Below sets out information in relation to the services we provide you.
Firm means City & Continental Ltd.
Firm Individual means any director, associate, consultant, officer or employee of the Firm, and Firm Individuals shall be construed accordingly.
we, us, and our, means the Firm.
you means the client, being the person or persons identified by us as having provided our instructions and to whom we are providing the services and your shall be construed accordingly.
The Firm is a private limited company incorporated in England and Wales (number 09997053) with registered office and principal place of business at Cheyne House, Crown Court, 62-63 Cheapside, London EC2V 6AX, United Kingdom. The group VAT number is 223425636.
The Firm is part of the Allia Group. Allia Ltd is registered in the UK under the Co-operative and Community Benefit Societies Act 2014 (No. 28861R) and recognised by HMRC as a charity (XR29468). Its registered office is at Future Business Centre, King’s Hedges Road, Cambridge, CB4 2HY.
3. Regulatory Regime
The Firm is authorised and regulated by the Financial Conduct Authority (“FCA”), 12 Endeavour Square, London, E20 1JN, United Kingdom for certain designated investment business under number 765603. The FCA register detailing the Firm’s status can be accessed here.
The Firm is not authorised to provide designated investment business to retail clients. It provides designated investment business to professional clients and eligible counterparties.
The Firm does not hold client money.
Subject to paragraph 8 below, we owe an overriding duty of confidentiality to our clients which includes prospective and former clients.
5. Telephone Conversations
We record telephone conversations in accordance with the FCA’s rules. Records of such conversations and communications are available upon request.
6. Conflicts Policy
The FCA’s rules require the Firm to takes all appropriate steps to identify and to prevent or manage conflicts of interest between Firm Individuals and its clients or one client and another client. Our conflicts policy is available upon written request to firstname.lastname@example.org.
7. Data Protection
- the types of personal data we hold and our legal grounds for doing so
- how we collect and protect your personal data
- your rights in relation to the personal data we hold about you
Below, “GDPR” means Regulation (EU) 2016/679, the General Data Protection Regulation, together with any additional implementing legislation, rules or regulations that are issued by applicable supervisory authorities and the following terms used below are defined in the GDPR: “controller”, “personal data”, “personal data breach”, “processing”, “processor” and “pseudonymisation”.
To the extent that we are a processor of personal data on your behalf as controller:
- We represent that we have implemented appropriate technical and organisational measures in such a manner that our processing of personal data will meet the requirements of the GDPR and ensure the protection of the rights of data subjects.
- We shall not engage another processor without your prior specific or general written authorisation. In the case of general written authorisation, we shall inform you of any intended changes concerning the addition or replacement of other processors and give you the opportunity to object to such changes. Where we do engage another processor to carry out specific processing activities on your behalf as the controller, the data protection obligations set forth herein shall be imposed upon that other processor, so that our contract with such other processor contains sufficient guarantees that the processing will meet the requirements of the GDPR.
- The following terms are incorporated by reference into the written agreements between you and us:
(a) We shall process the personal data only: (i) as needed to provide the relevant services to you; and (ii) in accordance with the specific instructions received from you, including with regard to any transfers of personal data to a third country or an international organisation, unless required to do so by European union or member state law to which we are subject, in which case, we shall provide prior notice to you of such legal requirement, unless that law prohibits this disclosure on important grounds of public interest;
(b) We shall ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
(c) We shall take the following security measures:
(i) Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including, inter alia, as appropriate: (A) the pseudonymisation and encryption of personal data; (B) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (C) the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; (D) a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
(ii) In assessing the appropriate level of security, account shall be taken in particular of the risks that are presented by processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.
(iii) Any natural person acting under our authority who has access to personal data does not process them except on written instructions from you, unless he or she is required to do so by European union or member state law.
(d) Taking into account the nature of the processing, we shall reasonably assist you by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of your obligation to respond to requests for exercising the data subject’s rights;
(e) Taking into account the nature of processing and the information available to us, we shall assist you in ensuring compliance with the obligations regarding security, personal data breaches, data protection impact assessments and prior consultation;
(f) At your discretion, we shall delete or return all the personal data to you after the end of the provision of the services relating to the processing, and delete existing copies unless European union or member state law requires storage of the personal data; and
(g) We shall provide you with all information necessary to demonstrate compliance with the obligations laid down in the GDPR, and allow for and contribute to audits, including inspections, conducted by you or another auditor mandated by you. We shall immediately inform you if, in your opinion, an instruction infringes the GDPR or other European union or member state data protection provisions.
We shall promptly and thoroughly investigate all allegations of unauthorised access to, use or disclosure of the personal data. We will notify you without undue delay in the event of any personal data breach where we are legally required to do so. We shall also maintain the applicable Article 30 records as required by the GDPR.
8. Financial Crime
The Firm will carry out appropriate, risk-based due diligence before agreeing to accept an engagement with any client.
We will be obliged to make a report to the relevant authorities if at any time we become aware of or suspect financial crime in relation to any matters on which we are engaged or services provided by third parties for the Firm. Our obligation to make such a report will override our duty of client confidentiality and we may not be permitted to inform the client concerned whether or not we have made, or might intend to make, such a report.
Where we request personal data for “know-your-customer” purposes, these will typically include:
- A passport;
- A full photocard driving licence; or
- Any other official document including a photograph.
A natural person may also be asked to provide one of the following documents as proof of permanent address:
- An original bank statement (no more than 3 months old);
- An original utility bill (no more than 3 months old) – excluding mobile phone bills;
- An original local authority tax bill (no more than 3 months old); or
- Evidence on the Electoral Register.
We may also request an up-to-date structure chart identifying: (i) the beneficial owners holding or controlling, directly or indirectly, 15% or more of the shares or voting rights in the company; (ii) any other person who otherwise exercises control over the management of the company; and (iii) the ultimate beneficial owner of the company. The structure chart should have the percentage splits of the relevant shareholdings.
We may request that some or all of the above-mentioned documents are certified by an independent, qualified lawyer, notary, FCA-approved person or accountant. Any certified copy document should state:
- The name, address and firm of the person certifying;
- That the person certifying has seen the original document in its entirety;
- That the copy is a true copy of the original; and
- That any photograph is a true likeness of the individual.
9. Inside Information and Insider Lists
Where you have obligations in relation to the control of inside information and a matter will or may involve our employees working for you on this matter being in possession of inside information we will maintain a list of those of our employees who are in possession of inside information.
We also take reasonable measures to ensure that where we are notified that our employees have access to inside information relating to any client, they understand and acknowledge the legal and regulatory duties imposed on persons in possession of such information and the sanctions involved for misuse and improper disclosure of such information.
10. Complaints Procedure
We have a policy and procedure for dealing with complaints. If you are not satisfied with any contractually agreed services received by us, please email the relevant Firm Individual involved in your matter copying in email@example.com. All complaints will be considered promptly and fairly and will be investigated by a senior manager who was not involved in the subject matter of the complaint. Our detailed complaints policy and procedures is available upon request.
If a complaint is not resolved to your satisfaction and you qualify as an ‘eligible complainant’ as defined in the FCA Handbook, you may be able to refer the complaint to the Financial Ombudsman Service, Exchange Tower, Harbour Exchange, London, E14 9SR (www.financial-ombudsman.org.uk). The Financial Ombudsman Service is an organisation set up by law to give consumers a free and independent service for resolving disputes with financial firms. Details of the persons who are ‘eligible complainants’ can be obtained from the Financial Ombudsman Service. Save for very limited circumstances, persons classified as professional clients will not be eligible to have complaints dealt with by the Financial Ombudsman Service.
The Firm is covered by the Financial Services Compensation Scheme Limited (“FSCS“). In certain circumstances, and if the relevant client is an ‘eligible complainant’ (as defined in the FCA Rules), the client may be entitled to compensation from the FSCS if the Firm is in default and unable to meet its financial obligations to the client.
Our advice is provided to and for the benefit of our client only. No other person may use or rely upon the work undertaken for our client nor derive any rights or benefits from such work without our prior written approval.