Home/Privacy Policy

Privacy Policy

1. Introduction

Welcome to CLI Dartriver's privacy notice. CLI Dartriver is the trading name of Conren Land Indigo Dartriver ("we", "us", "our"), a company registered in England and Wales under company registration number 12443522 with its registered office at WSM, Connect House, 133–137 Alexandra Road, Wimbledon, London, United Kingdom, SW19 7JY.

We are registered as a data controller with the Information Commissioner's Office under number ZB001486. We respect your privacy and are committed to protecting your personal data.

This privacy notice ("notice") explains how we use ("process") your personal information (including personal information that you provide to us about other persons) (together, "personal information"). It also explains your privacy rights and how you can exercise them.

We are responsible for the personal information we collect about you (including through the website www.cli-dartriver.com). The type of personal information we collect and how we process it will vary depending on the relationship we have with you.

2. How we collect your personal information

We collect personal information to provide our services, for legal and regulatory purposes, and to manage our business and relationships. You will voluntarily provide most of your personal information directly to us. We also obtain personal information from other sources or persons.

Public information

We may collect personal information about you or your business which is publicly available, for example on your employer's website, public professional social networking sites, in the press, and in relevant electronic data sources.

Information from third parties

We may receive personal information about you from third parties. These may include our clients; joint agents; sub-agents; suppliers; advisers; consultants; lawyers and other professional experts; counterparties; previous, current and future employers; correspondents and enquirers; regulators and public authorities; relatives; and other persons, where such information is provided to us in connection with the purposes set out in this notice.

Information collected through our websites

We may use cookies on our website and certain marketing emails which collect your IP address and other information when you visit our website. For further details, please see the Marketing and cookies section of this notice.

Sometimes the provision of your personal information to us by third parties will be unsolicited and/or provided in confidence (for example, reports made to us by regulators or other persons) and we may be unable to notify you of this. In all cases, we take necessary steps to ensure that personal information is obtained and used in a fair and lawful way.

3. The types of personal information that we collect

The categories of personal information we collect will vary depending on our specific relationship with you and the context. We may not be able to further our relationship with you without certain personal information.

Examples of personal information we may collect include:

  • Personal contact details such as your home address, mobile number and personal email address.
  • Professional details including your job title, employer's name and business contact details.
  • Identification and due diligence information required for anti-money laundering and other regulatory checks.
  • Information relating to services we provide to you, or services you provide to us (for example, correspondence, instructions, contracts, invoices and payment details).
  • Information relating to events you attend, including dietary or access requirements you choose to share with us.
  • Technical information collected through our website and online services (for example, IP address and cookie data).

4. Use of your personal information

Our processing of your personal information includes obtaining, recording or holding the data, or carrying out any operation or set of operations on the data including organising, copying, analysing, amending, retrieving, using, systemising, storing, disclosing, transferring, retaining, archiving, anonymising, erasing or destroying it by automated or non-automated means.

The UK GDPR, as tailored by the Data Protection Act 2018, requires us to communicate the purposes for which we process your personal information (the "permitted purposes") together with the corresponding legal basis. These include:

(a) Where it is necessary to perform our contract with you or to take steps at your request before entering into a contract

  • To perform our services if you are a client (including client file management, and matter acceptance, modification and processing).
  • To enter into or perform our agreement with you if you are a supplier, external adviser or partner (including supplier account management, purchase order processing and payment of invoices).
  • To enter into or perform any other contract or agreement we may have with you.

(b) Where it is necessary for compliance with a legal obligation

  • To carry out conflicts checks and other regulatory checks on new client matters and to undertake client due diligence in accordance with anti-money laundering law.
  • To undertake appropriate vetting of suppliers and external advisers (for example, to comply with privacy, tax, anti-bribery and modern slavery rules).
  • To co-operate with regulators and other public authorities, including by responding to their requests for information and complying with professional reporting obligations.
  • To comply with any other legal or regulatory obligations to which we are subject.

(c) Where it is necessary for the purposes of our or another party's legitimate interests

Provided that such interests are not overridden by your interests, rights or freedoms, we may process your personal information to:

  • Ensure compliance with our internal policies.
  • Support general security and business continuity purposes, including business management and financial planning.
  • Manage insurances, complaints, potential and actual claims, and improve our business policies and processes.
  • Protect, manage and improve our websites and online services, including understanding how they are used and making them more intuitive.
  • Organise corporate events and carry out market research campaigns.

(d) Where it is necessary to protect your vital interests or that of another person

For example, we may disclose your personal information to medical staff in the event of a medical emergency.

5. Marketing and cookies

We generally rely on our legitimate interests to process your personal information for marketing purposes. We will inform you in advance of sending you marketing material (unless this is reasonably obvious in the circumstances). You can opt out of receiving marketing emails from us at any time by clicking the opt-out link included in each email.

We may use cookies (small text files placed on your device) and similar technologies on our website and in marketing emails to:

  • Ensure our website functions as it should.
  • Recognise you when you return to the website (for example, to remember your login details).
  • Analyse how our website and online services are performing and how people arrive at and use our website.
  • Present you with customised options relating to your interests, based on your previous use of the website.

Some cookies on our website may be third-party cookies (for example, Google advertising cookies) which we do not control. Most web browsers allow you to manage cookies, including refusing or deleting them. If you choose to disable cookies, some services and functionalities of our website may not work properly.

6. Where your personal information is stored and who it is shared with

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Access to your personal data is limited to employees, agents, contractors and other third parties who have a business need to know and who are subject to a duty of confidentiality.

We may share your personal information, where appropriate, with:

  • Persons related to you, such as your other agents, consultants, advisers, counterparties, beneficiaries, trustees and banks, where necessary for the permitted purposes.
  • Persons related to us, including senior lenders, our agents, consultants and other professionals, suppliers and external service providers (for example, IT, data storage, due diligence, banks, insurers, auditors and lawyers).
  • Entities under common ownership and potential affiliates and successors in title to our business.
  • Courts, tribunals, law enforcement, regulatory and public authorities where disclosure is required by law.
  • Other persons involved in events organised or hosted by us, or otherwise involved in the provision of services to you.

We do not disclose or sell your personal information to other third parties for their own marketing purposes. Some processing activities may involve the transfer of your personal information to other countries whose privacy laws may not be as comprehensive as those where you are based. Where such transfers occur, we will put in place appropriate safeguards to protect your personal information.

7. Security of your personal information and data breaches

We operate technical, non-technical and procedural controls to safeguard your personal information, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. These include the use of recognised and reputable hosting and platform services, physical and technical controls over access to our premises and systems, and business continuity and disaster recovery plans.

However, transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of information transmitted to our website; any such transmission is at your own risk. Our website may contain links to third-party websites that are outside of our control and not covered by this notice. You should review the privacy policy of any third-party website before submitting personal information to them.

If a data breach occurs that is likely to result in a high risk of adversely affecting your rights and freedoms, we will inform you of this without undue delay, where legally required to do so.

8. How long we keep your information

We only keep your personal information in an accessible form which can identify you for as long as we need it for the permitted purposes. Retention periods can vary significantly depending on the purpose and the relevant jurisdictions involved, including legal obligations to keep certain records for specific periods.

Where we no longer require your personal information, we will take steps to delete or anonymise it. In some cases, certain information may be stored in back-ups for business continuity purposes. In such cases, we will minimise and protect the information and ensure it is not used for decision-making about you, shared (unless legally required), and deleted when technically possible.

9. Your rights

The following privacy rights apply under the UK GDPR as tailored by the Data Protection Act 2018 (and similar rights may apply under other local legislation):

  • Right to be informed – to receive information about how we process your personal information (as set out in this notice).
  • Right of access – to request confirmation whether we process your personal information and to access that information.
  • Right to rectification – to request correction of inaccurate or incomplete personal information.
  • Right to erasure – in certain circumstances, to request the deletion of your personal information.
  • Right to data portability – in certain circumstances, to receive your personal information in a structured, commonly used and machine-readable format, and to have it transmitted to another organisation.
  • Right to object – to object to processing based on legitimate interests and to object at any time to processing for direct marketing purposes.
  • Right to withdraw consent – where we rely on your consent to process your personal information, you can withdraw that consent at any time.
  • Rights in relation to automated decision-making and profiling – to ensure that significant decisions affecting you are not made solely by automated means, and to express your views and challenge decisions.

To exercise your rights, please send a written and dated request to kirsty.davie@cli-dartriver.com. We may need to verify your identity before responding. In some circumstances we may not be able to comply with your request, for example where it is manifestly unfounded or excessive, or where we are unable to disclose certain information (such as information relating to other individuals or legally privileged documents).

You also have the right to lodge a complaint with the relevant data protection regulator in the country where you normally live or work, or where an alleged breach of data protection has occurred (for example, the Information Commissioner's Office in the UK).

10. Contacts and other important privacy information

If you have any queries regarding this privacy notice or our processing of your personal information, please email us at: kirsty.davie@cli-dartriver.com.

Further information about your rights under UK data protection law can be found on the Information Commissioner's Office website.