Rowany AML Solutions Limited (‘Rowany AML’, ‘the Company’, ‘we’, ‘us’ or ‘our’) is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
Personal data is any information relating to an identified or identifiable living person. When “you” or “your” are used in this statement, we are referring to the relevant individual who is the subject of the personal data. Rowany AML is registered with the Isle of Man Information Commissioner as a data controller and data processor for the purposes of Isle of Man data protection legislation.
Rowany AML processes personal data for a number of purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ. When collecting and using personal data, our policy is to be transparent about why and how we process personal data.
Further information is set out in each of the relevant sections below.
Third party organisations that provide applications/functionality, data processing or IT services to us
We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud based software as a service providers, website hosting and management, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres within the United Kingdom, and personal data may be stored in any one of them.
Third party organisations that otherwise assist us in providing goods, services or information
On certain client engagements, we may engage or otherwise work with other providers to helps us provide professional services to our clients.
Where we need to process personal data to provide professional services to our clients, we may share personal data in our deliverables (such as the reports we create).
Insurers and other professional advisers
Personal data may be shared with our insurers and other professional advisers as necessary in connection with the products and services they have been engaged to provide.
Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, or we may be under a legal obligation to disclose personal information to enforcement or other agencies. Such requests may be to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation. Legal obligations may include the reporting of suspicious activity to appropriate enforcement agencies.
Data controller and contact information
Your right of access to personal data
Your right of rectification / amendment of personal data
Your right to be forgotten
the personal data is no longer necessary in relation to the purposes for which it was collected and processed;
our legal grounds for processing is consent, you withdraw consent and we have no other lawful basis for the processing;
our legal grounds for processing is that the processing is necessary for legitimate interests pursued by us or a third party, you object to our processing and we do not have overriding legitimate grounds;
you object to our processing for direct marketing purposes;
your personal data have been unlawfully processed; or
your personal data must be erased to comply with a legal obligation to which we are subject.
Your right to restrict processing
for a period enabling us to verify the accuracy of your personal data where you have contested the accuracy of the personal data;
your personal data has been unlawfully processed and you request restriction of processing instead of deletion;
your personal data is no longer necessary in relation to the purposes for which they were collected and processed but the personal data are required by you to establish, exercise or defend legal claims; or
for a period enabling us to verify whether the legitimate grounds relied on by us override your interests where you have objected to processing based on it being necessary for the pursuit of a legitimate interest identified by us.
Your right to object to processing
our legal grounds for processing is that the processing is necessary for a legitimate interest pursued by us or a third party; or
our processing is for direct marketing purposes.
Your right to data portability
Your right to withdraw consent
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.