Client privacy notice

The privacy and security of client data are of the utmost importance to Floreat Group. This privacy notice outlines how Floreat Group (‘we’, ‘us’ ‘our’) manage the personal data we process to provide our services to our clients (‘you’, ‘your’) in accordance with UK Data Protection Act 2018 and UK GDPR. Floreat Group comprises Floreat Holding Limited and any of its owned subsidiaries and provides our clients with a range of investment advisory services and private client services.

For our private client services, all processing activities are described in the systems data overview document created as part of your onboarding process.

This notice outlines how we process your data in our role as a data controller or a data processor, depending on the service being offered. There are circumstances where the processing of personal data is undertaken by an entity controlled by, or under common control, with us for their own independent purposes. Such Floreat entity (a Floreat affiliate) may also be data controllers of your personal data.

When we process your data in our role as a data processor, we act under your instructions or provide a service contracted by you.

Who is responsible for your personal data?

The Floreat entity that contracts, or seeks to contract, with you will generally be the data controller of your personal data.

Should you have any questions, complaints, or comments regarding this privacy notice or how any of the Floreat Group companies handle your data, please email legal@floreat.com or write to: Data Protection Manager, Floreat House, 33 Grosvenor Street, London, W1K 4QU

What personal data do we process?

Depending on the relationship we have with you and the products and services we provide (or seek to provide), we will process certain personal data relating to you and people connected to you, including the data listed below.

Personal information: including your name, date of birth, contact details, country of residence, occupation, and contact information such as an address, email address and telephone number.
Financial and wealth-related information: including your bank account details, financial standing and history, credit rating and other information relating to your financial situation such as your assets, net worth, income, source of wealth, pension plans, investment preferences, restrictions and objectives, tax-related information, and codes
Due diligence/background check information: including date of birth, nationality, country of residence, documents required for anti-money checks and monitoring (including a copy of your passport and national identity card), details of the origin of your wealth and of restrictions on your ability to invest (for example, any insider status or political exposure), and other details as necessary to enable us to establish and meet applicable regulatory requirements and identify any conflicts of interest
Personal data collected as part of providing our services: including notes from interactions, meetings and conversations with you, account details, records of agreements, payments, investments, trades, and other transactions that contain your name or other personal data, and any identifiers that we assign to records associated with you
Special category data: data relating to child data, racial or ethnic origin, political opinions, religious beliefs, trade union membership, criminal records, genetic data, health data, sex life and sexual orientation.
Personal data relating to third parties: in addition to processing your personal data, we may also collect personal data regarding your representatives, and, in certain circumstances, we may process personal data of persons connected to you but with whom we do not directly communicate, such as dependants and family members. As per our terms of business, you should ensure that your key personnel and any individual whose personal data you or your agents provide to us have given consent and are aware of this privacy notice
Voice records: recordings of phone calls, conversations, and meetings when you make calls to our office lines.

How do we collect your personal data?

We collect your personal data from you, during a range of interactions based on the specialised services we provide to you. We also collect your personal data from third parties when you use our services, such as credit reference agencies or from your representatives when they act on your behalf.

Purpose and legal basis for processing

Processing activities	Description of data	Lawful basis
To interact with you before you become our client, for example when you express your interest in our services and request us to send you promotional material or answer enquiries about our services	Personal information Financial and wealth-related information Due diligence/background check information	Legitimate business interest Consent
Once you have engaged us and as part of our client onboarding process and where you become our client, to provide you with the services we have agreed to provide to you in accordance with our terms of business	Personal information Financial and wealth-related information Personal data collected as part of providing our services Due diligence/background check information	Performance of contract Legal requirement Consent
For the purposes of processing subscriptions, dividend payments, transfers and redemptions and distributing financial statements, notices, and performance reports, amongst others, in relation to the services provided to you	Financial and wealth-related information Personal data collected as part of providing our services	Performance of contract Consent
Communicating with you (or others acting on your behalf) about our services, including managing complaints	Financial and wealth-related information Personal data collected as part of providing our services Personal information	Performance of contract
Maintaining records of your transactions	Financial and wealth-related information Personal data collected as part of providing our services	Performance of contract
To confirm your identity and carry out due diligence checks, including to confirm your source of wealth for anti-money laundering and ‘know your client’ purposes	Due diligence/background check information	Legal obligation
Assessing client suitability for services	Financial and wealth-related information Personal data collected as part of providing our services Personal information	Legal obligation
Performing compliance checks on an ongoing basis	Financial and wealth-related information Personal data collected as part of providing our services Personal information	Legal obligation
Account and transaction monitoring, transaction reporting, tax reporting, monitoring management of client accounts and client interactions	Financial and wealth-related information Personal data collected as part of providing our services Personal information	Legal obligation
Making disclosures to, and complying with requests from, public authorities, regulators, tax authorities, governmental bodies, or law enforcement agencies, and investigating and preventing fraud and other crime	Financial and wealth-related information Personal data collected as part of providing our services Personal information	Legal obligation
Recording phone calls made to our office	Voice recordings	Legal obligation
To manage our relationship with you	Financial and wealth-related information Personal data collected as part of providing our services Personal information Voice recordings Special category data Personal information relating to third parties	Legitimate business interests Performance of contract Consent
To help us to improve our products, services, and operations, including monitoring and evaluating the performance of our services	Personal data collected as part of providing our services Personal information	Legitimate business interests
For marketing our services or products that we think may be of interest to you	Personal data collected as part of providing our services Personal information	Legitimate business interests
To manage our business and protect and enforce our rights	Personal data collected as part of providing our services Due diligence/background check information	Legitimate business interests

Recipients of your data

Depending on our relationship with you, we may share your personal data with the following categories of recipients:

Floreat affiliates: we may share your personal data with Floreat affiliates depending upon the services that we provide to you
Market counterparties: we may share your personal data with market counterparties and parties interested in or assuming risk in connection with a transaction. These parties include issuers of investments, shareholders selling securities in any offering, co-managers, lead managers or any agent or adviser to any of the above, or where you are a beneficiary or policyholder in respect of a portfolio, fund or account which is legally owned by a third-party provider, to such third-party provider
Third-party service providers: we may share your personal data with third parties we engage to perform, or assist in the performance of, our services – for example, parties who we engage with to perform anti-fraud, or due diligence checks
Data processors: service providers who provide a service to or operate a system on behalf of us to enable us to provide the services you have requested. These processors can only process your personal data under instructions from the Data Controller
Professional advisers: we may share your personal data with Floreat’s lawyers, auditors, accountants, or others providing professional advice to us
Regulatory bodies and law enforcement agencies: we may share your personal data with relevant governmental, regulatory, supervisory, law enforcement, prosecuting, tax or similar authorities or industry bodies under applicable laws of any relevant jurisdiction to comply with law or respond to a legal process or request for co-operation
Your representatives: we may share your personal data with your agents, representatives and other third parties managed by us, in delivering our services to you, or to whom you instruct or authorise us to disclose your data, including but not limited to those who are set out in your personalised data diagrams
Corporate transactions: we may share your personal data with prospective purchasers and assignees in the event our business, or any part thereof, is sold or re-organised, or if any product entered into with you is sold, transferred, or assigned in whole or in part
Other third parties with your consent: we share your personal data with other third parties only where you have specifically consented for us to do so.

International transfers of your personal data

Where relevant for your services, or when requested to do so (either from you or one of your authorised representatives), or with your consent (either from you or one of your authorised representatives), your personal data may be transferred to and processed outside of the UK or the European Economic Area (EEA) in countries or territories that may not provide the same level of protection for personal data as the UK. When this happens, we will use efforts within our control to put in place appropriate measures to ensure the protection of your personal data.

Retention of your personal data

We retain your personal data for as long as you have a relationship with us, and for a period after your relationship with us has ended. When determining how long this retention period will last, we consider: the length of time personal data is required to comply with legal and regulatory obligations; to defend or bring any existing or potential legal claim; to address any complaints regarding our services; and for other legitimate business reasons. For further information on how long your data is retained, please contact us directly.

Data security

We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect. A copy of our information security standards is available on request.