RIT Capital Partners plc, a UK Investment Trust, and J. Rothschild Capital Management Limited, its wholly owned manager (collectively "we", “us” or “our”) are committed to protecting and respecting your privacy and to keeping personal data secure. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of the UK General Data Protection Regulation (“GDRP”) and complementary UK legislation, we are the data controller for any personal information gathered by this website or by other sources. Our registered address is 27 St. James's Place, London, SW1A 1NR.
How we collect and use information
We may collect and process data about you for the following reasons:
Shareholders listed on the main register – if you buy RIT shares and receive a share certificate in your name, then your details will be processed by us, by our Registrar, Computershare, and other third parties necessary to administer your interests as a shareholder. Data will have been provided to us by you, or by an advisor or broker on your behalf, and will include basic personal information such as name, date of birth, address and other contact details, and financial and transactional information regarding your investment in RIT shares, such as number of shares held, dividend payments, payment details and preferences such as how you like us to communicate with you or whether you wish dividends to be reinvested. Information is held for as long as you remain a shareholder and, thereafter, retained by our Registrar as required by company law or other legal obligations. If you have an investment in RIT but do not directly hold share certificates, for example you hold RIT shares through an account with a wealth manager or share dealing service, then it is unlikely that we will have your personal data and it will be your advisor / provider that holds your personal information and the details of your investment.
Visitors to the website – if you visit the RIT website we, the third party that runs the website on our behalf, and a third-party analytics service, may collect information relating to your visit including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources that you access. The analytics information is only processed in a way which does not identify anyone. We do not make, and do not allow the analytics service provider to make, any attempt to find out the identities of those visiting our website. Please also see our Terms of Use and our Cookies Policy for further information about the use of the website.
Persons making enquiries about RIT – if you contact us with an enquiry by filling in forms on our website or by emailing us, we will keep a record of that correspondence and the limited personal contact details that you provide, should we need to respond to your enquiry now, or in the future. Details of the correspondence will be retained in accordance with companies law and the record keeping requirements of other regulations that RIT or, if relevant its FCA-authorised manager, is subject to.
Visitors to our buildings – in order to protect the security of our buildings, staff, tenants and visitors, it is in our legitimate interest to record security footage within our buildings and in the direct surroundings of our buildings. CCTV security footage is deleted after 30 days and is only shared with third parties if a lawful request is made by a legitimate body, for example by the Metropolitan Police.
People we do business with – we hold personal data in respect of persons with whom we have business relationships, or potential business relationships. This data is typically limited to basic personal information such as name, email address, telephone number, as well as details related to the nature of the business relationship. Information is processed in accordance with any contractual agreement in place or in the legitimate interests of our business activities. Where we deem it necessary for legal reasons or to protect our legitimate interests, we may conduct due diligence on organisations with whom we enter into business arrangements, including on individuals at those organisations. Information is retained depending on the nature of the activity, for example, in accordance with any regulatory or legal obligations that we are subject to, or in the legitimate interests of our ongoing business activities. In accordance with regulatory requirements, the telephone lines of our staff that are authorised to place investment trades with our broker counterparties are recorded and kept for seven years.
Our staff – we hold personal data in respect of our employees, directors, contractors and other persons who work with us from time-to-time. We have a separate privacy policy for our staff. If a person wishing to work with us sends us their details, for example through a recruitment process, we will do our best to gain their consent to hold onto their details for future roles with us, or, we will aim to delete the records once the recruitment process has concluded, although it may not be possible to remove all personal details; for example, it may not be possible to remove all references to a person’s name in our internal email system.
Lawful basis for processing
Under the GDPR there must be a lawful basis for processing your personal data. As outlined above, we will only do so for the purpose of running our business, fulfilling contractual obligations, fulfilling our obligations to shareholders or to provide information to shareholders, potential investors or other interested parties making reasonable enquiries. In terms of the GDPR, we will be processing either on the lawful basis of fulfilling a contractual obligation, or the lawful basis of being in our, or your, legitimate interests. Finally, we may process on the lawful basis of fulfilling a legal obligation if this is applicable.
We do not process your personal data on the lawful basis of consent (except in instances in respect of recruitment as explained above) as we do not use your personal data for marketing purposes. Nor do we ever sell or pass personal data to third parties for marketing purposes.
Who we do share information with
We will only share your personal data with other third parties where it is necessary for the purposes outlined above and in accordance with the relevant lawful basis for processing. Examples of the third parties that may process personal data on our behalf are: the Registrar for RIT Capital Partners plc, our professional advisers, our auditors, the companies that help us administer this website, organisations that provide due diligence or other checking services. Third parties that process data on our behalf are also subject to all of the requirements of the GDPR and owe us a contractual obligation to only use your personal data for the applicable purpose and to keep your data secure.
We may also disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of RIT or JRCM, customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Finally, in the event that we sell or buy any business or assets, we may disclose personal data to the prospective seller or buyer of such business or assets. If we are acquired by a third party, personal data will be one of the transferred assets.
How information is kept secure
We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Where personal data is held electronically we store information on our secure servers and employ security procedures and features to try to prevent unauthorised access.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect personal data in our possession, we cannot guarantee the security of data when being transmitted; any transmission of your personal data to us at our site or via email or other transmission method is at your own risk.
Our site may, from time to time, contain links to and from the websites of third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
Transfers of data outside of the UK
Personal data that we collect from you will only be transferred to or stored at a destination outside the UK or processed by staff operating outside the UK who work for us or for one of our suppliers if the organisation or country has data protection measures that have been deemed equivalent to those in the UK or if we have put adequate safeguards in place to ensure equivalent treatment of your personal data. By submitting your personal data, you agree to this transfer, storing or processing for the purpose indicated, provided one of the conditions above is met.
Your individual rights
The GDPR gives you rights in respect of your personal data. For more information about your rights please see:
We would draw your attention to the following procedures that we have in place in respect of your rights:
Right to access – you may request that we provide you with confirmation on whether we are processing your data and, if applicable, a copy of your personal data (not personal data in respect of any other individual) and other relevant processing information such as that provided in this privacy notice. To make a request, please write to The Compliance Officer, J. Rothschild Capital Management Ltd, 27 St James’s Place, London, SW1A 1NR. There will be no charge for requests that are reasonably made. We will aim to respond to you in writing within one month.
Right to rectification – if personal data that we hold on you is incorrect, please write to The Compliance Officer at the address above, or to your usual contact if applicable, and we will update our records (or let you know if we believe our records are accurate, if appropriate). Please note, if you wish to correct a record on our share register, you will need to contact our Registrar, Computershare, in writing at The Pavilions, Bridgwater Road, Bristol BS99 6ZZ or telephone them on 0370 703 6307.
Right to erasure – you may request that personal data that we hold on you be deleted, however, we are only obliged to erase your data if we no longer have a lawful basis for processing it. Please write to The Compliance Officer at the address above, providing the reason for your request and sufficient detail to accurately identify your records, and we will write to you to let you know the action we have taken.
Right to object – you may object to the processing of your personal data. You must give specific reasons for your objection and we are not obliged to comply with your request if we have a compelling reason to continue processing our personal data in accordance with a lawful basis. Please write to The Compliance Officer at the address above and we will write to you to let you know the action we have taken. If we do not agree with your objection we will explain why and, if you wish, how you may raise a complaint with the Information Commissioner’s Office.
Changes to our privacy policy
We may revise our privacy policy at any time by amending this page. You are expected to check this page from time-to-time to take notice of any changes we made.