Privacy Policy
How we manage and process data.

Privacy Policy
How we manage and process data
Overview
Rowany AML Solutions Limited (‘Rowany AML’, ‘the Company’, ‘we’, ‘us’ or ‘our’) is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
Personal data is any information relating to an identified or identifiable living person. When “you” or “your” are used in this statement, we are referring to the relevant individual who is the subject of the personal data. Rowany AML is registered with the Isle of Man Information Commissioner as a data controller and data processor for the purposes of Isle of Man data protection legislation.
Further information is set out in each of the relevant sections below.
On certain client engagements, we may engage or otherwise work with other providers to helps us provide professional services to our clients.
Where we need to process personal data to provide professional services to our clients, we may share personal data in our deliverables (such as the reports we create).
Personal data may be shared with our insurers and other professional advisers as necessary in connection with the products and services they have been engaged to provide.
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, or we may be under a legal obligation to disclose personal information to enforcement or other agencies. Such requests may be to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation. Legal obligations may include the reporting of suspicious activity to appropriate enforcement agencies.
Changes to this privacy statement
Data controller and contact information
Your right of access to personal data
Your right of rectification / amendment of personal data
Your right to be forgotten
- the personal data is no longer necessary in relation to the purposes for which it was collected and processed;
- our legal grounds for processing is consent, you withdraw consent and we have no other lawful basis for the processing;
- our legal grounds for processing is that the processing is necessary for legitimate interests pursued by us or a third party, you object to our processing and we do not have overriding legitimate grounds;
- you object to our processing for direct marketing purposes;
- your personal data have been unlawfully processed; or
- your personal data must be erased to comply with a legal obligation to which we are subject.
Your right to restrict processing
- for a period enabling us to verify the accuracy of your personal data where you have contested the accuracy of the personal data;
- your personal data has been unlawfully processed and you request restriction of processing instead of deletion;
- your personal data is no longer necessary in relation to the purposes for which they were collected and processed but the personal data are required by you to establish, exercise or defend legal claims; or
- for a period enabling us to verify whether the legitimate grounds relied on by us override your interests where you have objected to processing based on it being necessary for the pursuit of a legitimate interest identified by us.
Your right to object to processing
- our legal grounds for processing is that the processing is necessary for a legitimate interest pursued by us or a third party; or
- our processing is for direct marketing purposes.
Your right to data portability
Your right to withdraw consent
What personal data we collect and why we collect it
Comments
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.