Privacy policy

Amite Consulting is committed to maintaining the privacy of our customers, suppliers, website visitors and business contacts. This privacy notice sets out how we collect, use and protect your personal information and your rights in relation to your information.

We comply with data protection laws that are applicable in respect of data processing within the UK. Where we have agreed to provide services to a customer, that customer will determine the purposes and the way in which personal data is processed (the Data Controller). In all other cases, Amite Consulting will be the Data Controller.

Information we collect and use

Personal data, or personal information, means any information about an individual from which that person can be identified.  It does not include anonymised data.

We may collect, store, and use your personal information during our business and this may include:

  • personal contact details such as name, title, address, telephone number, email address, job title and name of employer;
  • information relating to the matter in respect of which you are seeking our advice or in which you are involved;
  • information to enable us to carry legal and regulatory checks, such as anti-money laundering checks;
  • information provided by SmartCredit Ltd for the purpose of satisfying our obligations under the anti-money laundering regulations;
  • business information necessary for our business relationship with you, including financial, banking and payment details;
  • information collected from publicly available sources such as Companies House, Linked-in and professional directories as well as from credit agencies;
  • information provided by you for the purpose of attending meetings and events;
  • electronic information (for example, your IP address);
  • “cookies”, which is software that attaches to the hard drive of your computer when you visit our website and allows us to track your movements through our website (please see our cookie policy on our website);
  • when you contact us via our website, information on your preferences; and
  • where you or your organisation is a supplier to Amite Consulting, contact and other information relative to those services.

We may also collect, store and use the following “special categories” of more sensitive personal information:

  • information such as dietary, disability or similar requirements relevant to your attendance at meetings and events; and
  • information about health where it is necessary to do so for the purposes of the services we provide to our customers (in this case, the customer will be the Data Controller and Amite Consulting will be the Data Processor).

How is your personal information collected?

We collect most personal information from you, in a variety of ways:

  • during the provision of our services to our customers;
  • during our business relationship with you;
  • when you visit our website; and
  • when you attend meetings and events arranged by us.

We may sometimes collect additional information from publicly available sources including Companies House, credit reference agencies or government agencies.

How we use your personal data

We use your personal data for the following purposes:

  • to provide you with the advice and services you require;
  • to manage our business relationship with you, including keeping business records about services, payments and business contacts;
  • to comply with our professional, legal and regulatory obligations;
  • to send emails, newsletters and other messages to keep you informed of market insights and of our services, where you have opted to receive these from us;
  • to invite you to events;
  • to seek your feedback, to help us improve our services and relationship with you and to address any concerns which may arise; and
  • to monitor the use of our website and our other technology services for malware and other security threats and to ensure that they are being used appropriately and are not being targeted for unauthorised access or usage.

We do not envisage using your data to make automated decisions about you.

The basis on which we use your personal data

We must have a legal reason to process your personal information. Your information will be processed to meet our legitimate interests, including:

  • the performance of our contracts with our customers;
  • managing and developing our business relationship with our customers and business contacts;
  • understanding how our customers and contacts use our services and website;
  • it is necessary to comply with our legal or regulatory obligations; or
  • it is necessary to deal with legal claims.

We may process sensitive personal data, such as health data where:

  • you have given your express consent for the processing;
  • it is necessary to protect your vital interests or those of another person:
  • it is necessary to deal with legal claims; or
  • it is necessary for substantial public interest, for example to prevent or detect unlawful acts;

With whom do we share your data?

We routinely share your information where required by law, where it is necessary to manage our working relationship with you or where we have another legitimate interest in doing so. This includes sharing data with:

  • other professional advisors instructed on your behalf, including accountants, legal advisers, tax advisors, insolvency practitioners, investment advisers, actuarial advises and pension fund administrators;
  • our suppliers who provide us with their services, including IT and communication suppliers, screening service providers, outsourced business support, marketing and advertising agencies;
  • law enforcement bodies, the courts, our regulators and other competent authorities in accordance with legal or regulatory requirements or good practice;
  • our insurers, brokers, accountants, banks and other third parties who provide services to us; and
  • third parties involved in arranging events to which you have been invited.

We require third parties to respect the security of your data and to treat it in accordance with the law.  All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies.  We do not allow our third-party service providers to use your personal data for their own purposes. 

We may transfer and process your data outside of the UK. Where your personal information is to be transferred outside the UK, we will take reasonable steps to ensure that there are appropriate safeguards to protect your information.

Personal data about others

If you provide us with the personal data of other people (such as your shareholders, beneficial owners, employees and pension fund members), you must ensure that you are entitled to provide this information to us. We will assume that you have done so, and we shall then collect, use and share that data in accordance with this privacy policy.

Data security

We have in place security measures to protect the security of your personal information and keep it confidential. We review these measures regularly to make sure they remain appropriate. We cannot guarantee the security of any third-party application you may use to transmit your data (for example, internet browsers). We limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know.

Data retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, subject to satisfying legal, regulatory, accounting, and reporting requirements. We have a data retention policy which has different retention periods depending on the type of information we hold. We retain customer files for a minimum period of 10 years after the expiry of our contract.

We ask that you only send personal information to us that is necessary for the purpose of fulfilling our legitimate interests. We will review all information that you send to us and delete any personal information that is not required for our legitimate interests.

Your rights of access, correction, erasure, and restriction

It is important that the personal information we hold about you is accurate and current.  Please keep us informed if your personal information changes during your working relationship with us.

You have rights regarding your personal information, including the right in certain circumstances to access, correct or delete your personal information or to restrict or object to our use of it. If you would like to discuss or exercise these rights, please write to us at: Amite Consulting C.I.C. (7-11 Melville Street, Edinburgh, EH3 7PE) enclosing your postal details or email chrismassey@amiteconsulting.com.

You have the right to complain at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues. https://ico.org.uk/.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time. This policy was last updated in May 2019.

About us

Amite Consulting C.I.C. is a Community Interest Company registered in Scotland with registration number SC618645.