Axion Property Partners (“Axion”) is committed to protecting and respecting your privacy. In this policy, we aim to provide you with information that is concise, transparent and uses clear and plain language. We take your privacy seriously and will only use your personal information to provide the products and services you have requested from us. Please read below for further information on how we use your data.
For complete information on GDPR and related topics, visit the Information Commissioner’s Office (“ICO”) website at www.ico.org.uk. The ICO is the UK’s independent regulatory office (national data protection authority) dealing with the Data Protection.
This policy applies to any person –including existing investors, potential investors, developers, service providers and introducers – registering, using or interacting with Axion’s website www.axionproperty.com (“website”), applications, offline activities, products and services, from any device, and any other instances where Axion collects your personal data.
“Personal data” is information that can be used to identify you, directly or indirectly, alone or together with other information (e.g. full name, contact details, precise location, device IDs, certain cookies).
As applicable, we are the data controller of your personal data. “Data controller” means the person or organisation who decides the purposes for which and the way in which any personal data is processed.
Axion Property Partners is registered with the Information Commissioner’s Office (“ICO”).
Contact Details & Data Protection Officer
We have voluntarily appointed the role of Axion’s Data Protection Officer (“DPO”) to Ayesha Ofori, Director and Chief Executive Officer. For any queries or questions on this policy, or to contact the DPO, contact details are as follows: E-mail: email@example.com
Information that you provide to us
Axion may obtain personal information about you because you or other third parties (e.g. a service provider in respect of Axion products and services) provide it to us, or because the information is publicly available (e.g. on your LinkedIn profile).
The personal data that we may collect and process may include your full name, age, date of birth, gender, contact details, proof of identity and address, nationality, employment, investment history, financial information, bank account details, complaint details and how you interact with our website.
Your personal information will be processed during the following circumstances:
- Investors/ Potential Investors
When you register on our website (i.e. as a high net worth investor or a self-certified sophisticated investor) to become an investor or a potential investor of Axion; or when, in any capacity, you contact us with queries (i.e. via website, phone or e-mail); or respond to our communications. Additionally you will be required to provide personal information in connection with the provision of our products and services to you. We may also obtain information about you if you become an Axion client and are thus required to complete our Appropriateness Questionnaire and when we conduct anti-money laundering (“AML”) and Know Your Customer (“KYC”) checks on you.
- Other Parties
If you are a third party (e.g. existing or potential service provider), we may collect or receive your personal information. This applies to individuals or companies who refer investors to us, or those who are introducers.
If you are a Developer who contacts us to explore the possibility of doing business with Axion, we may process extensive information about you to undertake the due diligence process, and also during the business relationship.
If you no longer wish to be contacted by Axion, please inform our Data Protection Officer.
Other information that we otherwise collect from you
What do we use your personal data for?
Your information will enable us to keep you informed of and to supply our products and/ or services. By registering on the website, you also agree that we may contact you as necessary. We may use the information we obtain about you as follows:
- To comply with our legal and regulatory obligations (e.g. record-keeping requirements, conducting AML and KYC checks, at application and periodically thereafter, and to determine your appropriateness to investment).
- To provide products and services to investors.
- To provide information on investment opportunities to potential investors and repeated investors (including about important changes, or developments to, as applicable, the website, our products and services and business).
- To operate and improve our products, services and business.
- To provide personalised content to you (e.g. tailoring our products and services and our digital customer experience to you).
- To update and enhance our investors’ and potential investors’ records.
- For advertising, marketing and business development purposes (e.g. to provide you with innovative products and services, including sending you newsletters, updates, marketing communications and other information that may be of interest to you, including via social media and digital channels (e.g. LinkedIn)); to make automated decisions on whether to offer you a product or service.
- To establish, exercise or defend our legal rights, or for the purpose of any legal proceedings, and for crime prevention (e.g. manage any actual or potential fraud or illegal activity).
- For our legitimate business interests (e.g. undertaking business research, analysis, due diligence on developers, managing the operation of our websites and our business and general analysis for management purposes).
- To investigate any complaint or expression of dissatisfaction we may receive from you, and to contact you for your views on our services (e.g. survey).
- To monitor and to keep records of our communications between you and our staff.
Transfers of the personal data outside of the EEA
We may transfer and share, as applicable, your personal data, or part of, with third parties (e.g. a data processor (a “data processor” is a person, or organisation, which processes personal data for the data controller), located outside of the European Economic Area (“EEA”). We will only transfer, or share, your personal data to such parties where the European Commission has decided that the country in question ensures an adequate level of protection, for the rights and freedoms of data subjects in relation to the processing of personal data; and there is a GDPR complaint contract/agreement between Axion and the third party in respect of such transfer.
By providing us with your personal data, you are agreeing to the transfer, storing, and/or processing of your personal data as explained above. Please contact us with any questions you may have regarding such transfers.
How we share information with third parties
We may share your personal information outside of the Firm, and this may include with:
- Third party agents/suppliers, or contractors (e.g. IT and communications service providers).
- Third parties relevant to the product and services we provide (e.g. banks, law firms, accountants, developers).
- To the extent required by law, regulation or court order (e.g. FCA, if we are under a duty to disclose your personal information in order to comply with any legal obligation).
We will only share personal information with a third party bound by obligations of confidentiality and in accordance with legal and regulatory requirements.
What are the legal grounds for our processing of your personal information (including when we share it with others)?
We rely on the following legal bases to process your personal information:
- Consent – we may (but usually do not) need your consent to use your personal information. You can withdraw your consent for some of our processing of special categories of personal data, such as your health or if you are a vulnerable individual, by contacting us.
- Performance of a contract– we rely on this legal basis if we need to process your personal data to fulfil our contractual obligations which you have requested from us (e.g. becoming an investor of Axion), including steps we may need to take at your request before entering into a contract.
- Legitimate interest– we may use your personal information for our legitimate interests. Under legitimate interests we can process your personal information if we have a genuine and legitimate reason and we are not harming any of your rights and interests (e.g. use this information to share updates with you about our products and services, which we believe may be of interest to you; or because of our legitimate interests in the performance of activities that form part of the operation of our business).
- Compliance with law or regulation– we may use your personal information as necessary to comply with applicable law and/or regulation (e.g. AML and KYC checks).
Under GDPR, you have a number of legal rights in relation to the personal information that we hold about you, and you can request to exercise any of the rights by contacting us at firstname.lastname@example.org
Your rights are:
- Right to be informed– to be given information about how your data is being processed and why. (e.g. the information provided to you in this policy)
- Right of access– you have the right to access the personal data which we hold about you.
- Right to rectification– to have your personal information corrected if inaccurate or incomplete.
- Right to erasure– to have your personal data erased.
- Right to object and to restrict processing of your personal data.
- Right to data portability– this allows you to obtain and reuse your personal data for your own purposes across different services (only applies to information you have provided to us).
- Right to withdraw consent.
- Right to lodge a complaint with the relevant data protection authority– if you think that any of your rights have been infringed by us, you can lodge a complaint with the ICO.
Please note that your rights may be limited and subject to restrictions in certain situations. However, you always have the right to object to processing for the purposes of direct marketing, regardless of the lawful basis that applies.
For complete information on your rights under the GDPR, you can visit www.ico.org.uk.
Security and data retention
When you give us personal information, we take steps to ensure that it is treated securely.
Non-sensitive details (e.g. your email address, etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us via the internet, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
How long will we hold your data for?
We will retain your information for the appropriate period of time to ensure that we can provide you with a continuous service, or as long as the legal or regulatory requirements require.
When you register on the website, we will hold your data for a period of 6 years, with a review every 3 years. You will have the opportunity to opt out (unsubscribe) at any point should you wish to do so, as you have a right at any time to stop us from contacting you for marketing purposes. To opt out/unsubscribe, please click on “unsubscribe” link in any of our communications, or send your request to email@example.com
In line with regulatory and legal requirements, we will hold your data for 5 years from the end of the business relationship, in line with legal and regulatory requirements.
This policy was last updated on 08 September 2018.