SSH is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights in relation to personal data. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
As used in this privacy statement, “SSH”, “us”, and “we” refer to the SSH network and/or one or more of its Member Firms that may process your personal information. Each Member Firm in the SSH network is a separate legal entity.
In this privacy statement, we refer to information about you or information that identifies you as “personal data” or “personal information”. We also sometimes collectively refer to handling, collecting, protecting or storing your personal information as “processing” such personal information.
SSH processes personal data for numerous purposes. Our policy is to be transparent about why and how we process personal data.
Click on the links in our index to take you to the more detailed sections of this privacy statement.
To find out more about our specific processing activities, go to our processing activities.
Our legal grounds for processing your personal data
Your local law may require us to set out in this privacy statement the legal grounds on which we rely in order to process your personal information. In such cases, we rely on one or more of the following processing conditions:
Transfers of personal data
If we process your personal information, your personal information may be transferred to and stored outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information.
Where we collect your personal information within the EEA, transfer outside the EEA will be only:
Third Party Providers
We may transfer or disclose the personal data we collect to third party contractors, subcontractors, and/or their subsidiaries and affiliates. Third parties support the SSH Network in providing its services and help provide, run and manage IT systems. Examples of third party contractors we use are providers of identity management, website hosting and management, data analysis, data backup, security and cloud storage services. The servers powering and facilitating our IT infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.
The third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by SSH, and to flow those same obligations down to their sub-processors.
We may also disclose personal information under the following circumstances: