
-
Privacy Policy
Introduction
We are responsible for deciding how we hold and use personal data about You. To comply with the Law and best practice We are required to make available a copy of this Privacy Policy.
This Privacy Policy sets out Your rights under the Data Protection (Bailiwick of Guernsey) Law, 2017 (“the Law”) as well as Our commitment to You regarding how We treat Your personal data.
It is important that You read this Privacy Policy so that You are aware of how and why We are using your personal data.
Our commitment
This Privacy Policy covers personal information provided to RAW Capital Partners Limited, RAW Capital Secured Mortgage Funding Limited and RAW Alpha PCC Limited (“RAW” or “We” or “Our” or “Us”).
We are committed to protecting the privacy and security of your personal data. This Privacy Policy describes how We collect and use personal data in accordance with the Law.
What is personal data?
Personal data is any information that can be used to identify you as a person. This Privacy Policy relates to Our use of any personal information you provide on you or, where applicable, about your clients (“You” or “Your”).
To provide You with the best experience, make business decisions and meet regulatory obligations We are required to collect personal data such as your name, address, contact details and employment history
We may also undertake adverse media, credit reference or other open-source checks where necessary to assess your suitability to receive a service as part of steps taken prior to entering a contract with you.
These checks are carried out where necessary as part of taking steps prior to entering into a contract (such as a mortgage or investment agreement), or where required by law or regulatory obligation.
Where this personal data is considered special category personal data, we will process such data where necessary for compliance with legal or regulatory obligations, or where justified by legitimate business interests, and subject to the safeguards required under Schedule 2 of the Law.
We will also collect personal data during Our relationship with you.
Lawful purpose
In most cases, we rely on contractual necessity as our primary lawful basis for processing personal data – for example, where you ask us to assess or enter into a mortgage agreement or investment.
We may also rely on legal obligations, legitimate interest, or consent in specific circumstances.
How will you use my personal data?
We use Your personal data when the law allows us to. Most commonly, We will use Your personal information in the following circumstances, to:
- contact you about an enquiry you have made via email, website, telephone or other means of communication;
- make decisions about what products and services We may offer to You;
- analyse and improve the services offered by RAW;
- perform the contract We have entered into with You;
- let you know about those of Our products and services We consider will be of legitimate interest to you;
- satisfy Our necessary legitimate interests (or those of a third party) and Your interests and fundamental rights do not override those interests; and/or
- meet contractual, legal and regulatory obligations.
Who is responsible for my data?
A Data Controller is the person or organisation that determines the purposes and means of processing personal data. A Data Processor is a person or organisation that processes personal data on behalf of a Data Controller, and only in accordance with the Controller’s instructions.
Investors
Party Role RAW Capital Partners Ltd Data Controller RAW Alpha PCC Ltd Data Controller Independent administrator Data Controller Custodian, Auditor, etc. Data Processor Borrowers
Party Role RAW Capital Partners Ltd Data Controller RAW Alpha PCC Ltd Data Controller Independent administrator Data Controller Custodian, Auditor, etc. Data Processors International transfers
From time-to-time, your personal data may need to be transferred outside of the Bailiwick of Guernsey.
Where personal data is transferred outside the Bailiwick of Guernsey, we ensure that such transfers are subject to appropriate safeguards and legal mechanisms, including adequacy decisions and contractual clauses, to ensure you personal data remains protected.
Data retention
We will only retain Your personal information for as long as necessary to fulfil the purposes We collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Data shall be held at all times in accordance with and for as long as Our statutory and regulatory requirements require it. This includes a retention period following the cessation of Our provision of services to you, which shall, at all times, be determined by Our legal and regulatory obligations. In most cases, this means retaining personal data for six years following the end of our relationship with you.
As soon as such obligations cease to apply, We shall permanently erase all personal information held on you from Our records.
In some circumstances We may anonymise Your personal information so that it can no longer be associated with you, in which case We may use such information without further notice to you.
Data security
We have put in place measures to protect the security of Your personal data.
We have put in place appropriate security measures to prevent Your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
We limit access to your personal data to employees, agents, and third parties who have a business need to know. These individuals are subject to duties of confidentiality and must follow our data protection policies.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where We are legally required to do so.
What are my rights?
A summary of your rights under the Law are tabulated below.
Right You have the right to… Access request a copy of the data we hold about you Rectification correct inaccurate or incomplete data Erasure request we delete your data (in some cases) Restriction request limited use of your data Objection object to certain processing activities Data portability receive your data in a reusable format (if applicable) Complaint lodge a complaint with the ODPA Right of data access and portability
You have the right to request access to the personal information we hold about you. This is commonly known as a "data subject access request" (DSAR).
You may request:
- Confirmation that we are processing your personal data;
- A copy of the personal data we hold about you;
- Details of the purposes for which we use your data;
- Information about the categories of data we process, the recipients of the data, and how long we retain it;
- Information about your rights under the Law.
We will respond to access requests within one calendar month, free of charge. However, we may charge a reasonable fee or extend the timeframe by up to two additional months if your request is complex or repetitive. We may also require you to confirm your identity before we release any information.
To make an access request, please contact us in writing using the contact details at the end of this Privacy Policy. You will need to provide sufficient information to allow us to verify your identity and locate your data.
Right of rectification, erasure, restriction or objection
If at any time you believe We hold information in error or that the information We hold on you is inaccurate or incomplete, you may submit a request to Us to consider rectifying and/or erasing it.
If you no longer want to receive marketing communications from Us, you may unsubscribe from them.
Right to Complain
If you are concerned with the information held, the way in which We hold it, or are unhappy with any other element relating to Your personal information, you may lodge a complaint. We would ask that you contact Us in the first instance and We will seek to resolve any concerns as soon as possible.
You also have a right to lodge a complaint directly with the Guernsey Data Protection Commissioner at:
Office of the Data Protection Authority
St Martin’s House
Le Bordage
St. Peter Port
Guernsey, GY1 1BR
Details of the complaints and appeals processes are available on their website at https://odpa.gg.
Contact us
You can contact us at:
RAW Capital Partners Ltd
Carinthia House
9-12 The Grange
St Peter Port
Guernsey GY1 2QJ
The primary point of contact for all data protection purposes is [email protected].
Changes to this Privacy Policy
We reserve the right to update this privacy notice at any time, and We will update this on Our website. We may also notify you in other ways from time to time about the processing of Your personal information.
This Privacy Policy may be updated from time to time so you may wish to check it each time you submit personal information to Us.