Privacy Policy

Introduction

This Privacy Policy will help you understand how Kession Capital Limited (“We/Us”/Our”) collect, use and protect your personal data. We will only collect and use personal data in ways that are described here, and in a manner that is consistent with Our obligations and your rights under the law.

This Policy only applies to your use of Our site at www.kession.com (the “Site”). Our Site may contain links to other websites. Please note that We have no control over how your data is collected, stored or used by other websites and We advise you to check the privacy policies of any such websites before providing data to them.

Please read this Privacy Policy carefully and ensure you understand it. You acknowledge that by providing your personal data to Us, you consent to Us using it in the manner outlined in this policy.

About Us

Kession Capital Limited is a limited company registered in England (Registered Number 07987057), trading address: Hyde House, The Hyde, London NW9 6LH. We are authorised and regulated by the Financial Conduct Authority, firm reference number: 582160.

We are the Data Controller and the Processor. We undertake data processing within the EEA.

How We use your information

This Privacy Policy tells you what to expect when We collect personal information.

We provide a range of Financial Services to Our customers. We process the data provided by you and other sources to deliver the appropriate products and services.

We collect personal and non-personal data as part of providing services to you.

We also monitor and record calls, emails and any other communications in accordance with UK law.

We collect and process the following data about you;

  • Information that you provide by filling in forms on Our Site e.g. name, address; contact information, business/company name;
  • Information that you provide to Us by telephone; e-mail or face to face, and
  • If you contact Us, We may keep a copy of that correspondence.

How We use your data

All personal data is processed and stored securely. We will comply with Our obligations and safeguard your rights under the General Data Protection Regulations (GDPR) at all times.

We will use your data for the following purposes:

  • Providing and managing your Account;
  • Providing and managing your access to Our Site;
  • Personalising and tailoring Our services for you;
  • Replying to emails from you;
  • Supplying you with emails that you have opted into (Click here to unsubscribe) at any time, and
  • Market research.

With your permission, We will also use your information for marketing purposes which may include contacting you by email, telephone and post with information, news and offers regarding Our products and services. You have the right to withdraw your consent to Us using your personal data at any time, and to request We delete it. (For further information, please refer to the section below on “Your Rights”).

How and where We store your data

We only keep your personal data for as long as We need to in order to use it as described in this policy, and for as long as We have your permission to keep it. In order for Us to ensure that We are keeping your data for the correct purpose We will annually do as follows:

  • Review the length of time We keep your personal data;
  • Consider the purpose or purposes for which We hold the information in deciding whether (and for how long) to retain it;
  • Securely delete information that is no longer needed for this purpose or these purposes, and
  • Update, archive or securely delete information if it goes out of date.

Data Security

Data security is very important to Us and, in order to protect your data, We have taken suitable measures to safeguard and secure data collected through Our Site, using a third-party service to help maintain the security and performance of the Site. To deliver this service, it processes the IP addresses of visitors to Our Site.

How do We share your data?

We may share your data with other companies in Our group and with third party service providers (data processors), such as insurance providers, compliance, and other agents relevant to the business activity. Where any of the data is required for such a purpose, We will take reasonable steps to ensure that your data will be handled safely, securely and in accordance with your rights, Our obligations and the obligations of the third party under the applicable law.

We would like to bring to your attention Our obligation to disclose data in the following four examples permitted by law, and the other situations set out below. These are:

  • Where We are legally compelled to do so;
  • Where there is a duty to the public to disclose;
  • Where disclosure is required to protect Our interest, and
  • Where disclosure is made at your request or with your consent.

Data Processors

Data processors are third parties who provide elements of Our service on Our behalf. We have contracts in place with Our data processors meaning that they cannot do anything with your personal information unless We have instructed them to do so. They will not share your personal information with any organisation apart from Us. They will hold it securely and retain it for the period We instruct. The data processors/third parties We use include:

  • Banking arrangements: Santander
  • Legal opinion where required: Mark Archer, Maddox Legal
  • Sanctions and PEPs checking (Anti Money laundering): World Checks/ Complians
  • Client Money and Audit requirements: Jeff Lermer & Associates
  • Third Party Servers: Dropbox, Inc. and Google

Visitors to Our Site

When someone visits Our Site, We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the Site. This information is only processed in a way which does not identify anyone. We do not make and do not allow Google to make any attempt to find out the identities of those visiting Our Site.

How can you control your data?

When you submit personal data via Our site, you may be given the option to restrict Our use of your data. In particular, in regards to direct marketing purposes, you can opt out from receiving emails from Us and unsubscribe by using links provided in Our emails and at the point of providing your details.

Withdrawing your consent

You may withdraw your consent to Us using, disclosing and processing your personal data for a particular purpose(s) at any time.

To notify Us that you wish to withdraw your consent to Us using and sharing your personal data for a particular purpose(s), please complete the form and send it Us by email or post to info@kession.com

Mike Kessler
Kession Capital Limited
7th Floor
Hyde House
Edgware Road
London
NW9 6LH

Use of Our cookies

A Cookie is a small text file that is placed and stored on your computer, mobile or other devices by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information about visitor behaviours to the website owner. The Cookies collect information in an anonymous form, including the number of visitors to the website and blog, where visitors have come to the website from and the pages they visited. All cookies used by and on Our Site are used in accordance with the current Cookie Law.

Before Cookies are placed on your computer or device, you will be shown a pop-up prompt requesting your consent to set those Cookies. By giving your consent here you are enabling Us to provide the best possible experience and service to you.

Certain features on Our Site depend on Cookies to function. Law deems these Cookies to be ‘strictly necessary’. These Cookies are shown in the table below, your consent will not be sought to place these Cookies, but it is important that you are still aware of them. You may still block these Cookies by changing your internet browser’s settings.

If you wish to deny consent to the placing of Cookies, however, certain features of Our Site may not function fully or as intended. You can also choose to delete Cookies on your computer or device at any time. Here is a list of the Cookies We use:

Cookie Name Purpose
cfduid The cfduid cookie is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For example, if the visitor is in a coffee shop where there are a bunch of infected machines, but the specific visitor’s machine is trusted (e.g. because they’ve completed a challenge within your Challenge Passage period), the cookie allows Us to identify that client and not challenge them again. It does not correspond to any user ID in your web application and does not store any personally identifiable information. because Cloudflare uses this cookie to identify both HTTP and HTTPS requests from known clients, We do not set the “secure” flag on it. This is not a risk, however, as mentioned above the cookie does not contain sensitive data. This cookie is strictly necessary for Cloudflare’s security features and cannot be turned off.
1P_JAR This cookie is used by Google to gather website statistics, and track conversion rates.
SNID, SID, SS, SAPISID, APISID, SSID, HSID, NID, PREF Google set several cookies on any page that includes Google Maps. While We have no control over the cookies set by Google, they appear to include a mixture of pieces of information to measure the number and behaviour of Google Maps users. Used by Google to store user preferences and information of Google maps.
SIDCC Security cookie to protect user’s data from unauthorised access.
catAccCookies Cookie set by the UK cookie consent plugin to record that you accept the fact that the site uses cookies.
Lang This domain is owned by Twitter. The main business activity is: Social Networking Services. Where twitter acts as a third-party host, it collects data through a range of plug-ins and integrations, that is primarily used for tracking and targeting. Twitter does not currently provide information on the use of specific cookies.
wp-settings-1 WordPress also sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the user’s database table. This is used to customise your view of admin interface, and possibly also the main site interface.
wp-settings-time-1 WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the user’s database table. This is used to customise your view of admin interface, and possibly also the main site interface.
_twitter_sess, ct0, external_referer, guest_id, personalization_id These cookies are used by the social networks to allow you to share any of Our pages with your network – however, nothing is shared without your explicit request to do so.

Blogging

We use a third-party service, Twitter, to publish Our blog and some of Our conference microsites. These sites are hosted at https://twitter.com/kessioncapital?lang=en which is run by Twitter. Twitter requires visitors that want to post a comment to enter a name and email address. For more information about how Twitter processes data, please see Twitter’s privacy notice.

People who email Us

Any email sent to Us, including any attachments, may be monitored and used by Us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to Us is within the bounds of the law.

Disclosure of personal information

We would like to bring to your attention Our obligation to disclose data in the following four examples permitted by law, and the other situations set out below. These are:

  • Where We are legally compelled to do so;
  • Where there is a duty to the public to disclose;
  • Where disclosure is required to protect Our interest, and
  • Where disclosure is made at your request or with your consent.

Making a complaint to Us

When We receive a complaint from an individual, We make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information We collect to process the complaint and to check on the level of service We provide. We usually must disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute.

Also, We usually must disclose details of the complaint to Our professional Indemnity Insurance Broker and Insurer.

We may be required to provide a copy of Our file to the Financial Ombudsman Service should an adjudicator be required to consider the complaint case.

We are required to disclose to The Financial Conduct Authority (FCA) high-level analytics concerning the number and nature of complaints received. This data does not include names or details that identify the specific data subject.

We will keep personal information contained in complaint files in line with Our retention policy. This means that information relating to a complaint will be retained for 5 years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

Job applicants, current and former employees

Kession is the data controller for the information you provide during the process. All the information you provide during the process will only be used for progressing your application, or to fulfil legal or regulatory requirements. Should you have any queries about the process or how We handle your information, please contact Us at info@kession.com

Your rights

From 25 May 2018, the General Data Protection Regulations (GDPR) come into force. Under the Data Protection Act 1998, you have the following rights as an individual which you can exercise in relation to the information We hold about you.

As a data subject, you have the following rights under the GDPR, which this Policy and Our use of personal data have been designed to uphold: The right to be informed about Our collection and use of personal data;

Right to access personal information

Data subjects may submit a Subject Access Request – to obtain a copy of the personal data that We hold about them in a structured and portable manner.

To make a Subject Access Request please write to:

Mike Kessler
Kession Capital Limited
7th Floor
Hyde House
Edgware Road
London
NW9 6LH

You will need to provide the following documentation for verification purposes:

  1. Your full name, address and any reference number We hold for you,
  2. Identification documents showing name, address and signature;
    • A copy of your driving licence (shows all 3) or
    • A copy of your passport and a recent utility bill or bank statement.

The right of rectification

We will seek to ensure that inaccurate or incomplete data will be rectified. The right to rectification if any personal data We hold about you is inaccurate or incomplete (please contact Us using the details above).

The right of data subjects to erasure (Right to be forgotten)

You can notify Us if you wish to exercise your right to erasure. Such a withdrawal of consent does not affect the lawfulness of processing based on consent prior to the withdrawal. Data subjects that exercise this right will be removed from any marketing or future contact.

Kession Capital Limited may retain a copy of any personal data if the processing is necessary for the establishment, exercise or defence of legal claims.

The right to restrict

Where you contest the accuracy of your personal data, We will restrict the processing until both parties have verified the accuracy of the personal data.
If the processing has been unlawful you may oppose erasure and request restriction instead.
If We no longer need your personal data but you require the data to establish, exercise or defend a legal claim.

The right of portability

The right to data portability allows you to obtain and reuse your personal data for your own purposes across different services. It will allow you to move, copy or transfer your personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability.

The right to object to processing for the purposes of direct marketing

Data subjects may notify Us if they wish to exercise their right to be removed from any direct marketing activities. Kession Capital Limited may still contact the data subject to fulfil any contractual obligations concerning the policies and services provided.

Changes to Our Privacy Policy

When We change the contents/conditions of Our existing privacy statements and or notices We will take all measures necessary to ensure that any changes are communicated to you in such a way that will ensure that you will actually notice them and read them.

This means, for example, that a notification of changes will be communicated by way of an appropriate means (e.g. email/ hard copy letter etc.) specifically devoted to those changes.

The right to make a complaint

If you have any cause for complaint about Our use of your personal data, please contact Us using info@kession.com. We will do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. https://ico.org.uk/global/contact-Us/

For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.

How to contact Us

If you want to request information about Our Privacy Policy, you can contact Us:

Email Us on: info@kession.com

Call Us on: 0207 558 8800

Write to Us:

Kession Capital Limited
7th Floor
Hyde House
Edgware Road
London
NW9 6LH

This Privacy Policy was last updated on: 23/03/2018