Privacy Policy

Whitman Asset Management Limited (“we”) and members of our group are committed to keeping your personal data safe and to ensuring the integrity and security of any personal data we may process.

European legislation including the General Data Protection Regulation (“GDPR”) and applicable national acts implementing the GDPR such as the UK Data Protection Act 2018 (or such other UK laws implementing the GDPR in the UK), has the objective of maintaining a high level of protection for personal data and enhancing your rights in respect of your personal data.

We ask you to read this privacy notice very carefully as it contains important information on the way in which we will process your personal data, in particular:

  • The personal information we collect about you;
  • Our basis for processing your personal data;
  • What we do with your personal information;
  • Who your personal data may be shared with; and
  • Your rights as a data subject under the Data Protection regulations.

What is personal data and how is it collected?

Personal data includes any information that directly or indirectly identifies an individual. We collect personal data relating to you and your use of our services from a variety of sources, which are detailed below.

We may collect certain personal data, such as personally identifiable information (such as name, date of birth), contact information (such as telephone number, address, email), financial information, employment and education data, other information gained during interactions or correspondence with you and, sensitive personal data.

We may collect your personal data directly from you, as well as from other parties. This includes where you agree to act as a Third Party Authority for a client of ours, as well as from third parties, such as credit reference agencies, fraud prevention agencies, electoral roll, financial advisors, court records of debt judgments and introducers and other publicly available sources.

Our basis for processing your personal data

We will only process your data where we have a valid lawful basis for doing so. We may rely on the following lawful bases for collecting and further processing your personal data:

  • Contractual necessity;
  • Legal or regulatory obligation;
  • Legitimate interest; or
  • Consent.

Why do we process personal data?

We will process your personal data for the following purposes:

  • To perform our contract with you;
  • To respond to queries you send us;
  • For our own legitimate interests (detailed below);
  • To identify you when you contact us;
  • To contact you about our services;
  • To comply with a legal obligation; and
  • To ensure the services we provide are suitable and appropriate.

Special Category data

Under data protection regulations, sensitive personal data is defined as “special category data”.

We may be required to gain your explicit consent prior to processing any sensitive information about you, for example information about your physical health.

Sensitive personal data is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

You have the right to ask us not to record this information and may withdraw your consent at any time by contacting us.

Legitimate interest

We may use your personal data for our legitimate business interests in order to allow us to provide the best services and customer experience and to ensure our service remains relevant and tailored to your needs. For example, we may rely on our legitimate interest to process your personal data for the following purposes:

  • Marketing, relating to products and services compatible with the original purpose for which we originally gained the information;
  • To send you company updates, newsletters or other marketing communications;
  • To enhance, modify, personalise or otherwise improve our services and communications for your benefit.

Please note you have the right to object to any processing for which we rely on legitimate interest as the legal basis. You can do so by using the contact details set out at the end of this privacy notice.

Who do we share your personal data with?

We share your data with approved third-party providers that have adequate data protection measures in place that align with the requirements of the data protection regulation. For example:

  • Professional companies and other persons providing services to us including legal, professional advisers, auditors, tax and accountancy advisers and printing services;
  • Our vendors, for example the supplier of the client lifecycle management platform we use to manage our client engagement, onboarding and management;
  • Credit reference agencies, identity reference agencies and fraud prevention agencies; and
  • Government bodies and agencies in the UK e.g. HMRC.

We do not share data outside of the EU and we do not sell your personal data or other information to any third party.

Your rights in respect of your data are:

  • Right to be informed – you have the right to be informed of what we do with your data. The detail of what we do is in this privacy notice.
  • Access rights: You can request a copy of the personal information we hold about you.
  • Right to request rectification: We take reasonable steps to keep your information accurate, but you can also ask us to change any information we hold about you to keep it accurate, complete and current.
  • Right to request erasure (‘to be forgotten’): You have the right to ask us to delete the personal information we hold on you; however, please note that there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it.
  • Portability: You have the right to request that we send the personal data you provided to us to another data controller in a commonly used electronic format, where technically feasible.
  • Right to request restriction: You can request that we restrict our processing of your personal information.
  • Right to raise an objection to our processing: Where our processing of your information is performed on the basis of ‘legitimate business interest’, then you can request we stop.
  • Right to complain to a supervisory authority: If you are dissatisfied with our use or management of your personal information, you have the right to complain to an EU Data Protection Supervisory Authority. In the UK, the relevant Data Protection Supervisory Authority is the Information Commissioner’s Office (ICO) and you can contact them via their website:

Personal data provided in respect of third parties

You acknowledge that you must have the authority to provide any third party’s personal data to us and agree to share this data protection notice with such third parties and inform them of the details you have advised us of.

Our retention policy

We will only keep your personal data for as long as necessary for the purposes for which it was first gained. Personal data will be retained for the purposes detailed in this privacy policy and where we have a legal or regulatory basis for doing so.
We will regularly review our records to ensure that we do not retain your personal data longer than is necessary, unless there is a legal or regulatory reason for extended retention.


Cookies are used by nearly all websites and do not harm your system. If you want to check or change what types of cookies you accept, this can usually be altered within your browser settings.

We may use cookies to track your use of our website. This enables us to understand how you use the site and track any patterns that emerge individually or from larger groups. This helps us to develop and improve our website and services in response to what our visitors want and need.

Review of this policy

We may make changes to this policy from time to time and will post such updates on our website.

Who are we and how to contact us?

Whitman Asset Management Limited is a data controller for the purposes specified in this privacy statement. You can contact us directly if you have any questions about this privacy notice or in order to exercise your data subject rights by addressing your email questions and requests via a method shown on our web page or by one of the following means:

By Phone: 0207 8467460
By Post (Business Address):
Whitman Asset Management Limited
1 Manchester Square,