BrickVest Privacy Notice – May 2018
BrickVest Ltd is committed to protecting your personal data and respecting your privacy. This privacy notice will inform you as to how we look after your personal data when and tell you about your privacy rights and how the law protects you. Please read this policy carefully to understand how we process your data.
BrickVest Ltd is made up of different legal entities. This privacy notice is issued on behalf of the BrickVest Ltd group so when we mention “BrickVest Ltd”, “we”, “us” or “our” in this privacy notice, we are referring to the relevant company in the BrickVest Ltd group responsible for processing your data. BrickVest Ltd is the controller and responsible for this website.
All changes to this policy will be posted here. You should visit this page regulatory to stay up to date.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
INFORMATION WE MAY HOLD ABOUT YOU
We may collect and process the following data about you:
- information you provide when you fill in forms on our website at https://brickvest.com (“our site”), including information you provide when you register as a user;
- any information you have provided for credit and fraud prevention purposes;
- any information you have submitted in connection with applicable legal and regulatory requirements;
- copies of correspondence you send to us (including by post, email or through our site);
- your responses to surveys or questionnaires we ask you to complete;
- details of any transactions you carry out on or through our site;
- details of your visits to our site (including traffic data and data in relation to the resources you access); and
- information that we collect about your computer, including its IP address.
IF YOU FAIL TO PROVIDE PERSONAL DATA
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
HOW WE USE YOUR INFORMATION
We use information held about you to:
- ensure the content of our site is presented in the best way for you and your computer;
- provide you with information about opportunities or services that you request or which we consider may be of interest to you (subject to the following section of this policy);
- perform our obligations under contracts between you and us;
- comply with our legal and regulatory requirements (including credit and fraud prevention requirements), requests and related disclosures, including reporting to or being audited by national and international regulatory, enforcement or exchange bodies;
- allow you to use the various features of our site;
- protect your account and limiting access to your account; and
- allow third parties to contact you about goods or services you might be interested in (subject to the following section of this policy).
We will only send you marketing communications by electronic means (e-mail or text) if those communications relates to goods, services or opportunities which are similar to those that you have previously purchased, invested or expressed an interest in or if you have consented to us contacting you in this way. We will only permit third parties to send you marketing communications by electronic means if you have consented to this.
You have the right to ask us not to use your information for marketing purposes or passing it on to third parties for them to use for marketing purposes. You can do this through the Account Settings page on our site by clicking on Notifications and ticking the relevant box or contacting us at any time at email@example.com.
We may aggregate information about you with information about other users of our site to create statistical data about users. This is statistical data that does not identify you and we may distribute any such aggregate information to third parties we work with.
SHARING YOUR PERSONAL INFORMATION
We will only share personal information that we hold about you to third parties:
- who are companies within our group of companies;
- where we need to perform the contract we are about to enter into or have entered into with you;
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests;
- to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them; or
- where we need to in order to comply with a legal or regulatory obligation.
Cookies generally fall into one of the following categories:
- strictly necessary cookies which are cookies that are essential to allow you to use a website and its features;
- performance cookies which collect information about how visitors use a website to create aggregated, anonymous information that does not identify the visitor;
- functionality cookies which allow the website to remember you and provide a more personalised service; and
- targeting or advertising cookies which are used to deliver adverts relevant to you.
Our site uses the following types of cookies: strictly necessary cookies, performance cookies and functionality cookies.
Some of our cookies remain on your device between your browsing sessions.
You can disable our cookies by changing the settings on your browser but doing so might mean you are unable to use certain features of our site.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal and regulatory requirements.
YOUR LEGAL RIGHTS
This section explains the rights you have under data protection laws with respect to how your personal data is held and used by us. If you wish to request to exercise any of these rights, you can contact us using the details set out at the end of this privacy notice.
You have the right to withdraw your consent to us processing your personal data at any time. This will not affect the lawfulness of any processing of your personal data that we carried out before your withdrawal. If you choose to withdraw your consent to us processing your personal data, we may not be able to perform your contract with us for the relevant service or provide other products or services to you.
You have the right to access the personal data we hold about you, free of charge.
You have the right to ask us (and third parties to whom we transfer your personal data) to rectify your personal data if it becomes inaccurate. In order for us to do so, you must inform us of any changes to your personal data so that we can keep it up to date.
You have the right to ask us to erase your personal data where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. We may not be able to perform your contract with us for the relevant service or provide other products or services to you if you ask us to erase your personal data.
You have the right to restrict our further processing of your personal data. Where processing is restricted, we can still store your personal data, but we may not use it further.
You have the right to request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
If you believe our processing of your personal data does not comply with data protection laws, you can make a complaint to the Information Commissioner’s Office: ico.org.uk/.
WHERE WE STORE YOUR DATA
Data we collect from you may be transferred to and stored in destinations outside the European Economic Area (“EEA”) and may be processed by staff operating outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
If you have any questions or comments on this policy, including any requests to exercise your legal rights (as set out above), please use the contact details set out below:
Full name of legal entity: BrickVest Ltd
Name and title of Data Protection Officer: Morten Møller Holst, COO of Brickvest
Email address: firstname.lastname@example.org.
Postal address: 91 Goswell Road, London, United Kingdom, EC1V 7EX