Privacy Policy

1. Introduction

This Privacy Policy explains how The City Partnership (UK) Limited (“City”, “we”, “us”) processes personal data when providing services to our clients and when individuals interact with our website or contact us directly.
City is committed to protecting personal data and complying with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.
If you have any questions, please contact us:

Email: enquiries@city.uk.com
Address: The City Partnership (UK) Limited, The Mending Rooms, Park Valley Mills, Meltham Road, Huddersfield HD4 7BH
Telephone: 01484 240 910
Please note: Calls are charged at the standard geographic rate and will vary by provider. Calls from outside the United Kingdom will be charged at the applicable international rate. Phone lines are open between 9.00 a.m. – 5.30 p.m., Monday to Friday excluding public holidays in England and Wales. Please note that we cannot provide any financial, legal or tax advice and calls may be recorded and monitored for security and training purposes.

2. Our Role

Data processor
For most personal data processed while delivering our services City acts as a data processor. We process personal data on the documented instructions of our client, who acts as the data controller.
The client determines the purposes for which personal data is processed and the lawful bases relied upon.
Data controller
City acts as a data controller only for limited activities, including operating our website, responding to enquiries, meeting compliance and record-keeping obligations that apply directly to us, and maintaining the security of our systems.

3. The Personal Data We Process

When acting as a data processor
Depending on the services provided, we may process the following personal data on behalf of our client:
  • Identification data (e.g., name, date of birth, nationality, identification numbers)
  • Contact information (e.g., address, email address, telephone number)
  • Tax or regulatory information (where required)
  • Bank account details (where instructed)
  • Information required for register maintenance or administrative activities
  • Application or subscription information (where acting as a receiving agent)
  • AML documentation and verification data
  • Transactional or historical records relating to the services we provide
  • Correspondence and communication records
We do not intentionally process special category data unless instructed by the client and only where lawful. Where required for AML or sanctions screening, we may process data relating to criminal convictions or offences in accordance with the relevant legislation.
When acting as a data controller
We may process:
  • Website visitors: no cookies, analytics or tracking technologies are used.
  • Individuals contacting us directly: name, contact details, communication content, and any information voluntarily provided.

4. Sources of Personal Data

We may obtain personal data from:
  • You directly
  • Our client (the data controller)
  • Third-party verification providers (e.g., AML services)
  • Professional advisers or intermediaries
  • Publicly available sources

5. Purposes and Legal Bases for Processing

A. When acting as a data processor
We process personal data solely for the purposes determined by the client, which may include delivering administrative, secretarial or registrar services; maintaining records; carrying out compliance checks; handling applications or transactions; and supporting legal, regulatory or reporting obligations. The client is responsible for determining the lawful basis.
Where we use automated screening tools (including identity verification, sanctions, PEP and risk-based checks) in the course of providing services to a client, we do so strictly on the client’s instructions. Any decisions or outcomes arising from such screening are determined by the client’s requirements and processes. City does not act as a data controller for these activities.
B. When acting as a data controller
Purpose Description Lawful Basis
Responding to enquiries Communicating with individuals who contact us Legitimate interests
Website operation Providing, maintaining and securing our website Legitimate interests
Business administration & compliance Meeting record-keeping, audit, AML, financial crime and regulatory obligations that apply to us Legal obligation
IT and network security Monitoring and protecting our systems Legitimate interests

6. Our Website

Our website https://city.uk.com does not use cookies, analytics technologies or tracking tools. No personal data is collected.
Our website may contain links to external sites with their own privacy notices. City is not responsible for their content or data practices.

7. Sharing Personal Data

We may share personal data with:
  • Our clients (where we act as a processor)
  • Professional advisers or service providers
  • Identity verification and compliance service providers
  • Auditors, insurers or consultants
  • Mailing or communication service providers
  • Payment or banking service providers
  • Regulators, HMRC, courts or law-enforcement agencies where required
We do not sell personal data or use it for marketing.

8. International Transfers

City does not transfer personal data outside the UK or the EU. The specific jurisdiction in which data is processed (UK or EU) is dictated by the services and systems employed.

9. Data Retention

When acting as a data processor
We retain personal data in accordance with the client’s instructions and applicable legal or regulatory requirements.
When acting as a data controller
We retain personal data only for as long as necessary for the purpose collected, including legal, regulatory, audit or business requirements. Typical periods include:
  • AML data: at least 5 years
  • Corporate and statutory register information: retained as required by law
  • General correspondence and administrative records: typically up to 6 years
After the retention period, personal data is securely deleted or anonymised.

10. Data Security

We use appropriate technical and organisational measures to protect personal data, including controlled access, secure networks, encryption, password protection, secure storage and ongoing monitoring of IT systems. Personal data is securely destroyed or anonymised when no longer required.

11. Your Rights

Depending on how and why we process your data, you may have rights to:
  • Access your personal data
  • Rectify inaccurate information
  • Erase personal data in certain circumstances
  • Restrict processing
  • Object to processing based on legitimate interests
  • Data portability (where applicable)
  • Withdraw consent (where consent applies)
  • Not be subject to solely automated decision-making
When we act as a processor, we may refer your request to the client (the controller).
To exercise any rights, please contact us at enquiries@city.uk.com.

12. Complaints

If you have concerns about our handling of personal data, please contact us. You may also lodge a complaint with the Information Commissioner’s Office (ICO): https://ico.org.uk/

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational or service changes.

This Policy was last updated: November 2025