Montague Sykes Limited is a Company registered in England number 12593575
Who Are We?
We are Montague Sykes a counter fraud and cybercrime body.
In this policy:
Montague Sykes, we, us or our means:
Montague Sykes Limited is a Company registered in England number 12593575
Registered Address: 130 Shaftesbury Avenue, 2nd floor, London W1D 5EU
Our websites, means: montague-sykes.co.uk and businessagainstfraud.co.uk.
Our websites are not intended for children and we do not knowingly collect data relating to children.
If you have any questions about this policy or our privacy practices, please write to us at the following address:
Full name of legal entity: Montague Sykes Limited. Postal address: 1130 Shaftesbury Avenue, 2nd floor, London W1D 5EU
Or you can email us at: firstname.lastname@example.org
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to this Policy
Any changes we may make to this policy in the future will be posted on this website so please check this page occasionally to ensure that you're happy with any changes. If we make any significant changes we'll make this clear on this website.
Review of this Policy
We keep this policy under regular review. This policy was last updated in April 2022.
Your Duty to Inform Us of Changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Definitions Of terms Used In This Policy
Applicant for Membership means an entity that applies to become a Member of, or applies for a licence operated by, one of the Partner organisations.
Crime means an act or omission that violates the law and is punishable by a sentence of incarceration. This website is specifically concerned with economic crime.
Current Member means an entity that is an existing Member of, or licence holder of, one of the Partner Organisations.
Economic Crime means a crime which involves the misappropriation of money examples of which include: bilking, deception, fraud, money laundering, or theft.
IP Address means the Internet Protocol which is a unique string of numbers and letters that identify every device internet enabled device (computer, laptop, palm top, smart phone, tablet) and allows it to communicate over the internet.
Partner Organisation means one of the Membership organisations (all of which provide financial protection to travel customers, as required by UK law), the Civil Aviation Authority, an insurance provider, or a police force which is a party to this Agreement. Together they shall be the Partners.
Previous Member means an entity that once was a Member of, or licence holder of, one of the Partner Organisations but has now ceased to be so.
How do We Collect Information from You?
We obtain information about you in the following ways:
Data Held Within the Montague Sykes System
Our Partner Organisations only provide and manage confirmed fraud data relating to officers of:
Applicants for membership,
Previous or ex-employees of Partner Organisations.
Data held within existing databases managed by the parties.
Individuals full names, alias, date of birth, personal addresses and position;
Telephone and Mobile Phone numbers;
Directors and Company names;
Company Addresses and website address;
Companies House numbers;
Company VAT numbers;
Data relating to actual or alleged criminal convictions and offences;
Trial court references;
Civil court debt references;
Other related data such as vehicle registration numbers; and
Publicly accessible information showing whether a person is banned from holding office.
Information you Give us Directly
We may ask you for information if you approach us with a complaint or enquiry in order to help you by directing you to the correct place to deal with your issue. We will only ask you for the basic information required to understand and refer your issue to the appropriate destination organisation and once the issue has been dealt with we will not retain your data.
Information you Give us Indirectly
Your information may be shared with us by third parties, which might include:
Partner Organisations seeking our assistance on finding the best solution for a problem you have.
When you Visit our Websites
General Visitors - We do NOT collect and use any other personal information directly or through cookies on our website.
Users from Partner Organisation
When you, as an authorised user, logs on to use the system Montague Sykes System uses internal algorithms to track and record every action you undertake in a secure audit log which is accessible to the site Administrators and is used to identify and deal with any instances of misuse.
We at Montague Sykes do not use social media.
We supplement information of data held within our system using information from publicly available official sources such as details of directors who have been banned from holding office for a period by the Insolvency Service, Sanctions Information published by HM Treasury, press reports of court cases, and Companies House in order to create a fuller record of someones criminal behaviour.
What Type of Information is Collected from Visitors and Users of the Website?
Data protection laws recognise certain categories of personal information as sensitive and therefore requiring greater protection, for example information about your health, ethnicity and religion.
We do NOT collect sensitive data about you.
How and Why is Your Information Used?
We may use your information for a number of different purposes, which may include:
Data Held in Montague Sykes:
Preventing crime or tax evasion,
Detecting crime or tax evasion, and
Reporting crime or tax evasion to the police, other enforcement bodies.
Data obtained through our interactions with users and visitors to the websites:
Providing you with the services, products or information you asked for.
carrying out our obligations under any contracts entered into between you and us;
keeping a record of your relationship with us;
conducting analysis and market research to better understand how we can improve our services, products or information;
seeking your views or comments on the services we provide;
notifying you of changes to our services;
sending you communications which you have requested and that may be of interest to you. These may include information about analysis we have conducted on the data, fraud alerts and research; and
dealing with complaints and enquiries.
How Long is Your Information Kept for?
We keep your information for no longer than is necessary for the purposes it was collected for. The length of time we retain your personal information for is determined by operational and legal considerations. For example, we are legally required to hold some types of information to fulfil our statutory and regulatory obligations (e.g. health/safety and tax/accounting purposes).
We review our retention periods on a regular basis.
Who has Access to Your Information?
We do not sell or rent your information to third parties.
We do not share your information with third parties for marketing purposes.
However, we may disclose your information to third parties in order to achieve the other purposes set out in this policy. These third parties may include:
Enforcement Bodies, and
Data protection law requires us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant:
Where you have provided specific consent to us using your personal information in a certain way, such as to send you email, text and/or telephone communications to assist you with an issue.
Performance of a Contract
Where we are entering into a contract with you or performing our obligations under it, like when you join our Partners using FIN.
Where necessary so that we can comply with a legal or regulatory obligation to which we are subject, for example where we are ordered by a court or the Information Commissioners Office.
Where it is reasonably necessary to achieve our or others legitimate interests (as long as what the information is used for is fair and does not duly impact your rights).
We consider our legitimate interests to be running Montague Sykes in pursuit of our aims and purposes. For example to:
identify crime and tax evasion;
prevention of crime and tax evasion; and
report crime and tax evasion to the police and relevant authorities or enforcement bodies.
When we legitimately process your personal information in this way, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information where our interests are overridden by the impact on you, for example, where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law).
Under UK data protection law, you have certain rights over the personal information that we hold about you. Here is a summary of the rights that we think apply:
Right of Access
You have a right to request access to the personal data that we hold about you.
You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply.
If you want to access your information, please send a description of the information you would like to see and proof of your identity by post to the address provided above.
Right to Have Your Inaccurate Personal Information Corrected
You have the right to have inaccurate or incomplete information we hold about you corrected.
The accuracy of your information is important to us so we're working on ways to make it easier for you to review and correct the information that we hold about you. Please contact us if you think there is an inaccuracy in your data.
If you are contacting us about inaccurate or incomplete information within the Montague Sykes system that we hold about you we will refer you directly to the organisation that provided that information as and confirmed it as an accurate record of a crime that has the access and ability to modify the record if necessary. Montague Sykes is not in a position to know why the partner organisation confirmed the data when entering it.
Right to Restrict Use
You have a right to ask us to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy, or we're not lawfully allowed to use it.
Right of Erasure
You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions; we will do so as far as we are required to. In many cases, we will anonymise that information, rather than delete it.
Right for Your Personal Information to be Portable
If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format.
Right to Object
You have the right to object to processing where we are using your personal information (1) based on legitimate interests, (2) or for statistical/research purposes.
If you want to exercise any of the above rights, please email us at email@example.com or write to Data Protection Office, Montague Sykes, 130 Shaftesbury Avenue, W1D 5EU
We may be required to ask for further information and/or evidence of identity. We will endeavour to respond fully to all requests within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay.
Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the UKs Information Commissioners Office.
Keeping Your Information Safe
When we receive personal information, we take steps to ensure that appropriate technical and organisational controls are in place to protect it.
All personal data held within the Montague Sykes system is encrypted and protected. When you are on a secure page, a green padlock icon will appear adjacent to the web browser such as Microsoft Internet Explorer.
Personal information details (your email communications etc.) are transmitted normally over the internet and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure it is secure on our systems. Where we have given (or where you have chosen) a password and other authentication which enables you to access certain parts of our website, you are responsible for keeping this password and authentication confidential. We ask you not to share your password with anyone.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so
Keeping Your Information up to Date
We take reasonable steps to ensure your information is accurate and up to date.
We really appreciate it if you let us know when your contact details change.
Use of 'cookies'
Links to Other Websites
Our website may contain links to other websites run by other organisations. This policy applies only to our website so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other websites even if you access those using links from our website.
Transferring Your Information Outside of Europe
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (EEA).
By way of example, this may happen if any of our servers are from time to time located in a country outside of the EEA. You should be aware that these countries may not have similar data protection laws to the UK. By submitting your personal data, you are agreeing to this transfer, storing or processing.
If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services.
We undertake regular reviews of who has access to information that we hold to ensure that your info is only accessible by appropriately trained staff, volunteers and contractors.