ethics

Communications & compliance

Intelligent Sanctuary Ltd. is a London-based company and at all times remains subject to all extant laws of the United Kingdom, European Union and any other jurisdiction in which we operate.

Ethics, compliance and  diversity

Intelligent Sanctuary Ltd (hereafter 'the company') is a London-based company and at all times remains subject to all extant laws of the United Kingdom, European Union any other jurisdiction in which we operate.

The company is subject to GDPR, Privacy laws, the FCPA and Bribery Act and will conduct diligence on all potential, new and existing clients to remain compliant with legislation. The company conducts inquiries into people, companies and other entities only when legitimate interest is satisfied. Where applicable the client must demonstrate legitimate interest exists or persons, companies and other legal entities consent to inquiries into their personal information and that the company acts under privilege. The company will identify, collect and analyse personal information when investigating a crime, suspected crime, civil dispute or potential civil dispute or when consent is provided.

The company identifies, accesses, stores and disposes of personal information in accordance with GDPR. All projects, inquiries, actions or instructions undertaken by the company require the client to be the data controller and the company is the data processor in accordance with GDPR.  The company will not retain personal information beyond 30 days after a project, inquiry, action or instruction is complete. The company will only retain personal information when instructed to do so by the client for the purpose of ongoing legal proceedings or future legal proceedings and only when the company is satisfied it is proportionate and legitimate to retain the personal information. The company will notify the client in writing thirty days before deleting personal information relevant to the engagement. All personal information held by the company for the project, inquiry, action or instruction will, as the data processor, pass to the client as the data controller.