Protection of your privacy and the security of your personal data are very important to ALPHABETH QUANT I LIMITED.
This Privacy Policy explains how information about you is collected and used by ALPHABETH QUANT I LIMITED, along with information about your rights as a data subject.
The terms “ALPHABETH CAPITAL”, “we,” “us,” and “our” includes ALPHABETH QUANT I LIMITED and its affiliates. Together with our Cookie Policy, this Privacy Policy applies to all users of our website: https://alphabethcapital.com, as well as our clients, and business partners.
The terms “you” and “your” shall be interpreted accordingly and apply irrespective of whether you are a client of ALPHABETH CAPITAL. To the extent that you are a client, this Privacy Policy applies together with any relevant terms of business and other contractual documents, including but not limited to any agreements/engagement letters we may have with you. If you are just browsing, we have designed our website so that you may navigate and use it without having to provide Personal Data, subject only to certain data that may be collected via the use of cookies, or data you choose to provide for marketing purposes or to access certain resources.
If you do not accept these policies, you should immediately discontinue your use of our website. By using our website, providing personal information, and/or using any of our services, you agree that:
In such cases, references in this Privacy Policy to terms such as “you” and “your” also refer to such persons.
For the avoidance of doubt, this Privacy Policy is not intended to cover our privacy obligations towards our employees (including consultants/contractors) or prospective employees, which are explained within our Employee Privacy Policy and Recruitment Privacy Policy, respectively. Such policies will be made available during the application process and at the commencement of employment, where applicable. We reserve our right to issue separate policies in respect of other relevant stakeholders and/or business partners.
Key concepts In this Privacy Policy, “personal data” means any information relating to you as an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an online identifier or to one or more factors specific to your physical, physiological, genetic, mental, economic, cultural or social identity. Personal data includes information that can identify you as a living individual, whether by itself or when used in conjunction with other information which we hold. Examples include, but are not limited to, your name, your telephone number, your email address, your place and date of birth. For the avoidance of doubt, personal data does not include data from which you cannot be identified (which is referred to simply as data, non-personal data, anonymous data, or de-identified data).
In this Privacy Policy, “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. Likewise, “process” shall be interpreted accordingly. If we determine the purposes and means of processing of your personal data, then we are a “controller”, and anyone who acts on our instructions in respect of such processing is a “processor”. There may be times where we act as controller and processor. We offer services in or from within Gibraltar, which is no longer part of the European Union (“EU”). Accordingly, Gibraltar has its own data protection laws that apply certain EU laws, with such modifications as are necessary.
This is referred to as the “Data Protection Legislation”, which includes:
If you live or work outside Gibraltar, other laws (including the EU GDPR) may be applicable to your individual circumstances. To make it easier for you to navigate through this Privacy Policy, you can click on the text below each box to be taken directly to the relevant section.
To access this Privacy Policy online please visit: https://alphabethcapital.com/privacy-policy
For general web-browsing of this website, your personal data is not revealed to us, although certain statistical information is available to us via our internet service provider as well as through the use of special tracking technologies. Such information tells us about the pages you are clicking on or the hardware you are using, but not your name, age, address or anything we can use to identify you personally. More details can be found in our Cookie Policy. However, if you wish to use certain services offered on our website, obtain certain information made available by us, or request us to provide you with legal services through our Contact page or by contacting Our People directly, then you may be asked for information such as name, email address, telephone number and residential address. Other parts of our website may also have access to legal resources and marketing material and we may ask for basic contact information for the purpose of marketing to you, provided you opt-in to such communications (see below). If you enter into a business relationship with us, either as a client or as one of our business partners, vendors or suppliers, then the kinds of personal information that we collect and hold about you may include:
In these cases, the provision of your personal data will be a contractual requirement or a requirement relating to entering into a contract, and you will be obliged to provide the personal data we require in order to comply with our legal obligations and provide the services to you under that contract. Without this information, we may not be able to provide you with our services or respond to queries or requests that you submit to us. You may, however, visit our website anonymously. Additionally, we may also process certain special categories of data. This data would only be collected and processed with either your explicit consent or where we are lawfully permitted to do so without your consent (e.g. personal data which is manifestly made public by you). Such processing would be for limited purposes such as fraud prevention, prevention of money laundering, financial crime and terrorist financing, or in order to represent you in civil or criminal proceedings. Such data may include matters such as:
How do we collect the information? We collect your personal data in the following manner:
We always ensure we respect your privacy rights. This means we can only collect your personal data if we have a lawful basis for doing so. If the data is particularly sensitive we may need additional justification. In most cases, we may rely on the following grounds:
In most cases, we collect personal data that you choose to provide to us so that we can provide you with a service you have requested from us such as provision of legal advice for example. The relevant information is then used by us to communicate with you on any matter relating to the conduct of your instructions in general. Specifically, if you are a client, this would be providing the services set out in our engagement letter and in accordance with applicable terms of business (as may be amended) and as necessary for the performance of our contract with you. If you choose not to provide certain information, we may not be able to provide you with some services. We also process information relating to our employees, and prospective applicants, for general employment and recruitment purposes. These purposes will be disclosed in more detail at the time we collect personal data from such persons.
We use your information in a number of ways. When we use your personal information, we must do so lawfully. In every case, we will use your information for the purposes for which it was provided by you or lawfully obtained by us, and where such purposes change or cease to exist, we will inform you that we need additional information or shall erase your information in accordance with the retention policies described in this Privacy Policy. Your information may be used:
We may also use aggregate information and statistics for the purposes of monitoring website usage in order to help us to develop our website and our services. We may also provide such aggregate information to third parties. These statistics will not include information that can be used to identify you, as the information is anonymized and ‘de-identified’. More information is found in our Cookie Policy. Direct Marketing Your information may also be used to provide you with information about us and our range of services, otherwise known as ‘Direct Marketing’. To this end, we may use your information:
In circumstances where you are an existing client or we otherwise have an existing relationship with you, we will rely on our legitimate interests as the lawful ground for processing your personal data for direct marketing purposes. To this end, it may be necessary to process your personal data so we can directly market in our legitimate interest. In addition, we consider it reasonable for you to expect you may receive marketing material from us in the same methods we normally communicate with you (e.g. via email) and that there is no disproportionate impact on your individual privacy rights in this case. In circumstances where you are not a client or we do not otherwise have an existing relationship with you, marketing our materials, events, and services (or those of others) to you shall be subject to your consent which shall be requested at the latest on our first communication to you, where you will be given the option to elect to receive such information (known as ‘opting-in’) by checking the appropriate boxes on the forms we use to collect your data or in links provided within our email communications. On each and every marketing communication, we will always provide the option for you to exercise your right to object to the processing of your personal data for marketing purposes (known as ‘opting-out’) by clicking on the ‘unsubscribe’ button on our marketing emails or choosing a similar opt-out option on any forms we use to collect your data. You may also opt-out at any time by contacting us at the below details. Please note that any administrative or service-related communications (to offer legal advice, or notify you of an update to this Privacy Policy or applicable terms of business, etc.) will solely be directed at our clients or business partners, and such communications generally do not offer an option to unsubscribe as they are necessary to provide the services requested. Therefore, please be aware that your ability to opt-out from receiving marketing and promotional materials does not change our right to contact you regarding your use of our website or as part of a contractual relationship we may have with you. If you wish to be removed, we will retain your details in our marketing database(s) specifically for the purposes of suppressing your details from inclusion in all future marketing campaigns. These database(s) are restricted for access only by members of our marketing team. Your unsubscription request will only affect these database(s) and will not change any existing information on our other databases that you have provided to us or that we have otherwise obtained for the purposes of providing our legal services to you or for any other lawful purposes.
Information Sharing
In certain cases we may access, preserve, and disclose to third parties information about you if we believe disclosure is in accordance with or required by, any contractual relationship with you, applicable law, regulation, or legal process unless such information is protected by legal professional privilege. Personal data may be processed by us and/or our affiliates, agents, vendors, consultants, or suppliers, as well as any other third-party service providers who are performing certain services on our behalf for the purposes specified above (for example, external Counsel, financial institutions, and/or experts) or on your specific instructions. Such third parties have access to personal data solely for the purposes of performing the services specified in the applicable engagement or to comply with applicable laws and not for any other purpose. We require these third parties to undertake security measures consistent with the protections specified in this Privacy Policy. Such third parties may be located within or outside of Gibraltar. In addition, we may be required by law or by a court to disclose certain information about you or any engagement we may have with you to relevant regulatory, law enforcement, and/or other competent authorities unless such information is protected by legal professional privilege. We may also need to share your information in order to enforce or apply our legal rights under any agreed terms of business. Finally, if our business enters into a joint venture, sale, reorganization, transfer, or asset disposal, or is merged with another business entity, your information may be disclosed to our new business partners.
Overseas Transfers
In connection with the provision of our services, personal data may also be transferred outside of Gibraltar. This may include countries or territories outside of the United Kingdom or the European Economic Area (“EEA”) where necessary (e.g. in the context of international legal proceedings or cross-jurisdictional legal services, or because we use service providers outside the EEA). The EEA includes countries in European Union as well as Iceland, Lichtenstein, and Norway. Under the Data Protection Legislation, personal data can flow fairly freely from Gibraltar to the United Kingdom or to the EEA (note that the same may not be true for inward transfers to Gibraltar from the EEA, as it is no longer part of the EU). However, certain restrictions exist where personal data is being transferred to a ‘third country’ outside the EEA or the United Kingdom and these are referred to as “restricted transfers”. Generally, we will only perform restricted transfers where the transfer will be adequately protected by measures such as the following:
In the absence of adequacy regulations or appropriate safeguards, we may also rely on derogations for specific situations as set forth in Article 49 of the Gibraltar GDPR. In particular, we may collect and transfer your personal data outside the EEA:
Finally, we may also perform restricted transfers in ‘one-off’ cases where a transfer is not repetitive, concerns a limited number of data subjects, and is necessary for the purposes of compelling legitimate interests pursued by us, which are not overridden by your interests or rights and freedoms, and only after we have assessed all relevant circumstances.
Communicating via the Internet and sending information to you by other means necessarily involves your personal information passing through or being handled by third parties, but we do not sell or distribute without your permission your personal information to third parties for purposes of allowing them to market products and services to you. Any information we share with marketing companies, data analytics companies, website developers, and similar service providers and their affiliates is for the sole purpose of developing, hosting, managing, operating, and supporting the content on our website, or otherwise improving our website and the manner in which we market ALPHABETH QUANT I LIMITED. We ensure that in such cases, the information cannot be used to identify you and is anonymized and ‘de-identified’. More information is found in our Cookie Policy.
Retention periods are determined based on the type and nature of the information and the legal or regulatory requirements that apply. We shall retain a record of our engagement with all our clients, as well as all files and documentation relating to clients and/or the particular matter that forms the basis of the contractual relationship for a minimum period of 6 (six) years from the end of the business relationship described in the relevant engagement documentation, unless:
We will attempt to minimize personal data to what is necessary to identify the client and the services provided by ALPHABETH QUANT I LIMITED, and after the applicable retention period has expired shall destroy all personal data and other records. At our discretion, we may retain personal information for less than or longer than the said period of 6 (six) years if we consider it necessary or desirable to do so to meet our legal or regulatory obligations, or at your specific request (for example, if you ask us to retain certain documents such as final orders, marriage and birth certificates, policy documents and counterpart documents relating to evidencing title to land). For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at the details provided below. Information about you that is no longer necessary and relevant to provide our services may be de-identified and aggregated with other non-personal data to provide insights that are commercially valuable to us, such as statistics of the use of our services or our main sources of work. This information will be de-associated with your name and other identifiers and the data will therefore be anonymized. Likewise, certain statistical information obtained from our website is already anonymized. More information is found in our Cookie Policy. Such information may be kept by us for longer periods than those specified in this Privacy Policy, provided that such retention is in accordance with applicable laws and regulations.
We are committed to taking appropriate measures designed to keep your personal data secure. Our technical, administrative, and physical procedures are designed to protect personal data and non-personal data from loss, theft, misuse, and accidental, unlawful or unauthorized access, disclosure, alteration, use, and destruction. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. We implement security measures across the firm to ensure our client's data is protected within secured and encrypted servers we control, which are located in Gibraltar. We may also keep hard copy records of this personal information in physical storage facilities with access restricted solely to our personnel. We also take steps to monitor access to and modification of your information by our contractors, advisers, consultants, and staff members, and ensure that they are aware of and properly trained in their obligations for managing your privacy. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide benefits or services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities. If you have any further questions about the security of your personal information, you can contact us at the details below.
We use reasonable physical, electronic, and procedural safeguards to protect the personal information that we obtain from you from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please note that we are not responsible for the security of any data you are transmitting over the Internet, or any data you are storing, posting or providing directly to a third party’s website, which is governed by that party’s policies. Please note that no method of transmission over the Internet or method of electronic storage is 100% secure and we cannot ensure or warrant the security of any information you transmit to us. Transfer of your data via these means is therefore at your own risk.
Data Breaches
The accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data is known as a “data breach”. The Gibraltar GDPR imposes requirements on businesses to identify, assess and report breaches in a timely manner (within 72 hours). We undertake to inform you if your personal data is compromised and there is a high risk to your rights and freedoms as a result.
As noted above, Gibraltar has its own data protection laws that apply certain EU laws, with such modifications as are necessary. Depending on your particular circumstances, you may also have additional rights if you live or work outside of Gibraltar. For example, the EU GDPR may apply to you if you are based in the EEA. Under the Data Protection Legislation in Gibraltar, if you are a natural person (in other words, a human being and not a company), you have the right to:
You also have a right to lodge a complaint with the Information Commissioner under the DPA 2004. This is the Gibraltar Regulatory Authority, whose details are provided below. Please note different rights may apply under the EU GDPR or other relevant legislation if you are outside of Gibraltar. For example, under the EU GDPR you may be able to lodge a complaint in the EU member state of your habitual residence, your place of work or the place of the alleged infringement, but you should note that the ‘one-stop shop’ mechanism does not presently apply to Gibraltar. The DPA 2004 also gives you the right to bring legal actions in the Gibraltar courts. Limits on your rights Please note these rights may only apply in certain cases. For example, some rights only apply where our lawful ground of processing is your consent, or where we have a contract with you. Further information on your rights is available on request using the contact details contained in this Privacy Policy. In addition, note that your right to information under Art. 13 and 14 of the Gibraltar GDPR is limited in certain cases. The requirements on us to give information do not apply insofar as:
If you wish to exercise any of these rights, please contact us on the details provided in this Privacy Policy. To protect the integrity and security of the information we hold, we may ask that you follow a defined rights request procedure, which may include steps to verify your identity and completion of a form so that we can better understand the nature of your request and the information you are after, and also to ensure that personal data is not disclosed to any person who has no right to receive it. Requests will be processed without undue delay and within one month of receipt of the request, or receipt of identification information, where applicable. This might be extended by two further months in case of a complex request, where you have made a number of requests, or if the identity of the requestor cannot be verified. We will not normally charge a fee for actioning such requests but may charge a reasonable fee where one or more of your requests are manifestly unfounded or excessive, in particular, because of any repetitive character in such requests. In such cases, we may also refuse to comply with such requests. There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy of others or result in a breach of confidentiality. In these cases, we will let you know why we cannot comply with your request. In addition, you can enforce your right to object to direct marketing as described in the Direct Marketing section above by contacting us or using ‘unsubscribe’ or other opt-out mechanisms we provide our marketing communications. We want to ensure that your personal information is accurate and up to date. If any of the information that you have provided to us changes, for example, if you change your email address or name, please let us know the correct details by contacting us at the details below. You may ask us, or we may ask you, to correct information you or we think is inaccurate, and you may also ask us to remove information that is inaccurate. Even if you do not request access to and/or correct your personal information held by us, if we are satisfied that, having regard to the reasons for which we hold your personal information, that personal information is inaccurate, incomplete, out-of-date, irrelevant or misleading, we may take reasonable steps to correct that information.
Contact information of Data Controller
The data controller for any personal data you provide to us is ALPHABETH QUANT I LIMITED. If you have any questions, concerns, or comments, or if you would like further information about this Privacy Policy, how we handle your Personal Data or otherwise wish to enforce your data protection rights please contact us at: ALPHABETH QUANT I LIMITED 58/3 ENGINEER LANE GIBRALTAR GX11 1AA Email: privacy@alphabethcapital.com ALPHABETH CAPITAL has not designated a Data Protection Officer, but our Information Rights, Data Protection and Privacy Team can be contacted directly via the above details. If your query is not privacy related, you can also contact any of Our People, or use info@alphabethcapital.com.
Your right to complain
We try to meet the highest standards in order to protect your privacy. However, if you are concerned about the way in which we are managing your personal information and think we may have breached any applicable privacy laws or any other relevant obligation, you are encouraged to raise any complaints regarding the processing of personal data to us directly on the contact details contained in this Privacy Policy. We will make a record of your complaint and refer it to our internal complaint resolution committee for further investigation. We will deal with the matter as soon as we can, and keep you informed of the progress of our investigation. If we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved to your satisfaction, you are entitled to make a complaint to the Information Commissioner under the Data Protection Act, which is presently the Gibraltar Regulatory Authority (“GRA”). The GRA is responsible for ensuring that your rights and obligations are respected. The GRA is also competent to hear your complaints and may prohibit or restrict the processing of your personal data in certain cases. You may contact the GRA on the below details: Gibraltar Regulatory Authority 2nd Floor, Eurotowers 4 1 Europort Road Gibraltar Email: info@gra.gi Phone: (+350) 200 74636 Fax: (+350) 200 72166
Links
Occasionally, at our discretion, we may include links to third-party products, services or websites on our website. Please be aware that we are not responsible for the privacy practices of any third-party sites, nor do we verify nor accept any responsibility or liability for their content. The privacy policies of others may differ significantly from our Privacy Policy. Therefore, we encourage you to read the privacy statement/policy of each and every website that collects personal data.
Governing Law and Jurisdiction
All issues regarding our website and Privacy Policy are governed by Gibraltar law and are subject to the exclusive jurisdiction of the Gibraltar courts.
No Waiver
Delay or failure on our part in enforcing any of our rights shall not constitute a waiver by us of our rights and remedies. If any part of this Privacy Policy is held to be invalid or unenforceable, the validity or enforceability of the remainder will not be affected.
Privacy Protections for Children Using the Internet
Protecting children’s privacy is important to us. For that reason, we do not collect or maintain information on our website from those we actually know are under the age of 16, nor is any part of our website targeted to attract anyone under 16. We request that all visitors to our website who are under 16 not disclose or provide any personal data and discontinue the use of our website.
Revisions to this Privacy Policy
On this website, you can always view the latest version of our Privacy Policy and our Cookie Policy. We may modify this Privacy Policy from time to time. If we make changes to this Privacy Policy, we will provide notice of such changes, such as by sending an email notification, providing notice through our website or updating the ‘Last updated’ date at the beginning of this Privacy Policy. The amended Privacy Policy will be effective immediately after the date it is posted. By continuing to access or use our website after the effective date, you confirm your acceptance of the revised Privacy Policy and all of the terms incorporated therein by reference. We encourage you to review the Privacy Policy whenever you access or use our website to stay informed about our information practices and the choices available to you. If you do not agree to the revised Privacy Policy, you may not access or use this website. If you do not have a business relationship with us, you are encouraged to review our website regularly in order to remain informed about how we process personal data. If you are an existing client or have an existing business relationship with us and do not agree to the revised Privacy Policy, your only option will be to terminate your engagement with us under the applicable terms and conditions of our terms of business or your relationship with us under any other contractual arrangement we may have with you. Please contact us at the above details should you wish to enforce any of these rights.
© ALPHABETH QUANT I LIMITED. All rights reserved.