1. Commitment to Confidentiality
GIEM Advisory Ltd (“the Firm”) operates with the highest standards of discretion. We recognize that the management of significant real estate assets involves the handling of sensitive personal and financial data. This policy outlines our rigorous approach to data stewardship in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect
We only collect data necessary for the execution of a specific mandate or to fulfill regulatory "Know Your Client" (KYC) and Anti-Money Laundering (AML) requirements. This may include:

• Identity and contact information of principals and authorized representatives.
• Detailed property and portfolio documentation.
• Financial data required for yield analysis and strategic optimization.

3. Purpose of Processing
Data is processed exclusively for:

• The performance of a strategic consultancy mandate.
• The forensic analysis of asset performance.
• Liaising with authorized third-party professionals (legal counsel, tax advisors) as directed by the client.

4. Data Retention & Security
We do not use third-party cloud marketing services for client data. All sensitive mandate documentation is stored within encrypted, high-security environments. Data is retained only for the duration of the mandate plus any period required by UK statutory limitation laws, after which it is securely destroyed.

5. Third-Party Disclosure
GIEM Advisory does not sell, rent, or trade client data. We do not disclose client identities or portfolio details to any third party without express written authorization, except where required by a court of law or regulatory body.

6. Your Rights
Under UK law, clients have the right to access, rectify, or request the erasure of their personal data. Given the nature of our mandates, requests for data access should be directed to our Data Protection Officer at our registered London office.