Millennium Online Privacy Notice (UK, EEA and DIFC)
Millennium Capital Partners LLP, Millennium Capital Management Limited, Millennium Operations Limited and Millennium Capital (DIFC) Ltd (each referred to as the “Company”, “we”, “our”, “us”) aim to protect your privacy as far as possible. Millennium is what is known as a “data controller” for the purposes of United Kingdom (“UK”), European Economic Area (“EEA”) and Dubai International Financial Centre (“DIFC”) data protection laws. Contact details are set out below. For the privacy notice for Millennium Capital Management France please refer to the Disclosures on our group website at www.mlp.com.
We may amend this notice from time to time without prior notification to intended recipients. This notice was last updated on January 2023.
Applicability of this Privacy Notice
This notice describes how we use Personal Data (as defined below) of individuals in the UK, EEA and the DIFC. It applies to recruitment applicants, former employees, professional contacts, visitors to our website, visitors to our offices or others with whom we may communicate.
How we obtain your Personal Data
We may collect personal information from you that personally identifies you (“Personal Data”) when you use our website or otherwise engage in communication with us including, for example, visiting our offices, submitting an employment application, or when you (or any entity you represent) enter into a contractual relationship with us, including, for example, as an employee or service provider.
We collect Personal Data about you from a variety of sources, which may include:
- any documents submitted to us, including any application forms;
- our communication or correspondence with you, such as when you contact us by letter;
- telephone, email or any other means of electronic or personal communication;
- your use of the Millennium Guest Wi-Fi services on your personal device(s) at our offices;
- third parties, in connection with potential employment or other contractual engagement; or
- CCTV devices at our offices for safety and security purposes.
Please note that, in accordance with regulatory requirements, we record calls made on certain employees’ landline and mobile telephone lines.
The Personal Data we collect
Depending on the nature of your relationship with the Company, we may collect or may have collected not limiting to the following categories of data about you:
- your name, title, contact details;
- other personal information such as your age, date of birth and marital status;
- information related to your occupation, such as your job title and CV;
- unique identifiers such as your government-issued social security number, national insurance number, tax file number, IP address and information related to that IP address;
- details from your passport, as required and permitted by applicable laws and regulations addressing due diligence and related matters;
- financial information; and
- other information you or others may provide to us during your communications or relationship with us, for our operational or business purposes.
You are not obliged to provide us with your Personal Data where it is requested but this may affect our ability to continue our dealings with you or employ you.
If you provide Personal Data on behalf of another person, it is your responsibility to notify that individual that you have provided their Personal Data to us and direct them to this notice.
As our offices are protected by CCTV, you may be recorded when you visit. We use CCTV to provide a safe and secure environment for those who work in and visit our offices.
Our use of your Personal Data
We process your Personal Data because it may be required for contractual or operational reasons, because it may be required by applicable laws or regulations, in our legitimate interests in order to comply with other applicable laws and regulations or for operational business purposes or in order to review and process employment applications, or on the basis of your consent.
Where we process “special categories” of Personal Data about you (such as information about your health, race or sexual orientation), we do so on one of the following bases: your explicit consent, legal or regulatory requirements, health and safety, monitoring of equality and diversity, prevention or detection of crime or similar misconduct, management of occupational pension schemes, or because the processing is necessary for the establishment, exercise or defence of a legal claim.
How we share your Personal Data
We may share your Personal Data within our group, with our third party business partners, business associates, subcontractors and other third parties for the purposes set out below.
- Within other entities in our group and to our third party service providers:We may disclose your Personal Data to third parties, including our affiliates, subcontractors, agents and any person who provides professional, legal, tax or accounting advice or other services to us. All such third parties are required to maintain the confidentiality of such data to the extent they receive it.
- Potential buyers, transferees, merger partners or sellers:We may disclose your Personal Data to a potential buyer, transferee, or merger partner or seller and their advisers in connection with any actual or potential transfer or merger, sale, acquisition, assignment, transfer, or other disposition of part or all of our business or assets, or any associated rights or interests, or to acquire a business or enter into a merger with it.
- Legal reasons:We may also disclose your Personal Data or any portions thereof (a) as required by, or to comply with, applicable law, regulation, court process or other statutory requirement; and (b) respond to requests from any regulatory, supervisory or governmental authorities.
How we transfer your Personal Data
Due to the global nature of our business, your Personal Data may be transferred to jurisdictions outside your home jurisdiction (which may be the UK, EEA or the DIFC). The level of information protection in countries outside your home jurisdiction may be less than or different to that offered in your home jurisdiction.
Where we transfer your Personal Data outside of your home jurisdiction, we will ensure that Personal Data is protected and transferred in accordance with applicable legal requirements, which can be done as follows:
- the country to which we send personal data may be approved in your home country (e.g., by the European Commission or under the UK or DIFC data protection laws (as applicable)) as having adequate data protection laws; or
- the recipient may have signed a contract based on standard contractual clauses approved in your home jurisdiction (e.g., by the Information Commissioner’s Office in the UK, the European Commission or the Commissioner of Data Protection of the DIFC), obliging them to protect your Personal Data.
Security and retention of Personal Data
We take the protection of your Personal Data seriously and have security measures, controls and policies in place.
We will hold your Personal Data on our systems for the longest of the following periods:
- as long as is necessary for the relevant activity or as long as is set out in any relevant agreement you enter into with us;
- the length of time it is reasonable to keep records to demonstrate compliance with professional or legal obligations;
- any retention period that is required by law; or
- the end of the period in which litigation or investigations might arise in respect of your use of our website or the services that we provide to you.
Data protection laws may provide you with rights to access Personal Data, as well as rights for Personal Data to be erased, corrected, used for only limited purposes, not used at all, or transferred to you or a third party.
You may have the following rights under data protection laws:
- Right of subject access:The right to make a written request for details of Personal Data about you held by us and a copy of that Personal Data.
- Right to rectification:The right to have inaccurate Personal Data about you rectified.
- Right to erasure (‘right to be forgotten’):The right to have certain Personal Data about you erased.
- Right to restriction of processing:The right to request that your Personal Data is only used for restricted purposes.
- Right to object:The right to object to the use of your Personal Data, including the right to object to marketing.
- Right to data portability:The right, in certain circumstances, to ask for Personal Data you have made available to us to be transferred to you or a third party in machine-readable formats.
- Right to withdraw consent:The right to withdraw any consent you have previously given us to handle your Personal Data. If you withdraw your consent, this will not affect the lawfulness of our use of your Personal Data prior to the withdrawal of your consent.
These rights are not absolute; they do not always apply and exemptions may be applicable. We may, in response to a request, ask you to verify your identity and to provide information that helps us to understand your request better. If we do not comply with your request, we will explain why.
To exercise any of these rights, or if you have any other questions about our use of your information, please email us at: [email protected].
If you are unhappy with the way we have handled your Personal Data, you have a right to complain to your local data protection regulator.
- In the UK, your local regulator is the Information Commissioner, whose website is available at https://ico.org.uk
- In Ireland, your local regulator is Data Protection Commission whose website is available at https://dataprotection.ie
- In the DIFC, your local regulator is the Commissioner of Data Protection at DIFC, who can be contacted at [email protected]
If you have any questions about this privacy notice, or our privacy related practices, you can contact: [email protected].