The General Data Protection Regulations 2018 (GDPR)
Adam Smith International, ASI, we, us
- Adam Smith International Limited if you are resident in or dealing with an Adam Smith International entity in the United Kingdom or elsewhere in the European Union, respectively; or
- Adam Smith International Limited and its other subsidiaries and related companies if you are not resident in those territories.
has the same meaning as provided in the GDPR.
Special Category Data
has the same meaning as provided in the GDPR.
Why do we collect your personal data?
We are Adam Smith International, a global advisory company that works locally to transform lives by making economies stronger, societies more stable and governments more effective. We work on behalf of governments, foundations and companies that share our ambition to take on the big challenges facing the world.
We take your privacy very seriously and we only collect the information we require for a genuine business related purpose.
We maintain a legal presence in many different countries and we adhere to the regulations and requirements of each jurisdiction as applicable. For the purposes of personal information and data, Adam Smith International’s policy is designed to meet the requirements and uphold the principles of the Regulation.
What information do we collect?
We will only collect Personal Information where the Personal Information is reasonably necessary for a function or activity of ours.
The types of Personal Information we may collect includes, but is not limited to:
- Name and gender
- Date of Birth
- Postal address
- Telephone number
- Health information (strictly limited to such information we require to discharge our legal and duty of care obligations)
- Email address
- Occupation, references and previous employment history, qualifications and skills
- Relationship or marital status
- Information provided by you through our website, Facebook or Twitter accounts
- Your contractual and performance history with us
Personal information will be collected using lawful and fair means and will be collected only from you unless this is unreasonable and impracticable. Personal information may be collected in a variety of ways, including:
- Applications submitted by you or responses to employment advertisements;
- Enquiries made by you through our websites and comments you make through our websites or social media accounts;
- When you follow our social media accounts, and register or subscribe to our mailing list;
- Through government agencies or third party reporting services;
- You applying to participate in a conference, training session or other event;
- Through direct contact between you and our staff – e.g. email, phone and direct meeting.
We will take reasonable steps to ensure that the Personal Information we collect is accurate, up to date and complete.
In the event we are required to process Special Category data, for example, to comply with our vetting and duty of care obligations or for any other necessary reason, we shall seek your explicit consent to do so.
What will we do with your personal data?
The way we use your Personal Information will depend on the reason(s) why we have received your Personal Information. The basis for the way we will use your Personal Information will be disclosed at the time of collection or later processing.
We collect your Personal Information for purposes including, but not limited to:
- Provision of services to you, employing you, or receiving services from you;
- Responding to enquiries;
- Assessing your suitability for potential employment or other contractual engagement;
- Submission of documents to our clients including expressions of interest, capability statements and tenders; and
- Compliance with all relevant laws, court/tribunal orders or enforcement related activities.
Who will we share your personal data with?
We may disclose Personal Information that we collect from you for the purpose(s) that it was collected. We may disclose the Personal Information for other purposes where we have received your consent to do so or are required to do so by law. We will only share information outside Adam Smith International to the organisation we are working with when you are put forward for an opportunity or where required for the fulfilment and ongoing management of a contract you are performing services on.
We may also disclose your Personal Information to third parties:
- if we use third parties to provide safeguarding or location based communications that you may require in order to fulfil our duty of care requirements;
- if we use third parties for running our business processes. An example of this might be that we have our emails or our database hosted in the cloud. Whilst these cloud providers would not typically have direct access to your information, storage is considered processing under the relevant data protection legislation. Similarly, as an example, if we have employed you directly, we would need to send your data as required by law to local tax authorities;
- if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health.
We will take reasonable steps to ensure that the Personal Information we disclose is accurate, up to date, complete and relevant to the purpose of disclosure.
Overseas disclosure of your personal data
ASI is a global company and we may disclose your Personal Information to our related entities and subsidiaries, suppliers and services providers. Arrangements are in place between each relevant global entity across ASI to protect the Personal information to a common standard. This standard includes company-wide compliance to data protection policies and guidelines.
We will take steps to limit the flow of your Personal Information across borders, transferring only where protection is in place, where the transfer is required for legitimate use, contract administration (e.g. making payments) or where you otherwise consent. Subject to the above, your Personal Information may be accessible to our entities or offices and employees located in various countries, where such accessibility is required for the performance of the contract or you otherwise consent.
When disclosing your Personal Information, we will take reasonable steps to ensure that the overseas recipients deal with the information in accordance with the Act.
Using your information to keep in touch with you
In addition to our typical processing we may use the information we hold about you in order to contact you in the following circumstances:
- To advise you of changes to our terms;
- To advise you of any security concerns;
- Where permitted by law.
How long do we hold personal data for?
Unless otherwise required by law, we will hold your data for no longer than 2 years from the end of the calendar year in which it is collected before either seeking confirmation that you are happy for us to continue to hold your data or deleting the data.
Secure collection and storing of your information
All information that you provide to us, or we collect about you is stored on our secure servers. We understand that this includes confidential information and we have put in place a range of suitable physical, electronic and managerial procedures to safeguard and secure your information.
Our staff have the minimum required access to your data, and are trained to ensure that it is protected and kept secure.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We do not store your information for longer than is necessary to provide the service, and to ensure that we have appropriate auditable records for business purposes.
Unsolicited personal data
If we receive unsolicited Personal Information, we will make a determination whether the information is reasonably necessary for, or directly related to our functions or activities. If it is, we will ensure that the Personal information is stored in the same manner as if we received the Personal information directly from you. If we find that it is not, we will destroy or anonymise/pseudonymise the Personal information. We will comply with any requirement of a relevant law to disclose the collection of such Personal information.
Cookies are small text files that are stored on your computer as a result of visiting a website. This allows the site to know that you have visited before and, in some cases, can be used to record your preferences. Cookies can be used/stored for two reasons:
- To help track usage patterns in order to improve and manage a website; or
- To record preferences in order to personalise your visit to that website.
You will not be subject to decisions based on automated decision-making.
You have the right to request from us access to your own Personal Information. This is sometimes known as a ‘subject access request’.
Additionally, you have the right to request from us:
- that any inaccurate information we hold about you is corrected;
- that information about you is deleted in certain situations;
- that we stop using your Personal Information for certain purposes;
- that your member profile is provided to you in a portable format;
- that decisions about you are not made by wholly automated means.
Many of the rights listed above are limited to certain defined circumstances and we may not always be able to comply with your request. We will tell you if this is the case.
You also have the right to ask us not to process your personal data for direct marketing. We will inform you if we intend to use your information for this purpose or if we intend to disclose your information to any third party for this purpose. You can exercise your right to prevent us using your information in this way by contacting us at email@example.com.
If you choose to make a request to us to exercise any of these rights, we will aim to respond to you as soon as we reasonably can but no later than one month. We will not charge a fee for dealing with any reasonable request.
If you are unhappy with how we are using your Personal Information or if you wish to complain about how we have handled a request, then please contact Adam Smith International’s Data Protection Officer, Adrian Hollister, and we will try to resolve your concerns.
You also have the right to complain to your local Data Protection Authority:
Australia: Office of the Australian Information Commissioner
Kenya: Office of the Data Protection Commissioner
Nigeria: National Information Technology Development Agency
UK: UK Information Commissioner’s Office
A full list of the data protection authorities in Europe can be found here.
Changes to this Privacy Notice
This privacy notice was last updated in August 2020 to respond to the additional information we may collect and hold about you in relation to the unprecedented challenges we are all facing during the coronavirus pandemic.
Law and Jurisdiction
This Privacy Notice is subject to the laws of England, and the non-exclusive jurisdiction of the English Courts.
Get in touch
- Adrian Hollister (Head of IT and DPO) +44203 9988352
- Rebecca Jefferies (General Counsel) +44203 9988342