logo
Find an Opportunity
Account

Privacy Notice

Christie & Co takes your privacy seriously. Please read the following to learn more about our Privacy Policy. Christie & Co is the controller of personal data collected via this website and other ways. This notice applies only to the Christie & Co website (www.christie.com) and business. Christie & Co is a subsidiary of Christie Group plc. Other Christie Group entities, including Christie Finance and Christie Insurance, publish their own privacy notices. We refer to Christie Group as the “Group”.

Registered address: Whitefriars House, 6 Carmelite Street, London, EC4Y 0BS

Data Protection Officer: Nigel Astbury 

Email: DPO@christie.com

Postal address: Whitefriars House, 6 Carmelite St, London, EC4Y 0BS

What this Privacy Policy covers

  • This Privacy Policy covers our processing of personally identifying information (personal data) that we collect when you visit the Christie & Co Website (our “Website”). When you register with and/or use our Website, you become a “User”.

What is Personal Data?

  • Under the EU’s General Data Protection Regulation, Personal Data is defined as “any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
  • In order for us to provide you with a service we need to collect personal data for correspondence purposes and/or direct marketing. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose and does not constitute an invasion of your privacy. We may pass your personal data on to our service providers who are contracted to Christie & Co. Our contractors are obliged to keep your details securely and use them only to fulfil the service they provide to us. If we wish to pass your personal data onto any other third party, we will only do so if we have obtained your consent, unless we are legally required to do so.
  • This Policy also covers personal data which our business partners share with the Group.
  • However, this Policy does not apply to the practices of companies that are not owned or controlled by Christie & Co, or to people who are not employed or managed by Christie & Co.
  • As detailed in our Terms & Conditions (the “Terms & Conditions”), by the act of registering as a User, individual Users give certain consents to Christie & Co pursuant to UK General Data Protection Regulation. These are dealt with in this Privacy Policy.

Collection and use of information

When you register with the website, we first invite you to read the Terms & Conditions carefully which you should do in conjunction with this Privacy Policy. Having read them, you are asked to signify your acceptance before proceeding with the Registration. Thereafter, as part of registration, we collect personal data necessary to create and manage your account in accordance with our contractual obligations.

The personal data we collect falls into three categories:

  1. 1) Information you provide such as:
    • Name
    • Email address
    • Postal address
    • Telephone number
    • Business name and role
    • Enquiry and correspondence content
    • Marketing preferences
  2. 2) Information collected automatically:
    • IP address
    • Device and browser information
    • Pages visited and time spent
    • Login and usage activity
    • Cookie identifiers
  3. 3) We may also collect personal data from:
    • Direct interactions with you
    • Business partners or referrals
    • Publicly available sources

We process personal data only where the law allows us to, where such purpose has a ‘lawful basis’ under Article 6 GDPR.

We process your personal data under at least one of the following lawful bases:

  • Contract - where processing is necessary to provide services or create and manage your account.
  • Legitimate Interests - to operate, improve, and secure our website and respond to enquiries. Where we rely on this basis, we carry out a balancing assessment.
  • Consent - for marketing communications and non-essential cookies.
  • Legal Obligation - where we must comply with applicable laws and regulations.

We may collect limited personal data from users who browse the website, such as IP address and cookie data, in accordance with this notice.

Where we rely on the legitimate interests basis, we do so for managing and improving our website and services, handling business enquiries, ensuring IT security and preventing fraud or misuse.

We may combine information concerning a User with other information that we have (including personal data) that we have obtained from business partners or other sources, and we may use the combined information for marketing and communication purposes.

Where we request personal data to provide services or respond to enquiries, failure to provide such data may mean we are unable to fulfil your request.

Direct marketing

At the time of website registration, you are also asked whether you consent to receive direct marketing information by e-mail in the future. We may send you marketing communications about business opportunities, services, or market insights.

You can opt out at any time by:

  • Clicking unsubscribe in marketing emails
  • Updating your account preferences
  • Emailing: dpo@christie.com
  • Writing to the Data Protection Officer at: Whitefriars House, 6 Carmelite St, London, EC4Y 0BS

Telephone calls

Calls made to some Christie & Co telephone numbers listed on this website might be recorded for quality or training purposes.

Special Category data

Certain information is classed as special category data under Article 9 GDPR:

  • Racial
  • Ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Trade-union membership
  • Genetic Data
  • Biometric Data
  • Health Data
  • Data concerning a person's sex life
  • Sexual orientation

We do not intentionally collect special category personal data via this website. If such data is provided, it will only be processed where necessary and in accordance with applicable data protection law (eg. biometric data for anti-money laundering checks).

Cookies and similar technologies

When a user visits our website, we use a number of first party session and permanent cookies. A cookie is a small amount of data, which often includes an anonymous and unique session identifier connecting the user to their session.

Cookies are either ‘permanent’ or ‘session’. Session cookies only stay in place for the duration of the user's session on the site. They do not track any information about a user and are not used to compile statistics. They do not collect or store any personally identifiable information.

Our website cannot access cookie information destined for another site. Your browser will only ever send cookies relevant to the site being displayed.

We use cookies to ensure the website functions correctly and to understand how it is used.

Types of cookies used:

  • Essential cookies – required for site functionality
  • Preference cookies – remember settings
  • Analytics cookies – help us analyse site usage (e.g. Google Analytics)
  • Marketing cookies – only used where consent is given

Both the desktop and mobile versions of our site use Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses several permanent, first party cookies to help us analyse (in general terms) how the site is used. The information generated by these cookies about your use of the site

(including your IP address) is transmitted to, and stored by, Google on servers in the United States. Google uses this information to evaluate use of the website and to provide us with generic reports and statistical information. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google.

Further information about how Google Analytics uses cookies can be found at: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?csw=1

Essential cookies are processed based on our legitimate interests in operating the website, while all non-essential cookies are used only with your consent.

For non-essential cookies, we rely on your consent obtained via our cookie banner. You may withdraw your consent at any time.

If cookies are disabled, some website features may not function correctly.

Information sharing and disclosure

We do not sell or rent personal data.

We may share personal data with Christie & Co’s:

  • Sister companies within the Group
  • IT and website service providers
  • Analytics and communications platforms
  • Professional advisers (e.g. legal, audit)
  • Regulators and law enforcement where required by law

We may share personal data with other companies or people where we have obtained consent to share that information, or we need to share such information to provide the service that you have requested. Unless we tell you differently, where these companies are outside Christie & Co, they do not have any right to use the personal data that we provide to them beyond what is necessary to assist us.

We may share data if your action on our website violates our Terms & Conditions, or any of our usage guidelines for specific services.

We may transfer information about you if Christie & Co is acquired by or merged with any other company. In this event, Christie & Co will notify you before information about you is transferred and becomes subject to a different Privacy Policy.

All third parties are required to process personal data in accordance with applicable data protection laws and appropriate safeguards.

International transfers

Where personal data is transferred outside the United Kingdom or the European Economic Area (“EEA”), we ensure that appropriate safeguards are in place to protect your personal data in accordance with UK GDPR and EU GDPR requirements. Transfers may take place, for example, where we use service providers or IT systems hosted outside the UK or EEA. Where the destination country has been recognised as providing an adequate level of data protection by the UK Government or the European Commission, transfers are made on that basis. Where adequacy decisions do not apply, we rely on approved safeguards, such as the UK International Data Transfer Agreement (IDTA) or, where applicable, the EU Standard Contractual Clauses together with the UK Addendum, to ensure that your personal data continues to receive an equivalent level of protection. In

addition, we carry out transfer risk assessments and implement supplementary technical and organisational measures where necessary, such as encryption, access controls, and contractual limitations on onward transfers. You may contact us for further information about the safeguards used in relation to specific international transfers.

Data retention

We retain personal data only for as long as necessary.

We utilise information regarding frequency of website use to archive your records automatically after 3 years of inactivity, unless there are exemptions or legal requirements to retain the data. If this occurs, your status as a registered user will be automatically re-activated when you next login to the website.

Longer retention may apply where required by law.

Automated decision- making

We do not carry out automated decision‑making or profiling on this website that produces legal or similarly significant effects on individuals.

Your data protection rights

Christie & Co gives registered Users the ability to edit their contact details or to cancel their Registration as a User at any time by using the My Account section on the website.

You also have the right to:

  • Access your personal data via a Data Subject Access Request (DSAR)
  • Edit/ rectify data
  • Request erasure
  • Restrict processing
  • Object to processing (including marketing)
  • Data portability
  • Withdraw consent at any time

Requests can be made by emailing: dpo@christie.com or writing to the Data Protection Officer at: Whitefriars House, 6 Carmelite St, London, EC4Y 0BS.

There is no charge for exercising your rights.

Complaints

You have the right to lodge a complaint with a supervisory authority:

UK

Information Commissioner’s Office (ICO)

www.ico.org.uk

EU

If you are located in the EEA, you have the right to lodge a complaint with your local supervisory authority in your country of residence, place of work, or where the alleged infringement occurred.

Security

We use appropriate technical and organisational measures to protect personal data, including:

  • Access controls
  • Secure hosting
  • Encryption where appropriate
  • Staff training

Amendments to this Privacy Policy

We may update this privacy notice from time to time. Any material changes will be published on this page.

Policy last updated: 11.5.26

Copyright Christie & Co 2026. All rights reserved.