This Privacy Statement explains how Governance.com (“we”, “us” or “our”) collects, uses, shares and otherwise processes your personal data when you browse our website and use our services in accordance with the General Data Protection Regulation 2016/679 (“GDPR”), applicable as of 25 May 2018. Our services include your use of our website, web and mobile applications, application program interfaces and any other products or services we operate on or will operate on at a later moment. Links to external websites or applications we do not control are not the subject of this Privacy Statement.
The following definitions apply:
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether by automated means, such as collection, recording,
organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
WHAT TYPES OF DATA WE COLLECT
Identity data, such as first name, surname, username or similar identifier and in some cases, date of birth and gender;
Contact data, such as address, email address and telephone numbers;
Financial data, such as bank account and payment card details;
Transaction data, such as details about payments;
Technical data, such as internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website;
Profile data, such as your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
Marketing and communications data, such as includes your communication preferences in receiving marketing information from us and our third parties.
By providing your information, you expressly agree that your data will be processed by Governance.com for the purposes indicated below (see How we use your personal data).
We do not collect any special categories of personal data about you, such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
Where appropriate and permitted by law, we may seek information about you from other sources, generally in relation to due diligence and client on-boarding process.
If any information you provide to us relates to someone else, by providing us with such information you confirm that you have obtained permission to do so.
HOW WE USE YOUR PERSONAL DATA
Governance.com processes your personal data for the following purposes:
Providing you with the information or services you have requested (including sending a commercial offer or responding to a contact request);
Contacting you about various events, including product updates and customer support, or sending you a newsletter;
Collecting information enabling us to improve/secure our website and services.
OUR LEGAL BASIS FOR PROCESSING YOUR DATA
Depending on the purpose of the processing activity, the legal basis for processing your personal
data will be either:
Pre-contractual obligation (including sending a commercial offer or a response to a contact request);
Consent: if you have requested us to send you information about our services or if you have subscribed to receive our newsletter;
Legitimate interest, whereby your interests and fundamental rights do not outweigh those interests.
HOW WE USE YOUR PERSONAL DATA
Typically, we will use your personal data in the following circumstances:
Where we need it to perform the contract which we are about to enter into or have entered into
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not outweigh those interests;
Where we need to comply with a legal or regulatory obligation;
Engaging in marketing and business development activity in relation to our existing and future investment opportunities. This may include sending you newsletters, presentations, performance reports and other marketing material.
DATA RETENTION PERIOD
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We may consider the following when determining the appropriate data retention period:
The period required to fulfil our purpose for processing; and
Any legal obligations we have in relation to your personal data such as law or regulation requiring us to hold the data for a set period.
Whenever we process your personal data on the basis of your consent, you have the right to withdraw your consent at any time by contacting us as indicated below or by clicking the unsubscribe link in the email communication we send you. Please note that the withdrawal of your consent does not affect the lawfulness of the personal data processing based on consent prior to its withdrawal.
We implement appropriate technical and organisation security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties on a need-to-know basis.
Security requirements are continually evolving, and effective security requires frequent assessment and regular improvement of outdated security measures. We are committed to continuously evaluate, strengthen, and improve the measures we implement.
TRANSFER OUTSIDE THE EUROPEAN ECONOMIC AREA
Governance.com does not transfer personal data outside the European Economic Area (the “EEA”).
You have the right to obtain access to the personal data held by Governance.com about you and to request its rectification or erasure, or restriction of processing or, where applicable, the right to object to processing or the right to data portability. Where the processing is based on your consent or explicit consent, you also have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You can exercise these rights by contacting the Data Protection Officer (DPO) at our company address or by email at firstname.lastname@example.org.
Requests will be dealt with by the DPO and will be responded to within 1 month at the latest, starting from the moment of your identity confirmation. We may request additional information to help us confirm your identity and to ensure that you have the right to access the personal data (or to exercise any other of your rights). This is a security measure to ensure the non-disclosure of your personal information to an unauthorized person.
If you are not satisfied with our response, you also have the right to lodge a complaint at any time with the National Commission for Data Protection (“CNPD”), the Luxembourg supervisory authority for data protection issues.
UPDATES TO THE PRIVACY STATEMENT
We regularly review this Privacy Statement, and we may change, modify, add, or remove information at any time. We will post any modifications or changes to this Privacy Statement on our website prior to such changes taking effect.
Last update: 21 June 2023