West Hill Capital LLP and what we do
West Hill Capital is a leading private equity and venture capital firm providing Enterprise Investment Scheme (EIS) qualifying investments to private individuals and growth capital to innovative financial services businesses and pioneering technology companies throughout the UK and abroad.
We invite you to supply your personal data in order that we can process your requirements and deliver the services that you have requested. We use information collected to enhance the services that we offer, and to improve your experience on this site.
Data protection law is changing in the UK with the Data Protection Act 1998 (‘DPA’) being replaced with the European General Data Protection Regulation (‘GDPR’) form 25 May 2018. This Privacy Statement explains how we process your information and your rights under both DPA and GDPR.
We protect the privacy of your information using secure servers. The information that you provide will be kept confidential and used to provide the services requested to support our relationship with you.
Your personal information may be disclosed to reputable third-parties who will help us deliver our service to you.
We require all such third-parties to treat your personal information as confidential and to comply with all applicable UK Data Protection and Consumer Legislation in place at any given time.
Otherwise, except for the purposes of law enforcement, regulation or legal proceedings, or with your explicit permission, we will not divulge personal information to third parties.
You can opt-in to receive details of additional products and services provided by West Hill Capital LLP, and may choose to opt-out at any time.
Your rights under Data Protection Law
We operate under the Data Protection Act 1998 (‘DPA’) as replaced by the European General Data Protection Regulation (‘GDPR’) from 25 May 2018.
The DPA and GDPR apply to ‘personal data’ we process and the data protection principles set out the main responsibilities we are responsible for.
We must ensure that personal data shall be:
- processed lawfully, fairly and in a transparent manner;
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- accurate and where necessary kept up to date;
- kept for no longer than is necessary for the purposes for which the personal data are processed. We operate a data retention policy that ensures we meet this obligation.We only retain personal data for the purposes for which it was collected and for a reasonable period thereafter where there is a legitimate business need or legal obligation to do so. For detail of our current retention policy contact our privacy officer at email@example.com
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
We ensure lawful processing of personal data by obtaining consent; or where there is a contractual obligation to do so in providing appropriate products and services; or where processing the data is necessary for the purposes of our legitimate interests in providing appropriate products and services.
In the majority of cases we process personal data based on your contract with us. In other cases, we process personal data only where there are legitimate grounds for so doing.
To meet our Data Protection obligations, we have established comprehensive and proportionate governance measures.
We ensure data protection compliance across the organisation through:
- implementing appropriate technical and organisational measures including internal data protection policies, staff training, internal audits of processing activities, and reviews of internal HR policies.
- maintaining relevant documentation on processing activities.
- implementing measures that meet the principles of data protection by design and data protection by default including data minimisation, pseudonymisation, transparency, deploying the most up-to-date data security protocols and using data protection impact assessments across our organisation and in any third party arrangements.
How you can obtain a copy of the data we hold about you
You have a right to receive a copy of the personal data that we hold about you. Under the DPA We have the discretion to make a charge of £10.00 towards the cost of administration
To obtain a copy of the personal information we hold on you, please write to us at the address below and provide us with your details or ask for a Subject Access Request form.
Under the DPA you also have a number of additional rights in respect of your personal data. The Information Commissioner’s website provides guidance on these at www.ico.org.uk
Questions regarding this Privacy Statement should be directed to:
West Hill Capital LLP
36 Old Jewry,
London, EC2R 8DD
- +44 (0) 20 3440 7555 E. firstname.lastname@example.org
From 25 May 2018under the GDPR You have the following specific rights in respect of the personal data we process:
- The right to be informed about how we use personal data.
This Privacy Statement explains who we are; the purposes for which we process personal data and our legitimate interests in so doing; the categories of data we process; third party disclosures; and details of any transfers of personal data outside the UK.
- The right of access to the personal data we hold. In most cases this will be free of charge and must be provided within one month of receipt.
- The right to rectification where data is inaccurate or incomplete. In such cases we shall make any amendments or additions within one month of your request.
- The right to erasure of personal data, but only in very specific circumstances, typically where the personal data is no longer necessary in relation to the purpose for which it was originally collected or processed; or, in certain cases where we have relied on consent to process the data, when that consent is withdrawn and there is no other legitimate reason for continuing to process that data; or when the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
- The right to restrict processing, for example while we are reviewing the accuracy or completeness of data, or deciding on whether any request for erasure is valid. In such cases we shall continue to store the data, but not further process it until such time as we have resolved the issue.
- The right to data portability which, subject to a number of qualifying conditions, allows individuals to obtain and reuse their personal data for their own purposes across different services.
- The right to object in cases where processing is based on legitimate interests, where our requirement to process the data is overridden by the rights of the individual concerned; or for the purposes of direct marketing (including profiling); or for processing for purposes of scientific / historical research and statistics, unless this is for necessary for the performance of a public interest task.
- Rights in relation to automated decision making and profiling.
Please contact our privacy officer at email@example.com more information about the GDPR and your rights under Data Protection law.
If you have a complaint about data protection at West Hill Capital LLP contact our privacy officer at firstname.lastname@example.org
Alternatively contact our supervisory authority for data protection compliance (www.ico.org.uk):
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Cookies are pieces of information that a website transfers to your computer’s hard disk for record-keeping purposes. Cookies can make the internet more useful by storing information about your preferences on a particular site, such as your personal preference pages.
Links to other web sites
This Privacy Statement only covers the web services offered from this site. Other websites are governed by their own privacy statements.
Updates to this Privacy Statement
This Privacy Statement will be kept under continual review, and changes may be made from time to time.