Transparency Notice

Transparency Notice for Clients, their Employees and Suppliers, and Other Non-Client Contacts

This transparency notice describes how EBS Ltd and EBS Corporate Services Ltd (EBS, ‘we’ or “us”) collect and use your personal information during and after your relationship with us.

1. About this notice

We are a ‘data controller’. This means that we are responsible for deciding how we hold and use personal information about you, and for explaining it clearly to you.
This notice applies to prospective, existing and former Clients of EBS (including employees and representatives of our corporate Clients); individual and business contacts and prospects; referrers; individuals who request information from us; any person who supplies goods or services to us or our Clients, either as an individual or as the employee or representative of a corporate supplier; third parties acting for our Clients, and others acting for such parties.
It is important that you read this notice, together with any other privacy information or notices we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
We reserve the right to update this transparency notice at any time. We will provide appropriate notice of such changes and recommend that you regularly check our website for updates to this transparency notice. We may also notify you in other ways from time to time about the processing of your personal information.

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during the course of our relationship with you.

2. What information do we hold?

Personal data, or personal information, means any information about an individual from which that person can be identified.

We collect different information depending on your relationship with us

Corporate Clients, suppliers and third party business contacts and prospects
Individual service providers to us or our Clients
Employees of, suppliers to and other having a relationship with us or our clients

In each case we have identified our lawful basis for processing. These are described in more detail at section 4

Corporate Clients, suppliers and third party business contacts and prospects

We process names, titles and business contact information including addresses, telephone numbers and email addresses for your employees and representatives. Such processing is necessary for performance of the contract between us. Where you are an employee of a corporate Client or contractor, we process this information for the legitimate interest of performing our contract with your employer.

If you are a new or prospective Client, we process personal information as part of our Anti-Money Laundering and Know Your Client procedures (see below). We do this to comply with our legal obligations, and as necessary for our legitimate interests (provided that the interests and fundamental rights of the individual do not override our interests).

We may perform due diligence in the form of credit checks on companies, including checking photographic identification and proof of address of directors and, in some cases, your shareholders, and verification of the company registration details. We do this to comply with our legal obligations, and as necessary for our legitimate interests (provided that the interests and fundamental rights of the individual do not override our interests).

We process information relating to your business and our services. If you are an employer, this may include information about your staff.
Processing of this information is necessary for the purpose of providing services to you.

We process personal information contained in documents reviewed by us as part of any due diligence and provided to us in disclosure. Such processing is necessary for the purpose of providing our services.

We process your marketing preferences and details of any services you have subscribed to, and any events your employees and representatives have attended. Such processing is necessary for the legitimate interest of promoting and growing our business (provided that the interests and fundamental rights of any individual employees and representatives do not override our interests).

We process any feedback you (your employees or representatives) provide to us on our services. Such processing is necessary for the legitimate interest of managing our business and improving our services (provided that the interests and fundamental rights of any individual employees and representatives do not override our interests).

We process background information about you, and your employees and representatives, and your relationship with the firm. Such information may include how you found us and what your interests are. Such processing is necessary for the legitimate interest of informing and improving the service we provide to you (provided that the interests and fundamental rights of any individual employees and representatives do not override our interests).

To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies.

Individual service providers to us or our Clients

We process:

your name, title and business contact information including addresses, telephone numbers and email addresses
details relating to the performance of the contract between us, including financial information and bank details for payment

Such processing is necessary for performance of the contract between us.

We may perform due diligence in the form of credit checks and verification of your identity including checking photographic identification and proof of address. We do this to comply with our legal obligations, and as necessary for our legitimate interests of understanding the party or parties with whom we are contracting.

To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies. This processing is necessary for the legitimate interest of managing our business and compliance obligations.

We may, from time to time, approach you for your consent to allow us to process your personal information for other purposes. If we do so, we will provide you with details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent.

Employees of, suppliers to and others having a relationship with our clients.

For employees of our clients we will collect such information about you as is required to comply with HMRC regulations and guidance (from time to time) regarding payroll processing and to meet any other legal obligations, including but not limited to, establishing your right to work in the UK. This will include your full name, date of birth, nationality, National Insurance Number, pension arrangements, home address, bank details and information about other contacts and “next of kin” and any other relevant data.

This is necessary for the legitimate interests of managing our business, for the efficient provision of payroll services to our Clients and for ensuring that these are provided in full compliance with the appropriate laws and regulations from time to time.

For third parties having a relationship with or otherwise being involved with our Clients, including suppliers, lawyers and professional advisors, we will collect your contact details and such information about you (and, where applicable, your clients) as necessary for us to service our Clients. Such processing is necessary for the legitimate interests of managing our business and compliance obligations.

To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies.

3. How do we collect personal information?

We collect personal information direct from you when you enquire about our services, when we establish you as a Client of EBS, if you register with us for an event or to receive updates and information from us, or where we enter into a contract to receive services from you.

We collect further information from you during the duration of your providing services to us.

We collect information about our Clients, and about third parties, from our Clients and from professional advisors acting on their behalf.

We collect information from other third parties, such as other professionals advising our Clients, from referrers, partner organisations (if we have run a joint event), and from credit reference agencies or other background check agencies.

We may collect information about our Clients and about third parties from public sources, such as Companies House or similar organisations in other countries, from an online search or from social media sites.

4. Our lawful basis for using personal information

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

where we need to perform the service contract we have entered into with you
where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Where we rely on legitimate interests for our processing, we will advise you of the relevant interest
where we need to comply with a legal obligation
otherwise, with your consent

We may also use your personal information in the following situations, which are likely to be rare:

where we need to protect your vital interests (or someone else’s interests)
where it is needed in the public interest

Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law

5. Anti-Money Laundering and Know Your Client Information

We are required by law to verify the identity of all new Clients and, in certain circumstances, existing Clients. In addition, our internal requirements may require us to conduct background checks on new or existing Clients. These may necessitate verification of the identity and good standing of Clients. For corporate Clients this will include verifying one or more of their directors or other officers, and verifying the identity of shareholders, beneficial owners, management and/or other relevant background information.

We may require evidence of source of funds from time to time throughout our relationship with Clients. The sources for such verification may comprise documentation which we request from the prospective or current Client, or through the use of online sources, or both. We may also be required to make detailed enquiries of any unusual transactions.

In some circumstances we may decline to, or may not be permitted to, act until such procedures have been completed. We reserve the right to decline to act or, if appropriate, cease to act should these procedures not be completed to our satisfaction.

6. Who do we share your personal information with?

We will share your personal data with third-party service providers who provide services to us and to other third parties who use your information, as data controller, for their own purposes.

If you are a Client, we share your personal information with other data controllers where required by law, for example if we are required to share information in accordance with our Anti-Money Laundering procedures, or to meet our regulatory requirements or as required by our insurers.

We share personal information with:

HMRC or other government or law enforcement agencies
our insurance providers and our professional indemnity insurance broker

We may share your information if we refer you to a third party adviser for specialist advice.

Where we share information with other data controllers, they are responsible to you for their use of your information and compliance with the law.

All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal information for their own purposes. We only permit them to process your personal information for specified purposes and in accordance with our instructions.

If you are a delegate at an event, we share names and contact details with third party event organisers and on the delegate list which is shared with other attendees, unless you ask us not to.

7. Transferring information outside the European Economic Area (EEA)

All our personal information is hosted on servers located within the EEA.

If we are required to transfer information outside the EEA, we have put in place the following appropriate measures to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection.

If you are based outside the EEA we may transfer personal information to the correspondence address you provide to us. We will take all reasonable steps to ensure that such transfers are secure. By instructing us from outside the EEA you acknowledge and agree that such transfers are necessary for us to provide services to you.

8. How do we keep your personal information safe?

We have put in place robust technical measures to protect the security of your information.

Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and where they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

9. How long do we keep your personal information?

We will only retain your personal information for as long as is necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Where a minimum retention period is required by law (such as retaining records for HMRC purposes or anti-money laundering regulations), we comply with that minimum period plus up to 12 months to allow time for us to anonymise or delete information in accordance with our internal data management processes.

Our backup and disaster recovery service provider retains a copy of all emails and attachments for 10 years. Access to this information is restricted.

If we are required to retain your information longer than our standard retention periods, we will let you know (unless we are prevented by law from doing so).

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.

10. Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

request access to your personal information (commonly known as a ‘subject access request’). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected
request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below)
object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes
request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it
request the transfer of your personal information to another party
withdraw consent in the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we are required to continue to process your information in accordance with another lawful basis which has been notified to you

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

Share this page:

Head Office

EBS Ltd, Innovation Centre, Gallows Hill, Warwick, CV34 6UW

Phone: +44 (0)1926 217700

Email: info@ebs.ltd.uk

London Office

EBS Ltd, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

Phone: +44 (0)203 696 6688

Email: info@ebs.ltd.uk

Resources

EBS Brochure

Resources

EBS Brochure

Sign Up To Our Newsletter

We do NOT pass data on to third parties. For more, see our privacy policy

Martin Christopher Williams is licensed and regulated by AAT under licence number 1005209. AAT is recognised by HM Treasury to supervise compliance with the Money Laundering Regulations and EBS Ltd is supervised by AAT in this respect.

Kulvindar Kaur Badh is licensed and regulated by AAT under licence number 1006125. AAT is recognised by HM Treasury to supervise compliance with the Money Laundering Regulations and EBS Ltd is supervised by AAT in this respect.

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
__hssrc	session	This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
elementor	never	This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time.
PHPSESSID	session	This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
pll_language	1 year	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.

Performance

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
__hstc	5 months 27 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_devsite	2 years	This cookie is installed by Google Analytics.
_ga_PRQRZC7KNK	2 years	This cookie is installed by Google Analytics.
_gat_gtag_UA_59409554_1	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
hubspotutk	5 months 27 days	HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.

Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.

Others

UK Company Formation...

Our Services...

About EBS...

Who we work with...

Latest Case Studies...

Case Studies by Location

What's happening in the Industry

Latest News...

Join our mailing list

Helpful Guides and Documents

Latest Articles...

Join our mailing list

Get in touch with us...

Head Office

London Office

Follow us

Transparency Notice

Transparency Notice for Clients, their Employees and Suppliers, and Other Non-Client Contacts

1. About this notice

2. What information do we hold?

3. How do we collect personal information?

4. Our lawful basis for using personal information

5. Anti-Money Laundering and Know Your Client Information

6. Who do we share your personal information with?

7. Transferring information outside the European Economic Area (EEA)

8. How do we keep your personal information safe?

9. How long do we keep your personal information?

10. Your rights in connection with personal information

Head Office

London Office

Recent Articles

Follow Us

Resources

Follow Us

Resources

Sign Up To Our Newsletter

Warwick Office

London Office

Follow Us

Resources