Privacy

Last updated: May 2021

We understand how important your personal data is and are committed to protecting and respecting your privacy.

The UK General Data Protection Regulation (GDPR) regulates the processing of personal data. The UK GDPR seeks to protect your rights to your personal data by setting out, amongst other things, the conditions under which the processing of personal data is lawful, the rights of data subjects and the standards that organisations handling personal data must adopt. This Privacy Notice is issued in compliance with UK GDPR and seeks to explain:

  1. Who we are;
  2. Products and services covered by this Privacy Notice;
  3. How we collect your personal data;
  4. Why we collect your personal data;
  5. How long we hold the personal data;
  6. The conditions under which we can share it with others;
  7. Overseas processing;
  8. How we keep your personal data secure;
  9. Your personal data rights and how to exercise them;
  10. Useful information;
  11. EU GDPR; and
  12. Any further questions.

1. Who we are

ProSearch Asset Solutions Limited (ProSearch) is one company within the Equiniti Group. Our main business is asset reunification services. Our registered address is Aspect House, Spencer Road, Lancing, West Sussex, BN99 6DA and our ICO registration number is: ZA536858.

ProSearch is a ‘Data Controller’. This means that we are responsible for deciding how and why we hold and use personal data about you.

In this Privacy Notice, ‘we’, ‘us’ and ‘our’ will always mean ProSearch, as Data Controller.

If you have questions about your products and services please contact our Customer Experience team on 0800 389 6471

2. Products and services covered by this Privacy Notice

This notice applies to our ProSearch asset reunification services.

3. How we collect your personal data

The personal data we hold includes your name, postal address, email address and phone number, date of birth, financial information and for some transactions we may collect additional information about you such as your National Insurance Number and Nationality to enable us to provide you with your asset reunification option.  

We collect your personal data through a variety of different ways:

Information you provide to us

  • By using our website(s);
  • By corresponding with us by post, phone, e-mail, live-chat or otherwise;
  • Application and registration forms/identification documentation; and
  • Entering surveys.

Information we collect about you when you use our services

  • Images and voice recordings of your communications with us for quality control, training, security and regulatory purposes, but these can also capture your location i.e. use of home landline number; and

Information we receive from third parties

  • As part of our identity and financial crime checking procedures with credit reference agencies, fraud detection agencies and registration or stockbroking industry exchanges as well as public information sources; and
  • From third parties when you have instructed or agreed for them to pass information to us, such as your appointed agents.

Special types of data - The law and other regulations treat some types of personal information as special. We will only collect and use this information if the law allows us to do so:

  • Criminal convictions and offences.
  • Genetic and bio-metric data.
  • Health data including gender.
  • Racial or ethnic origin.
  • Religious or philosophical beliefs.
  • Trade union membership.

Keeping your personal data up to date

It is important to us that the personal data we hold about you is accurate and up to date at all times, but we need your help in doing this. Please help us by ensuring that you let us know as soon as anything needs updating or correcting.

Other people’s personal data

The information you give us in your application form or other related documents, or that we collect through your use of our services, may contain your or another person’s personal data. If you provide us with information about another person, you confirm that they have appointed you to act for them, they consent to you providing their personal data to us and any processing of their personal data and that you have informed them of our identity and the purpose for which their personal data will be processed – as set out in this Privacy Notice.

4. Why we collect your personal data

In the table below we demonstrate why and how we use your personal data as well as providing the legal reasons which we rely upon.

Under Data Protection legislation we must always have a legal reason for processing your personal data. One of the legal reasons is when we use your personal data for our legitimate interests, this is usually when we have a business reason, however, we must always ensure that we take your interests into consideration too, and ensure that the use is fairly balanced. We tell you below when we rely on legitimate interests and what our legitimate interests are.

Why we use your personal data

How we use your personal data

Our legal reasons for using your personal data

Provision of our Services,

o   To facilitate the reunification of assets, this includes updating our internal records and the main Register of Assets held with third parties.

o   Keeping your details up to date and a record of communications we have with you.

o   To complete any transaction that you instruct us to undertake, and any legal obligations we have in relation to the transactions. We are legally obliged to confirm your identity before we can accept your instructions.

o   To provide you with settlement and a settlement notice following completion of our service.

o   To respond to any complaints and / or data rights that you invoke.

o   To notify you about changes to our service and to send you service emails.

o   Processing our administration fee and other fees we collect as part of your reunification service.

o   Enforcing or obtaining settlement of debts owed to us or in relation to investments made on your behalf.

o   We also define our customers to facilitate the calculation of fees.

o   To keep our service secure and permit you safe access to our services.

o   As part of contract preparations and obligations between us and you.

o   With your consent.

o   To comply with legal requirements placed upon us, such as the Data Protection legislation.

o   Our legitimate interests, such as the proper administration of our service and business, for example:

·       Keeping our records up to date.

·       Seeking your consent when we need it to contact you.

·       Operating efficiently.

·       To meet our regulatory requirements.

·       To identify when you are no longer able to use the service.

Prize draws, offers, marketing of our products and services

o   To provide you with the information, products and services that you request from us as part of your reunification choices. This may include information on other entities within the Equiniti Group of Companies that offer complimentary financial services such as foreign exchange services.

 

 

o   As part of contract preparations and obligations between us and you

o   With your consent.

o   Our legitimate interests, namely - the proper administration of our service and business for example:

·       Keeping our records up to date.

·       Seeking your consent when we need it to contact you.

·       Operating efficiently.

·       Enabling and monitoring your use of our services.

Profiling

Understanding our customers: We can place you into groups of customers with similar attributes, such as locations were sterling is not the predominate currency. This is called profiling and we use it to identify how we can best deliver our service to you as well as tailor our service offerings and only provide you with information that is relevant to you.  

 

You can ask us to stop profiling at any time – see section 9 - Your Rights.

o   Our legitimate interests, such as the proper administration of our service and business, for example:

·       Keeping our records up to date.

·       Defining types of customers for new products and services.

·       Seeking your consent when we need it to contact you.

·       Operating efficiently.

·       Enabling and monitoring your use of our services.

 

Financial crime

We analyse your personal data for financial crime and fraud risk purposes in accordance with UK regulations which are placed upon us. This can include:

o   Confirming your identity.

o   Analysing our databases, investigating, detecting and report financial crimes as well as taking measures to prevent financial crime.

o   Developing and improving our financial crime controls.

o   Managing financial risks both to us and to you to do this we can use third parties such as fraud prevention agencies

o   As part of contract preparations and obligations between us and you.

o   With your consent.

o   To comply with legal requirements placed upon us.

o   Our legitimate interests, such as the proper administration of our service and business, for example:

·       Keeping our records up to date.

·       Operating efficiently.

·       Enabling and monitoring your use of our services.

·       To meet our regulatory requirements.

Improving our products and services

 

o   To identify service improvements such as when troubleshooting, undertaking data analysis, using your personal data for research, statistical and survey purposes.

o   To develop and manage our products, brands and services and to calculate how we should structure any fees and charges.

o   How we manage and work with other companies in the delivery of your products and services.

o   To study how you and our other customers use our products and services.

 

o   With your consent.

o   To comply with legal requirements placed upon us.

o   Our legitimate interests, such as the proper administration of our service and business, for example:

·       Keeping our records up to date.

·       Defining types of customers for new products and services.

·       Seeking your consent when we need it to contact you.

·       Operating efficiently.

·       Enabling and monitoring your use of our services.

·       To meet our regulatory requirements.

 

 

If you choose not to give personal information

We need to collect personal information required by law or under the terms of a contract we have with you. If you choose not to give us the personal data we need it can mean that we have to cancel or decline a product or service that you request or have with us. So that you know what information is optional, we make it clear at the time we collect your personal data.

5. How long we hold your personal data

Personal data will not be retained for longer than necessary for us to achieve the purpose for which we obtained your personal data. We will then either securely delete it or anonymise it so that it cannot be linked back to you. We review our retention periods for personal data on a regular basis. We retain your personal data in order:

  • To respond to enquiries and complaints;
  • To demonstrate that your instructions were carried out properly; and
  • To maintain records to meet rules and regulatory requirements that are applicable to the administration of the contract.

For full details of our retention policies, please contact us.

6. The conditions under which we can share your personal data with others

The information we hold about you is confidential and we will only share your personal information to enable us to deliver the product(s) or service(s), examples are as follows:

  • At your request, or with your consent;
  • Other Equiniti Group entities who help us deliver our products and services, such as Equiniti Financial Services Limited and EQ Data;
  • Non Equiniti entities, such as our agents in connection with running accounts and services for you, including:
  • Banks and other payment service providers to make and receive payments.
  • Printers in order to supply you with documentation and statements.
  • Insurance companies - where we need to provide details of your account when we or the corporate issuer make a claim.
  • Service suppliers to facilitate email, IT and administration services.
  • Our professional advisors, for example, our lawyers and technology consultants, when they need it to provide advice to us.
  • Credit reference agencies and fraud detection agencies as part of our identification procedures.
  • To the corporate issuer.
  • Your Official Receiver or appointed insolvency practitioner if we receive notice of your insolvency, bankruptcy or insolvency proceedings / arrangement.

We will only transfer your personal information to trusted third parties who provide sufficient security guarantees and who demonstrate a commitment to compliance with applicable law and this policy. Where third parties are processing personal information on our behalf, they will be required to agree, by contractual means, to process the personal information in accordance with the applicable law. This contract will stipulate, amongst other things, that the third party and its representatives shall act only on our instructions, or as permitted by law.

We are also required to share your personal data with external third parties as follows (but not limited to):

  • Regulators and supervisory authorities;
  • Where the law requires or permits disclosure, or there is a duty to the public to reveal it;
  • When we need to defend or exercise our legal rights or those of a third party;
  • Debt collecting, debt chasing or another agent for enforcing payment of monies owed to us;
  • Efforts to trace you if we lose contact with you e.g. to reunite you with your assets;
  • Police and other law enforcement agencies for the prevention and detection of crime and where a valid permission is applicable;
  • As a result of a court order or other regulatory instruction;
  • Our insurers and insurance brokers where required for underwriting our risks and as part of ongoing risk assessments;
  • We can transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. At all times, we take steps to ensure your privacy rights continue to be protected as per this Privacy Notice.

7. Overseas Processing

Personal data will be shared with members of the Equiniti Group outside of the UK including Equiniti India Private Limited which is based in India, for the purposes described in this Privacy Notice. For these transfers we utilise Model Clauses recognised by the European Commission.

When we contact you via email, one of our service providers uses services outside of the UK. For these transfers, we utilise Model Clauses recognised by the European Commission.

If you would like further information on the standard contractual clauses we use to share personal information within the Equiniti Group, please contact our Data Protection Officer using the details provided in this Privacy Notice.

Please note that information protection laws do vary from country to country. In particular, the law of the country in which you are resident or domiciled may offer a higher standard of protection than the laws in the UK.  Whilst we have taken measures to protect your personal data, the transfer to other countries could result in your personal data being available to governments and other authorities in those countries under their laws.

8. How we keep your personal data secure

We understand how important your personal data is to you and we take appropriate steps to ensure that it remains secure.

We safeguard your personal data across all our computer systems, networks, websites, and offices as much as possible through appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) and our Information Security policies are aligned to ISO 27001, which is an internationally recognised security standard.

We also use secure ways of communicating with you and by telephone we will always ask you security questions to confirm your identity before we discuss matters relating to your reunification service.

Because we cannot guarantee the confidentiality of personal data sent on the internet you should never send your personal details via email.

Security concerns

If you ever receive a communication from us by post, email or by phone that you are concerned it is not genuine, please contact us using the contact details in section 1.

You must immediately inform us if you become aware, or suspect, that someone else is acting on your behalf without your permission.

If you have any concerns about the security of your own personal computers and mobile devices, we suggest you read the advice of Get Safe Online, which can be accessed at www.getsafeonline.org.

9. Your personal data rights and how to exercise them

You have rights in respect of the personal data that we hold about you. They include the right to request a copy of the information that we hold about you, to know about any automated decisions that are made about you and to change your marketing preferences at any time. Details about all of your rights are provided below.

Some of these rights are conditional and depend upon why we are processing your personal data. This means that we cannot always be able to respond to your request in the way that you want. For example:

  • If you ask us to erase your personal data and we are processing the information because we are required to do so because of a legal requirement, we will not be able to delete your personal data;
  • However, if you ask us to erase your personal data and we are processing the information because you provided us with consent (for example as part of a survey response), we will be able to consider and respond to your request.

 

Your rights

 

Explanatory detail

The right to be informed about how we use your personal data.

This Privacy Notice provides you with the details on how we use and process your data.

The right of access to a copy of any personal data ProSearch processes about you, together with certain additional information.

If you request to see your personal data, your initial request will be free of charge; subsequent requests may attract an administration fee. The additional information includes details of the categories and recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data.

The right to request us to rectify or update it.

This will be relevant where the personal data we hold is or has become inaccurate or incomplete, taking into account the purposes of the processing. Please explain why you consider the data inaccurate or incomplete.

The right to request us to erase your personal data in certain circumstances.

 

 

The circumstances when erasure can apply include when we no longer need it to meet a lawful basis for processing unless that basis is consent and you withdraw your consent or you object to the processing or the processing is unlawful.

However, certain exclusions apply - where the processing is necessary for compliance with a legal obligation or to establish, exercise or defend legal claims.

The right to request us to restrict processing it.

This request can be used to stop us processing your personal data: if you disagree over the accuracy of the personal data until we have verified the data; the reason for processing; or if you wish us to retain your personal data for longer than our retention period, e.g. to establish, exercise or defend a legal claim.

The right to request a copy of your information for data portability purposes.

If you have provided personal data to us under contract or because you consented to the processing and use the data by automated means, then you have the right to instruct us to transmit that personal data to you or another data controller in a machine-readable format.

The right to object to us processing your personal data.

You have a right to object to us processing your data where we are processing it for the purpose of legitimate interests.

You can also object to direct marketing communications from us about products, offers, competitions, or services and any profiling that we can perform in relation to direct marketing. You can do this at the point of data collection, through the use of any opt-out functionality on text and emails, via your preference centre or by contacting the helpline service.

You can update your marketing preferences at any time through the use of the opt-out functionality.

You have the right to withdraw your consent at any time. However, this will not affect the lawfulness of processing before the withdrawal.

If you would like to receive the marketing described above, please ensure you have indicated your preferences accordingly.

Rights related to decisions based solely on automated processing.

Where this processing produces legal effects or significantly affects you, you can object to this processing unless the processing is necessary as part of our contract, or is required by legislation.

Right to lodge a complaint with a supervisory authority.

If you wish to raise a complaint on how we have handled your personal data, please contact our Data Protection team who will investigate the matter and report back to you.

If you remain unsatisfied with our response or believe we are not processing your personal data in accordance with the law, you are able to contact the data protection supervisory authority in your country. In the UK, it is the Information Commissioner’s Office (ICO) who regulates Data Controllers compliance with data protection legislation. They can be contacted by email: casework@ico.org.uk; post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; or by telephone: 0303 123 1113.

 

10. Useful information

10.1 - Children (16 years and under) and Vulnerable Adults

We are committed to the privacy protection of children and vulnerable adults. If you are aged 16 or under‚ and we need to process your personal data you must obtain the permission of your parent/guardian before you share your personal data with us. If we are notified that you are a vulnerable adult we will liaise with your authorised representative, once we are in receipt of the appropriate permissions.

10.2 Changes to this policy

We review our use of your personal data regularly. In doing so, we can change what personal data we collect, how we keep it and what we do with it. As a result, we can change this Privacy Notice from time to time to keep it relevant and up to date.

We will endeavour to alert you to these changes so that you can check you are happy with it before proceeding any further. Please look out for notices from us alerting you to these changes and take a moment to ensure that you’re happy with any changes.

By continuing to use our products and services, you will be bound by this Privacy Notice.

However, we will also tell you of the changes where required by law to do so.

This policy was issued 09.03.21. If you require copies of previous versions of ProSearch Privacy Notices, please contact the Data Protection Officer using the contact details noted below.

11. EU GDPR

The European Union adopted the European General Data Protection Regulation (EU GDPR) on May 25, 2018 and you are protected by the provisions of the EU GDPR if you are in the EU.

The information within this Privacy Notice meets the EU GDPR requirements, however, you also have the right to lodge a complaint (as per section 9 above) with your relevant data protection supervisory authority.

12. Any further questions about this Privacy Notice

We hope that this Privacy Notice has been helpful in setting out how we handle your personal data and your rights to control it. If you have any questions that remain unanswered, please visit our Customer Privacy Centre or contact our Data Protection Officer:

  • Online at https:\\privacy.equiniti.com where you will find general information about your rights and how Equiniti safeguards your data; 
  • By email at DPO@equiniti.com;
  • By post at Data Protection Officer, Equiniti, Highdown House, Yeoman Way, Worthing, BN99 3HH; or
  • By telephone UK: 0333 207 5962   International: +44 121 415 0196

Lines are open 8.30am to 5.30pm (UK time), Monday to Friday (excluding public holidays in England and Wales).