Privacy Policy

Opus Una Financial Services Consulting Ltd (Opus Una) is committed to protecting your personal data and privacy. We endeavour to ensure that any personal data we collect about you will be held and processed strictly in accordance with the Data Protection Act 1998 (DPA) and, on and from 25 May 2018, the European General Data Protection Regulation (GDPR).


Data We May Collect From You

Personal data we collect may include:

  • General identification and contact information, this could include: your name, address, email, telephone number(s), gender, marital status, date and place of birth, photographs
  • Information in relation to professional history: educational background, employment history, skills and experience, professional licenses and affiliations, educational and professional qualifications
  • We may collect information about your computer, including where available: your IP address, operating system and browser type. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual

Sensitive Data

  • Some personal data may be considered “sensitive” such as: racial or ethnic origin, political opinions, religion, membership of a trade union, health, criminal activity. Opus Una will only collect, use or disclose sensitive personal data about you in accordance with the relevant Data Protection laws and in most cases this will only be collected or used when consent has been given

How do we collect information from you?

As a prospective, current or former client, for example where you provide your business card or contact details to us. 


As an associate/candidate the majority of the personal information you provide is provided freely by you when you provide your CV.


As a visitor to (the website), we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.


How we use Personal Information?

We use Personal Information to do some or all of the following:

  • Communicate with you as part of our business
  • Send you important information regarding changes to our policies, other terms and conditions, the website and other administrative information
  • Provide marketing information to you
  • Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management
  • Resolve complaints, and handle requests for data access or correction
  • Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence)
  • Establish and defend legal rights; protect our operations or those of any of our group companies or insurance business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others; and pursue available remedies or limit our damages

Who do we share your Personal Information with?

In order to provide you with a thorough service, we may need to share your information with other organisations, these include:

  • Clients and prospective clients
  • External vetting agencies
  • Other service providers. This includes external third-party service providers, such as accountants, lawyers and other outside professional advisors; IT systems, support and hosting service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities
  • Partner firms

What legal basis do we rely on to process your Personal Information?



On some occasions, Opus Una processes your data with your consent. For example, we rely on consent when we complete processes including background screening, criminal checks, information for references and for validation of educational and professional qualifications.  You have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.


Performance of a contract


Opus Una may process your data when we need to do this to fulfil a contract with you, such as when we engage your services to complete a specific client engagement.


Legitimate Interest


Opus Una also processes your data when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. Our legitimate interests include:


  • Ensuring the security and integrity of our Services and in ensuring that our Website operates effectively
  • Supplying services to our Clients
  • Protecting clients, employees and other individuals and maintaining their safety, health and welfare
  • Promoting, marketing and advertising our products and services
  • Sending promotional communications which are relevant and tailored to individual clients
  • Improving existing products and services and developing new products and services
  • Handling clients contacts, queries, complaints or disputes; and fulfilling our duties to our clients, colleagues, shareholders and other stakeholders


Compliance With a Legal Obligation


Opus Una may process your data to comply with our legal and regulatory obligations e.g. preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.


International Transfers of Personal Information

Personal Information which you supply to us is generally stored and kept inside the European Economic Area. However, due to the nature of our business and the technologies required, your Personal Information may be transferred to third party service providers outside the EEA, in countries where there may be a lower legal level of data protection. In such situations, we transfer the minimum amount of data necessary, anonymise it where possible and enter legal contracts to aim to ensure these third parties handle your Personal Information in accordance with this Privacy Policy and the European levels of data protection.


Retention Period

Your Data will be stored for a maximum period of 6 years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information unless we request your consent to store it for a longer period.


Your Rights

Under the GDPR, you will have the following rights in relation to how we process Your data:

  • Right to be informed – you have the right to be informed about the collection and use of your personal data
  • Right to request access – you have the right to access your personal data
  • Right to rectification and erasure – you have the right to obtain rectification of inaccurate personal data we hold concerning you and to obtain the erasure of your data (the right to be forgotten)
  • Right to restriction of processing or to object to processing – you may require us to restrict the processing/object to processing we carry out on Your Data in certain circumstances
  • Right to data portability – you have the right to receive Your Data in a structured, commonly used and machine-readable format
  • Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling
  • Right to withdraw consent – where you have provided your consent to us processing Your Data, you have the right to withdraw your consent at any time. This can be done by emailing at any time or by clicking the “unsubscribe” link on any marketing communications you receive from us
  • Right to lodge a complaint – you may lodge a complaint with any supervisory authority in the EU. The supervisory authority for the United Kingdom is the Information Commissioner’s Office

For further information on your rights, please see the Information Commissioner’s website here.



Opus Una is committed to keeping your personal data safe and secure from unauthorised access to or unauthorised alterations, disclosure or destruction of information that we hold.


Our security measures include:

  • Locks to secure all paper records
  • Data is stored on secure and encrypted infrastructure only accessible by authorised staff
  • regular review of our information collection, storage and processing practices, including physical security measures


How to Contact Us

If you wish to update your personal data, or to request a copy of the data that Opus Una holds about you, please contact: