Privacy policy.

This policy sets out the obligations of Crescent Advisory Limited (we/us/our) regarding data protection and the rights of customers, business contacts etc (“data subjects”) in respect of their personal information under EU General Data Protection Regulation 2016/679 (“GDPR”) together with all other applicable legislation relating to privacy or data protection. It explains who we are, why and how we process personal information, your rights and how you can contact us if you wish to do so.

The type of personal information we collect

We currently collect and process the following information:

  • Personal identifiers, contacts and characteristics (for example, name, and contact details);

  • Information we obtain from instructions from our clients;

  • Information gathered during communications with you;

  • Personal data from third parties and publicly available records such as social media, media reports, corporate records, and other publicly available databases.

How we collect personal information and why we have it

We may process personal information about you for various business purposes. Examples of type of uses of information we may process include:

  • To enter into a contractual agreement with you;

  • To provide our services to you;

  • To administrate and manage our relationship with you;

  • To process billing enquiries and payments;

  • To comply with any requirement of applicable laws or regulations;

  • Your usage of our website.

Under GDPR, the lawful bases we rely on for processing this information are:

  • Your consent (you are able to remove your consent at any time by using our contact form);

  • We have a contractual obligation;

  • We have a legal obligation.

How we store your personal information

We retain personal data provided to us by you as is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed. Administrative data provided to us by you will be retained for the length of our engagement with you and a further 5 years thereafter to identify any issues and resolve and legal issues. When personal data collected and processed to allow us to deliver our services to clients, it is retained for the minimum period necessary. All reasonable steps will be taken to erase or otherwise dispose of data no longer required. This may include automatic mechanisms to enforce data retention policies.