article banner

Client service activity

Corporate and Business clients (and individuals associated with them)

We only ask our clients to share personal data with us where it is necessary in order to provide our services or other agreed purposes. We rely on our clients providing any necessary information to the individuals whose data is shared with us regarding its use.

In providing a range of services to our clients, we need to process many categories of personal data about individuals associated with them (such as employees, directors, senior management, trustees, members and their beneficiaries, professional advisors, suppliers), which could include personal identification and contact details, employment related information or financial data.

Generally for our services we do not expect our corporate and business clients to share special categories of personal data (defined as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sex life or sexual orientation) and criminal records. Where this is the case, we rely on our clients having gained the explicit consent of individuals, it being a legal obligation or other lawful basis.

Typically, we collect personal data directly from our clients or from third parties acting on their instructions (eg their suppliers, professional advisors or former service providers).  

We use such personal data collected for the following purposes:

  • Providing professional services: we offer many different services to our clients (see dropdown list at the top of this page) and many of these services require us to process personal data in order to give advice and deliver reports to our clients.
  • Managing our business: in order to run our business effectively we need to process personal data for multiple reasons, including managing our client relationships, developing our business and services, hosting events, and to manage and administer our website, IT systems and applications.
  • Quality, risk and security management systems: to protect our information and our clients’ information (including personal data), we use security measures that involve detecting, investigating and resolving security threats. As a part of the security monitoring we do personal data will be processed (eg automated scanning of emails to identify threats). We monitor the services we provide to our clients for quality purposes this involves processing personal data held on the relevant client file. As a part of our client take-on procedures we will process personal data obtained from publicly available sources (eg sanctions lists, criminal convictions databases, and internet searches) to identify any risks relating to organisations and associated individuals that may prevent us from working with a client or providing a particular service.
  • Providing information about our services: we will use business contact details to provide information about us, our services and activities, including events that we believe will be of interest.
  • Complying with legal, regulatory or professional obligations: as a regulated business, we are subject to various legal, regulatory and professional obligations that require us to keep records which will contain personal data.

Personal clients

We only ask our clients to share personal data with us where it is necessary in order to provide our services or other agreed purposes. We rely on our clients providing the necessary information to the other affected individuals regarding its use (eg family members).

In providing a range of services to personal clients, we process many categories of personal data as appropriate for the type of service including personal identification and contact details, business activities, family information and financial data (eg income, taxation, financial interests and investments).

When required by law or with an individuals’ explicit consent for certain services we will need to process special categories of personal data (defined as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sex life or sexual orientation) and criminal records.

Typically, we will collect personal data directly from our clients or from third parties acting on their instructions (eg their professional advisors or former service providers).

We use such personal data collected for the following purposes:

  • Providing professional services: we offer many different services to our clients (see dropdown list at the top of this page) and many of these services require us to process personal data in order to give advice and deliver reports to our clients.
  • Managing our business: in order to run our business effectively we will need to process personal data for multiple reasons, including managing our client relationships, developing our business and services, hosting events, and to manage and administer our website, IT systems and applications.
  • Quality, risk and security management systems: to protect our information and our clients’ information (including personal data), we use security measures that involve detecting, investigating and resolving security threats. As a part of the security monitoring we do personal data will be processed (eg automated scanning of emails to identify threats). We monitor the services we provide to our clients for quality purposes this involves processing personal data held on the relevant client file. As a part of our client take-on procedures we will process personal data obtained from publicly available sources (eg sanctions lists, criminal convictions databases, and internet searches) to identify any risks relating to organisations and associated individuals that may prevent us from working with a client or providing a particular service.
  • Providing information about our services: we will use contact details to provide information about us, our services and activities, including events that we believe will be of interest.
  • Complying with legal, regulatory or professional obligations: as a regulated business, we are subject to various legal, regulatory and professional obligations that require us to keep records which will contain personal data.