The controller is AES Financial Services Ltd. If you are a data subject whose data is controlled and/or processed by AESFSL; you can contact AESFSL at 7 Bell Yard, London, WC2A 2JR, or by email to firstname.lastname@example.org.
Sharing personal data with others
AESFSL may share clients’ personal data with auditors and professional advisers, and those who provide professional services to AES for client purposes, such as those providing a client money-handling service, those providing storage services for email records and the like and those providing cloud storage and processing systems; it will also share client data with regulators where required by relevant regulations and law, and/or administrative requirements. This may include HMRC (and/or other relevant tax authorities), the FCA and other regulating authorities, and the Financial Ombudsman Service (and overseas equivalents).
Transfers of data out of the EU
AESFSL transfers data to servers in the UAE as part of a common IT system with its branch in the DIFC and a sister company in the UAE AES Middle East Insurance Broker LLC. The UAE has not benefited from an adequacy decision from the EU. AESFSL manages such transfers by operating its systems in the UAE to the same levels of protection as apply to it in the EU and by legally requiring this in the UAE through standard data protection clauses in a contract pursuant to Article 46 2.(c) GDPR dated 1 May 2018. A copy of the contract is available on request to the contact details provided above. Data subjects who are AESFSL clients have the right to data portability and to have access to their data held by AESFSL and to object to its rectification, erasure, or restricting (subject to AESFSL being able to comply with its legal obligations and to the extent that any such data does not meet the requirement of necessity for AESFSL to pursue its legitimate interests to resolve disputes and similar matters).
Where AESFSL has obtained a data subject’s consent to processing, and other reasons for processing do not apply, the data subject may withdraw consent at any time, but such withdrawal shall not be retroactive in effect. Data subjects may lodge a complaint with the relevant supervisory authority, the Information Commissioner’s Office, whose contact details are in the link.
Direct Marketing – option to opt out
All those in receipt of direct marketing material from AES may opt out of it at any time by contacting AES as above; if this occurs, AES will cease processing the client’s data for direct marketing purposes.
This notice may be updated from time to time.
AES Middle East Insurance Broker LLC and other entities outside the EU
AES Middle East Insurance Broker LLC (“MEIB”) controls and processes data, some of which relates to data subjects in the EU. MEIB therefore complies with the GDPR in respect of such data subjects and to that end has inter alia mandated AESFSL as its representative pursuant to Article 7(1) GDPR as a channel to relevant data protection authorities and data subjects. Any data subject benefitting from GDPR protection and any relevant data authority wishing to contact MEIB regarding data protection matters may therefore contact either MEIB itself or AESFSL. AESFSL in its capacity as MEIB’s representative has no liability for data protection matters relating to MEIB. AES International SA and AES Financial Services Ltd (DIFC Branch) have similarly appointed AESFSL as their data protection representative.