Why do we have this privacy notice?
We are Titan Wealth Holdings Limited (“Titan”) and treating individuals and their personal information with respect reflects our core values as a business. We want you to know as much as possible about what we do with your personal information. You and your personal information are protected by various laws and guidance and Titan is committed to upholding these and respecting your privacy and keeping your information safe. So, whilst this privacy notice is quite long, we want you to be fully informed.
In this privacy notice any reference to “us”, “we”, “our” or “ourselves” is a reference to the Titan Group (being Titan Wealth Holdings Limited and our subsidiaries) and any reference to “you”, “your” or “yourself” is a reference to you as someone who has a relationship with us in some way, who has contacted us or interacted with us in some way. This privacy notice will not apply in relation to you to the extent you are a current or past, shareholder, director staff member or worker for Titan.
However, this privacy notice will cover you if you interact with us or we process your personal information for any other reason. For example, this privacy notice will cover someone who uses our website or who links to or follows our LinkedIn account, a director or key person on a prospective, new or existing investment, a member of the public who contacts us, or anyone else who is affected by our activities. This privacy notice provides details in accordance with data protection laws about how we collect and use personal information about you during and after your relationship with us.
As this privacy notice covers a wide range of individuals and different types of relationships and interactions with us, not all aspects of this privacy notice may apply to you depending upon the nature of your relationship, interactions with us and why we are processing your personal information. If you have any queries regarding your personal information you can email [email protected].
The controller of your personal information
For the purposes of data protection laws and this privacy notice, we are the controller of your personal information for the processing of your personal information. Being a controller of your personal information means that we are responsible for deciding how we hold and use your personal information. Titan’s registered office is at PO Box 264, Forum 4, Grenville Street, St Helier, Jersey, JE4 8TQ (company number: 132723), but our business address is at 101 Wigmore Street, London, W1U 1QU.
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during or after the period of your interactions with us.
What if you do not provide personal information?
Generally, you are not obliged to provide us with any of your personal information and in some cases failing to provide some of it may have an adverse impact on our ability to interact with you.
If you have queries or concerns just ask!
We are not required to appoint a data protection officer to oversee our compliance with data protection laws. If you have any questions about this privacy notice or how we handle your personal information, please email [email protected].
Changes to this notice
We keep our privacy notice under regular review and we may update this privacy notice from time to time. The current version of this notice is available on our website at www.titanwh.com and by requesting a copy from [email protected]. If there are any material changes to this privacy notice in the future we will let you know, usually by updating the version on our website.
Data protection principles
We are committed to being transparent about how we collect and use your personal information and in meeting our data protection obligations. Data protection laws say that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
To make sure this happens we are required under data protection laws to notify you of the information contained in this privacy notice. It is important that you read this document before you begin interacting with us or deal with us in any way so that you understand how and why we will process your personal information.
What personal information do we collect?
In connection with your relationship or interactions with us, we may collect and process a wide range of personal information about you. This includes:
- Personal contact details such as name, title, address, email address and telephone number(s). Information about your date of birth, age, gender, marital status, next of kin, dependants, family members and emergency contacts.
- Bank account details, financial transactions, payments.
- Any communications between ourselves and you.
- Details of services carried out by you in connection with our relationship with you, details of your interest in and connection with any organisation which supplies any services to us, details of any products or services supplied to us.
- Details of services supplied by us in connection with our relationship with you or your organisation, details of your interest in and connection with any organisation which we supply any services, and information linked with any services supplied by us.
- Business related information, such as where you are a sole trader, a partner or a company director or a key member of staff of a business we have a relationship with.
- Publicly available personal information, including any which you have shared via a public platform, online or on social media and also non-public personal information where you have followed or linked to any of our social media.
- Details of your education or work history including organisations, positions, roles, responsibilities.
- Creditworthiness as we may undertake investigations in order to establish whether to enter into or continue a business relationship with you or your organisation.
- How you use our website as we collect information about the pages you look at and how you use them, usernames, account details and passwords, IP addresses, entry and exit data when you look at or leave our website, details of services that may be of interest to you, online subscription information for example when you ask to receive our updates, browser related information, cookies that are set on your device by our website.
- Identification information including your driving license and/or passport and background checks.
- Details of any queries, complaints, claims and cases involving both us and yourself including any related communications.
- Information from Companies House about you and non-public details of shareholdings, investments or other interests you may have and any dealings you may have in any of them.
- You may give us personal data about you by filling in forms online, corresponding with us by phone, email, in person, or otherwise, or through recruitment or other third party.
- Any other personal information you provide to us.
In cases where it is relevant, we may also collect criminal records information about you, for example an offence committed by you or alleged to have been committed by you that impacts on your relationship with us.
If you are providing us with details of any other individuals they have a right to know and to be aware of what personal information we hold about them, how we collect it and how we use and may share that information. Please share this privacy notice with them. They also have the same rights as set out in this privacy notice in relation to their personal information that we collect.
We aim not to collect personal information about children
Our website, materials and other services we provide are not intended for use by anyone under the age of 18 years and we do not knowingly collect personal information relating to anyone under the age of 18 years old unless for some reason you provide it to us.
Where do we collect your personal information from?
We collect your personal information in a variety of ways and from a variety of sources as set out below:
- Often most of your personal information is collected directly from you, for example through contact with you, from your passport or other identity documents such as your driving licence; from correspondence with you or through interviews, meetings or other interactions with us or other personal information you provide to us.
- If you work for an organisation that has a relationship with us, then we may collect some of your personal information from them.
- From our website, other websites, the internet, LinkedIn page or other platforms including public sources of information.
- Third parties such as Companies House, professional or trade organisations.
- From our website and information technology and communications systems, access control systems and suppliers we use in connection with them.
- From third parties appointed by you, for example any financial or legal advisors.
- From third parties appointed by us, for example legal advisors appointed by us or credit reference agencies, identity or background check providers, data cleansing service providers or market/data research providers, analysis service providers.
- From government or government related bodies, such as the Jersey Financial Services Commission or other financial services regulators, the police, law enforcement authorities, the security services and Disclosure and Barring Service in respect of criminal convictions.
- Third parties including existing Titan employees who refer or nominate you for roles with us, governmental authorities (such as local tax authorities), your named referees who you’ve asked to provide us with references, other publicly available sources such as social media networking sites.
We store personal information relating to you in a range of different places, such as information technology systems (including our email system).
What are our bases for processing your personal information?
We will only use your personal information when the law allows us to. This means we must have one or more legal bases to use your personal information. Most of these will be self-explanatory. The most common legal bases which will apply to our use of your personal information are set out below:
- Where we need to perform the contract we have entered into with you which covers your relationship with us or to take steps to enter into that contract.
- Where we need to comply with a legal obligation which applies to us, for example complying with our regulatory requirements.
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests. We have set out in the section below how we use your personal information together with more details on our legitimate interests.
- Where you have given your consent. Generally, we do not rely on or need your consent for almost all uses we make of your personal information.
Where we are processing any sensitive special category personal information about you (which covers personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning your sex life or sexual orientation) then we also need to have one or more of the following legal bases for using your personal information.
- Where we have your explicit consent to do so.
- Where it is necessary for us to comply with our obligations and exercising our rights in the field of employment law, social security law and social protection law.
- Where we need to protect your vital interests (or someone else’s vital interests).
- Where you have already made public the personal information.
- In establishing, exercising or defending legal claims, whether those claims are against us or by us.
- Where it is necessary in the public interest.
We will not usually process any of these types of special category personal information about you, and in cases where we do process special category personal information about you it will generally be to comply with legal obligations, where you have given your consent or to establish, exercising or defending legal claims. In some cases more than one legal bases may apply to our use of your personal information.
Where we process criminal records information about you, then we will either do so either to comply with legal obligations or with your consent.
How will we use your personal information?
There are many ways we may need to use your personal information in the context of your relationship with us or our use of your personal information. We have set out the main uses below, and indicated the main applicable legal bases of processing, but there may be other specific uses which are linked to or covered by the uses below.
- We may process your personal information to carry out our regulatory activities in relation to you or an organisation you work for or an organisation of which you are a client or customer. This will be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this.
- We may process your personal information to conduct any business or other relationship we have with you or an organisation you work for or an organisation of which you are a client or customer. This may relate to the entry into or performance of a contract with you or your organisation either directly or indirectly, which will be in our legitimate interests and we may also have legal obligations or be exercising a legal right to do this. We may also in some limited cases rely on your consent.
- We may also need to monitor, manage or record our relationship with you or an organisation which you work for, which may involve meetings, assessments, communications with you, decisions regarding your relationship with us. As well as relating to the entry into or the performance of a contract with you either directly or indirectly, this will also be in our legitimate interests.
- We may need to process your personal information for the purposes of carrying out investment due diligence. This is necessary to enable us to enter into and perform contracts with the organisation that you represent. We may also have a legal obligation for such legislative bodies as HMRC, the Jersey Financial Services Commission or other financial services regulator.
- We may need to carry out background, identity or other checks in relation to you to decide whether to enter into a business relationship with you and in some cases to understand whether you are ‘fit and proper’. This will be in our legitimate interests, and in some cases we may have a legal obligation to do so. In some cases we may need to rely on your consent to do this.
- As a business we may have many legal and regulatory obligations connected to our relationship with you, for example to comply with data protection laws, to make filings at Companies House, to ensure equality and equal opportunities or to invoke other legal rights.
- We will also need to keep and maintain proper records relating to your relationship with us or an organisation you work for and information about you which is relevant to that relationship. As well as relating to the entry into or performance of a contract with you either directly or indirectly, this will also be in our legitimate interests, and we may also have legal obligations to do this.
- In some cases we may need to process your personal information to prevent, detect or prosecute criminal activity. This will also be in our legitimate interests, we may also have legal obligations or be exercising a legal right to do this and it will also be in the public interest.
- You may have contacted us about a query, complaint or enquiry and we need to be able to respond to you and deal with the points you have raised. This will also be in our legitimate interests, we may also have legal obligations or be exercising a legal right to do this.
- We may need to gather evidence for and be involved in possible legal cases. As well as relating to the entry into a contract with you or an organisation you work for either directly or indirectly, this will also be in our legitimate interests, we may also have legal obligations or be exercising a legal right to do this and it may also be needed to establish, bring or defend legal claims.
- To ensure effective general business administration and to manage our business. As well as relating to the entry into or performance of a contract which you either directly or indirectly, this will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this.
- To monitor any use you make of our website and social media accounts to ensure network and information security, including preventing unauthorised access to our computer and electronic communications systems and preventing malicious software distribution and also to monitor your use of our website and social media. This will be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this. In relation to social media you may also have already made the personal information public.
- To conduct data analytics and analysis studies and improve our business, use of our website and social media which relates to us. This will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this.
- We may carry out market research, so that we can better understand the organisations we regulate or provide services to. This will also be in our legitimate interests, and we may also have legal obligations or be exercising a legal right to do this.
When processing diversity data, we rely on the legal basis that we have a legitimate interest in doing so and that monitoring equality of opportunity and treatment of individuals is in the public interest.
For recruitment and selection purposes we collect the following information:
- Personal contact details including name, title, addresses, telephone numbers, and personal email addresses, provided by you or the recruitment agency.
- Information to assist us monitor diversity (optional).
- Information from your CV or gained from the sources mentioned below, about your employment history, education, skills, experience, and qualifications; and
- Interview feedback, results of aptitude tests and assessments of your suitability for the role, where applicable.
For referencing and pre-employment screening purposes we collect the following information:
- References from past employers (including regulatory references if required for your role).
- Immigration status, nationality and citizenship and copies of right to work documentation.
- Credit, criminal, identity, financial, fraud and sanctions checks, which include past criminal record, credit history and sanctions status; and
- Academic qualifications checks.
We receive some personal data about candidates for employment from recruitment consultants, our business partners who provide us with candidate information, professional and social media networking sites that you subscribe to, such as Linkedin, your past employers where you have nominated them as referees; credit checking agencies; fraud and sanctions checking agencies; background and criminal records checking agencies; educational establishments from whom you have gained qualifications; and any specialist firms we use to advise us on matters such as visa, immigration or tax requirements for specific situations.
We use information about potential candidates for employment or services contracts with the relevant Titan Group to assess suitability for roles and opportunities that we have available.
We collect certain personal information from recruitment candidates, on a voluntary basis, for the purpose of monitoring and promoting diversity and inclusion within our business. Individuals may choose to provide information such as their socio-economic background, military service, gender identity, ethnicity, disabilities, and/or sexual orientation. There are no consequences for the individual of choosing not to provide us with any diversity data.
We use this data to understand the diversity of our organisation and promote fairness and equality; to benchmark our progress; and to demonstrate to internal and external stakeholders that we are a diverse organisation with an inclusive culture. Diversity data is only used at an aggregate level which does not identify individuals. Your individual data is held securely on our HR system and is not shared with any third party, except the system provider for service and support purposes.
If you submit an application through the Titan’s website recruitment portal, Lever, as operator of the website, will pass the application to the appropriate Titan Group employer entity for the role you have applied for. That Titan entity will be the controller of your information, as potential employer entity, and will be responsible for the selection and recruitment process.
The Titan Group is firmly committed to fostering an inclusive and equitable environment for everyone who works with us, regardless of their race, age, gender, sexual orientation, religion, physical ability or disability, or political affiliation. We believe that having a diverse team allows us to create the best possible outcomes for our clients and team members. We strive to provide equal opportunities in all aspects of the workplace with respect to recruitment and career advancement, pay and benefits, training and development opportunities and other job-related activities.
In addition, we want to ensure accessibility needs are well supported, if you require specific support, please advise us.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you by updating this privacy notice on our website, so please check back regularly for any updates.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. We will rarely need to rely on your consent to process any of your personal information.
Automated decision-making takes place when an electronic system uses personal information to make a decision about that person without any human intervention which produces legal effects concerning them or similarly significantly affects them. We do not currently use this type of automated decision making in our business in relation to you.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision making unless we have a lawful basis for doing so and we have notified you.
Who has internal access to your personal information?
Your personal information may be shared internally with our staff where access to your personal information is necessary for the performance of their roles.
Who do we share your personal information with externally?
When using your personal information we may share it with third parties but we will only do so when it is appropriate and we have a legal basis for doing so. Third parties that we may share your personal information with include:
- Any third party approved by you or where we need to do so to enter into or perform a contract with you.
- An organisation you work for or that represents you if that organisation has a relationship with us.
- Service or product providers to our business, for example information technology services suppliers, credit reference agencies, marketing and public relations service providers.
- If you represent one of our suppliers, to other companies in the supply chain so they can contact you about any supply chain issues.
- Third parties that process personal information on our behalf and in accordance with our instructions, usually suppliers of services to us.
- Purchasers, investors, funders and their advisers if we sell all or part of our business, assets shares or restructure whether by merger, re-organisation or in another way.
- Other members of our group.
- Our legal and other professional advisers, including our auditors or any professional advisors appointed by you, for example a legal advisor or an agency you work with.
- Third party record keepers, for example to make filings at Companies House.
- Social media and other online platforms where relevant to our relationship with you.
- Governmental bodies, HMRC, other regulators (including the Jersey Financial Services Commission and sometimes the ICO), police, law enforcement agencies, security services, courts/tribunals.
- We may also use other service providers for marketing purposes. Marketing use a third-party data partner to store personal data, contact data, and marketing preferences provided by you.
We do not disclose personal information to anyone else except as set out above unless we are legally entitled to do so.
It may be necessary to share your personal information outside of the UK and the European Economic Area (the EEA). We may typically do this when service providers to our business are located outside the EEA. These transfers are subject to special rules under data protection laws and we will ensure that the transfer will be compliant with data protection laws and all personal information will be secure.
Our directors and other key staff working for us may in limited circumstances access personal information from outside of the UK and EEA if they are on holiday abroad outside of the UK or EEA. If they do so they will be using our security measures and the same legal protections will apply that would apply to accessing personal information from our premises in the UK.
In limited circumstances the people to whom we may disclose personal information may be located outside of the UK and EEA and we will not have an existing relationship with them. In these cases we will impose any legally required protections to the personal information as required by law before it is disclosed.
For the purposes of UK and/or European data protection laws (where applicable), your personal data may also be processed outside the UK or EEA when we use suppliers who have global operations, including, as part of our recruitment process. Some of the suppliers we use to provide candidate information, skills assessments, testing, and HR systems, are based outside the UK and/or EEA.
Where required by UK and/or European data protection laws, when we transfer personal data outside the UK or EEA, we will ensure that there are adequate safeguards in place to protect your personal data. Generally, these safeguards will take the form of UK or EU approved standard contractual clauses, unless the supplier has ‘binding corporate rules’ in place within the supplier’s organisation.
If you would like any more details about how we protect your personal information in relation to international transfers, then please email [email protected].
How do we protect your personal information?
We are committed to keeping your personal information safe and secure and so we have numerous security measures in place to protect against the loss, misuse, and alteration of information under our control. We take information security very seriously and will use all reasonable endeavours to protect the integrity and security of the personal information we collect about you.
For how long do we keep your personal information?
The duration for which we retain your personal information will differ depending on the type of information and the reason why we collected it from you. We will hold your personal information for the duration of your relationship with us or the reason we were processing it, and then usually for a further period of up to 6 years after that. This may apply where you are a contact or client we provide services to. However, for some business relationships, for example those relating to land or our leases of premises, we may need to keep records for 12 years or more. Our retention period for candidate personal data, for recruitment purposes, is 2 years.
Whichever time period normally applies, in some cases we may need to keep your personal information for longer, for example if it is still relevant to a dispute or legal case or claim or a regulatory matter.
We will not retain your personal information for longer than necessary for the purposes for which it was collected and it is being used. We do not guarantee to retain your personal information for the whole of the periods set out above; they are usually the maximum period, and in some cases we may keep your personal information for a much shorter period.
For more information please contact us at [email protected].
As an individual whose personal information we collect and process, you have a number of rights. You may:
- Withdraw any consent you have given to us, although this will only be relevant where we are relying on your consent as a basis to use your personal information, but it is an absolute right. Once we have received notification that you have withdrawn your consent, we will no longer process your personal information for the purpose or purposes for which you originally gave your consent, unless we have another legal basis for doing so, but withdrawing consent will not affect use that has already happened.
- Request details about how your personal information is being used. This right is linked with the right of access mentioned below.
- Request access and obtain details of your personal information that we hold (this is commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This means that you can ask us to delete or stop processing your personal information, for example where we no longer have a reason to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (set out below). The right to have data erased does not apply in all circumstances.
- Object to the processing of your personal information where we are relying on a legitimate interest (ours or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Object to direct marketing where we are processing your personal information for direct marketing purposes. This is an absolute right.
- Request the restriction of processing of your personal information. This enables you to ask us to stop processing your personal information for a period if data is inaccurate or there is a dispute about whether or not your interests override our legitimate grounds for processing your personal information.
- Request the transfer of your personal information to another party in certain circumstances.
- Object to certain automated decision-making processes using your personal information.
You should note that some of these rights, for example the right to require us to transfer your personal information to another service provider or the right to object to automated decision making, may not always apply as they have specific requirements and exemptions which apply to them and they may not apply to personal information recorded and stored by us. For example, we do not use automated decision making in relation to your personal information which has legal or other significant effects for you. However, some of your rights have no conditions attached, so your right to withdraw consent or object to processing for direct marketing are absolute rights.
If you would like to exercise any of these rights, please contact us at [email protected].
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person or dealt with by a person who has no right to do so.
Links to third party websites
Our website, newsletters, email updates and other communications may, from time to time, contain links to and from the websites of others. The personal data that you provide through these websites is not subject to this privacy notice and the treatment of your personal data by such websites is not our responsibility.
If you follow a link to any other websites, please note that these websites have their own privacy notices which will set out how your information is collected and processed when visiting those sites.
We hope you don’t have any reason to complain, and we will always try to resolve any issues you have, but you have a right to lodge a complaint with a data protection supervisory authority, in particular in the country where you are habitually resident, where we are based or where an alleged infringement of Data Protection law has taken place. In the UK you can make a complaint to the Information Commissioner’s Office (Tel: 0303 123 1113 or at www.ico.org.uk).
If you have any queries regarding our use of your personal information or this privacy notice then please contact us at [email protected] or write to us at our business address at 101 Wigmore Street, London, W1U 1QU.