GDPR Privacy Notice

This Privacy Notice (“Notice”) explains when and why we and companies in our group process personal data from time to time about our clients, prospective clients, or other third parties or their employees, directors, officers or representatives (any of whom are referred to as “you” in this statement). This Notice explains how your information is used, the conditions under which it may be disclosed to others and how it is kept secure. Please ensure that, where you provide us with personal data about third parties, those third parties have read and understood this Notice.

This Notice may be amended from time to time in accordance with the “Notification of changes” section below, so please check this page occasionally to ensure that you’re happy with any changes.

4Syte Group is made up of the individual companies 4Syte Ltd (4S), 4Syte Funding Ltd (4SF), 4Syte Construction Finance Ltd (4SC), 4Syte Trade Ltd (4ST), 4Syte ABL Ltd (4SA), (“we”, “our”, “us” or “4Syte”). Each 4Syte company has its registered address at Second Floor, Steeple House, Church Lane, Chelmsford, Essex, England, CM1 1NH. This Notice refers to the particular company that is the controller of your personal data. A “controller” is an organisation that decides why and how your personal data is processed.

We may collect personal data:

• that you provide to us directly through our site or telephone;
• from our other group companies defined above;
• about your devices and their location, including through cookies, pixels, web beacons, logs, and other Internet technologies. For more information about these technologies, please see our Cookie Policy.

We may control, process and use your “personal data” which may include names, postal addresses, e-mail addresses, telephone numbers or any other personal data that you provide to us.

We may also, in appropriate cases and to the extent permitted by law, process and use certain “sensitive personal data”. For example, when undertaking “Know Your Customer” (“KYC”) or anti-money laundering (“AML”) checks, we may collect information about any offences that you or your employees, directors, officers or representatives have committed for the prevention and detection of unlawful acts. In respect of any processing of sensitive personal relating to the political opinions of a politically exposed person, the processing will be necessary for reasons of substantial public interest. Where we process sensitive personal data with your explicit consent, you may withdraw consent at any time by using the details in the “Contacting 4Syte” section below.

In the course of running our financial services business we may provide your personal data to any of the following recipients or categories of recipients:

• our employees, board members, partners, officers or representatives;
• our third-party service providers, business associates, distributors, advisors or auditors (including their employees, directors, officers, sub-contractors or representatives);
• domestic and foreign regulators (“Regulators”), governments, law prevention, detection, investigation or enforcement authorities, tax, social or labour authorities (“Authorities”) and any other authorities or official bodies and their representatives;
• domestic and foreign courts, tribunals, arbitrators, ombudsmen, mediators, other dispute resolution bodies (“Courts/Tribunals”) and their representatives;
• any party who are directly relating to any one of these recipients; and
• any person that you request us or permit us to keep informed. If you no longer wish us to share your personal data with such person(s) or wish to change your preferences in this respect, please inform our information officer at information.officer@4syte.co.uk.

When we provide your personal data to any of the above recipients, that recipient may process your personal data on our behalf or for its own purposes. If the recipient processes the personal data for its own purposes, it will be responsible for its compliance with any applicable law with regards to your personal data.

We rely on the following legal bases to process your personal data for purposes connected to our financial services business:

Where necessary for us to carry out pre-contract steps you have requested or for the performance of our contract with you

• administering the provision of services between us

Where there is a legitimate interest

• establishing, exercising or defending legal rights or for other purposes relating to legal proceedings;
• ensuring the security of information systems;
• obtaining advice, receiving services or providing a third party with information about matters that may impact on the 4Syte group;
• billing, internal reporting and analysis and any other ancillary matters;
• any other purposes that are incidental to or directly connected with the foregoing purposes or otherwise in the course of our legitimate financial services business

Where necessary to comply with our legal obligations

• complying with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, AML and anticorruption) and, in appropriate cases, carrying out KYC checks and other procedures that we undertake prior to you becoming a customer of ours;
• complying with all legal and regulatory obligations and industry standards, and preventing fraud;
• complying with demands and requests made by, or making voluntary disclosures to Regulators, governments, Authorities or Courts/Tribunals;
  
  

Where you have provided consent

• providing you with marketing information relating to our products or services. Where you have provided your consent to marketing, you may withdraw consent at any time by using the details in the “Contacting 4Syte” section below.

Your personal data collected by 4Syte will be stored in 4Syte’s cloud-based servers in the UK and may be transferred to any of the recipients identified in this statement in connection with our business, some of which may be outside the UK and EEA, and may be processed by us and any of these recipients in any country worldwide.

If we transfer your information outside of the UK/EEA, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Notice. These steps include:

• ensuring the non-UK/EEA countries to which transfers are made have been deemed adequately protective of your personal information for the purposes of data protection law by the relevant bodies;
• imposing contractual obligations on the recipient of your personal information using provisions formally issued by relevant bodies for this purpose. We use these provisions to ensure that your information is protected when transferred your personal information to our Suppliers outside the UK and EEA.

You can obtain more details of the protection given to your personal data when it is transferred outside the UK/ EEA, including a copy of any standard data protection clauses entered into with recipients of your personal data, by contacting us using the details set out under “Contacting 4Syte” below.

It is important for us to maintain accurate records of your personal data. Please inform us of any changes to or errors in your personal data as soon as possible and we will update our records accordingly.

If we collect your personal information, the length of time for which we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal information in an identifiable format for longer than is necessary.

We retain your personal information for as long as necessary to fulfil the purpose for which it was collected, resolve disputes, establish legal defences, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws. it is no longer needed by us for any of the purposes listed in this Notice. Exceptions to this are where:

• the law requires us to hold your personal information for a longer period, or delete it sooner;

• you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see the “Your Rights” section below); or

• you exercise your right to require us to retain your personal information for a period longer than our stated retention period (see the “Your Rights” section below).

We may record your telephone calls for training and monitoring purposes, to improve our services to you and to the extent permitted by and in accordance with applicable law.

You have a number of legal rights in relation to the personal data that we hold about you. These rights include the following:

• The right to obtain information regarding the processing of your personal data and access to the personal data that we hold about
• In some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and the right to request that we transmit that data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to
• The right to request that rectify your personal data if it is inaccurate or
• The right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain
• The right to object to, and the right to request, that we restrict our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict its processing of your personal data but we are legally entitled to continue processing your personal data or to refuse that
• The right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by
• Where you have provided your consent to the processing of personal data, the right to withdraw consent.

You can exercise your rights by contacting us using the details set out under “Contacting 4Syte” below. You can find out more information about your rights by contacting the UK’s Information Commissioner’s Office, or by searching their website at www.ico.org.uk.

If you have any questions or comments on this statement, please contact our information officer at information.officer@4syte.co.uk.

This Notice is dated 13 March 2024. From time to time we may amend this Notice without warning and an amended statement will be available at www.4syte.co.uk or by contacting our Information Officer at information.officer@4syte.co.uk. This may be for a number of reasons, including changes in law, market practice or our treatment of your personal data.