Data protection privacy notice

We are committed to protecting your personal information and ensuring we respect your privacy.  This Privacy Notice explains how we will look after and use any personal information that we collect about you.

What is personal information?

Personal information means any information about you from which you can be identified.  Examples of personal information include your name, home address, national insurance number, date of birth, telephone number and email address but it also includes other pieces of information which can be used to identify you, either directly or indirectly, such as a cookie.

Who we are

The Ingenious Capital Management Holdings Limited and Ingenious Media Holdings Limited Group companies, which are data controllers, are listed below. Ingenious Capital Management Limited will usually be the controller of your data, though in some cases you will have an agreement with another Ingenious company, which will be the controller. If you have any questions about this Privacy Notice or the information we hold about you, please contact our Data Protection Officer using the details set out below:

Ingenious Companies:

  • Ingenious Media Limited
  • Ingenious (IEP Cover) Limited
  • IFP1 Corporate Partner Limited
  • IFP2 Corporate Partner Limited
  • Ingenious Capital Management Limited
  • Ingenious Collections Limited
  • Ingenious Film Partners 2 Limited
  • Ingenious Film Partners 3 Limited
  • Ingenious Film Partners Limited
  • Ingenious Films Limited
  • Ingenious Media Investments Limited
  • Ingenious Media Limited
  • Ingenious Media Services Limited
  • Ingenious Resources Limited
  • Ingenious Ventures Limited
  • Ingenious Real Estate Finance LLP
  • Ingenious Real Estate Finance 2 LLP
  • IRE Security Limited

Name or title of DPO or relevant contactMark Cowie

Email address:

Postal address:  Ingenious Media Limited, 15 Golden Square, London, W1F 9JG

Contact telephone number: 0207 319 4000

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.  We would however appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

What types of information do we use?

We collect information in the course of providing our financial services to you.  The information about you, which we may collect, use, and store is:

  • Payment information (bank account, credit card or other details);
  • Employment or work history/background;
  • Credit history;
  • Criminal record;
  • Information on trading or other financial activity;
  • Contractual/contact information (i.e. our ‘history’ together – services provided or discussed);
  • Instructions or requests;
  • Financial information (financial position and history);
  • Documentary data (things can include passport or drivers licence or other forms of identification); and
  • Tax information.

Please note that any data relating to a criminal record will not be held or processed by us and we will delete such records once they have been received and read.

We may collect the following information from you, which is referred to as a special category of personal data because it is sensitive information about you and will require special protections.  The information we collect is in relation to your:

  • Health data.

We are able to process this information because you have explicitly consented to the processing of this data in relation to one of our products. This is set out in our investor application forms, or other relevant legal agreement.

Consequences of not providing some types of information

Where we need to collect your personal information by law, or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to provide the products and services you asked for.  In this case we may have to cancel the product or services but we will tell you if this is the case.

How do we collect information about you?

Typically we will collect information from you when you contact us directly or provide information in order for us to provide our products and services.  We collect information from and about you in the following ways:

Through direct interactions when you, or someone you that you have authorised to, give us your personal information by filling in forms or during correspondence with us. This includes when you:

  • Apply for our products and services;
  • Create an account;
  • Complete questionnaires, for example to give us feedback; and
  • Speak to us over the telephone.

Through using our website when we collect information using cookies or similar technologies which tell us about your equipment, browsing actions and patterns.

Through third parties such as fraud and money laundering prevention agencies.  We may also receive personal information from other companies and organisations such as independent financial advisers. The third parties which we receive personal information from are as follows:

  • Credit assessment and anti-financial crime screening service providers
  • Recruitment Agencies
  • Independent financial advisers
  • Marketing data providers

How we will use your personal information

We only obtain, use and keep personal information where we need it for a specific purpose.  We set out in the table below the ways in which we plan to use your personal information.  We are only able to use your personal information if we have a proper legal reason or basis for doing so.  This is called a legal basis and the regulations require that we have a legal basis so that your privacy is protected.  Most commonly we will use your information in the following ways:

  • We have a contract with you. For example, we have agreed to provide financial advice or to manage investments for you and have a contractual agreement to do this.
  • We have a legal obligation. We need to use your personal information to comply with laws that assist in the prevention of financial crime and to comply with regulatory obligations.  For example, this might include confirming your identity and source of wealth, as well as ensuring we provide you with necessary information so you understand the risk of the financial services we can provide.
  • We, or a third party, have a legitimate interest in processing the information and your interests and fundamental right do not override those interests. For example, processing your information to provide investment management services to you.

We set out in the table below all the ways we plan to use your personal information and the legal bases we rely on to do so.  We also explain what our legitimate interests are where appropriate:

To on-board you as a new customerTo fulfil our contact with you
To manage your accountTo fulfil our contact with you
To monitor your investment on an on-going basisTo fulfil our contact with you
To meet our regulatory obligations to provide you with regular information about your investmentTo fulfil our regulatory obligations
To conduct customer due diligenceTo fulfil our legal duties to prevent financial crime
To contact you about other products and services we think you may be interested inNecessary for our legitimate interests – to develop our products and services.
To acquire an asset from you or enable you to purchase an asset we are seeking to dispose ofNecessary for our legitimate interests – to manage our clients’ investment portfolios
We hold some historic data on past investments in the event that any issues arise in relation to these investmentsNecessary for our legitimate interests – to resolve issues that arise in relation to historic investments
To facilitate our internal business operationsNecessary for our legitimate interests – to manage our business and financial affairs in order to ensure that we can continue operating as a business

For due diligence purposes

Necessary for our legitimate interests – if we are acquired by a third party or if we sell our business or assets

We will only use your personal information for the reason for which we collected it.  We will only use it for another reason if we believe that the new reason is compatible with the original purpose.  If we do need to use your personal information for a non-related purpose we will tell you about it and explain the legal basis which allows us to do so.


We can use your personal information to send you communications if we believe we have a ‘legitimate interest’.  We are required to make an assessment with regards to the benefits for us weighed against how appropriate it is to contact you in this way and whether it would be unfair to you. We believe that as a commercial enterprise we do have a legitimate interest in contacting you about our products or services and we will only do so if we decide it would be of interest or beneficial for you.

You are free to change your mind at any time by selecting the email preferences link which you will find at the bottom of all marketing communications or by emailing our Client Service team at

Who we share your information with

We may need to provide information to third parties for a variety of reasons, for example, we may need to provide information to assist in the detection or prevention of crime or for the purpose of safeguarding national security.  Please refer to the table in the section ‘How we will use your personal information’ which explains how we use your data.  The third parties we may share your information with are as follows:

  • custodians;
  • depositories;
  • fund management, administration and services companies
  • anti-financial crime service providers;
  • professional advisors (including law firms);
  • company registrars;
  • payment services providers;
  • debt collection agencies;
  • credit reference and fraud prevention agencies; and
  • where required for a proposed sale, reorganisation, transfer, financial arrangement, asset disposal or other transaction relating to our business and/or assets held by our business.

Sending your information outside of the EEA

The regulations which have been put in place to protect your privacy apply throughout the EEA.  The EEA is the European Economic Area which includes all the countries in the European Union plus Iceland, Liechtenstein and Norway. This means that any country within the EEA must meet the same privacy standards as the United Kingdom. All the personal information that we hold about you will be processed in the United Kingdom/EEA.

Storing your information

As a financial services provider, we will typically have a contract with you and will need to keep your personal information (updated to ensure accuracy) to fulfil our contract.  We also need to comply with EU and UK law, which often requires us to keep certain records - which will include certain personal information – for several years or indefinitely for certain types of services, i.e. in relation to life policies.

We will ensure all records are safely destroyed if we no longer need to retain them.  We review our retention periods for personal information on a regular basis. We will tell you if we change the retention period.

When we decide how long we will retain your personal information, we will take into account the amount, nature, sensitivity of your information and how we want to use it as well as the potential risk of harm being caused from unauthorised use or disclosure.

Your rights

You are provided with a number of different rights under the data protection laws in relation to your personal information. These allow you:

  • To access your information;
  • To request we correct your information;
  • To request that we erase your information;
  • To object to the processing of your information;
  • To request a restriction in the processing of your information;
  • To request a transfer of your information; and
  • To withdraw your consent.

If you wish to exercise any of these rights, please email Please note that you will not have to pay a fee to access your personal information or to exercise any of the other rights.  We may, however, charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or we may refuse to deal with your request.  We may also need to seek further information from you to confirm your identity before we release any personal information.  This does not affect your right to make a complaint.


We have put in place appropriate security measures to protect your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  We have a procedure to deal with any suspected personal data breach and will notify you, and other regulators, where we are legally required to do so.