Auf den Kopf stellen Zum Hauptinhalt gelangen Zur Fußzeile gelangen
Ondra Partners respects your privacy and is committed to protecting your personal data. “Personal data” is any data that can be used to identify you or that Ondra Partners can link to you and which Ondra Partners has in its possession or control. This privacy policy (the “Privacy Notice”) will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you. It also explains your rights in relation to your personal data, which includes the right to object to the processing of your personal data: see Your Rights below for further information.  

Purpose of this Privacy Notice

This Privacy Notice aims to give you information on how Ondra LLP, trading as Ondra Partners, collects and processes your personal data through your use of this website. Ondra Partners is a data controller in respect of your personal data, meaning we are the organisation legally responsible for deciding how and for what purposes it is used.  

How to read this Privacy Notice

You can download a pdf version of the policy here: Ondra Partners Privacy Notice.  

Who we are

In this Privacy Notice when we refer to “Ondra Partners” or “we”/“us”/“our” we mean Ondra LLP and Nexen Corporate Finance, trading as Ondra France. You can find our contact details and the details of the data controllers within Ondra Partners, by contacting us on GDPR@ondra.com  

Contact Details

If you have any questions about this Privacy Notice, please contact us in the following ways:
  • Postal address: 125 Old Broad Street, London, EC2N 1AR
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.  

Changes to the Privacy Policy

We keep our privacy policy under regular review. This version was last updated on 22 August 2023.  

Data we collect about you

We will collect and process personal data that you or someone acting on your behalf provides to us by filling in forms, signing up for services on the website, and communicating with us face-to-face, by phone, email or otherwise. We will collect and process personal data, and generate information about you, when you use our services or when we otherwise interact with you. We use various technologies to collect and store information when you visit our websites, such as the method you use to access the website, your IP address, your geographic location, your browser type and the content you view. For information about how we use cookies and the choices you may have, please refer to our cookies policy here.  

Our Clients

If you are a client, or are connected with one of our client’s matters, we will collect and process personal data about you or others that is provided to us in connection with the provision of services to you or to that client. We will also collect, use, store and process different kinds of personal data about you, which we have grouped together as follows:
  • your transactions data, which includes details about payments to and from you and other details of products and services you have purchased from us
  • financial information, which includes bank account and payment card details
  • relationship to others, which includes reports and information for tax reporting or compliance with legal or regulatory obligations, such as anti-money laundering regulations, insider lists and regulator information requests.
Where required by legal or regulatory obligations or otherwise where we have a specific legal basis, we will record telephone calls between you and Ondra Partners.   Data Obtained from Third Parties We might receive your personal data from third parties, such as your employer, counterparties to a transaction and regulators.    

How we use your data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data where we need to perform a contract we have entered into with you, it is necessary for our legitimate interest or we need to comply with a legal obligation. We will process your personal data to:
  • provide and improve our products and services;
  • verify your identity, including to prevent fraud;
  • contact you in connection with the services we offer and manage our relationship;
  • perform contracts with you;
  • comply with our legal obligations, including reporting and anti-money laundering obligations; and
  • identify and prevent fraudulent and illegal activities; and
  • engage in marketing and business development activity
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

Third parties

We may share your personal data with third parties where it is necessary for the purposes outlined above. Examples of third parties that we may share your data with are professional advisers, companies that help us administer the website or provide due diligence services, and other checking services. Where personal data is disclosed to third parties, we will take steps to ensure your personal data is accessed only by people who need to do so for the purposes described in this Privacy Notice. We may disclose your personal information to third parties if we are required to do so to comply with a legal obligation. Finally, in the event that we sell or buy any business or assets, we may disclose personal data to the prospective seller or buyer of such business or assets. Your personal data would only be transferred to the extent that such a transfer was required for the purposes of due diligence and was in accordance with applicable law and subject to appropriate security protections, such as confidentiality restrictions or anonymization. If we are acquired by a third party, personal data will be one of the transferred assets.  

International transfers

We may share your personal data within our group, which will involve transferring your data to France. Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring that we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data. To obtain more details on these transfers and, where appropriate, copies of the applicable safeguards implemented, you may contact: GDPR@ondra.com  

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised or unlawful way. We limit access to your personal data to employees and third parties who have a genuine need to access it. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.  

Data retention

How long we hold your personal data for will vary. The retention period will be determined by the purpose for which we are using it and our legal obligations. We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for: see How and Why We Use Your Data (e.g. contract performance duration). We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. By law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for 7 years after they cease being clients. In some circumstances you can ask us to delete your data: see Your Rights below for further information. Following the end of the relevant retention period, we will delete or anonymise your personal data.  

Your rights

You have legal rights in relation to the data we hold about you. You can exercise your rights, make requests and raise questions by contacting us on GDPR@ondra.com

Right to Access

You have the right to obtain information about how we process your personal data and access the personal data which we hold about you.

Right to Rectification

You have the right to request that we rectify your personal data if it is inaccurate or incomplete. We may need to verify the new information you provide to us.

Right to Erasure

You have the right to ask us to erase your personal data where there is no good reason for us to continue processing it, you have objected to our processing it, or where we have unlawfully processed it. If we cannot comply with your request for erasure for specific legal reasons, we will notify you.

Object to Processing

You have the right to object to us processing your personal data. You must give specific legal reasons for your objection, and we are not obliged to comply with your request if we have a compelling reason to lawfully continue processing your personal data.

Right to Withdraw Consent

Where we are relying on your consent to process your personal data, you have the right to withdraw your consent.

Right to Complain

You have the right to lodge a complaint with the ICO if you think we have infringed your rights.