L O A D I N G

RD:IR Privacy Policy

Last reviewed:19 August 2021

This privacy notice sets out how RD:IR collects and processes Personal Data in its capacity as a Data Controller or Processor. Richard Davies Investor Relations Limited (“the Company” or “RD:IR”) is committed to ensuring that your privacy is protected and to abiding by the UK General Data Protection Regulation (“the GDPR”).

For a brief overview of how RD:IR uses Personal Data, please read the section below titled ‘How does RD:IR use Personal Data?’.

RD:IR may change this notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This notice is effective from the most recent review date.

Definitions

‘Personal Data’ – any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

‘Data Controller’ – the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

‘Data Processor’ – a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

How does RD:IR use Personal Data?

RD:IR processes Personal Data for providing share register analysis (“SRA”), customer relationship management (“CRM”), targeting, proxy solicitation and other services to its clients.

Most processing of Personal Data is done as a legitimate interest, lawful under the GDPR and subject to a three-part test. All Personal Data that is processed by RD:IR as a legitimate interest undergoes a Legitimate Interest Assessment (“LIA”) that is structured to satisfy the three-part test. LIAs are available upon request.

Other Personal Data is processed by RD:IR either with lawful consent from the individuals the Personal Data relates to, or under the legal and statutory obligations of the UK’s Companies Act 2006.

You have the right to object to RD:IR processing your Personal Data. If you wish to raise an objection, please contact the Company via Welcome@rdir.com

How RD:IR collects Personal Data

In the course of the work RD:IR undertakes, Personal Data is collected through any of the following:

  • Publicly-available share registers;
  • Requests sent to institutions under s793 Companies Act 2006;
  • Requests sent to institutions to fulfil contractual obligations;
  • Institutional investor websites;
  • Professional third parties;
  • Provided by clients in their capacity as Data Controllers.

Categories of Personal Data that RD:IR processes

The categories of Personal Data that RD:IR processes as a legitimate interest are as follows:

  • Clients:
    • Name
    • Business contact details
  • Professional investors:
    • Name
    • Company information
    • Business contact details
  • Shareholders registered on the share register:
    • Name
    • Registered address
    • Shareholding information
  • Retail investors holding shares via custodians:
    • Name
    • Postal address

Why RD:IR collects and processes Personal Data

RD:IR collects and processes Personal Data to provide SRA, CRM, targeting, proxy solicitation and other services to its clients.

A large part of the SRA service RD:IR provides is in line with the Companies Act 2006, primarily s793 and s808. The Personal Data that RD:IR deals with is largely publicly available.

Any Personal Data that is not covered by the legitimate interest principle within the SRA service has been lawfully processed with the active consent of the individuals involved.

The CRM service that RD:IR provides involves supplying clients with contact information of individuals to assist clients in connecting with their shareholders and conducting good business.

Personal Data processed by RD:IR is only shared with the related client of RD:IR and never shared with third parties without consent having been sought from the individuals affected.

RD:IR does not sub-contract to any third parties any of the services it provides to its clients.

How long RD:IR retains Personal Data

RD:IR will not retain Personal Data for longer than is necessary to fulfil its legal and contractual obligations.

Professional investor information will be retained as long as it is required and as long as it is accurate.

How RD:IR keeps Personal Data secure

The majority of the Personal Data RD:IR maintains is stored on IT systems with rigorous network security processes in place, including encrypted backup process and annual penetration testing. Hardware is stored securely and access is restricted to relevant personnel only.

All emails going through RD:IR servers are encrypted. The Company’s website and online applications are secure to international standards.

RD:IR employee passwords are known only to the employee in question. Client passwords for online applications are provided by RD:IR and the client is encouraged to change their password regularly and keep this data secure.

Any physical Personal Data that RD:IR processes is secured when not in use, and when in storage stored in a secure offsite facility that specialises in providing secure storage.

RD:IR has detailed internal policies on data protection and security. These are available upon request.

Controlling your personal information

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

Review & audit of information policies & processes

We carry out regular and frequency reviews and audits of all data-related processes with logs of activity and outcomes.

Richard Davies Investor Relations Limited © 2011 ~ 2021

Bridewell Gate 9 Bridewell Place London EC4V 6AW

Helpline: +44 20 3890 2139 | Switchboard: +44 20 3890 2138