This statement describes how MGI. (“we”) processes your personal data.
‘Personal data’ means any information relating to an identified or identifiable individual. It includes, for example, your name, your contact information, your date of birth, details from your passport, photographic or video images, communication records and, within the context of providing our services to you, any information we may be legally required to obtain from you in the context of our customer due diligence.
We treat your personal data with care and in accordance with the applicable legislation, including the EU General Data Protection Regulation (GDPR). Keeping personal data secure is one of our most important responsibilities. We maintain physical, technical, electronic, procedural and organizational safeguards and security measures to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure or access. Our employees are bound by internal policies that require confidential treatment of personal data.
A. USE OF OUR WEBSITE
When you use our website, various data is registered. For example, the type of connection, the browser used, your computer’s operating system, your IP address and, when relevant, the details filled out on contact or other forms. Some of these data may contain personal data, as described in more detail below.
Een geanonimiseerde string, gemaakt op basis van je e-mailadres (dit wordt ook een hash genoemd) kan worden gestuurd naar de Gravatar dienst indien je dit gebruikt. De privacybeleid pagina van de Gravatar dienst kun je hier vinden: https://automattic.com/privacy/. Nadat je reactie is goedgekeurd, is je profielfoto publiekelijk zichtbaar in de context van je reactie.
1. IP address
When you visit our website, your IP address is saved automatically. Based on your IP address, information about the location from which the website is being visited can be obtained.
Our website is maintained by an external service provider. This service provider has access to your IP address. We can obtain your IP address from the service provider upon our request. We will only submit such request in case of a (security) incident. We have entered into a data processing agreement with the service provider. In case you wish to receive more information about this provider, please contact us.
Our website is hosted at an external cloud provider. This cloud provider has access to your IP address. We have entered into a data processing agreement with the cloud provider. If you wish to receive more information about the cloud provider, please contact us.
The use of our website is monitored and analyzed. Your IP address is used to distinguish unique users and include an indication of your location in the analysis. The analysis is available to us on an aggregated and/or anonymous basis only. For this analysis, Google’s “Analytics” services are used. This means Google may also have access to this data. Please refer to the paragraph ‘analytical cookies’ for more information about these services.
2. Contact form and subscribing for updates
If you enter your name and contact details in the contact form designated for this purpose on our website, we will process your personal data to contact you and, if relevant, stay in contact with you and provide you with any information you may request for (please refer to the paragraph ‘clients’ or ‘other contacts’ in such case). If you subscribe for our updates and newsletters through the designated form, we process your personal data for this purpose.
We process your personal data based on your consent that you gave by filling out and sending the relevant form. You have the right to withdraw your consent and you can unsubscribe from our mailing list at any time by contacting us, or by replying to one of the e-mails you receive from us.
We will store your data until you withdraw your consent or as long as relevant to stay in contact with you.
A cookie is a file that is sent from a website and is saved by your browser to your computer’s hard drive. Cookies are used by us to store data linked to the use of our website. These data can be read and written by us when you visit our website. You will find further information regarding how to switch cookies on or off or delete them in the instructions and/or using your browser’s Help function.
Our website uses the following cookies.
3.1 Functional cookies
Functional cookies are used to ensure that the website works properly. Our website uses both session cookies and permanent cookies. Permanent cookies are saved for a longer period. Session cookies are deleted when you close your browser. Cookies enable us to recognize you when you return to our website. This enables the website to tailor the user experience to your preferences. For instance, cookies are used to record that you gave your permission for the placement of cookies and to record your language preference. This means that you do not have to re-enter your preferences at each visit. You may delete the cookies via your browser settings.
3.2 Analytical cookies
Analytical cookies allow us to analyze use of our website. This allows us to improve the website so your visit is more enjoyable and you can access the information you are looking for more easily. These cookies are used to collect data on, for example, the number of visitors, or the popular pages and subjects. Google’s “Analytics” service is used for this purpose.
A Google cookie is placed via our website as part of Google’s “Analytics” service. We use this service to monitor how users use the website and generate relevant reports. Google may share this data with third parties if it is legally required to do so, or insofar this data is processed by third parties on behalf of Google. We do not have any influence on this process. We have not permitted Google to use the analytics data obtained for other Google services.
The data collected by Google is anonymized as far as possible before it is processed by Google and provided to us. Your IP address is partially masked and is not processed in its entirety. We have signed a data processing agreement with Google. The data is transferred to Google and saved to its servers in the United States. Google has committed to the Privacy Shield principles and adheres to the Privacy Shield program of the US Department of Commerce. This means that a certain level of protection is applied to the processing of any personal data. We do not use any other Google services in combination with the “Analytics” cookies.
B. PROCESSING OF PERSONAL DATA
The paragraphs below describe the processing of personal data by us, other than through the use of our website. If you are a (potential) client of us, we refer to the first paragraph. If you are another contact of us, such as a service provider, we refer to the second paragraph. The third paragraph provides a link to our privacy statement for job applicants. Please refer to paragraphs 4, 5 and 6 for information about the recording of communications, the visiting of our premises and the transfer of data to third parties.
- Clients and potential clients
We process data of private and institutional clients and potential clients, including personal data of contact persons, employees, directors, representatives, shareholders, ultimate beneficial owners and other associated persons (“Investors”, or, within this paragraph, “you”).
1.1 Investor information
We may process your personal details, such as your name, gender, (business) contact details, title or position, and any other information you have provided to us during our conversations, meetings, by e-mail or by any other means. We store this information in an contact management system and e-mails received are stored in personal or shared e-mail boxes. We process this data to maintain contact with you, to provide you with our services, to maintain and optimize the quality of our services and our relationship with you, to provide you with relevant information about your investment(s), to provide you with updates and newsletters about us and our services, to provide you with any other information that may be of interest to you and to verify any agreements made with you.
Pursuant to anti-money laundering and counter terrorist financing legislation as well as know-your-customer legislation applicable to us, we have to conduct customer due diligence before we provide our services to Investors and periodically afterwards during our relationship with Investors. We collect data from our Investors directly, indirectly, or through a world-check database, sanction lists, or publicly accessible sources. Failure to provide certain requested data may result in the impossibility to invest or stay invested with us.
Information gathered in context of our customer due diligence include personal data, such as your full name, place and date of birth, a copy of your passport, information about your regulatory listings, information about investigations or sanctions you are or may have been subject to and information in relation to the source of wealth of Investors. Personal data may also be included in promotional material, certificates, any other know-your-customer and anti-money laundering related information we need to obtain from you and in documents we process for the purpose of recording and verifying our agreements with Investors, such as authorized signatories lists, contracts and related documents.
We process your data because this is necessary for compliance with legal obligations to which we are subject, or with our legitimate interest, each as described above. When we provide you with newsletters and updates, this may be based on your consent. You have the right to withdraw your consent and you can unsubscribe from our mailing list at any time.
We will store your personal data as long as relevant within the context of our relationship. Personal data gathered pursuant to our customer due diligence will be kept on file for at least five years after termination of our relationship. If retention is necessary for the effective implementation of internal measures for the prevention or detection of money laundering or terrorist financing, the files will be kept on file for up to an additional five years. Personal data contained in contracts and related documents will be kept on file as long as necessary to exercise or defend actual or potential legal claims. Any data may be archived or backed up.
Please refer to the paragraphs 4, 5 and 6 below for information about the recording of communications, the visiting of our premises and the transfer of data to third parties.
- Other contacts
We may process personal data of our (potential) service providers, service providers of our clients, suppliers, other contacts and, where applicable, any of their representatives and employees. Personal details may include your name, gender, contact details, title or position, and any other information you may have provided us during our conversations, meetings, by e-mail or by any other means. Personal data may also be included in any materials provided to us, and in documents, such as contracts and authorized signatories lists. We may store your personal details in an in-house developed contact management system.
We process your personal details data to maintain contact with you, for example in order to use your services, purchase your products or to service clients, and for relationship management purposes. E-mails, contracts and related documents are stored to be able to verify any agreements made with you or your company. Upon your request, we may also use your contact details to provide you with updates and newsletters about us and our services.
We process your personal data based on the legitimate interest we have. Processing may also be required for the performance of a contract with you. When we send you newsletters or updates this may be based on your consent. You have the right to withdraw your consent and you can unsubscribe from our mailing list at any time by contacting us, or by replying to one of the e-mails you receive from us.
We will store your personal data as long as relevant within the context of our relationship. Contracts and related documents will be kept on as long as necessary to exercise or defend actual or potential legal claims. Any data may be archived or backed up.
Please be referred to the paragraphs 4, 5 and 6 below for information about the recording of communications, the visiting of our premises and the transfer of data to third parties.
- Recording of communications
We may record communications, including telephone conversations or communications by any other means. We record several of our telephone lines, including those of our traders and our Investor Relations team. We do this to comply with a legal obligation. Pursuant to applicable regulation, we have to record communication that, among others, result in transactions. Communications are also be recorded with the legitimate interest for record keeping as proof of a transaction or related communication in the event of a disagreement, for verification of agreements or instructions, and for investigation and fraud prevention purposes.
Communication records will be retained for a period of five years or, upon request of a regulator, for a period of seven years starting from the date of the recording. Communication records other than telephone recordings may be archived or backed up.
- Transfers to third parties
In addition to what is described above in relation to specific data transfers, we may also share data with our affiliates, professional advisors and auditors to the extent required. Any such party will be subject to obligations of confidentiality. Where possible and appropriate, any personal data transferred will be anonymized.
We may also have to transfer data to any court, governmental or supervisory authorities, at the (authorized) request of a regulator, when this may be required pursuant to applicable regulations or pursuant to any court order. Should this be the case, we will use reasonable endeavors to notify you in advance of such transfer, to the extent we are allowed to do so.
We may need to transfer personal data to parties that are located in countries outside of the European Economic Area (EEA) that are not recognized to provide an adequate level of data protection according to EEA standards. We will adopt safeguards to ensure an appropriate level of protection of your personal data. In particular, we may transfer personal data to affiliates with offices around the world. For this purpose, we have entered into an inter-affiliate data transfer agreement in which we have included standard EU clauses regarding the protection of personal data. If you wish to receive more information, please contact us.
C. REQUESTS RELATED TO PERSONAL DATA
You can contact us if you have any of the following requests:
– Access to your personal data: if you wish, we can provide you with an overview of your personal data processed by us.
– Rectification: you can request us to rectify any inaccurate personal data.
– Erasure: you can request us to erase any personal data that we hold of you.
– Restriction of processing: in certain circumstances, you may request us to restrict the processing of your personal data.
– Data portability: in certain circumstances, you can request us to provide you, in a structured, commonly used and machine-readable format, with the personal data that you provided to us earlier. You can request us to transmit this data to another party.
In principle, we will meet any of the above requests. Please note, however, that there may be circumstances in which we will not be able to do so. For example, we are not allowed to erase any information which we are legally required to retain, e.g. for recordkeeping purposes. There may also be residual information that will remain within our databases and other records, which cannot be removed.
If you have any of the abovementioned requests, please contact us at @mginvestment.com. We will respond to your request as soon as possible, but at least within one month.
To prevent abuse, we may ask you to adequately identify yourself. If your request concerns personal data linked to a cookie, please send us a copy of this cookie. Cookies can be found via your browser settings.
If you have a complaint about our processing of your personal data, please do not hesitate to share this complaint with us. You may also lodge a complaint with the competent authority of your home EU member state. In the Netherlands, you can lodge a complaint with the Autoriteit Persoonsgegevens. Please refer to www.autoriteitpersoonsgegevens.nl.
This privacy statement may be amended from time to time, without notifying you personally. The date of the latest amendment is 25 May 2018. Use of our services following these changes (or your continued provision of personal data to us) signifies acceptance of the revised statement.
If you have any questions about this privacy statement, please contact us as at firstname.lastname@example.org.