ENCOMPASS CORPORATION PRIVACY POLICY

This is the privacy policy of encompass Corporation UK Limited (company number SC493055), whose registered office is at Level 3, 39 St Vincent Place, Glasgow, G1 2ER, telephone +44 (0) 333 772 0002, and e-mail info@encompasscorporation.com. Our Privacy Compliance Officer can be contacted using the information set out in section Contact Information and Complaints.

Our business consists in making available a platform which aggregates data from a multitude of public and private sources which our customers use to comply with their anti-money laundering and counter-terrorism financing policies. We set out below important information about our processing of data relating to living individuals by reference to the purposes for which we do so in the context of our business.

Our Privacy Commitment

encompass Corporation UK Limited is committed to managing your personal information openly and transparently and to keeping your personal information safe. We have published this policy with the view to foster trust in our processes, so that the people with whom we deal understand (as far as possible) what we do and why, in relation to personal data about them, and in order that, if you wish to challenge them, you have information about your rights. We provide additional information where appropriate in the circumstances, but this policy contains as much information as we can make available without reference to particular circumstances.

The Purposes for which we process personal information

The purposes are as follows:

  • Marketing our business
  • Entering into contracts with out customers, partners and suppliers
  • Making available our platform and performing our services
  • Sourcing our data products
  • Keeping records and accounts
  • Operating our business
  • Our website and use of cookies

We have included sections dedicated to describing your rights as an individual, our contact information, and how you can make a complaint.

Marketing

The basis on which we process data

We take pride in our business which thrives because we have a first-class platform and provide services of the highest quality. The market in which we operate is competitive and we must continue to expand. To that end we have a legitimate interest in marketing our platform and services.

The steps we take to attract customers bring us into contact with them directly and indirectly to communicate information about our platform and services. We are not intrusive and always respect the wishes of individuals once we are aware of them.

Types of personal data

We process the following classes of personal data in connection with our marketing:

  • Contact details, including home and business address, telephone numbers, e-mail, and social media contact information, including on Linked-In
  • Position and role within the organisation

We use this data in order to:

  • Communicate with people via telephone, e-mail, SMS text and other forms of electronic communication
  • Send people materials about our business, events and developments relating to anti-money laundering and counter-terrorism financing law and practice
Types of personal data

We process data on the following classes of individual in connection with our direct marketing activities:

  • Current customers
  • Past customers with whom we wish to re-establish a relationship (unless we are instructed not to do so by them)
  • Prospective customers
  • Users who register on our website
Sources of personal data

We conduct our own market research of public sources of information, notably, company websites, directories of professionals, and social media, including LinkedIn. When we attend or hold events we use the information contained in the delegate lists that are provided to us by the event organisers and which, in the case of our own event, we prepare in respect of the invitees and in respect of the actual attendees.

We also obtain information from the individual in question about themselves and whether or not they are interested in receiving more information about our platform and the services.

Disclosures of personal data

We disclose personal information from time to time in the course of our marketing activities to the following recipients:

  • Other professionals or prospective customers, subject to our duties of confidentiality (if any) to the contrary
  • Marketing consultants providing services to us in connection with the development of our business, including the development of marketing campaigns

Entering Into contracts with Our Customer, Partners and Suppliers

The basis on which we process data

In the course of recording you as one of our customers, we process personal data in order to take steps at your request (acting for yourself or the organisation you represent) prior to entering into our customer services agreement.

Types of personal data

We process the following classes of personal data in connection with engaging you or the organisation you represent as a customer:

  • Your name, title, date of birth, address, and contact details
  • Details of a bank account over which you have authority on your own behalf or on behalf of our customer
Sources of personal data

We will always collect personal information directly from the individual unless it is impracticable to do so. This will usually be done through application forms, order forms, over the telephone, in person or over the internet.

Disclosures of personal data

We don’t disclose to anyone any of the information we obtain for this purpose except subsequently in the course of making available our platform and providing our services.

How long we keep personal data

We keep all information about our customers and people associated with our customers for as long we need to do so to make available our platform and provide the services in accordance with our customer services contract, and afterwards in accordance with our policy on record keeping and accounts (see Keeping Records and Accounts)

Making Available Our Platform And Performing Our Services

The basis on which we process data

Once you or the organisation you represent have entered into a contract with us, we are able to provide you with access to our platform and to provide our services. Naturally, it is also in our own legitimate interests to make available our platform and provide our services.

Types of personal data

The nature of any additional information we need to make available our platform and perform our services depends on our customer’s requirements. We obtain the information we need through the forms we ask them to fill in, and questions we ask, or when meeting them or others in person or speaking on the telephone. However, we won’t collect information for which we don’t have a reasonable need.

Sources of personal data
  • The individual themselves
  • Colleagues of the individual
  • People associated with you or our customers, including a partner, member, director or member of staff, suppliers and clients
Disclosures of personal data

Other than in connection with the Operation Of Our Business we don’t disclose your information to any third party in connection with making available our platform or providing our services, except where you or your organisation are also a customer of one of our data providers and our platform is the means by which you are obtaining their data. In those circumstances, we may need to disclose information about you or your organisation in accordance with our contract with the data provider.

How long we keep personal data

We keep all information about our customers and people associated with our customers for as long we need to do so to make available our platform and provide the services in accordance with our customer services contract, and afterwards in accordance with our policy on record keeping and accounts (see Keeping records and accounts).

Sourcing Our Data Products

The basis on which we process data

Our platform enables customers to obtain and visualise data from various public and private sources. For this purpose, we enter into contracts with data providers. In the course of doing so, we obtain and process data from individuals in the context of establishing a relationship with the organisation they represent or with which they are connected or associated. The formation, performance and management of those contracts constitute legitimate interests of ours.

Types of personal data

We process the following classes of personal data in connection with engaging you or the organisation you represent as a customer:

  • Your name, date of birth, address, and contact details
  • Details of a bank account over which you have authority on your own behalf or on behalf of our customer
Sources of personal data

We will always collect personal information directly from the individual unless it is impracticable to do so. This will usually be done through application forms, order forms, over the telephone, in person or over the internet.

Disclosures of personal data

We don’t disclose to anyone any of the information we obtain for this purpose except subsequently in the course of our dealings with the data provider.

How long we keep personal data

We keep all information about data providers and people associated with them for as long we need to do so in accordance with our data provider contract, and afterwards in accordance with our policy on record keeping and accounts (see Keeping records and accounts).

Keeping Records And Accounts

The basis on which we process data

We have a legitimate interest to keep all records relating to our business for our internal purposes and to deal with queries or complaints which may arise.

How long we keep personal data

We keep personal data of customers only where and for so long as it is necessary to fulfil our customer services contract and afterwards for so long as necessary to meet our legal or regulatory obligations or, if longer, for the purposes of handling claims which could be made against us. Our normal practice is to keep information for at least [6 years].

Operating our business

The basis on which we process data

The legal basis on which we deal with people who are not customers or associated with a customer depends on the circumstances. In all cases we make sure that we have a legitimate reason to do so in connection with our business.

We communicate and deal with all manner of people in the ordinary course of our business, whether suppliers, competent authorities, and others incidentally in connection with our business from time to time. In the course of doing so, having regard to the nature and purpose of those dealings, we will obtain and process personal data. We do not use data in our business for any purpose other than for which it was given.

The following parts of this purpose are concerned with the systems we use to process personal data and our processing of personal data for internal purposes. For information on the nature of the data, the classes of individual on whom we process data, the classes of the data, the sources and disclosures of the data, and the period of time which we hold data, please consult the purpose for which we process the data in the question.

Our systems and networks

We process personal data using the following principal systems and networks:

  • A customer relationship management system which is the repository of all information we hold on current, past and target customers
  • Local and wide area networks for the transmission of data within and between our site locations. The communications services which form part of these networks are procured from a third party, and all data transmitted across the networks are transmitted by our staff or representatives or third-parties with whom we are dealing in the course of business
  • Corporate systems for the processing of all other data

Our staff and representatives use computer and communications equipment to access these systems to perform their duties, and in particular workstations, laptop computers, other mobile computing devices and mobile phones. Personal data is stored on these devices appropriate to the use for the time being.

Internal uses of personal data
  • Assist us to run our business and to improve our services and
    performance, including staff training, accounting, and risk management
  • Systems development, developing new products and services and undertaking
    planning, research and statistical analysis
  • Compliance with our legal obligations
  • Corporate governance, management and reporting on a company and group-wide basis
How we protect information

We have implemented appropriate processes and techniques to protect personal information from loss, misuse and interference and from unauthorised access, modification or disclosure. In addition, access to personal information is limited to those who specifically need it to conduct their responsibilities.

Engagement of service providers

We have engaged external service providers to provide the following services:

  • Cloud service providers to host our platform
  • Service providers for the purpose of internal processing such as HR, Payroll, providing conference facilities….

In all cases the service provider is engaged as our processor and the terms of the contract comply with applicable law relating to the processing of personal data.

Our Website and Use of Cookies

Your personal information will not be collected if you are only browsing one of our websites but we do use cookies to better tailor our information and our services to meet your needs.

A cookie is a small piece of text that is placed within the memory of a computer and can be later retrieved by web page servers. Cookies are used to enhance your interaction and convenience in using our website and we do not use cookies to record any of your personal information. Cookies may record information about your visit, including the type of browser and operating system you use, the previous site you visited, your server’s IP address, the pages you access and the information downloaded by you.

While this anonymous statistical data may be aggregated and used in broader statistical analysis by us and our web monitoring service provider to improve our services, we cannot personally identify you as the source of that data until such point as you provide your personal information to us.

Rights of data subjects

Individuals have several rights under EU data protection law in relation to how we process personal data relating to them. These are identified below so far as relevant to the basis on which we process personal data. More information can be obtained from the Information Commissioner’s website at https://ico.org.uk/.

We cannot charge for providing an individual with information when he or she exercise their rights, except that we may charge a reasonable fee based on our administrative costs to provide additional copies where requested in connection with a request to access data, or where we can demonstrate that a request(s) is or are manifestly unfounded or excessive. In the latter case we may alternatively refuse to act on your request.

Transparency of processing

A person has right to receive information on what personal information we have, why and who we share it with.

Right of access

A person is entitled to have confirmed whether we process personal data relating to them, and if so, what personal data we process and to be provided with access to the information, subject to the need to protect the interests of others as appropriate. If you wish to receive a copy of the personal information we hold on you, you may make a subject access request.

Rectification

If personal data are inaccurate or incomplete, the data subject can require that they are corrected.

Right to restrict processing

Data subjects may require that their information be deleted or removed if there is not a compelling reason for us to hold it.

Right to data portability

A copy of personal data can be requested by the data subject for his or her own purposes to use across different services. In certain circumstances, he or she may move, copy or transfer the personal information we hold to another company.

Communication of a personal data breach

Where we are subject to a breach of security which is likely to result in a high risk to individuals about whom we hold data we must communicate the breach to the individuals concerned without undue delay. In some cases, this may be done by public communications. This right is subject to exceptions where measures have been taken to protect the information.

Right to object or withdraw consent

You can object to encompass processing your personal data where it is based on our legitimate interests, in which case we can no longer process the personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

You can object at any time to our use of personal data relating to you in connection with our direct marketing. Where you do so, the personal data shall not afterwards be processed for such purposes.

Where we are processing personal data about you with your consent you can withdraw it at any time.

Contact Information and Complaints

Contact Details

If you have any questions about this Privacy Policy, the personal data we obtain and process about you, or any other privacy-related concerns, please don’t hesitate to contact us at:
encompass Corporation UK Limited
Level 3, 39 St Vincent Place, Glasgow, G1 2ER
For the attention of: Privacy Compliance Officer
E-mail: info@encompasscorporation.com

We will use our best endeavours to address any such concerns thoroughly and in a timely manner. If it is practical to do so, you can contact us without identifying yourself. However, if you choose not to identify yourself, it may be more difficult for us to assist you with your enquiry. This will depend on the nature of your enquiry.

Changes to this policy

From time to time it may be necessary for us to review and revise this privacy policy. We reserve the right to change our privacy policy at any time.

Complaints

If we are unable to resolve your complaint to your satisfaction, you could refer the matter to the Information Commissioner’s Office. Here are the contact details:
https://ico.org.uk/global/contact-us. You may even be able to bring your claim in the courts.

By continuing to use the site, you agree to the use of cookies. more information

our website and use of cookies

Your personal information will not be collected if you are only browsing one of our websites but we do use cookies to better tailor our information and our services to meet your needs.

A cookie is a small piece of text that is placed within the memory of a computer and can be later retrieved by web page servers. Cookies are used to enhance your interaction and convenience in using our website and we do not use cookies to record any of your personal information. Cookies may record information about your visit, including the type of browser and operating system you use, the previous site you visited, your server's IP address, the pages you access and the information downloaded by you.

While this anonymous statistical data may be aggregated and used in broader statistical analysis by us and our web monitoring service provider to improve our services, we cannot personally identify you as the source of that data until such point as you provide your personal information to us.

Close