Skip to main content

Privacy Policy

Clyde Blowers Capital IM LLP, a Scottish Limited Liability Partnership (Company Number SO301657) and having our registered office and principal place of business at Orbital House, 3 Redwood Crescent, East Kilbride G74 5PA (“CBC” or “we”, “our” or “us”) is committed to protecting the security and privacy of all personal information or data collected from you. We therefore conduct our business in compliance with applicable laws on data privacy protection and data security. This privacy statement tells you what to expect when we collect and process your personal information.

We try to meet the highest standards when processing your personal information. The data controller who is responsible for how we handle your personal information is Clyde Blowers Capital IM LLP. Any queries you have in relation to the same should be directed to spowell@clydeblowers.co.uk.

Information We May Collect from You & How We Use It

We may ask you to provide certain information about yourself when you use our website or are in contact with us about the activities we are engaged in (whether it is by telephone, email, via the forms on our website or even face to face). 

There are four distinct groups we have dealings with. These are:

(1)       business contacts; 

(2)       investors or potential investors;

(3)       actual or potential management teams; and

(4)       suppliers and professional advisers.

In respect of business contacts this includes individuals who email us or whom we may have met at presentations or events or who have been introduced to us by other parties. It also includes individuals who may choose to subscribe to our newsletter or who browse our website. Personal information collected about this group may include: 

  • Details in relation to your identity such as your name and contact details including your postal/e-mail address and phone number;
  • Profile details from documents you complete on-line such as your user name and password, preferences, and interests; 
  • Details of your visits to our website including but not limited to traffic data, location data, weblogs and other communication data and the resources that you access or use.

The personal information we hold about business contacts will be held solely for the following purposes:

  • To invite you to presentations and events and organising meetings with you;
  • To make suggestions that may be of interest to you and keeping you up-to-date regarding our activities and those of our related companies whether by newsletter (where you have requested the same), email or otherwise;
  • To administer our website and business (including webhosting and support).

Our legal basis for doing so under the General Data Protection Regulation EU 2016/679 (“GDPR”) is that such processing is in our legitimate interests in respect of running our business andensuring security and performance of our website. 

In respect of investors or potential investors personal information collected may include:

  • Details in relation to your identity such as your name and contact details including your postal/e-mail address and phone number;
  • Transaction details about investments you have made;
  • Financial details in relation to any investments we may manage on your behalf; 
  • Profile details from documents you complete on-line such as your user name and password, preferences, interests and your transaction history; 
  • Information from customer surveys and feedback forms in respect of any of our activities or investments you may have made;
  • Details of your visits to our website including but not limited to traffic data, location data, weblogs and other communication data and the resources that you access or use.

The personal information we hold about investors or potential investors will be held solely for the following purposes:

  • To comply with our regulatory and legal obligations;
  • For credit and identity verification and fraud detection;
  • To communicate with you regarding corporate actions, to invite you to presentations and events (including AGM’s) and to organise meetings with you;
  • To make suggestions that may be of interest to you, keeping you up-to-date regarding our activities and those of our related companies whether by newsletter, email, or otherwise;
  • To facilitate payments in respect of any investments made by you;
  • To administer our website and business (including web hosting and support).

Our legal basis for doing so under GDPR is either performance of a contract with you, legal obligation or that such processing is in our legitimate interests in respect of running our business and ensuring security and performance of our website.

In respect of actual or potential management teams personal information collected may include:

  • Details in relation to your identity such as your name, nationality and contact details including your postal/e-mail address and phone number;
  • Your CV and employment history and professional activities, references from third parties and results of due diligence to check your suitability as part of a management team; 
  • Details in relation to your financial status; 
  • Profile details from documents you complete on-line such as your user name and password, preferences, interests; 
  • details of your visits to our website including but not limited to traffic data, location data, weblogs and other communication data and the resources that you access or use.

The personal information we hold about actual or potential management teams will be held solely for the following purposes:

  • To assess potential transactions, maintain records of transactions and administering transactions we enter into;
  • To comply with our regulatory and legal obligations including assessing and managing risk;
  • To safeguard our legal rights and interests;
  • To assess your suitability for involvement in a transaction including credit and identity referencing and fraud detection;
  • To organise meetings with you;
  • To make suggestions that may be of interest to you, keeping you up-to-date regarding our activities and those of our related companies whether by newsletter, email, or otherwise;
  • To seek and receive advice from our professional advisers;
  • To administer our website and business (including web hosting and support);
  • To provide periodic business updates to investors, potential investors and others.

Our legal basis for doing so under GDPR is either performance of a contract with you, legal obligation or that such processing is in our legitimate interests in respect of running our business in particular by considering potential investments and administering transactions that we enter into. Legitimate interests also includes ensuring security and performance of our website.

In respect of suppliers and professional advisers personal information collected may include: 

  • Details in relation to your identity such as your name and contact details including your work postal/e-mail address and work phone number, job title and qualifications.  

The personal information we hold about suppliers and professional advisers will be held solely for the following purposes:

  • To administer or maintain records of the services or advice we receive from you; including transaction and financial details about services we have requested or received from you and payments which are due in respect of those services;
  • Transaction details about services you specifically provide us with;
  • Financial details in relation to the provision of any services by you to us.

Our legal basis for doing so under GDPR is either performance of a contract with you, legal obligation or that such processing is in our legitimate interests in respect of running our business.  

Given the nature of our activities, it is extremely unlikely that we will require to collect any sensitive data about any individuals within any of the groups we have dealings with (other than details of your nationality in the case of investors or potential investors or actual or potential management teams). Sensitive data is personal information which includes your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic or biometric data, or information concerning your health or mental wellbeing or sexual orientation. Where we do require to process such sensitive data to in respect of you, we will notify you in advance and will request your express consent in writing to process such sensitive data unless there are some other legitimate grounds which allow us to process such data. 

If you do not wish us to collect any of the personal information stated above, you should discuss this with us. We can explain the reasons for collection and discuss the consequences of not providing the information or of providing partial or incomplete information and the effect this may have on our ability to perform our activities.

Sharing Your Information

We will not sell the personal information that we collect from you and will only use it for the purposes set out in this privacy statement. We may share your personal information with the following parties: 

  • Service providers who provide us with IT and administration services such as our IT Support and back up provider and web hosting company;
  • Other third-party service providers such as referencing services, third-party depositors and cloud service providers that we use;
  • Our associated companies within the Clyde Blowers Group of Companies where you have an interest in their services or products;
  • HMRC and other regulatory authorities who require reporting of our activities by law such as the FCA; 
  • Professional advisers such as our lawyers, accountants, bankers, insurers, financial intermediaries or other consultants; 
  • In relation to actual or potential management teams, other persons who have an interest or involvement in, or who are considering an involvement or interest in, a CBC fund or transaction including co-investors, other providers of finance and investors in our funds; and
  • Third parties to whom we sell, transfer or merge our business or any part of it. 

All third parties with whom we share your data are required to protect your personal data, treat it confidentially and to process it in accordance with the law. Where we use third parties we will take all reasonable steps to ensure that they are GDPR compliant and in particular that: 

  • They have adequate technical and other measures in place to ensure the security of your personal information;
  • That they only use it for specified purposes;
  • That any employees or contractors who have access to the information are adequately trained and deal with it on a need to know basis only;
  • That they act only in accordance with our instructions.

How Long Do We Keep Your Information?

We will only retain your personal information for as long as is necessary in line with the purposes for which it was originally requested or collected or where we are required to do so for some legal or reporting purpose.  

In working out how long we retain personal data we look at the type of personal data involved, the purpose of processing, how sensitive or confidential the data is and at legal and commercial considerations including any legal obligations we have. By way of example by law, we are required to keep accounting records for six years after end of the year in which the last transaction occurred. This means that we will be required to keep some basic details for that purpose even although our relationship with you may be at an end. However, it should be noted that the requirement is basic details and therefore it is not legitimate also to keep information such as your preferences for that period of time.  

If you have any questions relating to either retention periods or require more detail on the purposes of processing or the specific reason or legal grounds we are relying on for that processing, then please contact us for additional information. 

Website Analytics

We may collect information about your computer, including where available your IP address, operating system and browser type, for statistical analysis. This may involve the use of cookies. This statistical data is about our users' browsing actions and patterns and does not identify any individual. Where we use third-party providers such as Google Analytics although these third-party services record data such as your geographical location, device, browser and operating system, none of this information identifies you to us. We do not make and do not allow these third-party services to make any attempt to find out the identities of anyone who visits our website.

Marketing Information

We may provide you with information on our activities. This is regarded as marketing activity. We will only market to you where you have:

  • Specifically requested marketing information from us; or
  • Previously acquired similar services/goods from us; or
  • Consented by way of ticking a box or opt-in to receive marketing from us.

If you have opted out of marketing, we will not send you any future marketing without your consent.  

Each time we market to you we will always give you the right to opt-out of any future marketing but would point out that you have the right at any time to ask us not to market to you at any time by emailing us at spowell@clydeblowers.co.uk rather than waiting on a specific opt-out.

We may use analytics to understand how you interact with content in our e-marketing.

Security of Personal Data 

We take information security very seriously.  Your information and records will be stored securely to ensure privacy of your personal data. We take all reasonable steps to ensure that there are technical and organisational measures of security in place to protect your personal data from unauthorised access to or disclosure of it, and against loss or accidental damage or unauthorised alteration of it. Staff handling your personal data are also adequately trained in relation to the legal requirements for handling personal data. These include robust procedures for dealing with breaches including incident reporting and notifying the Information Commissioner, and where appropriate you, of any breaches, the consequences of the same and the remedial action taken.

Where possible the information you provide us with will be held within the European Economic Area (“EEA”) or within the UK. 

Overseas Transfers

Countries outside of the EEA do not always have similar levels of protection for personal data as those inside the EEA. The law provides that transfers of personal data outside of the EEA is only permitted where that country has adequate safeguards in place for the protection of personal data. Some types of processing may use cloud solutions which can mean information may sometimes be held on servers which are located outside of the EEA or may use processors who are based overseas. 

Where we use cloud-based services or third-party providers of such services and in either or both circumstances the data is processed outside of the EEA that will be regarded as an overseas transfer. Before instigating an overseas transfer, we will ensure that the recipient country and/or processor has security standards at least equivalent to our own and in particular one of the following permitted safeguards applies: 

  • The country in question is deemed to have adequate safeguards in place as determined by the European Commission; or
  • There is a contract or code of conduct in place which has been approved by the European Commission which gives your personal information the same protection it would have had if it was retained within the EEA; or 
  • If the overseas transfer is to the United States, then the transferee is a signatory to the EU-US privacy Shield as all Privacy Shield signatories are obliged to give your personal information the same degree of protection it would have had if it was retained within the EEA.

If none of these safeguards exist, then we may seek your explicit consent for an overseas transfer. In line with your rights as an individual you are free to withdraw this consent at any time.

Your Rights 

You have rights as an individual which you can exercise in relation to the information we hold about you. These rights are:

  • the right to restrict processing of your personal data;
  • the right to rectification or correction of your personal data;
  • the right to object to processing of your personal data;
  • the right of erasure of personal data (also referred to the right to be forgotten); 
  • the right not to be subject to a decision based solely on automated processing or profiling;
  • the right to transfer your personal data (also referred to as the right of portability)
  • the right to withdraw your consent to processing your personal data; and
  • the right of access to your personal data.

Additional information about these rights can be found on the Information Commissioner’s website at www.ico.org.uk/for-organisation/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you have provided consent and we are relying on that as the legal ground of processing your personal information and wish to exercise your right to withdraw that consent you can do so at any time by contacting us at spowell@clydeblowers.co.uk.

Access to Personal Information 

We try to be as open as we can in giving people access to their personal information. You can make a subject access request at any time about the personal information we process about you. Any request requires to be in writing and is not subject to any charges or fees. If we do hold any personal information about you, we will:

  • give you a description of it;
  • tell you why we are holding it;
  • tell you who it has or will be disclosed to; 
  • the source of the information (if not you);
  • where possible, the period for which it will be stored; and  
  • let you have a copy of the information in an intelligible form.

We will respond to a subject access request within 30 days. On occasion, we may need additional information from you to determine your identity or help us find the information more quickly. Where the information you have requested is complex we may take longer than this but shall keep you advised as to progress should this be the case. 

If you believe that any information we hold about you is incorrect or incomplete you should email us at spowell@clydeblowers.co.uk. Any information which is found to be incorrect will be corrected as soon as possible.

Complaints

We would prefer to resolve any issues or concerns you may have direct with you. If you feel you are unable to resolve matters by contacting us directly or are you are unhappy or dissatisfied with how we collect or process your personal information you have the right to complain about it to the Information Commissioner who is the statutory body which over seas data protection law. They can be contacted through www.ico.org.uk/concerns.  

Contact 

Questions, comments and requests regarding this privacy statement are welcomed and should be addressed to spowell@clydeblowers.co.uk. 

Changes to this Privacy Statement

We keep our privacy notice under regular review. This privacy notice was last updated on 25th May 2018.

Back to top