When do we collect personal data?
We collect information about you if:
- you use this website;
- you enquire about, or engage Blackrock to provide, its services (either in a personal capacity, or as a representative for your employer or client);
- the use of your personal information is reasonably necessary to provide our services (in these circumstances, your personal information may be disclosed to us by our client who may, for example, be your employer or service provider, or we may obtain your personal information from a range of public or subscription sources, directly from you, or from your associates or persons known to you);
- you apply for a position with Blackrock;
- you attend a Blackrock hosted or sponsored event;
- you contact us with any other enquiry, complaint or notice.
What data do we collect?
Our Site may use “cookies” to enhance visitor experience. Cookies are small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.
Former, Current and Prospective Clients
If you submit an enquiry to Blackrock about our services (either over the website, or by emailing, telephoning or meeting with one of our colleagues), then we will process information such as your name, job title and contact information in order to respond to your enquiry.
If you attend a Blackrock event, or if you associate with a Blackrock colleague at, for example, an industry event, then Blackrock may collect basic personal information, such as contact details, which you voluntarily provide (for example, by filling in a form or handing over a business card) in order to facilitate your participation in the event, and for the management of our relationship with you as an actual or prospective client.
If you or the organisation you are associated with becomes a Blackrock client, then we may process your personal information in order to:
- carry out Conflict Checks and screening prior to starting a new engagement (as well as basic contact information, this may mean processing compliance related information such as proof of your identity, information about your professional background, history of directorships and, in some circumstance, details of any criminal convictions or adverse media coverage);
- carry out client communication, service, billing and administration;
- deal with client complaints; and
- administer claims.
Taking account of applicable marketing laws, we also process personal information about our clients (former, current and prospective) in order to:
- send our clients newsletters, know-how, promotional material and other marketing communications;
- invite our clients to events (and arrange and administer those events).
Performing Services for Our Clients
As discussed above, many of our services involve the processing of personal information. In the majority of cases, personal information is provided to us in strict confidence, subject to restrictive undertakings on its use / disclosure.
If you apply for a position with Blackrock, we will need to collect personal information in order to consider your application, and during any interview and assessment phase.
If you contact us for any other reason, we will collect basic contact details, as well as any other personal information relevant to the reason for your enquiry, in order to resolve that enquiry.
What is our legal basis for collecting personal information?
All processing (i.e. use) of your personal information is justified by a “lawful basis” for processing. In the majority of cases, processing will be justified on the basis that:
- the processing is necessary for the performance of a contract to which you are a party, or to take steps (at your request) to enter into a contract (e.g. where you request certain services as an individual client, or where we help advise your employer or service provider on fulfilling an obligation to you under a contract);
- the processing is necessary for us to comply with a relevant legal obligation (e.g. where we are required to collect certain information about our clients for tax or accounting purposes, or where we are required to make disclosures to courts or regulators); or
- the processing is in our legitimate interests, subject to due consideration for your interests and fundamental rights (this is the basis we rely upon for the majority of the processing of personal information in connection with the provision of our services, and also for the purposes of most client on-boarding, administration and relationship management activities).
In limited circumstances, we will use your consent as the basis for processing your personal information, for example, where we are required by applicable law to obtain your prior consent in order to send you marketing communications.
Before collecting and/or using any special categories of data (as that term is defined in the GDPR), or criminal record data, we will establish a lawful exemption which will allow us to use that information. This exemption will typically be:
- your explicit consent;
- the establishment, exercise or defence by us or third parties of legal claims; or
- other uses allowed by applicable law including context specific exemptions provided for under local laws of EU Member States and other countries implementing the GDPR, such as in relation to the processing of special category data for the purposes of preventing or detecting fraud in relation to instructions from potential clients.
Disclosure of Personal Information to Third Parties
Blackrock may also disclose your personal information for the purposes of:
- responding to requests from law enforcement agencies, regulators or courts, or to subpoenas, search warrants, or other legal requests;
- the prevention and/or detection of crime;
- establishing legal rights or to investigate or pursue legal claims;
- a merger, acquisition or corporate restructuring to which Blackrock is subject;
- preventing risk of harm to an individual.
International Hosting and Transfer of Information
Blackrock is an international organisation and may transfer certain personal information collected on its websites across geographical borders to Blackrock offices, personnel, or third parties located throughout the world. Blackrock may also store such information in a jurisdiction other than where you are based including outside of the European Economic Area (“EEA”).
Blackrock will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights.
You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.
Blackrock has reasonable technical safeguards, security policies and procedures in place to protect personal information from unauthorised loss, misuse, alteration, or destruction. Measures we take include placing confidentiality requirements on our staff members and service providers, limiting access to your personal information on a “need to know” basis, and providing training to appropriate Blackrock personnel.
Despite Blackrock’s best efforts, however, security cannot be absolutely guaranteed against all threats.
Retention of your personal information
Blackrock retains your personal information for the period of time required for the purposes for which it was collected, any compatible purposes which we subsequently establish, or any new purposes to which you subsequently consent, or to comply with legal, regulatory and Blackrock policy requirements.
You are entitled to view, amend, or delete the personal information that we hold. Email your request to our data protection officer Sarah Sutherland at email@example.com
Blackrock may send you information related to its services, products and events that we believe are of interest to you. This information may be sent by post or via email. If at any point you no longer prefer to receive marketing communications from Blackrock you can (i) unsubscribe from Blackrock communications sent by email using a link provided in marketing emails sent from Blackrock; or (ii) contact us to exercise your right to prevent all forms of marketing (both post and email).
Changes to this Policy
If you have questions or concerns regarding this policy or Blackrock’s personal data processing policies, please contact Blackrock at: firstname.lastname@example.org
Last updated 25 May 2018