Privacy Notice

Introduction

This privacy notice explains how companies within Link Group use and protect your personal information. This notice also tells you about your privacy rights and how the law protects you.

Your information will be held by AssetTrace+, a trading name of Link Market Services, part of Link Group. We take the security of your Personal Information very seriously. We use a combination of technical, organisational and physical security measures to protect your personal information in line with our obligations under data protection law. Our employees receive training to help us comply with data protection law and safeguard your privacy.

When we mention "Link", "we", "us" or "our", we mean the relevant company in Link Group that processes your personal information.

Who we are?

Link Group is made up of a group of companies, known as entities. Link Market Services Trustees Limited is the name of the entity which holds your personal information. You can find out more about Link Group at https://www.linkgroup.eu/ or www.linkgroup.com.
What personal information do we collect?

We use many different kinds of personal information. The information we collect depends on the nature of our relationship with you. We process the following types of personal information:
- Contact data – this includes your name, address, contact information and relationships to other people
- Financial and transactional data – this includes payments, trades, payment card details, bank account information, details of income and assets, mortgages, investments and pensions contributions and values
- Product data – information about the products and services we provide to you including unique reference numbers
- Socio-demographic data - This includes your gender identity, job, nationality and education
- Communications – Information from letters, emails, phone calls or any other communications between us
- Technical and usage - Details on the devices and technology you use including IP address, cookies, pixels and other tracking technology
- Behavioural - Details about how you use our products and services
- Documentary Data - this includes information stored in documents such as passport driving licence or birth certificate
- Marketing and communication preferences
- Identification data - this includes information such as passport, driving licence, national identifiers and tax numbers
- Authentication data – includes usernames, passwords and any information required to accessing our products and services
- Open Data and Public Records – this can include information from the Electoral Register, and information that is publicly available on the internet
- Special categories of data -In certain limited circumstances we may request or receive personal information which is sensitive we will only collect and use this if the law allows. This can include information relating to your health, genetic or biometric data, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs and trade union membership. It also includes criminal offence data, including information about criminal activity, allegations
Where we collect personal information from?

We collect personal information directly from you, and from the way in which you use our services. We will collect your information from the following sources.

We may also collect personal information about you from any other company in the Link Group, and from outside organisations and third parties including:
- Other companies in Link Group
- Government agencies, Authorities, Regulators and official bodies. and law enforcement agencies (for example when accessing government probate records)
- Law enforcement and fraud prevention agencies
- People linked with you, such as joint account holders, trustees or someone authorised to act on your behalf
- Financial advisors
- Tracing and Credit reference agencies
- Other financial services companies (for example CREST, Euroclear, banks, card providers)
- Public information and open sources such the Electoral Register, Companies House, internet searches, and information that is publicly available
- Companies we work with such as sub-contractors, suppliers and consultants
- Organisations that introduce you to us, for example brokers
- Your employer (past and current)
- Third parties in connection with any acquisition of a business by us

What we use your personal information for and the lawful basis

We are only allowed to use your personal information if we have a reason under data protection laws, this is called the lawful basis. The lawful basis for processing your personal information must be one of the following:

Based on your consent
To provide services set out in a contract with you – for example when you sign up to use our products
To comply with the law
When it is in the public interest
When it is in our legitimate interest

In certain limited circumstances we may process special category personal information which is sensitive. We will ask for your explicit consent to process this information unless the processing is allowed under law for reasons of substantial public interest, is in relation to legal proceedings, is necessary to protect your vital interests or has been made public by you. When the processing of your information is based on our legitimate interest, we ensure that our interests do not unfairly override you rights and freedoms. Here is a list of the types of processing, the purpose for processing and our legitimate interests:

Type of processing	Purpose of the processing	Lawful basis	Our legitimate interests
The administration and provision of services	To provide our products and services To communicate with you, including marketing activity To resolve and respond to complaints To manage our relationship with you or your business To understand how you use our products and services To manage our brands, products and services	To provide services set out in a contract with you Your consent To comply with the law Our legitimate interests	Keeping our records up to date Identifying support needs and communication preferences Managing how we provide our products and services Seeking your consent when we need it to contact you To help meet contractual and legal obligations To comply with regulations, guidance and rules Understanding how our products and services are used and accessed Identifying opportunities to improve To manage our commercial interests
Improving our business	To develop marketing opportunities and activities To identify and develop new brands, products, services To test new products To manage companies that we work with	To provide services set out in a contract with you To comply with the law Our legitimate interests	Developing and improving products and services Identifying opportunities to grow and improve our businesses To help meet contractual and legal obligations To comply with regulations, guidance and rules To manage our commercial interests
Managing our business	To understand and monitor how our business is performing, changing and adapting To ensure the ongoing provision of products and services To maintain our websites and apps To manage fees, charges, interest or to collect money that is owed to us For our own internal and external management information purposes, maintaining accounting records, analysis of financial results, internal audit requirements, receiving professional advice.	To provide services set out in a contract with you To comply with the law Our legitimate interests	Managing how we provide our products and services To help meet contractual and legal obligations To comply with regulations, guidance and rules To manage our commercial interests
Managing risk	To comply with regulations, guidance, laws, rules and standards To prevent and detect crime To manage risk for us and our customers To establish, enforce or defend our legal rights	To provide services set out in a contract with you To comply with the law Our legitimate interests	To protect (us and you) from loss, harm or damage To improve business efficiency To help meet contractual and legal obligations To comply with regulations, guidance, laws, rules and standards To manage our commercial interests

Who we share personal information with?

We will only disclose your personal information in accordance with applicable laws and regulations applicable to the countries in which our businesses operate. We will disclose your information to the following organisations:
- Other companies in Link Group
- Government agencies, Authorities, Regulators and official bodies. This can include data protection authorities (such as the ICO), national regulators such as FCA, PRA & SEC, Tax authorities such as HMRC & IRS, official bodies such as the financial ombudsman service and UK Financial Services Compensation Scheme
- Law enforcement and fraud prevention agencies
- People linked with you, such as joint account holders, trustees or someone authorised to act on your behalf
- Financial advisors
- Tracing and Credit reference agencies and providers of identification and verification services
- Other financial services companies (for example CREST, Euroclear, banks, card providers)
- Public information and open sources such the Electoral Register, Companies House, internet searches, and information that is publicly available
- Your employer (past and current)
- Companies we work with such as sub-contractors, suppliers and consultants
- Organisations that introduce you to us, for example brokers
- Third parties in connection with any merger or acquisition
- Other companies, either because you ask us to or because of features of the product or service you have with us (for example ShareGift)
We may share or sell some data to other companies outside Link Group, but only when it is grouped so that no-one’s identity can be known or found out.
International Processing

Sometimes Link Group, or third parties who we share your personal information with, will process your personal information outside of the UK and European Union (EU). When your data is processed outside the UK and EU we will ensure that appropriate safeguards are in place, these may include:
- Transfers to a country which is considered to provide adequate levels of data protection
- Contractual obligations, such as standard data protection clauses which require that they must protect it to the same standards as the UK or EU
If you would like further information on the safeguards we use to share personal information, please contact our Data Protection Officer.

Our EU representative is located in Ireland and you can contact them by email at EUPrivacyrep@linkgroup.ie or by post to 149 The Capel Building, Mary’s Abbey, Dublin 7, D07 DP79, Ireland.
How long will we store your information for?

We will hold your personal information on our systems for as long is necessary to provide services to you. We typically keep your personal information for 6 years from the end of your relationship with us however we may some information for up to 15 years, for example information sent by email. We may keep your information for longer if we cannot delete it for legal, regulatory or technical reasons.
Your rights

You have the following rights in relation to how we use your information. If you’d like to exercise these rights, please contact us. In some cases we may not be able to uphold your request for reasons such as our own obligations to comply with other legal or regulatory requirements. We will always respond to any request you make and if we can't comply with your request, we will tell you why.

Right of access
You have the right to ask for a copy of all the personal information we are processing. Your personal information will usually be provided to you in writing, unless otherwise requested. If you request to receive your personal information in an electronic format we will aim to provide as much information in this format as possible.

Right of rectification
We take reasonable steps to ensure that the personal information we hold about you is accurate and complete. However, if you do not believe this is the case you have the right to ask us to rectify any errors in the personal information we hold about you.

Right to erasure
You have the right to ask us to delete your information if our continued use is not justified. this request will be balanced against other factors, depending upon the type of personal information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.

Right to restrict processing
You have the right to ask us to restrict our use of your personal information if one of the following applies:
- If your personal information is not accurate
- If the processing of your personal information is unlawful and you do not want us to delete it
- If we no longer need your personal information, but you want us to retain it for the establishment, exercise or defence of legal claims
- Whilst we verify if we can uphold your objection to us processing your personal information
Right of data portability
You have the right to ask us to provide you with a copy of the personal information that you have supplied to us in a commonly used machine-readable format or to transfer your information directly to another controller (e.g. a third party offering services competing with ours) where our processing is based on your consent or is necessary to provide services set out in a contract with you. Once transferred, the other party will be responsible for looking after your personal information.

Right to object
You can object to us keeping or using your personal information in some situations, this includes when our lawful basis for processing is in the public interest or in our legitimate interest, or when your personal information is processed for direct marketing purposes.

Right not to be subject to automated decision making
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal or similarly significantly effect on you unless:
- It is necessary for a contract between us and you
- It is authorised by law
- It is based on your explicit consent
You can object to an automated decision we have made and ask that a person reviews it. Currently we do not make decisions about you solely based on automated processing. Right to withdraw consent
For certain limited uses of your personal information, we may ask for your consent. Where we do this, you have the right to withdraw your consent at any time. If you withdraw your consent, we may not be able to provide certain products and services to you. If this is the case, we’ll tell you. Marketing
We may contact you to tell you about products, services and offers that we think you may be interested in. When we send you this type of marketing message we will do so because you have consented or because it is in our legitimate interest. You can ask us not to send you marketing messages by following the unsubscribe instructions that appear in our email communications or by contacting us at any time. You will continue to receive important information and service-related communications regardless of your marketing preferences.
Cookies, pixels and tracking technology

We use cookies, pixels, online identifiers and similar tracking technologies on our websites, apps, and in our emails. This technology is used to improve our own products and services, your user experience, optimise what you may see on our websites and provide information when you are online.

Cookies
There are two types of cookies that can be stored on your device:
- "session cookies", which only last for the duration of your visit to our website and are automatically deleted from your device when you close your browser; and
- "persistent cookies", which remain on your device after you have visited our website and are not deleted when you close your browser. Persistent cookies are sent back to our server every time you visit our website
Most users will be able to adjust their internet settings to accept all cookies, to notify them when a cookie is issued, or not to receive cookies at any time. If you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

Pixels
We use small images called ‘pixels’ in our emails to help us improve our communications and to understand how you interact with them. The use of pixels allows us to understand whether and how many times you have opened an email, the device you used and the IP address. We may also set a cookie to find out if you clicked on any links in the email.

For further information about cookies, pixels and tracking technology, please see our Cookie Policy – https://www.linkgroup.eu/policy-statements/cookies/.
Who can you speak to about this Privacy Notice?

If you have any questions, or want more details about how we use your personal information, you can contact our Data Protection Officer by email at lmsdpo@linkgroup.co.uk or by post to Data Protection Officer, 65 Gresham Street, London, EC2V 7NQ.

You can contact our EU representative by email at EUPrivacyrep@linkgroup.ie or by post to 149 The Capel Building, Mary’s Abbey, Dublin 7, D07 DP79, Ireland.

If you are unhappy with how we have handled your personal information and wish to make a complaint please let us know. You find can find out more about how you can get in touch here https://www.linkgroup.eu/get-in-touch/complaints/

You also have the right to complain to the supervisory authority, and to lodge an appeal if you are not happy with the outcome of a complaint.

The UK Supervisory Authority is the Information Commissioner (the “ICO”). You can contact the ICO via their website: https://ico.org.uk/concerns/
Changes to this Privacy Notice

Please note that this notice will be reviewed and may be changed from time to time. We provide details on this page to inform you when the notice was last updated

Updated: July 2023

Privacy Notice

Introduction

Legal notices

Quicklinks