Learn about how I control and process data
The controller is Ross Naylor. If you are a data subject whose data is controlled and/or processed by me, you can contact me at ul. Inflacka 5 M 19, 00-189 Warsaw, Poland, or by email to firstname.lastname@example.org.
The purpose of the controlling and processing in relation to clients is to enable me to perform and improve my business of advising on financial services for clients off the systems of AES Financial Services Limited; this includes being able to carry out due diligence on clients for anti-money laundering, anti-terrorist financing and anti-fraud purposes; to audit and assess risk in our services; to comply with various statutory and regulatory obligations; to market my services to those who may wish to receive them (and in relation to potential clients to consider whether to take them on).
Where a data subject is one of my clients, I will retain records in accordance with Polish statutory regulations, as set out by the Komisja Nadzoru Finansowego.
I may also use data for direct marketing purposes. If I market to you and you are not already a client my further legitimate interest is to provide you with information as a potential client for a reasonable period. I regard one year as a reasonable period after your last interaction with me as a data subject who is not a client, and after this period I shall delete your data unless I have other legitimate interests to maintain in keeping it (such as your becoming a client). See below on your option to opt out of direct marketing.
I do not intentionally process special categories of personal data (for example genetic data) unless such information is necessary towards the provision of my services and I do not use systems to make automated decisions based on client data subjects. Provision of personal data by a client is unavoidable for the purposes of my contracting my services to a client, and if such data is not provided, I will typically not be able to provide my services.
Sharing personal data with others
I may share clients’ personal data with auditors and professional advisers, and those who provide professional services to me for client purposes, such as those providing a client money-handling service, those providing storage services for email records and the like and those providing cloud storage and processing systems; I will also share client data with regulators where required by relevant regulations and law, and/or administrative requirements.
Transfers of data out of the EU
None of the data that I control is transferred outside the EU.
Where I have obtained a data subject’s consent to processing, and other reasons for processing do not apply, the data subject may withdraw consent at any time, but such withdrawal shall not be retroactive in effect. Data subjects may lodge a complaint with the relevant supervisory authority, Prezes Urząd Ochrony Danych Osobowych, whose contact details are in the link.
Direct Marketing – option to opt out
All those in receipt of direct marketing material from me may opt out of it at any time by contacting me as above; if this occurs, I will cease processing the client’s data for direct marketing purposes.
This notice may be updated from time to time.