Privacy Notice

1        About this notice

This notice (the “Privacy Notice”) provides information about how Oppenheimer Generations Custodian UK Limited (“we”, “us”, “our”) gathers and uses your personal data through your use of our website, https://opp-gen.com (the “Website”). We are committed to respecting the confidentiality of the personal data you supply to us and all data will be processed in accordance with applicable data privacy laws. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Privacy Notice. If you do not agree with our use of your personal data as set out in this Privacy Notice, you should not submit your personal data to us. However, if you do not wish to submit your personal data, or if you wish to exercise your rights to prevent us using your data, you should be aware that we may not be able to engage with you further. The Website is not intended for, nor do we knowingly collect information relating to, anyone under the age of 13. Please contact us if you are a parent or guardian and have become aware that your child has provided us with their personal data. We will take steps to remove any such data from our servers if it has been provided without parental consent.

2        About us

We are Oppenheimer Generations Custodian UK Limited (company number 11011473), registered at 1 Charterhouse Street, London, United Kingdom, EC1N 6SA. For the purposes of data privacy legislation, we will be a ‘controller’ of information collected via the Website.

3        Contacting us

Should you have any questions or concerns about this Privacy Notice or how we process your personal data, please contact info@opp-gen.com.

4        Your rights

You have certain rights in relation to your personal data. Under certain circumstances, by law you have the right to:

·         Object to processing of your personal data where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.

·         Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are processing it lawfully.

·         Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

·         Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see above).

·         Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.

·         Request the transfer of your personal data to another party in a machine-readable, commonly used and structured format.

Please contact us using the details at section 3 if you want to exercise any of these rights. In most cases these rights are not absolute and are subject to certain exceptions or qualifications. For example, if you wish to withdraw your consent or object to processing, we may need to discuss with you whether our use of your data needs to continue for other lawful purposes, such as fulfilment of a legal or contractual requirement. We will respond to your request within one month of receipt of your request. In some cases we may not be able to fulfil your request to exercise the right before this date, and may need to request more time. Where we cannot provide a full response to you for any reason, we will let you know about this in our initial reply to your request.

5        Your duty to inform us of changes

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.

6        Fees

You will not have to pay a fee to access your personal data (or to exercise any of the other rights).  In some cases, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or if you request multiple copies of the information. Alternatively, we may refuse to comply with the request in such circumstances.

7        What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

8        Right to complain

If you wish to request further information about any of the above rights, or if you are unhappy with how we have handled your information, please contact us on the contact details contained in section 3. If you are not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office: https://ico.org.uk/global/contact-us/ or 0303 123 1113.

9        Information we collect

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect the following categories of personal data in the course of your use of our Website and in your correspondence with us and our representatives:

“Identity Data”

basic personal details such as your name and (if applicable) the name of your company.

“Contact Data”

your email and postal addresses and telephone numbers.

Our Website also collects information about you through the use of cookies (“Cookie Data”). Please refer to our Cookies Policy for further information.

10      Failing to provide personal data

If you fail to provide us with the personal data set out above we may not be able to engage with you further and you may not be able to make full use of our Website. We will notify you if this is the case at the time.

11      How we use the information we collect – general uses and purposes

We will only use your personal data when have a lawful basis to do so. Most commonly, we will use your personal data in the following circumstances: where we need it to perform the contract we are about to enter into or have entered into with you; where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests and/or where we need to comply with a legal obligation. We have set out below, in a table format, a description of all the ways we may use your personal data, and which of the lawful bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for any other purpose than those already notified to you, we will notify you and we will explain the legal basis which allows us to do so.

12      Sharing your information

We will not disclose your personal data to third parties except as detailed in this Privacy Notice. We may share your personal data: with other companies within the Oppenheimer Group (acting as joint controllers or processors) for the purposes and activities described in section 6.2; with third parties that are specifically engaged by us to provide services in which case we will require those parties (as processors) to keep that information confidential and secure and to use it solely for the purpose of providing the specified services to us; with law enforcement agencies and regulators, government departments or competent authorities of the UK or of other countries (including tax status, identity or residency or other personal and payment information, documents or self-certifications) where we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation, or if we reasonably consider that this is necessary to help prevent or detect fraud or other crime or to protect our rights, property, or safety, or that of our customers or others (such disclosure may be made directly to such regulators or competent authorities or made indirectly to our advisers or providers who will make such filings or disclosures on our behalf); if we are under a duty to disclose or share your information with HM Revenue & Customs (HMRC) or other tax authorities, who may transfer it to the government or the tax authorities in another country where you may be subject to tax (such disclosure may be made directly to such regulators or competent authorities or made indirectly to our advisers or providers who will make such filings or disclosures on our behalf); with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets (alternatively, we may seek to acquire other businesses or merge with them and if a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy); with professional advisers including lawyers, bankers, auditors and insurers who provide relevant services to us and if you have consented to any disclosure to a third party.

13      Where your information is processed

Your personal data may be processed by staff operating outside the UK who work for us or by our service providers (for example, those who supply support services to us), and the laws of some of these destination countries may not offer the same standard of protection for personal data as countries within the UK. We will, however, put in place appropriate security procedures in order to protect your personal data. Where your information is transferred to any country outside the UK, we ensure that this is only to countries that have been deemed to provide an adequate level of protection for personal data or using specific legally approved safeguards. Please contact us (see section 3) if you would like further information on the specific mechanism used by us when transferring your personal data out of the UK.

14      Keeping your information

We will keep your information only for as long as necessary depending on the purpose for which it was provided. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request by contacting us. When determining the relevant retention periods, we will take into account factors including: our contractual and business relationships with you; legal obligations under applicable law to retain data for a certain period of time; statute of limitations under applicable law(s); (potential) disputes and guidelines issued by relevant supervisory authorities.

15      Security

We employ appropriate technical and organisational security measures to help protect your personal data against loss and to guard against access by unauthorised persons. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so. In addition, those employees, agents, contractors and other third parties who process your personal data will only do so on our instructions and they will be subject to a duty of confidentiality.

16      Links to other websites

Links on our Website may take you to third party sites over which we have no control. While such links are provided for your convenience, you should be aware that the information handling practices of the linked websites might not be the same as ours. You should review any privacy notices on those linked websites. We are not responsible for any linked websites.

17      Changes to this Privacy Notice

We reserve the right, at our discretion, to change, modify, add to, or remove portions from, our Privacy Notice. We will of course notify you of any changes where we are required to do so.