Hambro Perks

Hambro Perks Limited and members of the Hambro Perks group of companies (together, the “HP Group”) take your privacy and the protection of your personal information very seriously. This Privacy Policy (“Policy”) is issued on behalf of the HP Group so any reference to "we", "us" or "our" in this Policy is a reference to the relevant member of the HP Group responsible for processing your data.

This Policy explains what information we gather about you, how we use that information, what we use that information for and who we may share that information with. It also sets out your rights in relation to any information that we may hold about you.

This Policy applies to information that we collect about visitors to www.hambroperks.com and any other sites maintained by the HP Group that link to this Policy (together, “the HP Sites”). Each HP Group company is a separate legal entity and complies with the relevant local laws and regulations to ensure the protection of your personal information.  Members of the HP Group include but are not limited to Hambro Perks Services Limited, Hambro Perks Asset Management Limited and Hambro Perks Advisory LLP.

It is important that you read this Policy, together with any other privacy policy or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are processing your data. This Policy supplements other notices and privacy policies and is not intended to override them.

1.       Our commitment to you

Hambro Perks Limited and members of the Hambro Perks group of companies (together, the “HP Group”) are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. This Policy is issued on behalf of the HP Group so any reference to “we”, “us” or “our” in this Policy is a reference to the relevant member of the HP Group responsible for processing your data.

2.       Third party links

The HP Sites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. Any third-party links referred to on the HP Sites are not managed by the HP Group and, when you follow links to third party sites, this Policy no longer applies and you should ensure that you review and understand the privacy policy of that site before use.

3.       The personal information we collect, and why we collect it

Information you give us. This is information about you that you provide to us by filling in forms or by corresponding with us by phone, electronic mail or otherwise. You may provide us with your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise.

For example, you can browse the HP Sites without entering any personal information. However, if you choose to request information about the HP Group or any of the products or services we offer, you will be asked to provide us with personal information through a request form. Information we collect may include: your name, email address, telephone number and, in the case of determining your eligibility to receive promotional information, confirmation of your status as an authorised or exempt person under the Financial Services and Markets Act 2000 (Financial Promotion) Order 2005.

We endeavour to only collect the minimum amount of information necessary to fulfil your request. However, some of the information that we ask you to provide is mandatory and if you do not provide it, we may not be able to grant you access to certain areas of the HP Sites or provide you with certain materials.

Information we collect about you. The HP Group may also supplement the personal information you provide with information we receive from third parties, including our business partners, contractors, analytics and other service providers. In order to maintain compliance with statutory regulation we need to carry out Know Your Client checks. We may use third parties to perform these checks and keep confirmation on our permanent file to be provided as evidence that we have carried out the necessary procedures, and have considered the risk assessment, as proof of our compliance with legislation.

We process the personal data for certain legitimate reasons, among other things, to help us improve the overall accuracy of the information and its completeness, to help us better tailor our interactions with you, and to help us identity and prevent fraud.

4.       Cookies and other information-gathering technologies

The HP Sites use cookies. Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. These cookies allow us to distinguish you from other users of the HP Sites which helps us to provide you with an enhanced user experience when you browse the HP Sites and allows us to continuously improve the HP Sites. You can set your browser to refuse all or some browser cookies, or to alert you when the HP Sites set or access cookies. If you disable or refuse cookies, please note that some parts of the HP Sites may become inaccessible or not function properly.

5.       How we use your personal information

When you provide personal information to us, we may use it for any of the purposes described in this Policy or as stated at the point of collection, including, but not limited to:

·       where it is necessary for our/your legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;

·       to administer and manage the HP Sites, including to confirm and authenticate your identity and prevent unauthorised access to some areas of the HP Sites;

·       to continue to improve the user experience on the HP Sites;

·       to conduct benchmarking and data analytics, for example, determining the usage of the HP Sites and sorting and analysing your data for this purpose;

·       to conduct quality and risk management assessments including the use of data analytics;

·       to monitor compliance with the HP Sites’ terms of use policy;

·       where we need to comply with a legal/regulatory obligation; and/or

·       any other purposes for which you have provided your personal information to the HP Group (we will notify you if this is the case at the time).

The HP Group reserves the right to transfer and disclose your information, on an anonymised basis if The HP Group becomes involved in a business divestiture, change of control, sale, merger, or acquisition of all or a part of its business.

We only collect personal information in accordance with applicable law and this Policy and we do not, through any of the HP Sites, collect your personal information for sale to third parties or for consumer marketing purposes.

6.       How we share your personal information

The HP Group may share personal information we collect about you with our affiliates, business partners, service providers, subsidiaries, vendors, consultants and other service providers to perform work on our behalf. The information may be shared with third parties to offer or provide related services according to agreements signed with the HP Group.

The HP Group may share your information in response to a request for information, if upon review, we determine that disclosure is in accordance with, or required by, any applicable law, regulation or legal process.

We may share your information if we determine that your actions are inconsistent with our user agreements or policies, or if we must protect the rights, property and safety of The HP Group or others.

The HP Group may share your personal information in connection with or during negotiations of any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company.

Whenever we share your data with anyone other than the entities listed above, we will only do so after satisfying ourselves that there is a legitimate reason for doing so and except in the case of governmental or regulatory organisations over which we have no control, that the persons with whom we have shared your data have appropriate controls over your data.

7.       International Data Transfers

When necessary, your personal information may be transferred to and stored outside of the United Kingdom. This includes countries outside of the European Economic Area (“EEA”) which may not have local laws which specifically provide protection for personal information. Where your personal information is collected within the EEA and transferred out of the EEA, it will only be transferred where: the recipient is located in a country which provides an adequate level of protection; and/or, an agreement is in place which includes contractual clauses that are of a standard approved by the European Commission for the purposes of transferring personal information outside of the EEA.

Please contact us if you require further information on the specific mechanism used by us when transferring your personal data out of the EEA.

8.       How we protect your personal information

We adhere to highly stringent security measures to protect your personal information from misuse, loss or alteration. Only persons who have agreed to protect and keep confidential your personal information in line with this Policy and our practices relating to data protection and confidentiality have access to your personal information you provide to us.

We take all appropriate measures to protect personal information; however, as any transfer of data over the internet is not completely secure we cannot guarantee absolutely the security of data transmitted to us over the internet. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9.       How we monitor and enforce

The HP Group regularly reviews our compliance with our Privacy Notice. If we receive formal written complaints, we will follow up with the person making the complaint. We work with the appropriate regulatory authorities to resolve any complaints that cannot be resolved directly.

10.        Your Rights

Right to be informed

Individuals have the right to be informed about the collection and use of their personal data.  This is achieved by means of this Privacy Notice.

Right of Access

You have the right to access and review the personal data stored by us to confirm its accuracy, and if necessary you may request that personal data is updated if it is inaccurate. You may also request that certain personal data be deleted from our files. 

The HP Group will make reasonable efforts to comply with such requests within a 30-day period and free of charge, unless such requests are prohibited by law, or there is a legitimate business purpose to retain personal data. We reserve the right to verify your identity before any request to update or delete your personal data is processed by us. Please direct any questions about your personal data to our data protection officer using the contact details set out in this notice by sending subject access request form.

Right of Rectification

You have the right to require us to rectify any errors in the data we hold about you.

Right to erasure (right to be forgotten)

This right is not an absolute right and if you request the right to erasure and we are not able to fully comply with your request we will inform you of the reasons why we are not able to fully comply.

Right to Data portability

You have the right to ask us to collect all the data you hold about them and transfer it to a new provider in a machine-readable form.  We do not believe this will be applicable for the types of data that we hold.

Right to restrict processing 

You have the right to ask us not to process your data/object to processing:

·       based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);

·       direct marketing (including profiling); or

·       processing for purposes of scientific/historical research and statistics.

If you exercise this right, we will stop processing the personal data unless:

·                we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual; or

·                the processing is for the establishment, exercise or defence of legal claims.

Right to object

You have the right to object to the processing of your personal data in certain circumstances.  You have the absolute right to stop your data being used for direct marketing.

11.        Complaints

If you wish to raise a complaint regarding the way in which we have handled your personal data, you can contact our Data Controller, Jessica Marchant, who will investigate the matter. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law you can complain to the Information Commissioner’s Office (ICO). Our Data Protection Officer’s contact details are set out at the end of this Policy.

12.        Applicable law

The terms of this Policy, its subject matter and its formation are governed by English law. You and we both agree that the courts of England and Wales will have exclusive jurisdiction.

13.        Changes to this Policy

The HP Group reserves the right to update or amend this privacy notice at any time. Every time you wish to use the HP Sites, please check these terms to ensure you understand the terms that apply at that time.

14.        How to Contact Us

If you have any questions regarding The HP Group’s privacy practices, the use of your personal data, or about this Privacy Notice, please contact the firm’s Data Controller Jessica Marchant by email at: Jessica.Marchant@hambroperks.com

Or by post to: Jessica Marchant, Data Controller, Hambro Perks Limited, 111 Buckingham Palace Road, London, SW1W 0SR


Privacy Notice of Hambro Perks Ventures (DIFC) Limited


This Privacy Notice explains how particular the Firm collects, uses and discloses your personal data, and your rights in relation to the personal data it holds.

The Firm (in this Privacy Notice, “us”, “we” and “our”) is the data controller of your personal data and is subject to the DIFC Data Protection Law (DIFC Law no 5 of 2020) and DIFC Data Protection Regulations (hereafter referred to as the “Data Protection Law”).

This Privacy Notice supersedes any previous Privacy Notice or equivalent which you may have been provided with or seen prior to the effective date stated above.

Your rights

Under the DIFC Data Protection Law you have the following rights:

  • To withdraw your consent at any time;
  • To obtain access to, and copies of, the personal data that we hold about you;
  • To require that we cease processing your personal data if the processing is causing you damage or distress;
  • To require us not to send you marketing communications;
  • To require us to erase your personal data;
  • To require us to restrict our data processing activities;
  • To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and
  • To require us to correct the personal data we hold about you if it is incorrect.

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.

How we collect your data 

We collect your personal data in a number of ways, for example:

  • From the information you provide to us when you meet us;
  • From information about you provided to us by your company or an intermediary;
  • When you communicate with us by telephone, fax, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
  • When you complete (or we complete on your behalf) client on-boarding or application or other forms;
  • From your agents, advisers, intermediaries, and custodians of your assets; or
  • From publicly available sources or from third parties, most commonly where we need to conduct background checks about you.

The categories of personal data we collect

We collect the following categories of personal data about you:

  • Your name and contact information such as your home or business address, email address and telephone number;
  • Biographical information which may confirm your identity including your date of birth, tax identification number and your passport number or national identity card details, country of domicile and/or your nationality;
  • Information relating to your financial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details;
  • Information about your knowledge and experience in the investment field;
  • An understanding of your goals and objectives in procuring our services;
  • Information about your employment, education, family or personal circumstances, and interests, where relevant; and
  • Information to assess whether you may represent a politically exposed person or financial crime risk.

The basis for processing your personal data (other than with your consent), how we use that personal data and whom we share it with

  • Performance of a contract with you

We process your personal data because it is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.

In this respect, we use your personal data for the following:

  • To prepare a proposal for you regarding the services we offer;
  • To provide you with the services as set out in our agreements with you or as otherwise agreed with you from time to time;
  • To deal with any complaints or feedback you may have;
  • For any other purpose for which you provide us with your personal data.

In this respect, we may share your personal data with or transfer it to the following:

  • Your agents, advisers, intermediaries, and custodians of your assets who you tell us about;
  • Third parties whom we engage to assist in delivering the services to you:
  • Our professional advisers where it is necessary for us to obtain their advice or assistance, including lawyers, , consultants; accountants, IT or public relations advisers;
  • Other third parties such as intermediaries who we introduce to you. We will wherever possible tell you who they are before we introduce you;
  • Our data storage providers
  • Legitimate interests

We also process your personal data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another person. In this respect, we use your personal data for the following:

  • For marketing to you. In this respect, see the separate section on Marketing below;
  • Training our staff or monitoring their performance;
  • For the administration and management of our business, including recovering money you owe to us, and archiving or statistical analysis;
  • Seeking advice on our rights and obligations, such as where we require our own legal advice.

In this respect we will share your personal data with the following:

  • Our advisers or agents where it is necessary for us to obtain their advice or assistance;
  • With third parties and their advisers where those third parties are acquiring, or considering acquiring, all or part of our business.
  • Legal obligations

We also process your personal data for our compliance with a legal obligation which we are under.

In this respect, we will use your personal data for the following:

  • To meet our compliance and regulatory obligations, such as compliance with anti-money laundering, conduct of business, market and tax transparency requirements;
  • As required by financial service regulators, market authorities, financial intelligence units, tax authorities or any competent court or legal authority. 

In this respect, we will share your personal data with the following:

  • Our advisers where it is necessary for us to obtain their advice or assistance;
  • Our auditors where it is necessary as part of their auditing functions;
  • With third parties who assist us in conducting background checks; or
  • With relevant regulators or law enforcement agencies where we are required to do so.


We will send you marketing about similar services we provide, as well as other information in the form of alerts, newsletters and invitations to events or functions which we believe might be of interest to you.

We will communicate this to you in a number of ways including by post, telephone, email, SMS, social media or other digital channels.

Transfer and processing of your personal data outside the Dubai International Financial Centre (“DIFC”).

When sharing your personal data with third parties as set out in this Privacy Notice, it may be transferred outside the DIFC. In these circumstances, your personal data will only be transferred on one of the following bases:

  • the country that we send the personal data to is approved by the DIFC Data Protection Commissioner as providing an adequate level of protection for personal data;
  • the recipient has provided appropriate safeguards and on condition that your enforceable rights and effective legal remedies for you are available – appropriate safeguards may include standard data protection clauses as adopted by the Data Protection Commissioner;
  • you have explicitly consented to a proposed transfer after being informed of possible risks of such transfer; or
  • the transfer is necessary for the performance of a contract.

To find out more about transfers by us of your personal data outside the DIFC and the countries concerned please contact us.

Retention of your data

We will only retain your personal data for as long as we have a lawful reason to do so. In particular:

  • where we have collected your personal data as required by anti-money laundering legislation, including for identification, screening and reporting, we will retain that personal data for six years after the termination of our relationship, unless we are required to retain this information by another law or for the purposes of court proceedings; or
  • otherwise, we will in most cases retain your personal data for a period of six years after the termination of our contractual or other relationship with you in case any claims arise out of the provision of our services to you.

Contact details:

You can address your queries in regard to this Privacy Notice to our SEO.

By post:

Att. SEO

Unit GV-00-10-07-02, Level 7, Gate village
Building 10, Dubai International Financial
P.O. BOX ______
DIFC, Dubai, UAE

By email: Nilmani Gautam nilmani.gautam@hambroperks.com