Millennium Online Privacy Notice (UK)
Millennium Capital Management Limited and Millennium Capital Partners LLP (collectively, “Millennium” or “we”, “our” or “us”) aim to protect your privacy as far as possible. Millennium is what is known as a “data controller” for the purposes of European data protection laws. Contact details are set out below.
Millennium may amend this notice from time to time without prior notification to intended recipients.
Applicability of this Privacy Notice
This notice describes how we use personal data. It applies to recruitment applicants, former employees, professional contacts, visitors to our website, or others with whom we may communicate.
How we obtain your information
We may collect personal information from you when you use our website or otherwise engage in communication with us, or when you (or any entity you represent) enter into a contractual relationship with us, including, for example, as an employee or service provider.
We collect information about you from a variety of sources, which may include:
- any documents submitted to us, including any application forms;
- our communication or correspondence with you, such as when you contact us by letter,
- telephone, email or any other means of electronic or personal communication;
- your use of the Guest Wi-Fi services on your personal device(s) at our London office (50 Berkeley Street, London, W1J 8HD); or third parties, in connection with potential employment or other contractual engagement.
Please note that, in accordance with regulatory requirements, we record calls made on certain employees’ landline and mobile telephone lines.
The information we collect
Depending on the nature of your relationship with Millennium, we may collect or may have collected the following categories of data about you:
- your name, title, contact details;
- other personal information such as your age, date of birth and marital status;
- information related to your occupation, such as your job title and CV;
- unique identifiers such as your government-issued social security number, national insurance number, tax file number, IP address and information related to that IP address;
- details from your passport, as required and permitted by applicable laws and regulations addressing due diligence and related matters;
- financial information; and
- other information you or others may provide to us during your communications or relationship with us, for our operational or business purposes.
In limited cases, we may also collect “special categories” of information from you (sensitive data), which may include personal details relating to your immediate family members and details relating to any senior political figures (e.g. senior military or government official) to whom you are connected, information relating to political affiliations or trade union membership, or information about actual or alleged criminal convictions and offences.
You are not obliged to provide us with your information where it is requested but this may affect our ability to continue our dealings with you or employ you.
If you provide personal data on behalf of another person, it is your responsibility to notify that individual that you have provided their information to us and direct them to this notice.
Our use of your information
We process your information because it may be required for contractual or operational reasons, because it may be required by applicable laws or regulations within the EEA, in our legitimate interests in order to comply with other applicable laws and regulations or for operational business purposes or in order to review and process employment applications, or on the basis of your consent.
Where we process “special categories” of information about you, we do so on one of the following bases: your explicit consent, legal or regulatory requirements, health and safety, monitoring of equality and diversity, prevention or detection of crime or similar misconduct, management of occupational pension schemes, or because the processing is necessary for the establishment, exercise or defence of a legal claim.
How we share your information
We may share your information within Millennium’s group, with our third party business partners, business associates, subcontractors and other third parties for the purposes set out below.
- Within the Millennium group and to our third party service providers: We may disclose your personal information to third parties, including our affiliates, subcontractors, agents and any person who provides professional, legal, tax or accounting advice or other services to Millennium. All such third parties are required to maintain the confidentiality of such information to the extent they receive it.
- Potential buyers, transferees, merger partners or sellers: We may disclose your personal information to a potential buyer, transferee, or merger partner or seller and their advisers in connection with any actual or potential transfer or merger, sale, acquisition, assignment, transfer, or other disposition of part or all of Millennium’s business or assets, or any associated rights or interests, or to acquire a business or enter into a merger with it.
- Legal reasons: We may also disclose your personal information or any portions thereof (a) as required by, or to comply with, applicable law, regulation, court process or other statutory requirement; and (b) respond to requests from any regulatory, supervisory or governmental authorities.
How we transfer your information
Our use of cloud-based technologies and operation in a global marketplace means that your information may be shared by us outside the European Economic Area (the “EEA”). Where this is the case, we ensure that an appropriate level of protection is provided to protect your information.
Due to the global nature of our business, your information may be transferred to jurisdictions outside the EEA. Such jurisdictions may not offer the same level of data protection as in your home jurisdiction, and may not be regarded by the European Commission as providing an adequate level of data protection.
Where we transfer your information outside of the EEA, we will ensure that personal data is protected and transferred in accordance with applicable legal requirements, which can be done as follows:
- the country to which we send personal data may be approved by the European Commission;
- the recipient may have signed a contract based on standard contractual clauses approved by the European Commission (“model clauses”), obliging them to protect your personal information; or
- if the recipient is located in the US, it may be a certified member of the EU-US Privacy Shield scheme.
Security and retention of information
We take the protection of your personal information seriously, and have security measures, controls and policies in place.
We will hold your personal information on our systems for the longest of the following periods:
- as long as is necessary for the relevant activity or as long as is set out in any relevant agreement you enter into with us;
- the length of time it is reasonable to keep records to demonstrate compliance with professional or legal obligations;
- any retention period that is required by law; or
- the end of the period in which litigation or investigations might arise in respect of your use of our website or the services that we provide to you.
Data protection laws may provide you with rights to access data, as well as rights for data to be erased, corrected, used for only limited purposes, not used at all, or transferred to you or a third party.
You may have the following rights under data protection laws:
- Right of subject access: The right to make a written request for details of personal data about you held by Millennium and a copy of that personal data.
- Right to rectification: The right to have inaccurate information about you rectified.
- Right to erasure (‘right to be forgotten’): The right to have certain personal data about you erased.
- Right to restriction of processing: The right to request that your personal data is only used for restricted purposes.
- Right to object: The right to object to the use of personal data.
- Right to data portability: The right to ask for personal data you have made available to us to be transferred to you or a third party in machine-readable formats.
- Right to withdraw consent: The right to withdraw any consent you have previously given us to handle your personal data. If you withdraw your consent, this will not affect the lawfulness of Millennium’s use of your personal data prior to the withdrawal of your consent.
These rights are not absolute: they do not always apply and exemptions may be applicable. We may, in response to a request ask you to verify your identity and to provide information that helps us to understand your request better. If we do not comply with your request, we will explain why.
To exercise any of these rights, or if you have any other questions about our use of your information, please email us at: [email protected] mlp.com.
If you are unhappy with the way we have handled your information you have a right to complain to your local data protection regulator.
- In the UK, your local regulator is the Information Commissioner, whose website is available at https://ico.org.uk
If you have any questions about this privacy notice, or our privacy related practices, you can contact: [email protected].