EFFECTIVE DATE: 21 MAY 2018
The Schindlers Group provides trustee and fiduciary management services, including trust, foundation and company formation, trusteeship and directorship services, administration, secretarial, accounting and professional services, escrow services and advisory services (the “Services”).
The Data Protection Officer can be contacted directly at:
Data Protection Officer
OR at: email@example.com
2. WHAT IS PERSONAL DATA?
3. WHEN DO WE COLLECT DATA FROM YOU?
We collect Data from you so that we can provide you with our Services. You provide some of the Data directly to us, for example when you complete our application forms to use our Services, when you ask us to provide a specific service or when you communicate with us. We also get Data by recording how you interact with our Services, for example by using technologies such as cookies and we also get Data from third parties.
4. WHAT DATA DO WE COLLECT FROM YOU?
We need the Data (i) to provide the Services; (ii) to keep the Services safe; (iii) to comply and show compliance with applicable laws, regulations and requests from governmental or regulatory organisations; (iv) for credit control and collection of fees; and (v) to enforce our rights, policies and agreements. Without the Data we will not be able to provide you with the Services.
4.1 The Data that we may collect from you includes:
- Identification Data: such as names, email addresses, postal addresses, phone numbers, photographs, date of births, passports, driver’s licences, government issued identification documents, taxpayer identification numbers and signatures.
- Financial Data: such as bank information, credit and debit card numbers, expiry date and other information to allow us to collect payments.
- Tax Data: such as tax filing status, tax identification numbers and tax filing reports.
- Transaction Data: such as information about when and where transactions occur, the names of the transacting parties, a description of the transactions, the payment or transfer amounts, bank account details, billing and shipping information, and the payment methods used to complete the transactions.
- Entity data: such as a company’s legal structure, product and service offerings, jurisdiction, company records, trust and foundation records, information on shareholders, directors, beneficial owners, settlors, protectors and beneficiaries.
- Business Data: such as information about products and services you sell (including inventory, pricing and other data) and other information you provide about you or your business (including appointment, staffing availability, employee and contact data).
- Customer and Transaction Data: such as information you collect from your customers, including email address, phone number, payment information, credit or debit card or other information.
- Browser and device information: such as IP address, device type, operating system and internet browser type.
4.2 Data We Collect From Third Parties
We may also collect information from third parties to perform identity verification checks and obtain background information for anti-money laundering, identity verification, and fraud detection and prevention purposes.
- Identity Verification: such as information from third-party verification services (e.g. credit reference agencies, identity verification agencies, social media agencies (if you authorise us to do so), credit bureaus, financial institutions, mailing list providers, and other publicly available sources.
- Background Data: such background check reports from public records of criminal convictions and arrest records.
- Credit, Compliance and Fraud: such as information about you credit reporting agencies or credit bureaus, where lawful, and any person or corporation with whom you have had, currently have, or may have a financial relationship, including without limitation past, present, and future places of employment, financial institutions, and personal reporting agencies.
We do not control or supervise how third parties providing your information to us, process your personal data, and any information request regarding the disclosure of your personal information to us by these third parties should be directed to such third parties.
4.3 Children’s Data
So that we can provide our Services, we may need information on children. Children are considered persons under the age of 16 years. Data on children will be collected and processed only with the consent of the child’s parent, guardian or holder of parental responsibility over that child.
5. HOW DO WE USE YOUR DATA?
We will process (collect, store and use) the Data you provide in a manner compatible with the EU General Data Protection Regulation (“GDPR”). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.
We collect and use your Data with your consent or as necessary to comply with and show compliance with our legal, compliance and regulatory obligations (such as anti-money laundering laws) and for the purposes of our legitimate interests.
Examples of how we may use or process your Data are as follows:
- to assess and process an application for our Services;
- to verify an identity for compliance and anti-money laundering purposes;
- to comply with any applicable laws or regulations, or in response to lawful requests for information from government or regulatory bodies or through legal process;
- to investigate, detect and prevent or report fraud, money-laundering, misrepresentations, security breaches or incidents, other potentially prohibited or illegal activities;
- to provide, operate and maintain the Services;
- for efficient management of our relationship with you;
- to process and complete transactions and send related information to you, such as the payment confirmations and bank statements;
- to communicate with you and deliver the information and support you request, in relation to our Services, including to resolve disputes, collect fees, and provide assistance for problems with our Services;
- to improve, personalise and facilitate your use of the Services;
- to fulfil any other purpose disclosed to you in connection with our Services;
- to enforce our rights, agreements or policies;
- to develop new products and services;
- to send you information we think you may find useful or which you have requested from us about Services;
6. HOW DO WE SHARE YOUR DATA?
We share information about you as follows:
- With Affiliates: we share Data with companies that we control or who are controlled by us, or are under common control, to provide the Services. We are responsible for the use of the Data by these Affiliates.
- Service Providers and Third Parties: we share Data with service providers and third parties that (i) assist us in providing the Services; or (ii) are required to enable us to perform the Services, such as banks, credit bureaus, financial institutions, accountants, auditors, lawyers, legal and professional advisors, registered agents and contracting parties.
- Safety and Compliance with Law: we will share Data if it is necessary (i) to comply with any applicable law, regulation, legal process or governmental request (e.g., from tax authorities, law enforcement agencies, etc.); (ii) to enforce or comply with our rights, policies and agreements; (iii) to protect the security or integrity of our Services; or (iv) to protect us, users of our Services or the public from harm, fraud, or potentially prohibited or illegal activities.
- Business Transfers and Corporate Changes: because it is in our legitimate interest to do so, we reserve the right to disclose and transfer all Data related to the Services to a subsequent owner, co-owner, or operator of one or more of the Services; or in connection with (including, without limitation, during the negotiation or due diligence process of) a corporate merger, consolidation, or restructuring; the sale of substantially all of our stock and/or assets; financing, acquisition, divestiture, or dissolution of all or a portion of our business; or other corporate change.
- Consent: we will share Data with your consent, such as at your direction.
7. HOW LONG DO WE KEEP DATA?
The Data will be retained to:
- provide you with the Services;
- communicate with you about a request you have made to us;
- to address problems with our Services;
- to ensure that transactions can be appropriately processed;
- to detect or prevent fraud and money-laundering;
- comply with applicable law and regulatory obligations and to demonstrate compliance or to take any other actions consistent with applicable law;
- to collect fees owed, enforce our rights, agreements and policies and resolve disputes.
8.1 Cookies are small text files that are sent to and stored on your computer, smartphone or other device for accessing the internet, whenever you visit a website. Cookies are useful because they allow a website to recognise a user's device.
8.4 More information about cookies can be found on www.allaboutcookies.org.
9. WHAT ARE YOUR RIGHTS?
If you reside in Europe, you have the right under certain circumstances:
- to be provided with access to your personal data held by us;
- to request the rectification or erasure of your personal data held by us;
- to request that we cease processing your data;
- to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
- to object to profiling activities based on our own legitimate interests;
- to object to solely automated processing; and
- to request that your data be transferred to a third party (data portability).
In addition, where you have provided your consent to our processing of personal data, you can withdraw this at any time.
If you wish to exercise any of the above rights, please complete the Subject Access Request Form provide as much information as possible about the nature of your contact with us to help us locate your records. You can address requests to:
Data Protection Officer
OR at: firstname.lastname@example.org
We may need to verify your identity before granting access or otherwise changing or correcting your information. The Company accepts the following forms of identification when information on your Data is requested: Passport, driving licence or National identity card bearing a photograph and a utility bill or bank statement which must be less than 3 months old.
10. INTERNATIONAL TRANSFER OF DATA
We operate internationally and we may transfer Data to countries outside of the EU which has different data protection standards to the European Union. When we transfer Data to our service providers outside the European Economic Area (EEA), we make use of standard contractual clauses which have been approved by the European Commission.
12. HOW DO YOU CONTACT US?
Data Protection Officer
OR at: email@example.com
In the event that you wish to make a complaint about how your Data is being processed by the Company, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and the Company’s Data Protection Officer.