Privacy Policy

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities if you have a complaint.

1. Who are we and what do we do?

AH& Legal Ltd (“A&H”), company number: 11204912, is a consulting firm based in London, England. We provide various legal, compliance, and investigations services to our clients.

2. Scope

We are committed to safeguarding the privacy of personal information provided to us or collected by us during our business activities. This privacy policy applies to the personal information we collect from visitors to our A&H website. It does not apply to any third-party websites that may have links to our website.
We collect, use, and are responsible for certain personal data about individuals. We are subject to the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR) for services offered in the European Economic Area (EEA).

Our Services and website are not targeted specifically at children. If you are a child and want further information about how we use your data, please contact us (see ‘How to contact us’ below).

3. Key terms

– Personal data: Information relating to an identified or identifiable natural person, including obvious data like name, identification numbers, and online identifiers.
– Special category data: Includes sensitive information like race, ethnic origin, political opinions, religious beliefs, genetic data, health data, or data concerning sex life or sexual orientation.
– Data subject: The individual to whom the personal data relates.

4. Why we use and collect your personal information

We collect and use personal information for various purposes, including:
– Improving website experience and service quality for visitors
– Fulfilling services provided to clients
– Responding to non-contractual inquiries
– Business administration, legal compliance, and protection of rights
– Keeping clients updated with legal developments and insights
– Recruitment processes
For more detailed information on the purposes and collection methods, please refer to the provided table in section 4 of the original text.

5. Visitors to our website

We use cookies to improve the website experience and the quality of service provided. Cookies are small text files stored on your computer while visiting a website. They help us remember personal settings but do not collect information that identifies you personally. This website only uses cookies that are strictly necessary for your browsing experience. By continuing to use this site, you are consenting to the use of cookies.

6. Enquiries

Enquiries refer to requests made by individuals where no contractual relationship exists. We collect contact information and other relevant personal details to respond to these requests.

7. Fulfilment of Services

We collect and maintain personal information voluntarily submitted to us during the use of our Services or to enable us to perform the Services. Additional terms may apply based on the contract with the individual.

8. Business administration and legal compliance

We may use personal information for business administration, legal compliance, and protection of rights purposes. This includes verifying identity, complying with laws and regulations, investigating disputes, and enforcing agreements. It may also involve sending updates and marketing communications about our Services, which can be opted out at any time.

9. Recruitment

When individuals apply to work with us, we process the information provided for application processing and recruitment purposes. Background checks and other necessary verifications may be conducted.

10. Special category data

If we process special category personal data, we ensure compliance with data protection laws and have a lawful basis for processing, such as explicit consent, protection of vital interests, legal claims, or substantial public interest.

11. Legal basis for processing personal information

We process personal information based on the following legal bases:
– Performance of contractual obligations
– Consent from the individual or their organization
– Legitimate interests of us or a third party
– Legal obligations imposed upon us

12. Sharing personal data

We may share personal data with employees, consultants, and various third-party categories necessary for delivering our services. These parties include service providers, external advisors, financial institutions, marketing agencies, and others. We require appropriate security measures from these parties to protect personal data.
Personal data may also be shared with professional advisors, law enforcement agencies, regulatory bodies, or in the event of a significant corporate transaction or restructuring.

13. Data retention

We retain personal information for the period necessary to fulfill the purpose for which it was collected and to comply with legal, regulatory, accounting, or reporting requirements. The retention periods may vary based on the type of interaction and our obligations under GDPR or similar legislation.

14. Transferring personal data abroad

In some cases, it may be necessary to transfer personal data to countries outside the UK and EEA. We ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or specific exceptions under data protection law.

15. Security and confidentiality of personal data

We have implemented technical and organizational measures to keep personal data secure and confidential. Access to personal data is limited to authorized individuals who are bound by confidentiality obligations. We also require business partners and third parties to implement appropriate security measures.
In the event of a suspected data security breach, we will notify the affected parties and relevant regulators, as required.

16. Your rights

Individuals have certain rights regarding their personal data, including the right of access, rectification, erasure, restriction of processing, data portability, objection, and withdrawal of consent. These rights can be exercised by contacting us through the provided email address and providing necessary identification information.
Please note that certain rights may be limited in specific situations or exempt due to legal obligations or professional secrecy obligations.

17. Complaints

If you have concerns or complaints regarding our use of personal data, please contact us. We aim to address any issues promptly. If you believe your complaint has not been adequately resolved, you can lodge a complaint with the UK Information Commissioner or the relevant supervisory authority in your jurisdiction.

18. Changes to the privacy policy

We may make changes to this Privacy Policy to reflect updates in our use of personal information or to comply with legal or regulatory requirements. We encourage individuals to review the policy periodically to stay informed. Significant changes may be notified via email when practicable.

Last Updated June 2023