Your personal information allows us to provide the services you have asked for, as well as enabling us to improve those services by understanding your interests and preferences. By understanding what you like (and what you don’t) we are able to personalise your experience. We are committed to ensuring the personal data you provide is used for the purpose it was collected and is kept secure.
We take the security of all the data we hold very seriously. Both our website service provider and email service providers, WordPress and Google respectively, adhere to globally recognised security standards. We have a policy framework, procedures and training in place covering data protection, confidentiality, security and regularly review the robustness of measures we have in place to keep the data we hold secure.
3. HOW AND WHY WE COLLECT DATA
In this policy, Goldswans Group (Goldswans) also referred to as “we”, “us” or “our” for short, is registered to collect and process personal data under the General Data Protection Regulation (“GDPR” for short). We are data controllers of your contact information and you can contact us at email@example.com
Personal data is any information relating to an identified or identifiable living person. Goldswans may process personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ. When collecting and using personal data, our policy is to be transparent about why and how we process personal data.
To find out more about our specific processing activities, refer to the relevant sections of this statement.
3.1. Business Contacts
3.2. Corporate Clients
3.3. Partners & Staff
3.4. Recruitment Applicants
3.5. Visitors to our Website
- When you use submit User Content:
- If you submit content as an Investor, you may record in your profile information about yourself, such as your contact information, picture, biography, experience, or other information. While the firm’s name will be name public, no investor information will be publicly disclosed.
- If you are a Startup, you may record information about yourself, your company, and your company’s management team. You may also include a video recording or picture. All information you send us will be considered confidential unless otherwise stated, or is considered to be intended for publication.
4. GENERAL DATA PROTECTION REGULATION (GDPR):
The GDPR is an EU Regulation to improve the protection of the personal data of EU citizens and increase the obligations of organisations who collect or process personal data. These new regulations take effect on the 25th of May 2018. The regulations greatly enhance the data privacy and security of our customers and extend to them exercisable rights enabling greater control over one’s personally identifiable information.
We have a system-wide GDPR compliance effort underway that will manifest itself on the core Goldswans website as well as any of our platforms (such as Dragonrisc), applications, and/or other owned properties.
The full specification of the GDPR rights and regulations can be found (here).
5. WHAT WE DON’T DO:
Generally, we may collect your contacts data which means personal details from which you can be identified or are identifiable, for example: name, email and business address, and phone number.
5.1. We don’t share your contact information with any third parties.
5.2. We don’t collect any personal nor biometric data such as DNA, Date/Place of Birth, Age, Sex, etc.
5.4. If you use our Wi-Fi, we don’t collect your device’s unique identifier, what type of device or operating system you are using, or how often you use the Wi-Fi and where you were when you used it.
5.5. Email activity – we may collect information relating to how you respond to our emails and whether you open them and click the links.
5.6. Other online – we may collect details of your interactions with us via social media or correspondence via email or telephone. If you follow one of our social media accounts, we may receive the following personal information about you: your account name, gender, general interests, location, age.
6. HOW WE KEEP YOUR CONTACT INFORMATION SECURE
6.1. Technical and organisational measures:
We have secure systems and processes in place to ensure the personal data you provide us is kept safe. We store personal information on our secure electronic systems. Any payment transactions will be encrypted. All online transactions are processed by third parties. Credit card details are not stored locally.
If ever your information is transferred to one of our cloud-based service providers, you will be advised before this happens, and we will take all reasonable steps to ensure your data is handled securely under appropriate agreements with our suppliers. If the cloud-based service provider is based outside the European Economic Area (“EEA”), it means that their processing of your data will involve a transfer of data outside the EEA. In such circumstances, before the transfer your personal data outside the EEA, we will ensure that appropriate protection is in place, including strict security measures, and signed agreements.
7. HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We will only retain your information for as long as necessary for the uses set out in this Policy, while there is a legitimate business reason for doing so, or where it is in the public interest. In some cases, we may not be able to delete your information if there are technical, legal, regulatory or contractual constraints, and you will be advised as such. In other cases, you can contact firstname.lastname@example.org to delete any personal data that is recorded in your profile as a partner, investor or for your company, or as an entrepreneur.
8. LEGAL BASES FOR USING YOUR PERSONAL INFORMATION
All organisations need a legal reason to use your personal information. There are a number of legal grounds that enable data processing. It’s quite complicated but below are the most relevant grounds you should be aware of and the ones we generally rely on:
8.1. With your consent
There are some activities where we process personal information with your consent, for example, where we want to send you marketing messages by email, we would ask your permission first and you could opt-out at any time by clicking on the unsubscribe link on the email or updating your account preferences.
8.2. To fulfil a contract
We also process your personal data in order to fulfil a contract we have with you. For example, when you engage our firm on project assignment, we will process your information to administer that engagement.
8.3. For a legitimate interest
Sometimes we may use your information to help achieve our business objectives but only where that activity doesn’t negatively affect your rights. For example, monitoring and analysing the information we hold about you and our other customers in order to make informed decisions about our services, website and advertising, sending you customer feedback surveys, or providing social media and marketing content that is of interest to our followers on social media.
8.4. To comply with legal obligations
There may be situations where we need to use your information to comply with legal obligations.
9. HOW WE MIGHT USE YOUR PERSONAL DATA:
We may use information in the following ways:
9.1. To optimise your website viewing – ensuring that content from our websites is presented in the most effective manner for you and for your computer, mobile or other device.
9.2. To provide you with services or support – carrying out our obligations arising from any contracts entered into between you and us to provide the services that you request.
10. DISCLOSING YOUR PERSONAL INFORMATION:
We may disclose your personal information if required to do so by law or in good-faith believing such action is necessary to comply with the law. We will not sell or otherwise share your personal information with third parties for their own marketing purposes without your consent except in the following instances:
10.1. Unless required by applicable law or if we are ordered to do so by a court or other similar body;
10.2. As we may think necessary to protect our legal rights, or that of a registered user or third party, or to prevent personal injury; and /or
10.3. Where we are approached by a potential buyer of our business and/or assets or in relation to any joint venture or other business arrangement. In such circumstances we will seek your permission to pass on your personal data to such third party’s advisors, any prospective buyer, and any other relevant parties.
11. INDIVIDUAL RIGHTS AND HOW TO EXERCISE THEM
Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights. Where we decide how and why personal data is processed, we are a data controller and include further information about the rights that individuals have and how to exercise them below.
11.1. Access to personal data
You have a right of access to personal data held by us as a data controller. This right may be exercised by emailing us at email@example.com. We may charge for a request for access in accordance with applicable law. We will aim to respond to any requests for information promptly, and in any event within the legally required time limits (currently 40 days).
11.2. Amendment of personal data
To update personal data submitted to us, you may email us at firstname.lastname@example.org or, where appropriate, contact us via the relevant website registration page or by amending the personal details held on relevant applications with which you registered. When practically possible, once we are informed that any personal data processed by us is no longer accurate, we will make corrections (where appropriate) based on your updated information.
11.3. Withdrawal of consent
Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis). To withdraw consent to our processing of your personal data please email us at email@example.com or, to stop receiving an email from a Goldswans marketing list, please click on the unsubscribe link in the relevant email received from us.
11.4. Other data subject rights
This privacy statement is intended to provide information about what personal data we collect about you and how it is used. As well as rights of access and amendment referred to above, individuals may have other rights in relation to the personal data we hold, such as a right to erasure/deletion, to restrict or object to our processing of personal data and the right to data portability. Some of these rights will only be available from 25 May 2018.
If you wish to exercise any of these rights, please send an email to firstname.lastname@example.org
We hope that you won’t ever need to, but if you do want to complain about our use of personal data, please send an email with the details of your complaint to email@example.com. We will look into and respond to any complaints we receive. You also have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) (the UK data protection regulator). For further information on your rights and how to complain to the ICO, please refer to the ICO website.
From time to time we may make changes to this Policy. This might be in relation to changes in the law, best practice, changes to the services we provide or collection and use of your personal data. We will always display clearly when the Policy was last updated and where appropriate, notify you of any relevant changes.
Effective Date (Policy last updated): 21st May 2018