Hampden & Co plc (“we”, "our" or “us”) are committed to protecting and respecting your privacy.

This Notice (together with our website terms of use and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be used and who we may share it with.

If, as a client, you access our digital banking services, the data we collect and hold in relation to you will be processed by us in accordance with our current Privacy Statement which is available in the Downloads section of our website. To request a copy of that Privacy Statement, please contact us at contact@hampdenandco.com.

For the purpose of the UK General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (“the Act”), the data controller is Hampden & Co plc, 9 Charlotte Square, Edinburgh, Scotland EH2 4DR.

1. Personal information we may collect

We may collect and process the following information about you:

1.1 Information you give us

You may give us information about you by filling in forms on our websites www.hampdenandco.com and www.hampdendigital.com (“our sites”). The information you give us may include your name, address, email address, phone number and financial information.

1.2 Information we collect about you

With regard to each of your visits to either of our sites we may automatically collect the following information:

(a) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

(b) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our sites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

1.3 Information we receive from other sources

We may receive information about you if you use any other websites we operate or other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on our sites.

2. Cookies

Our sites use cookies to distinguish you from other users of our sites. This helps us to provide you with a good experience when you browse our website and also allows us to improve our sites. For detailed information on the cookies we use and the purposes for which we use them see our cookie policies on www.hampdenandco.com or www.hampdendigital.com.

3. How we use your personal information

Our legal basis for using your information is for our legitimate interests, which we explain in the table below.

4. Disclosure of your information

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

We may share your information with selected third parties including:

(a) advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;

(b) analytics and search engine providers that assist us in the improvement and optimisation of our sites;

(c) the police and other law enforcement agencies;

(d) relevant regulators, including the Information Commissioner's Office in the event of a personal data breach; and

(e) potential or actual purchasers of any part of our business or assets, or other third parties in the context of a possible transfer or restructuring of our business.

5. How we keep your personal information secure

We take the security of your personal information seriously. For example, all information you provide to us is stored on secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk.

We, or third parties acting on our behalf, may transfer your personal information outside the United Kingdom. We will protect your personal information in accordance with the standards set out under the GDPR. We do this by including strong undertakings in the contracts we put in place with those relevant parties.

We will keep your personal information for as long as is necessary in accordance with legitimate business purposes as well as in order to prevent fraud and other financial crime, or for any other legal or regulatory reason.

6. Your rights

You have the right to ask us about the personal information we hold on you and we will provide you with a copy in accordance with our obligations under the GDPR. We will not charge a fee for this.

You should let us know if you think any information we hold about you is inaccurate, so that we can correct it.

Please refer to our Privacy Statement, which details other rights you may have.

We aim to address all queries and resolve all complaints internally but you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

7. Contacting us

You may contact us at Hampden & Co plc, 9 Charlotte Square, Edinburgh, Scotland, EH2 4DR or by email at contact@hampdenandco.com.

We have appointed a data protection officer who can be contacted using these details, or at dpo@hampdenandco.com.

We may amend this Privacy Notice from time to time to reflect changes made to our internal policies or legal or regulatory requirements. This Notice was last updated on 01 January 2021.