Maintaining compliance

Privacy Policy

Desucla is committed to preserving the confidentiality of information in accordance with the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018.

Desucla Ltd ensures protection of your privacy by handling it appropriately and ensuring security using competent technical, administrative and physical security measures.

Our Privacy Notice clarifies how Desucla collects, stores, uses and protects your data as well as highlights your rights and informs you whom to contact if you have further queries.

Desucla strives to ensure that your data remains private and is solely used for the purposes outlined within this Privacy Notice.

This website is operated by Desucla Limited with registered office address at 83 Friar Gate,

Derby, Derbyshire, United Kingdom, DE1 1FL and the entities we own or control (“Desucla”, “we”, “us” or “our”).

This Privacy notice applies to Desucla Limited and all of its subsidiaries.

Why does Desucla require personal data?

The following outlines our requirements for collecting and using personal data:

  • Adhering to regulatory and legal requirements concerned with fraud, anti-money; laundering, terrorist financing amongst other financial criminal offences;
  • Delivering reports and providing any professional advice related to our business activities;
  • Promoting our capabilities, products and services to existing and potential clients;
  • Sending correspondence regarding access to our events and webinars;
  • Tailoring our client experience with Desucla to best match our clients’ needs;
  • Authenticating our clients so that they may access certain areas of Desucla Online.

Legal grounds for collecting your personal data

It is a lawful requirement to outline the legal grounds to which we are adhering when processing your personal data:

  • You have agreed to allow Desucla to process your information for a definitive reason;
  • The processing is required to execute the agreement Desucla have with you or to engage in an agreement with you;
  • The processing is essential for compliance of a legal obligation e.g. providing data to a law enforcement agency or public body or keeping records for tax purposes;
  • The processing is necessary given a legitimate interest pursued by Desucla or a third party which may consist of the following:
    1. To provide services to you, our clients and other third parties;
    2. To avert fraudulent activity;
    3. To protect our business interests;
    4. To make sure complaints and concerns are comprehensively investigated;
    5. To evaluate and ameliorate our services and product offerings;
    6. To update yourselves or our clients regarding relevant services and product; offerings, unless you have highlighted that you do not wish for Desucla to do so.

With regard to processing any ‘special’ categories of data, which may include sensitive information for any of the reasons defined above, Desucla may do so because:

  • You have provided your explicit consent for Desucla to process your data;
  • Desucla may be required by law to adhere to anti-money laundering and/or “know your client” obligations;
  • Processing of your data is a requirement according to social security, social protection or employment law;
  • Processing of your data is a requirement for the establishment, exercise or defence of legal claims;
  • The data is publicly available.

Even where you have withdrawn your consent regarding data processing, there may be special circumstances whereby it is a legal requirement for Desucla have access to your personal data.

How do we collect your personal data?

The following outlines the various ways in which Desucla collects personal data both directly and indirectly:


  • You have contacted us by telephone, post, social media or email;
  • By completing one of our online forms;
  • Subscribing to our newsletters;
  • Registering for our webinars;
  • Attending meetings or events that we host;
  • Collecting personal data from individuals that provide us with their business card(s);
  • Visiting our offices;
  • On establishment of a business relationship;
  • Providing professional services as per a contract;
  • Through one of our hosted software applications.


  • Through public registers e.g. Companies House;
  • Through internet searches, news articles and sanction lists;
  • If you were to log into our website using social media e.g. LinkedIn, Google or Twitter: this information will include your name, email address and other details depending on your privacy settings.

What information do we collect and process?

In order to enable Desucla to effectively deliver our services, we may collect, record and use your personal data in physical and electronic form, and will hold, use and otherwise process that data as set out by this Privacy Notice.

We may collect the following information:

Personal data:

  • Name, gender, age and date of birth;
  • Contact information e.g. address, email and mobile phone number;
  • Country of residence;
  • Lifestyle and social circumstances;
  • Family circumstances e.g. marital status and/or number of dependents;
  • Employment and education details;
  • IP address and browser type;
  • Information regarding any complaints that you file;
  • Details regarding how you use our products and services;
  • CCTV footage when you access our premises;
  • Posts on forums, blogs, platforms or social media applications that we provide (including ones provided by third parties);
  • Your payment information: in order for us to take a payment from you for the services provided;
  • Financial information: income, taxation, business activities, investments and other financial interests.

Sensitive personal data:

We will seek permission from you in writing when processing these special categories of personal data:

  • Personal identification documents that may contain information regarding race, religion, ethnic origin, biometric data of private individuals and beneficial owners of corporate entities;
  • Information regarding potential or existing criminal convictions or offences;
  • Dietary requirements;
  • Health records;
  • Sexual orientation;
  • Political association.

Child data:

  • Desucla Ltd do not intentionally collect data from individuals under 13 years of age, however we may receive details about children attending events we host when with their parent or guardian.

We process your data in accordance with Privacy and Electronic Communication laws and regulations in order to protect your right to privacy.

If you choose not to provide, or object to us processing the information we collect, we may not be able to continue to provide some or all of our services to you.

How long do we retain personal data?

Desucla retains personal data in order to continue to provide services, maintain a point of contact for when required and to adhere to professional obligations, regulations and applicable laws.

As a standard policy we will retain your data for seven years, however, we may be required to retain your data for a greater period of time under special circumstances i.e. if there are investigations in respect to the service provided or where a greater retention period is required by law.

With whom do we share your data?

Under certain circumstances we may share personal data with credible third parties that we rely on to help us deliver efficient services. These recipients are contractually bound to protect the data that we entrust to them.

We may disclose your data to the following:

  • Third parties that support us in our business operations e.g. IT support, cloud-based software services, telecommunication providers, document production services and mailroom support;
  • Our professional advisors e.g. insurers, auditors and lawyers;
  • Any potential buyers, transferees, merger partners or sellers and their advisors;
  • Payment service providers;
  • Marketing services providers;
  • Regulatory agencies e.g. HMRC, law enforcement or any other third parties where we have a legal obligation to do so;
  • Credit reference agencies and any entities that assist in making credit decisions in order to reduce the prevalence of fraud.

Transferring your data outside of the UK or European Economic Area

Desucla stores personal data on servers situated within the UK and the European Economic Area (EEA). However, when we have a business reason to do so, we may transfer personal data to either a subsidiary of Desucla or a reputable third party organisation outside the EEA.

These countries may have lenient privacy laws and so the personal data they have may become subject to their country-specific laws and disclosure requirements e.g. to regulatory agents, private persons or governmental bodies.

For that reason, we have taken further precautions to ensure all personal data is treated with sufficient protection and when transferred outside of the UK or EEA, is done so lawfully according to the legal requirements for the transfer of personal data outside of the UK or EEA.

Protecting your data

Desucla has implemented adequate technical and organisational security policy measures in order to prevent personal data, as well as sensitive personal data, from loss, misuse, alteration or destruction and to allow access to this data solely on a ‘need to know’ basis i.e. in the form of firewalls, anti-virus software and encryption.

Furthermore, Desucla may administer anonymization, de-identification and pseudonymisation methods in order to enhance protection of your personal data.

Where applicable, you hold responsibility for keeping your user ID and password secure.

Whilst we endeavour to protect the security of your personal data, please note that the transfer of data via the internet is never completely secure hence transmission is at your own risk.

Your personal data rights

Desucla endeavours to honour the following personal data rights when processing your data:

  • Automated Individual Decision-making: you can request that we assess any decisions made about you based exclusively on your personal data which may have resulted in legal consequences;
  • Confirmation: you can request confirmation as to whether we are processing your personal data and to provide more specific information if you so wish i.e. for what purposes, what types of data are collected, the recipients of the data, storage timeframes, third party sources in which it was obtained and any potential consequences of the data;
  • Correction: if you ascertain that our records are incorrect, you can ask us to update your details;
  • Data portability: you can request to have us transfer personal data in which you have provided to us to another company, so long as this is technically achievable.
  • Erasure: you can request to erase your personal data once we no longer require your information for the original purpose it was collected or you withdraw your consent to processing;
  • Processing Restrictions: if you would like to contest the legitimacy of your personal data, or need us to preserve the data for a legal claim you can request that we temporarily inhibit the processing of your personal data. You can also request that this temporary restriction is lifted;
  • Right to Object to Direct Marketing including Profiling: you may object to the use of your personal data for the use of direct marketing, however, we may need to keep essential data to observe your request of discontinuing our marketing to you;
  • Right to Withdraw Consent: you may withdraw your consent given to process your personal data, however, this may mean we are unable to provide certain products and services to you; we will advise you if this becomes the case.

If you wish to execute your personal data rights, please email [email protected]: we may require specific information in order to ensure the correct person has access to personal information.

Changes to our privacy policy

We systematically revise our Privacy Policy and will update this Privacy Notice accordingly in order to maximise our commitment in protecting and upholding your personal data rights.

This privacy notice was last updated on the 4th September 2020.

If significant changes are made to this policy, we will communicate this to you through our website, email or any other method of contact.

Sending you marketing information

Desucla may use the information provided to us to inform you by telephone, email or letter about products and services that may be of interest to you, including those of third parties

You may at any time request that we do not send marketing information to you by contacting [email protected].

Who to contact regarding privacy concerns and queries

If you wish to give feedback concerning this policy, have a complaint or would like to exercise any of your personal data rights, please contact [email protected].

If you are dissatisfied by our response, you can contact our supervisory authority which is the Information Commissioner’s Office (ICO) who can be contact at + 44(0)303 123 113 or via

Information and Disclaimer

The proprietor of the site is Desucla Limited. The registered address is: 83 Friar Gate,

Derby, Derbyshire, United Kingdom, DE1 1FL.

Company Registration Information

Company Name: Desucla Ltd

Company Reg no: 12078865

Last Updated: 4th September 2020