What is General Data Protection Regulation (GDPR)?
The General Data Protection Regulation (GDPR) is the European privacy legislation ensuring a consistent and high level of protection of your personal data.
Your personal data is any information relating to you, such as a name, an identiﬁcation number, location data, an online identiﬁer or other factors speciﬁc to your physical, physiological, genetic, mental, economic, cultural or social identity.
Findesti Limited shares the opinion that the protection of personal data is your fundamental right. Therefore, Findesti Limited has implemented appropriate technical and organisational measures to ensure that processing is performed in accordance with the GDPR. These measures may be reviewed and updated if necessary, in which case you will be informed about the changes in due course. Findesti Limited undertakes to process your personal data only for the purposes deﬁned below, to protect it and to keep it conﬁdential. Your personal information will not be disclosed to any third party within or outside the European Union (including in countries that do not offer an adequate level of protection), other than mentioned below in Section “Processing of your personal data”.
What kind of data is collected.
- Your name and contact information such as your home or business address, email address and telephone number;
- Biographical information, which may conﬁrm your identity including your date of birth, tax identiﬁcation number and your passport number or national identity card details, country of domicile and/or your nationality;
- Information relating to your ﬁnancial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details;
- Information about your knowledge and experience in the relevant ﬁeld;
- An understanding of your goals and objectives in procuring our services;
- Information about your employment, education, family or personal circumstances, and interests, where relevant; and
- Information to assess whether you may represent a politically exposed person or money laundering risk.
Ways to collect personal data.
We collect your personal data in a number of ways, for example:
- From the information you provide us with during the meetings;
- From information about you provided by your company or an intermediary;
- When you communicate with us by telephone, fax, email or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
- When you complete (or we complete on your behalf) KYC forms, contracts and other documents;
- From your agents, advisers, intermediaries, and custodians of your assets;
- From publicly available sources or from third parties, in case we need to conduct background checks about you.
Purposes of data collection.
Your personal data is processed for the following purposes:
- Administering, managing and developing our businesses and services;
- Providing information about us and our range of services;
- For any other purpose for which you provide us with your personal data;
- Identifying clients/contacts with similar needs;
- Describing the nature of a contact’s relationship with Findesti Limited;
- Performing analytics, such as on trends, relationship maps and other;
- Seeking advice on our rights and obligations, when we require our own legal advice;
- Training our staff or monitoring their performance;
- To meet our compliance and regulatory obligations, such as compliance with anti-money laundering laws;
- To meet requirements of tax authorities or any competent court or legal authority.
Processing of your personal data
With respect to the purposes mentioned below, your personal data held by us may be transferred to:
- Third party organisations that provide internal IT services to us, such a cloud-based software, website hosting and management;
- Third party organisations that otherwise assist us in providing services or information;
- Auditors and other professional advisers;
- Law enforcement or other government and regulatory agencies or to other third parties as required by, and in accordance with, applicable law or regulation.
Findesti Limited does not sell or otherwise release any personal data to third parties for the purpose of allowing them to market their products and services without consent from individuals to do so. Otherwise, we will only share personal data with others when we are legally permitted or made to do so.
Personal data will be retained for as long as it is necessary for the purposes set out above (i.e. for as long as we have, or need to keep a record of, a relationship with a business contact).
Your have the following rights appicable to processing of your personal data:
- the right to receive transparent information about obtaining and processing of your personal data;
- the right to access your personal data;
- the right to rectify your personal data;
- the right to have your personal data erased (“right to be forgotten”);
- the right to demand restriction of processing of your personal data;
- the right to transmit your personal data to another party (data portability);
- the right to object processing of your personal data.
Please note that the above-mentioned rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
To ﬁnd out more about your rights please refer to the EU regulator in the country where you are located (in the EU).
If you have any questions about how we use your personal data, or you wish to exercise any of the rights set out above, please contact us by sending e-mail to compliance@ﬁndesti.com.
If you are not satisﬁed with how we are processing your personal data, you can make a complaint to the EU regulator in the place where you are located (in the EU).