Privacy Policy

Overview
Article 5 of the GDPR States that Personal Data must be processed lawfully fairly and in a transparent manner. In line with the GDPR changes we are updating our Privacy Notice so you can better understand why and how we collect, process and destroy your data. We are committed to protecting and respecting your privacy. This policy (together with the Terms and Conditions and any other documents referred to in it) sets out the legal basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.

What types of Personal Data do we collect?
We may control, process and use your Personal Data, which may include names, postal addresses, email addresses, telephone numbers or any other Personal Data that you provide to us. We may also, in appropriate cases and to the extent permitted by law, control, process and use certain special categories of Personal Data which are more sensitive in nature (e.g. when undertaking “Know Your Customer” (KYC) or anti-money laundering (AML) checks, we may collect information about any criminal conviction offence that you or the directors of any company might have committed).

Identity of the Firm
Afinishay Capital Limited
c/o Laven Partners Limited
7th Floor (North)
11 Old Jewry
London EC2R 8DU
United Kingdom

Lawful basis for Processing
Where we act as Data Controller, we rely on the following legal basis for Processing your Personal Data:

Data protection officer
The Firm has no regulatory obligations under the GDPR to appoint a DPO; the Firm has no data protection officer (DPO) currently appointed. The GDPR sets out guidelines on when the appointment of a DPO shall be required as follows:

The Firm has instead agreed to name a responsible officer (the “Responsible Officer”) who may be reached on charles@afinishay.com

Purpose of data collected
The personal information we collect is for the following legitimate interest:

Who we share our information with
We will not share personal information about you with third parties without your consent. We are required, by law, to sometimes pass on some of this Personal Data to:

International transfer outside the EEA
The Firm does not transfer your personal information outside of the European Economic Area (EEA) unless the transfer is necessary for one of the reasons set out in the GDPR including the performance of a contract between the Firm and the Data Subject, reasons of public interest, to establish, exercise or defend legal claims or to protect the vital interests of the Data Subject where the Data Subject is physically or legally incapable of giving consent and, in some limited cases, for our legitimate interest.

In these cases, we will follow the GDPR Guidelines in protecting the transfer of data to countries outside the EEA to ensure that the level of data protection afforded to individuals by the GDPR is not undermined.

The Firm will only transfer Personal Data outside the EEA if one of the following conditions applies:

The Data Subject has provided Explicit Consent (Explicit consent is where permission has been given by the Data Subject in writing to the proposed transfer after being informed of any potential risks).

Retention
We will keep your Personal Data for no longer than reasonably necessary. We will retain your personal information in accordance with legal and regulatory requirements as set out in our Data retention policy.

Your rights and your Personal Data
You have a right:

To lodge a complaint with the Information Commissioners Office (the UK Supervisory Authority); you can contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

Not to be subject to a decision based on automated Processing; the Firm does not practice such decision making.

Further Processing
Where we may seek to further process your data other than for the original purpose for which it was collected, the Firm shall only further process such data where the new Processing is compatible with the original purpose.

Safeguarding measures
We take your privacy seriously and take every reasonable measure and precaution to protect and secure your Personal Data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including, without limitation, encryptions.

Special Categories of Data (if applicable)
Owing to the products and services that we offer, such as performance of KYC and other background checks, we sometimes need to process special categories of data which are deemed to be more sensitive in nature. Where we collect such information, we will only request and process the minimum necessary for the specified purpose and identify a compliant legal basis for doing so. Where we rely on your consent for Processing Special Categories Data, we will obtain your explicit consent through electronic means.

Legitimate Interests (if applicable)
We occasionally process your personal information under the Legitimate Interests’ legal basis. Where this is the case, we have carried out a Legitimate Interests’ Assessment (LIA) to ensure that we have weighed your interests and any risk posed to you against our own and that such interests are proportionate and appropriate such as for the purposes of HR, marketing and day-to-day operations.

Marketing
When sending marketing materials to customers, we may have the option to rely on your consent or legitimate interest.

We only use legitimate interests for marketing if we have assessed that the information being sent is beneficial to the customer and have weighed our interests against your own and there is little to no risk posed, the method and content is non-intrusive and the material being sent is something you would usually expect to receive.

Cookies, analytics and traffic data
Cookies are small text files which are transferred from our website, applications or services and stored on your device. We use cookies to help us provide you with a personalised service and to help make our website, applications and services better for you.

We provide the following information with some explanations to ensure transparency to our users:

How to reject cookies, and how to subsequently change the status regarding the cookies.

Cookies we use:

Cookie Name Cookie Owner Cookie Description
DYNSRV Hosting Provider This cookie is believed to be used for load balancing to manage server traffic demand.
wp-settings-time- WordPress WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
wp-setting- WordPress WordPress also sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
wordpress_test_cookie WordPress WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies.
wordpress_sec WordPress Essential WordPress session management cookies for logged in users.
wordpress_logged_in WordPress After login, wordpress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use.

Changes to our Privacy Policy
Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email.

Get In Touch
Afinishay Capital
7th Floor (North)
11 Old Jewry
London EC2R 8DU
+44 (0) 20 7594 4972