7 Palmerston Place Lane
Tel. 0131 220 6660
10 Newton Place
Tel. 0141 229 1166
Stephen Grant, F.I.P.I
5. Who the information is processed about
5.1. We process personal information about:
6. Who the information may be shared with
6.1. We sometimes need to share the personal information we process with the individual themself and also with other organisations. Where this is necessary we are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations we may need to share some of the personal information we process with for one or more reasons.
6.2. Where necessary or required we share information with:
7. Trading and sharing personal information
7.1 Personal information is traded and shared as a primary business function. For this reason, the information processed may include name, contact details, family details, financial details, employment details, and goods and services. This information may be about customers and clients.
7.2. The information may be traded or shared with business associates and professional advisers, agents, service providers, customers and clients, and traders in personal data.
8. Undertaking research
8.1. Personal information is also processed in order to undertake research.
8.2. For this reason, the information processed may include name, contact details, family details, lifestyle and social circumstances, financial details, good and services.
8.3. The sensitive types of information may include physical or mental health details, racial or ethnic origin and religious or other beliefs.
9. Consulting and advisory services
9.1. Information is processed for consultancy and advisory services that are offered.
9.2. For this reason, the information processed may include name, contact details, family details, financial details, and the goods and services provided.
9.3. This information may be about customers and clients.
9.4. Where necessary this information is shared with the data subject themselves, business associates and other professional advisers, current, past or prospective employers and service providers.
10.1. It may sometimes be necessary to transfer personal information overseas.
10.2. When this is needed information may be transferred to countries or territories around the world.
10.3. Any transfers made will be in full compliance with all aspects of the Data Protection Act.
11. Sources of Personal Data
11.1. The data we process originates from legally compliant publicly available and open source information, and personal data manifestly made public by the data subject. In addition, it is supplied by clients under the lawful basis of legitimate interests.
12. Lawful Basis
12.1. Grant & McMurtrie processes all personal data lawfully, fairly and in a transparent manner when providing investigatory services under the following lawful bases stated in The General Data Protection Regulation GDPR:
Secondary (where appropriate)
12.2. Grant & McMurtrie processes all sensitive data/special categories data lawfully, fairly and in a transparent manner when providing investigatory services under the following lawful bases stated in the General Data Protection Regulation:
GDPR (special categories)
Article 9(2)(f) processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
12.3. Where Legitimate Interests is relied upon as a lawful basis a Legitimate Interest Assessment is conducted.
13. Client Information
13.1. Prior to any business relationship, we will request from clients personal information such as name, address, telephone number and email. We also obtain consent to process said information to confirm the accuracy of such details. In the event we do not proceed with an assignment, the information will be destroyed when the client advises they do not wish to proceed.
14. Handling of personal data – Security, Protection and Retention
14.1. Grant & McMurtrie adheres to the requirements and individual’s right contained in The Data Protection Act 1998 and The General Data Protection Regulation 2018 and ensures that personal data is:
14.2. Grant & McMurtrie takes all reasonable technical and organizational precautions to prevent the loss, misuse or alteration of personal information. We have put in place appropriate security measures to prevent personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed, including the following by way of example:
15. Individual’s Rights
Under certain circumstances, by law you have the right to:
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, please submit your request in writing to: The Data Controller, Grant & McMurtrie, 7 Palmerston Place Lane, Edinburgh EH12 5AE. Please note under the DPA & GDPR, Grant & McMurtrie are required to verify the identity of the person submitting an objection, therefore all such requests must include the individual’s full name, address and telephone number. The sender may also be requested to supply paper evidence of their identify.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
16. Data Controller
16.1. The data controller responsible for your personal data is Grant & McMurtrie. Our data protection registration number is Z5619795. If you have any questions about this privacy notice or how we handle your personal information, please contact The Data Controller, Grant & McMurtrie, 7 Palmerston Place Lane, Edinburgh EH12 5AE.
16.2 The Data Protection Officer for Grant & McMurtrie is currently Stephen Grant.
17. Right to complain
You have right to lodge a complaint with the Information Commissioner’s Officer (ICO). The ICO can be contacted by telephone on 0303 123 113 – Monday to Friday, between 9am and 5pm – or by email at email@example.com. You can also visit the ICO’s website by following this link: https@//ico.org.uk/.
18. Changes to our Privacy Information Notice
We may change, modify or adjust this Privacy Information Notice from time to time, however we will not reduce your rights under the Privacy Information Notice.
Any changes we make to our Privacy Information Notice in the future will be found on our website, at www.grantec.co.uk/privacynotice. Copies are also available from us by post. Please contact us if you require a copy.
Cookies are files containing small amounts of information which are downloaded to the device you use when you visit a website. Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie.
Whether a cookie is a first or third party cookie depends on which website the cookie comes from. First party cookies are those set by or on behalf of the website visited. All other cookies are third party cookies. We only use first party cookies on our website.
These cookies collect information about how visitors use a web site, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don't collect information that identifies a visitor although they may collect the IP address of the device used to access the site. All information these cookies collect is anonymous and is only used to improve how a website works, the user experience and to provide us with information to help our search engine optimisation strategy. By using our website you agree that we can place these types of cookies on your device, however you can, if you wish, block these cookies using your browser settings.
This information helps us to tailor our Search Engine Optimisation Strategy so that more people are likely to find our website.
If you wish to restrict or block the cookies which are set by any website including ours, you should do this through the web browser settings for each web browser you use, on each device you use to access the Internet.
You can allow cookies from specific websites by making them "trusted websites" in your web browser. For more information on how to do this you may wish to visit www.allaboutcookies.org which contains comprehensive information on how to do this on a wider variety of browsers.