We collect, use and are responsible for certain personal data about you. When we do so we are subject to applicable data privacy laws.
This policy aims to provide you with information on how we collect and process your personal data through this website, www.smithandcompany.com, when we interact with you to provide you with our products and services or otherwise throughout the course of our dealings with you
Who we are
Personal data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). A data subject is the individual who the personal data relates to.
We may collect and use the following kinds of personal data about you (some of which is subject to you choosing to provide us with it):
- Identity Data including your first and last name.
- Contact Data including your address, email address and mobile phone number.
- Transaction Data including details about products and services you have purchased from us and financial information.
- Profile Data includes services we have provided to you, your interests, preferences, feedback and survey responses.
- Technical Data
This website is not intended for children and we do not knowingly collect data relating to children.
How your personal data is collected
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity and Contact Data by filling in forms, submitting or uploading information to our website, contracting with us for products or services, or by corresponding with us through our website, by phone, email or otherwise.
- Third parties or publicly available sources. We may receive personal data about you from third parties, such as credit reference agencies, customer due diligence providers, analytics providers, such as Google, and through automated monitoring of our website and other technical systems, such as our computer networks and connections, access control systems, communications systems, email and instant messaging systems.
How and why we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- where you have given consent;
- to comply with our legal and regulatory obligations;
- for the performance of a contract with you or to take steps at your request before entering into a contract; or
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
The table below explains what we use your personal data for and why:
|What we use your personal data for||Our reasons|
|Providing and distributing products and services to you||To perform our contract with you or to take steps at your request before entering into a contract|
|Customer service||To effectively perform our contract with you
For our legitimate interests i.e. to make sure we can deliver the best service to you and respond to you when you need us
|Operational reasons, such as improving efficiency, training and quality control||For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you at the best price|
|Preventing and detecting fraud against you or us||For our legitimate interests or those of a third party, i.e. to minimise fraud that could be damaging for you and/or us|
|Ensuring the confidentiality of commercially sensitive information||For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information
To comply with our legal and regulatory obligations
|Conducting checks to identify our customers and verify their identity
Screening for financial and other sanctions or embargoes
Other activities necessary to comply with professional, legal and regulatory obligations that apply to our business, e.g. under health and safety law or rules issued by our professional regulator
|To comply with our legal and regulatory obligations
For our legitimate interests or those of a third party, i.e. to minimise fraud and to prevent consumers registering more than one membership in order to exploit our services.
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||For our legitimate interests i.e. to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy|
|Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies||To comply with our legal and regulatory obligations|
Special Category or Sensitive Personal Data
We will not collect any special category or otherwise sensitive personal data. However, if we do will we ensure we do so in accordance with applicable laws.
Our cookies policy is available on our website.
Where we store your data
You acknowledge and understand that the transmission of information via the internet is not completely secure. Although we will take reasonable and appropriate steps to protect your personal data once we have received it, we cannot guarantee the security of your data transmitted to the Websites. Any transmission is at your own risk. Once we have received your information, we will use appropriate procedures and security features to try to prevent unauthorised access.
Who we may share your personal data with
Where we need to, we may disclose your personal data to other members of our group of companies.
We may disclose your personal data to third parties including the authorities, our advisors, suppliers of IT services and third parties engaged by us for the above-mentioned purposes.
How long your personal data will be kept for
We will not keep your personal data for longer than necessary. Different retention periods apply for different types of personal data. When it is no longer necessary to keep your personal data, we will delete or anonymise it. For further information, please get in touch.
Applicable data privacy laws give rights to individuals in respect of personal data that organisations hold about them. Depending on which applicable laws apply to you, this may include the following:
- Access: the right to be provided with a copy of your personal data.
- Rectification: The right to require us to correct any mistakes in your personal data.
- Erasure (the right to be forgotten): The right to require us to delete your personal data – in certain situations.
- Restriction of processing: The right to require us to restrict processing of your personal data in certain circumstances, for example if you contest the accuracy of the data.
- Data portability: The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party.
- Objection: the right to object at any time to your personal data being processed for direct marketing and in certain other situations to our continued processing of your personal data.
- Not to be subject to automated decision making: The right not to be subject to a decision based solely on automated processing.
If you wish to exercise any of the above-mentioned rights, please contact us,
Links to Third Party Websites
We follow accepted industry standards to protect any personal information you have provided to us. However, please be aware that no method of electronic storage can ever be 100% secure. You may submit any questions you may have about our security procedures by emailing us.
We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order or legal process served on our website.