Speak to our team
Search
Close this search box.
Search

Privacy Notice

The Hawkins Group is formed of Hawkins & Associates Limited, Hawkins & Associates (Trustees) Limited, Hawkins (International) Limited, Hawkins Forensics Limited, Hawkins and Associates (Singapore) PTE Limited and Hawkins and Associates (Hong Kong) Limited. This Privacy Notice explains how we collect data from you and how the data is used.

Data Protection Officer-Contact Details

Data Protection Officer
88 Leadenhall Street
London
EC3A 3BP

What information do we collect about you?

What categories of Personal Data do we hold about you?

The following is a list of the types of personal information held by the Hawkins Group, we will not hold all types of information on each individual.

Clients (Marketing and Operational)

Client customers (Insured), Insured’s employees, other claim related third parties, members of the public (Operational)

Human Resources

Shareholders

Supply Chain Partners

Visitors to our Website and Cookies

Hawkins has a separate Notice which sets out similar information in relation to the cookies that we use on our website, which can be found here: https://www.hawkins.biz/cookie-policy/

How do we collect data about you?

Clients (Marketing and Operational)

Insured, Insured’s employees, other claim related third parties, Members of the public (Operational)

Where the personal data is provided by our client this will typically be subject to the terms and conditions of your insurance policy, failure to allow us to process the data may lead to you being in breach of the terms and conditions of your insurance policy.

Human Resources

Shareholders

Supply Chain Partners

What is our lawful basis for collecting information about you?

For personal data to be processed lawfully in most countries, they must be processed on the basis of one of the lawful grounds stipulated by the applicable law. When sensitive Personal Data is being processed additional conditions must be met.

Depending on your relationship with us, the legal basis for us processing your Personal Data is one of the following:

What is our purpose for processing the information and how will we use that information?

Clients (Marketing and Operational)

Data held for marketing purposes is used to make contact with those who may be interested in our services and if you have previously appointed us, to make you aware of other services that we provide. We may analyse your interaction with our website and email communications to provide better marketing and focused communications.

If you are an attendee at one of our webinars we may record these sessions.  If a webinar is being recorded we will always notify you in advance.  Your name will be shared during the session and will be captured in the recording.  You have the option of sharing your image and audio during the session. If you choose to do so, this will be captured in the recording.  For recorded events we will email you a link when the event has ended.  We may publish the recording on our website and social media channels.  If an event recording will be published we will notify you of this.

If we hold your data for marketing purposes you have the right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Hawkins Group. If you no longer wish to be contacted for marketing purposes please email [email protected].

Client data held for operational purposes is used as part of an assignment we are appointed on.

Human Resources

Data held by our Human Resources team is used to:

Microsoft analytical data is processed solely for employee personal use to help with productivity, prioritise wellbeing with actionable recommendations such as reserving time for focused work. Analytics data will not be used by Hawkins for any other purpose. As a Viva Insights user, you can opt in and opt out at any time.

Client customers (Insured), Insured’s employees, other claim related third parties, Members of the public (Operational)

Operational data is held to analyse as part of an assignment we are appointed on by a client.

Shareholders

Shareholder data is held to manage individual shareholdings.

CCTV Footage

CCTV data held by Hawkins’ Group premises is held for security purposes only.

CCTV data may be held to analyse as part of an assignment we are appointed on by a client.

Supply Chain partners

Supply chain data is held for operational purposes and to mitigate any potential risks for Hawkins. 

Automated decision making or profiling / Artificial Intelligence (AI)

AI is an umbrella term for a range of technologies and approaches that often attempt to mimic human thought to solve complex tasks. 

Hawkins uses AI and machine learning for data loss prevention purposes.

An AI decision can be based on a prediction, a recommendation or a classification. It can also refer to a solely automated process, or one in which a human is involved. 

The Hawkins Group does not use any form of automated decision making or profiling for any purposes. A human will always consider the AI outputs and act (make a decision) based on this. 

Marketing

If we hold your data for marketing purposes you have the right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Hawkins Group. If you no longer wish to be contacted for marketing purposes please email [email protected].

Who might we share your Personal Data with?

Personal Data may be shared with the clients and suppliers of The Hawkins Group and other assignment related third parties.

Personal Data held by the Group may be transferred to:

International Data Transfers

Due to the global nature of our business, we may transfer personal data to third parties that have a different data protection regime than found in the country in which you are based. For example, we may transfer personal data internationally to our Group companies, service providers, business partners, government and public authorities in order to perform the services.

We rely on legally provided mechanisms to lawfully transfer personal data across borders. In most cases we will use the EU approved Standard Contractual Clauses. These Clauses ensure that any third parties have the appropriate safeguards and/or contractual obligations in place to ensure the safety and confidentiality of Personal Data.

If Standard Contractual Clauses are not applicable then Hawkins will ensure that additional safeguards are in place or an exemption applies.

How do we ensure security of Personal Data?

The Hawkins Group has auditable policies and processes in place meaning that personal data is processed in a manner that ensures security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures. This means that we have appropriate security in place to prevent the personal data we hold being accidentally or deliberately compromised.

Hawkins is Cyber Essentials Plus Certified. Cyber Essentials is an effective, government-backed scheme aimed at helping to protect our organisation against a whole range of the most common cyber attacks. This is important as vulnerability to these types of attacks can mark us out as target for more in-depth unwanted attention from cyber criminals and others.

What are my Rights?

Access to your information and correction

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of the personal information that we hold about you please either email us at [email protected] or write to us at:

Data Protection Officer
88 Leadenhall Street
London
EC3A 3BP

We want to ensure that your information is accurate and up to date, you may ask us to make corrections to your data.

Right to erasure

In certain circumstances you have the right to request us to erase your personal data. If you would like some or all of your personal data erased from our system please either email us at [email protected] or write to us at:

Data Protection Officer
88 Leadenhall Street
London
EC3A 3BP

Right to restrict processing

In certain circumstances you may request the restriction of your personal data. If you would like to make such a request, please either email us at [email protected] or write to us at: 

Data Protection Officer
88 Leadenhall Street
London
EC3A 3BP

Right to object

In certain circumstances you may request that we stop processing your personal data (for marketing purposes, for example, as detailed above). The right is not absolute and will be considered on a case-by-case basis. If you would like to make such a request, please either email us at [email protected] or write to us at: 

Data Protection Officer
88 Leadenhall Street
London
EC3A 3BP

How long will you retain my Personal Data?

The retention period for personal data will be assessed depending on the nature of the information held, why we hold it and what we are obliged to do by the regulator or the law. In most cases, we will keep your personal data for between three and seven years but this can be for longer if there is a legal, contractual or regulatory requirement to retain it for a longer period.

How do I lodge a complaint with the supervisory authority?

You have the right to lodge a complaint with the supervisory authority if you are not satisfied by the way in which we store and process your personal information.

Details of the supervisory authorities relevant to the jurisdictions in which the Hawkins Group operate are detailed below.

In the UK the supervisory authority is the Information Commissioner’s Office (ICO). The contact details for the ICO are:

Website:
Telephone:

0303 123 1113

Address:

Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
SK9 5AF

In Hong Kong the supervisory authority is The Office of the Privacy Commissioner for Personal Data. The contact details are:

Website:
Telephone:

2827 2827

Address:
Room 1303, 13/F
Sunlight Tower
248 Queen’s Road East
Wanchai
Hong Kong

In Singapore the supervisory authority is the Personal Data Protection Commission. The contact details are:

Website:
Telephone:
6377 3131
Address:
10 Pasir Panjang Road
#03-01 Mapletree Business City
Singapore
117438

There is no national authority in the UAE. A single national data privacy regulator will be established and known as the UAE Data Office. Further information will be available in due course.

Changes to this Privacy Notice

This Privacy Notice is regularly reviewed and may change from time to time.  This Privacy Notice was last updated on 15th November 2023 and is Version 14.0.

DATA PROTECTION REQUEST

Please complete this form and a relevant Hawkins team member will respond within one business day.

  • *Fields marked with an asterisk are required fields.

    Submitting this form will enter your details into our contacts database to enable Hawkins to respond to your enquiry. For details, on how we collect data from you and how the data is used, see our Privacy Notice.