Media, Blogs, Reviews, and Similar Services

Any social media posts or comments you make to us (e.g. on our own Facebook page) will be shared under the terms of the relevant social media platform (e.g. Facebook or Twitter) on which they are made and could be made public by that platform. These platforms are controlled by other organisations and so we are not responsible for this sharing. You should review the terms and conditions and privacy policies of the social media platforms you use to ensure you understand how they will use your information, what information relating to you they will place in the public domain and how you can stop them from doing so if you are unhappy about it.

Any blog, review or other posts or comments you make about us, our products and our Service on any of our blog, review or user community services will be shared with all other members of that service and the public at large.

You are responsible for ensuring that any comments you make comply with any relevant policy on acceptable use of those services.

9. Security of Your Information

Much of the information we receive is provided electronically, originating with your relevant device and then transmitted to us by your relevant telecoms network provider.

Where it is within our control, we put measures in place to ensure that whilst the data is in transmission from your device to us, this data is reasonably secure.

Once your information is received by us, we take its security very seriously.

We use appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, networks, websites, offices and stores as much as possible.

In particular, our Information Security policy set is aligned to ISO027001 which is an internationally recognised security standard.

We also use secure means to communicate with you where appropriate, such as https and other security and encryption protocols.

Transfer of Personal Data outside of the EEA

Although we are a business based in the UK, it may be necessary for providing the Service to you, for your personal data to be processed in countries outside the EEA which may not have the same data protection laws as the United Kingdom or other countries in the EEA.

Please note that information protection laws do vary from country to country. Our transfer of information to other countries could result in that information being available to government and other authorities in those countries under their laws.

By using our Service you agree to this international transfer, storing and processing.

10. How long we may hold Personal Data for

Personal Data will not be retained for longer than necessary for us to achieve the purpose for which we obtained that data. In addition, we are required by law or by rules made by the Financial Conduct Authority to retain certain types of information for specified time periods.

We will then either securely delete it or anonymise it so that it cannot be linked back to you.

11. Managing your information and subject access requests

You can contact us to discuss your information at any point in time using the details provided below.

It is very important to us that all the information we hold about you remains accurate and up-to-date at all times to reduce the chances of us having a misunderstanding. We try hard to make sure this is the case at all times regardless of what information we hold about you. We need your help in doing so though. If you have any online account with us, please ensure that the information you provide to us through that account (e.g. any contact information you provide)remains accurate and up-to-date. Please review and update it regularly.

If you have reason to believe any of the information we have collected from you may be inaccurate, and you cannot correct such inaccuracy yourself through your registered accounts with us, please contact us (see below for how to do this).

You have certain rights under the Act in relation to your Personal Data, known as subject access rights. These rights include, but are not limited to, the right to request a copy of the Personal Data we hold which relates to you.

To make a subject access request, please write to [Enterprise Investment Partners LLP, 1-6 Speedy Place, London WC1H 8BU]. We may have to ask you to provide evidence of your identity, or provide more information before we can respond to your request.

In addition to subject access, you can ask us to have one of our staff review a decision about you which has been taken automatically by computer. One common example is if we decline an order you place with us online for anti-fraud or credit check reasons. Please note that these decisions can come about due to policy decisions are taken by banks, card and payment processing companies, and credit reference agencies who separately hold information about you and to resolve them you may have to speak to them directly.

We reserve the right to charge you a small administration fee to meet our costs in honoring your legal rights, where permitted by the relevant law.

We reserve the right not to comply with any requests we receive where we may lawfully do so, for example, if we reasonably believe a request to be malicious, technically very onerous, to involve disproportionate effort or harmful to the rights of others.

If you have any complaints about our use of your information, please contact us. We will do our very best to resolve any complaint to your satisfaction. You have a right to complain to the UK Information Commissioners Office(or ICO). Please see the section Where to go if you want more information about your privacy rights for further details.

12. Monitoring

For quality control, training, security and regulatory purposes, we may monitor and/or record your communications with us.

13. Updates to this Privacy Policy

We review our use of your information regularly. In doing so, we may change what we collect, how we keep it and what we will do with it.

As a result, we will need to change this policy from time to time to keep it accurate and up to date.

If we change this policy, we will endeavor to tell you about it. That way you can check to see if you are happy with our policy, before proceeding any further. Please look out for notices from us.

If, following any changes, you continue to use our Website, contact us by telephone or otherwise provide information to us (for example through our stores or social media) we will take it that you agree to those changes.

14. About Us

Our registered company number is 10154770 and our registered address is Lansdell & Rose Niddry Lodge, 51 Holland Street, London W8 7JB.

15. Where to get Further Information about Your Privacy Rights

The ICO regulates data protection and privacy matters in the UK.

They make a lot of information available to consumers on their website https://ico.org.uk.

They make the registered details of all data controllers such as Darwin available publicly.

You can make a complaint to the ICO about our use of your information at any time. As mentioned above, please consider raising any issue or complaint you have with us first though. Your satisfaction is very important to us, and we strive to solve all problems and complaints wherever possible.

16. Contact Us

If you want any further information about our use of your information, our Website or have any other privacy questions relating to us, we’d be happy to help you.

Our contact details are set out on our ‘Contact’ page, accessible in the menu.

Last revision date: November 2016