We are committed to be fair and transparent about why and how we process personal data. Please read this Policy carefully to understand our practices with respect to personal data. If you still have questions, you can contact our Office Manager via email at firstname.lastname@example.org.
Purposes and categories of personal data
As a consulting firm, we regularly receive personal data as part of our legitimate professional activities. Our policy is to collect only the personal data necessary for such purposes. We may collect your personal data:
- If you are a current employee.
For information on why and how personal data is collected and processed by us, existing employees should refer to our Data Protection Policy.
- If you are a business contact (such as client, potential client, supplier,
potential supplier, actual or potential collaborator).
We process your personal data such as name, email, phone, address and other personal data you may provide directly to us, using a contact management software, in order to manage our business and deliver our services, provide advice and deliverables, invite you to specific governance-related events and communicate our thinking on various current issues related to corporate governance.
- If you are a job/intern applicant.
We process your personal data contained in the CVs we receive such as your email address, mobile phone / telephone, education, qualifications and experience in order to assess your qualifications for a position within Nestor Advisors and for the purpose of future recruitment opportunities.
- If you choose to subscribe to our E-newsletter.
We may use your contact details in order to share our thinking and communicate through our E-newsletter but only if you have expressly agreed to receive such communications. You can always withdraw your consent by clicking “unsubscribe” when you receive the respective email or can contact our Marketing Manager by email on email@example.com.
- If you send an email to us.
The message may contain your title, name, email address, and any additional information you may wish to include. We believe that we have a legitimate interest to continue to communicate with you on the matter at hand and on other related matters, as per above.
- If you are a visitor to our website.
Grounds for using your personal information
We rely on the following legal grounds to process your personal information, namely:
- Consent - we may need your consent to use your personal information. You can withdraw your consent by contacting us (see above).
- Performance of a contract - we may need to collect and use your personal information to enter into a contract with you or to perform our obligations under a contract with you.
- Legitimate interest - we may use your personal information for our legitimate interests.
- Compliance with law or regulation - we may use your personal information as necessary to comply with applicable law/regulation.
Security of personal data
We have policies, procedures and training in place covering data protection, confidentiality and information security and regularly review such measures with the objective of ensuring their continuing appropriateness, so as to keep the data we hold secure.
Your rights and how to exercise them
We respect your right to access, correct, request deletion or request restriction of our usage of your personal information as required by applicable law. We also take steps to ensure that the personal information we collect is accurate and up to date. Specifically:
- You have the right to know what personal information we maintain about you;
- We will provide you with a copy of your personal information in a structured, commonly used and machine-readable format on request;
- If your personal information is incorrect or incomplete, you have the right to ask us to update it;
- You have the right to object to our processing of your personal information;
- You can also ask us to delete or restrict how we use your personal information.
All such requests should be addressed to firstname.lastname@example.org.
Disclosing your information
- Where the other party is an affiliate of Nestor Advisors (UK) Ltd or its shareholders.
- In the event that we sell any or all of our business to a buyer.
- In the event we are co-operating with another party on specific events or projects
- Where we are legally required by law to disclose your personal information.
- To further fraud protection and reduce the risk of fraud.
Retaining your personal data
We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected. In the absence of specific legal, regulatory or contractual requirements, our baseline retention period is 10 years.