1.1 Your privacy is important to the Assurance Review (the "Review"). This Privacy Policy ("Policy") describes how the Review will collect, protect, use, and share your personal information when you submit information to the Review.
1.2 This Policy explains how the Review will handle any personal information that that you submit, for the purposes of conducting the Review.
1.3 For the purpose of applicable data protection legislation (including but not limited to the Data Protection Act 2018 and the General Data Protection Regulation (Regulation (EU) 2016/679)) (the "Data Protection Legislation"), the data controller is Sir Ross Cranston.
2.1 The Review will maintain physical and electronic safeguards that comply with applicable legal standards to secure the confidentiality of your information, including personal information from unauthorised access and use, alteration and destruction.
3.1 The Review will collect, for the purposes of the Review, personal information that you submit to the Review via email to info@CranstonReview.com.
3.2 For the purposes of the Data Protection Legislation, the Review anticipates that the personal information that you may submit shall include, but shall not be limited to: your name, email address, postal address, telephone number and transactional account data.
4.1 By submitting personal information to the Review, you acknowledge and agree that it may use such information in accordance with this Policy to carry out the Review if the Review deems it necessary to do so for the Review's legitimate interests in accordance with the scope set out on this website.
4.2 You also acknowledge and agree that any personal information you submit to the Review may be included as part of any reports produced as part of the Review. Any reports will not include any contact details that you submit to us in this way.
5.1 Personal information submitted to the Review may be shared with regulatory and law enforcement authorities if necessary to comply with any legal or regulatory requirements.
5.2 Personal information may also be shared with the following third parties, amongst others:
if the Review deems it necessary to do so for the Review's legitimate interests or for the legitimate interests of such third parties.
6.1 The personal information that the Review collects from you may be transferred to, stored at, and processed at a destination outside the European Economic Area ("EEA").
6.2 The Review utilises standard contract clauses approved by the European Commission and adopt other means under European Union law to legitimise data transfers from the EEA to destinations outside the EEA. The Review will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Policy.
6.3 All information you submit to the Review is stored on secure servers.
6.4 The transmission of information via the internet is not completely secure. Although the Review will do its best to protect your personal information, it cannot guarantee the security of your personal information, and any transmission of personal information is at your own risk. Once the Review has received your information, it will process and store the information in accordance with this Policy.
7.1 You can contact the Review if you believe the personal information it has for you is incorrect, if you believe that the Review is not entitled to use your personal information in accordance with this Policy, if you would like the Review to erase personal information that it holds about you or if you have any other questions about how your personal information is used, or about this Policy. Please email or write to the Review using the contact details at the end of this Policy.
8.1 The Data Protection Legislation gives you the right to review personal information that the Review keeps about you. You can request an overview of the personal information that the Review keeps about you by emailing or writing to the Review using the contact details at the end of this Policy. The Review may ask you to verify your identity and for more information about your request. The Review will seek to act on your request in the timescale required by the Data Protection Legislation.
9.1 The Review will hold your information for as long as is necessary to comply with any statutory and contractual obligations and in accordance with the Review's legitimate interests.
10.1 The Review reserves the right, in its sole discretion, to modify this Policy at any time by posting such changes here. Please check back regularly to see any updates or changes to this Policy. The Review may in addition email you to tell you about any such changes.
10.2 If you have any questions or specific requests, please contact: info@CranstonReview.com.