GDPR entered into force on May 25th, 2016, with full applicability after a 2-year transition period, on May 25th, 2018. The General Data Protection Regulation covers data protection and privacy for all individuals in the EU. With a primary aim of transferring the control of personal data back to individuals, a unified regulation also means a simplified regulatory environment for international businesses. The GDPR also addresses the export of personal data beyond the EU and impacts doing business within Europe and worldwide. It is the largest change to data protection legislation in the last 20 years, and regulators have unprecedented power to impose fines and will require widescale privacy changes across every organisation. However, it also represents a major opportunity to:
- transform our approach to privacy,
- harness the value of our data, and
- ensure our organisation is fit for the digital economy
Syntagma and GDPR
WHAT PERSONAL DATA DO WE PROCESS?
We are collecting and using the personal data required in the framework of our business, to provide our business partners and counterparts a high quality of service or interaction. For that purpose, we might collect different categories of your personal data, including:
- identification data (name, birth data, picture, address and contact details, passport or ID numbers, etc…)
- data related to your business positions and activities (employers and their contact details, positions and curriculum, etc)
- data about our interactions (our emails, meetings or calls, agreements with you on draft or executed form, notes, etc…)
- if you are an investor or business partner as an individual, all the documentation shared prior to your subscription, your banking details and all the financial transactions with you;
- data related to the proper execution of our legal, tax or regulatory obligations (anti-money laundering regulations, fund management records, justification of your investor status if applicable, FATCA / CRS and other tax reportings, etc).
- data related to activities related to philanthropic, social or business association activities in which members of our group are engaged.
We do not collect nor process any personal data regarding religion, ethnic or racial origins, political opinions, sexual life or genetic information.
FOR WHAT PURPOSES DO WE COLLECT AND USE PERSONAL DATA?
We collect and use your personal data in order to:
- comply with our legal or regulatory obligations;
- be in a position deliver our obligations and benefit from our rights arising from the agreements executed with you;
- interact with you commercially or for the purpose of analysing or elaborating an agreement with you;
- if you are an investor or the representative of an investor, to interact with you in respect of that position (including for reporting purposes);
- if you are a potential manager of a portfolio company, to be able to check the adequacy of your profile with identified needs, and to contact you;
- serve our legitimate interests in the framework of the GDPR Directive, including to keep evidence of interactions or dealings, to manage our databases and information systems, to back up such databases and systems, to prevent frauds or abuses, to compile anonymous statistics, to analyse and prepare transactions, etc …)
TO WHOM MIGHT WE COMMUNICATE YOUR PERSONAL DATA?
We do not sell nor lease your personal information to third parties. We do not share your personal data with third parties unless (i) we have a legitimate reason for that (eg sharing with our lawyers to prepare a contract with you, or with a bank to prepare a payment to you) or (ii) we have your explicit consent, or (iii) an applicable law or regulation requires us to do so .
To prevent unauthorised disclosure or access to your personal information, we have implemented physical and electronic security safeguards. We also follow procedures to ensure we work with all personal data in line with the applicable Data Protection laws. If despite our efforts we become aware of an unauthorised data leak regarding your personal data, we would inform you as soon as reasonably practicable.
YOUR RIGHTS AND HOW TO CONTACT US
The GDPR directive establishes a number of rights in your favour, including, within the limits of law and regulations:
- the right to access your personal data
- the right to have your personal data rectified if inaccurate
- the right to have your personal data deleted if no longer kept for legitimate purposes
- the right to oppose the use of your personal data for commercial prospection purposes
- the right to withdraw your consent.
Please note that some legal restrictions limit those rights, for instance as regards our ability not to disclose information used in our processes against fraud or money-laundering. In accordance with general principles of law, we are not liable for the disclosure of information that was previously publicly available, nor for the storage and backup of data that we received without having solicited (eg CV spontaneously sent to us) To manage your cookie preferences click on the following link:
To use those rights, or more generally for information, you can reach our Data Protection Officer on the following e-mail address: firstname.lastname@example.org.