Client Privacy Notice
This Privacy Notice sets out how The Juggling King Rum Company Limited (TJK) processes data, whether on individuals (including personal data in respect of individuals who are clients, intermediaries or other third parties TJK interact with, or any individual who is connected to those parties) or otherwise. Where the data held are on individuals, this document also sets out the rights of those individuals in respect of that personal data.
Any questions in relation to this Privacy Notice or requests in respect of personal data should be directed to the Operations Director (Robert Shepherd as at the date of this policy firstname.lastname@example.org) in the first instance.
TJK is the “data controller” for information collected about you. This means that we are responsible for deciding how we hold and use personal information about you.
This notice does not form part of any contract to provide services.
It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
The data we hold
TJK processes data in order to operate as a producer, distributor and seller of rum products and related merchandise. The type of data we may collect and process includes:
- Contact details (including names, postal addresses, email addresses and telephone numbers);
- Information required for TJK to meet legal and regulatory requirements;
- Information provided in the course of operating as a producer, distributor and seller of rum products and rum related merchandise (“Rum”);
- Financial information, such as payment related information;
- Professional interests and events attended (including images or video obtained during visits to events hosted by us);
- Meetings attended and visits to our offices;
- Any other information you may provide to us.
How we collect this data
We collect your personal information when you contact us by email, letter, telephone or in person, or by entering your details in the fields requested on, or any documents linked to or downloaded from, our website, or any other forms provided to you. We will collect the data to enable us to deal with your enquiry or provide you with the relevant services.
We may sometimes collect additional information from third parties including clients, client advisers, credit reference agencies or public open sources.
We will collect additional personal information in the course of service-related activities throughout the period of providing services to you.
Purposes of processing
We use data (including personal data of individuals) for the following purposes (the below also confirming the lawful basis we are relying on in each case):
|Purpose||Lawful Basis for Processing|
|To enter into client relationships and provide Rum.||Any one or more of the following: The legitimate interests of TJK as a provider of Rum to process personal data for the purpose of providing those services In instances where an individual has been provided with this Privacy Notice and provides personal data thereafter, the processing may be carried out on the basis of consent. Consent may be withdrawn at any time by writing to the Operations Director (Robert Shepherd as at the date of this policy email@example.com). The processing is necessary for legal proceedings, the obtaining of legal advice or establishing, exercising or defending legal rights (including conflicts of interest checks, anti-financial crime procedures, client and matter management including billing and debt collection) Where the client is an individual: to fulfil the contract we have entered into with the individual to provide Rum services|
|To manage our client, intermediary and other business relationships||The legitimate interests of TJK to seek to ensure its business is conducted efficiently and with a view to enhancing client service|
|To ensure the security of TJK systems, staff and premises (including the use of CCTV equipment)||The legitimate interests of TJK in protecting its systems, staff and premises from being misused or the victim of any criminal activity|
|To provide our contacts with marketing material, to invite contacts to events which may be of interest to them and to participate in competitions and to manage such mailings and events||The legitimate interests of TJK as a provider of Rum services to process personal data to communicate with persons on topics and events which may be of interest to those individuals. The right of those individuals to unsubscribe from mailings and/or manage preferences will be noted within all mailings and any requests to unsubscribe may be made via links available in the mailings or by writing to the Operations Director (Robert Shepherd as at the date of this policy firstname.lastname@example.org).|
|To meet all legal, regulatory and ethical obligations applicable to TJK (including in respect of managing potential conflicts of interest)||The legitimate interests of TJK as a provider of Rum services to process data to the extent necessary to ensure it meets all legal, regulatory and ethical obligations incumbent on it. This may include but not be limited to; the assessment of legal, regulatory and financial risks internal financial and marketing analysis service providers, including, but not limited to our auditors, advisers, insurers and providers of telecommunications and information technology facilities In certain instances, the processing of data may also be necessary for the exercise of functions of public authorities and/or necessary for compliance with a legal obligation to which TJK is subject|
|For the purposes of internal know-how and training||The legitimate interests of TJK as a provider of Rum services to process data for the purposes of internal know-how and staff training. TJK will use reasonable endeavours to ensure any personal data contained in the material which is not integral to the understanding of the material is redacted.|
In certain instances, personal data processed may include “Special Category Data” (which includes information on a person’s race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data processed for the purpose of uniquely identifying a natural person, health data, data on a person’s sex life or sexual orientation or data relating to a person’s criminal record or alleged criminal activity). In such instances, legal bases for processing that data may include explicit consent (where the Special Category Data has been provided to TJK by the data subject for any of the above-listed purposes) or the processing being necessary for compliance with a legal obligation or the purposes of legal proceedings or legal advice.
If you fail to provide personal information
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you or we may be prevented from complying with our legal obligations. Any instances where you do not wish to provide personal information, we will aim to work with you to understand any concerns you have and seek to agree a way forward.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Data sharing and recipients
We may need to share your data with third parties, including third-party service providers including:
- Other providers of services (legal, governance or otherwise) where disclosure to that provider of services is considered necessary to fulfil the purposes set out above;
- Any sub-contractors, agents or service providers of TJK, including connection with meeting any regulatory requirements;
- Courts or tribunals;
- Third parties with whom TJK engages for the hosting of events or other marketing initiatives;
- Law enforcement agencies where considered necessary for TJK to fulfil legal obligations applicable to it;
- Regulators or other governmental or supervisory bodies with a legal right to the material or a legitimate interest in any material;
- Any registrar of a public register where the data is to be included in a public registry;
- Potential parties with whom TJK intends to merge or sell any part of TJK Group.
We ask third-party service providers to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Transferring information outside the EEA
In certain instances, information will be sent to third parties outside the EEA (for example where our clients and intermediaries are outside the EEA) but this personal information will usually be limited and you will be aware of the transfer.
Where more detailed personal information is to be transferred, we will only send your personal information outside TJK to follow your instructions, comply with a legal duty, work with our suppliers, agents and advisers who we use to help manage your relationship with us or who provide services to us and to share data within TJK. Where we transfer data outside of the European Economic Area (EEA), we will, where possible, make sure that it is protected in the same way by implementing appropriate safeguards and this would be notified to you.
Keeping data secure
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Operations Director (Robert Shepherd as at the date of this policy email@example.com).
If there were ever any suspected data security breach, we will follow the guidelines set out on the Office for Data Protection website for notifying you and any applicable regulator where we are legally required to do so.
We only keep data for as long as necessary to fulfil the purposes (as set out above) for which we collected it. Details of retention periods for different aspects of your personal information are available in our retention policy.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.
Rights to access, correction, erasure, and restriction
By law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
- Be notified of rectification, erasure and restrictions.
- Not be subject to decisions based on automated processing.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact the Operations Director (Robert Shepherd as at the date of this policy firstname.lastname@example.org).
Right to withdraw consent
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact the Operations Director (Robert Shepherd as at the date of this policy email@example.com). Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Concerns or queries
Any questions about the contents of this notice or our use of personal data should be addressed to the Operations Director (Robert Shepherd as at the date of this policy firstname.lastname@example.org).
Issues or concerns individuals have regarding their personal data can also be brought to the attention of the applicable supervisory authority in your country, where you live or work, or the location where the data protection issue arose.
Third Party Service Providers
Where your personal data is provided to or required for access to any third party service (for example when logging onto an external website) you should review the third party privacy notice. If you have any concerns in this regard please refer them to the Operations Director (Robert Shepherd as at the date of this policy email@example.com).
Changes to this privacy notice
We keep this Privacy Notice under review and will inform you of any changes. We last updated this Privacy Notice on 1 June 2021.