DATA PROTECTION PRIVACY NOTICE
The scope and purpose of this Data Protection Privacy Notice
This Data Protection Privacy Notice explains how Careventures Capital SPRL (“Careventures”, “we”, “us”, “our”), collects, uses, shares and otherwise processes your Personal Data in connection with your relationship with Careventures in accordance with applicable data privacy laws and the General Data Protection Regulation (“GDPR”).
The term “Personal Data” as used in this Data Protection Privacy Notice means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including, for example, name, date of birth, residential address, identification number, location data or online identifier.
What information do we collect about you, how do we collect it and what do we use it for?
The kinds of Personal Data we may collect include your contact details (such as your address, email address and telephone number) and, where required for contractual, legal or regulatory obligations, additional information (including, but not limited to, date of birth, bank account details, tax identification numbers, copies of identification documents and numbers)In most cases, we will collect the Personal Data directly from you but may also obtain it from other sources (for example, public registers).
In accordance with applicable data privacy laws and the GDPR, we will only process your Personal Data for specific purposes where there is a lawful basis for doing so. The lawful basis, and purposes that we may rely on are:
- you have consented to us doing so (consent) – in limited circumstances, we may obtain your consent to send you information about our services (but, in such cases, you can opt out of receiving such communications at any time through the method provided in the communications themselves or by using the contact information provided below);
- we need it to perform the contract we have entered into with you (contract) – this includes, but is not limited to, where we have entered into an agreement with you and the Personal Data is needed to ensure that the terms of the contract can be fulfilled;
- we need it to comply with a legal obligation (legal obligation) – these obligations include, for example, where we have a regulatory obligation to conduct customer due diligence or are required to provide information to tax authorities; or
- we (or a third party) have a legitimate interest which is not overridden by your interests or fundamental rights and freedoms (legitimate interest) – this includes the provision of services by us and our direct marketing activities. To this end, we will use your Personal Data to deliver services to you and/or to work or act for you. Furthermore, we will also use your Personal Data to inform you about us and our services and to build our relationship with you.
- Where we use your Personal Data to inform you about us and our services, we will ensure that these are targeted and proportionate.
- Please note that we may use or disclose Personal Data if we are required by law to do so or if we reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.
What might we need from you?
We may need to request specific information from you to help us confirm your identity and ensure your right to access Personal Data (or to exercise any of your other rights). This is another appropriate security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
Accuracy of information
It is important that the Personal Data we hold about you is accurate and current. Please let us know if your Personal Data changes during your relationship with us.
What if you do not provide the personal data we request?
It is in your sole discretion to provide Personal Data to us. If you do not provide us with all or some of the Personal Data we request, we may not be able to accept an engagement from you, to provide all or some of our services, to enter into a contract with you or to send you information about us (e.g. marketing materials).
Change of purpose and anonymisation
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason which is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
In some circumstances, and where it is attributable to a lawful basis, we may anonymise your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.
With whom will we share your information?
When using your Personal Data for the purposes and on the legal basis described above, we may share your Personal Data with other vendors that we work with. Depending on the nature of your relationship with Careventures (e.g. a client, an employee, etc.) these other vendors may include, but are not limited to, accountants, tax advisors, payroll agents, auditors, lawyers, regulatory advisors, insurance brokers and IT providers. We may also have to share your Personal Data with regulators, public institutions, courts or other third parties. Careventures will not sell your Personal Data nor will we distribute, disseminate or disclose your Personal Data to third party sales or marketing agencies. When sharing your Personal Data with others, we will ensure that we have an appropriate legal basis to do so and will take all reasonable steps to ensure that your Personal Data is treated in a manner that is consistent with EU and other applicable laws and regulations relevant to data protection. If you would like to know more about the organisations that we share your Personal Data with, please contact us using the contact information provided below.
Will we send your information outside the EEA?
For the purposes described above, from time-to-time, we may have to transfer your Personal Data outside of the European Economic Area (“EEA”). In such cases, we will always ensure that there is a legal basis and a relevant safeguard method for such data transfer so that your Personal Data is treated in a manner that is consistent with and respects the EU laws and other applicable laws and regulations on data protection.
Your rights in relation to your information
You have rights as an individual which you can exercise under certain circumstances in relation to your Personal Data that we hold. These rights are to:
- request access to your Personal Data (commonly known as a “data subject access request”) and request certain information in relation to its processing;
- request rectification of your Personal Data;
- request the erasure of your Personal Data;
- request the restriction of processing of your Personal Data;
- object to the processing of your Personal Data.
Please note, some of the above rights may only be exercised in specific circumstances – they are not absolute. In addition, you may also have the right to make a complaint at any time to the Data Protection Authority (DPA), the Belgian supervisory authority for data protection issues or, as the case may be, another competent supervisory authority of an EU member state.
Right to withdraw consent
In case you have provided your consent to the collection, processing and transfer of your Personal Data, you have the right to fully or partly withdraw your consent. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. In cases where we have processed your Personal Data for direct marketing purposes, you have the right to object at any time, in which case we will no longer process your Personal Data for such direct marketing purposes.
How long will we retain your information?
We will only retain your Personal Data for as long as necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, regulatory, accounting or reporting requirements.
To determine the appropriate retention period for your Personal Data, we will consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. If you would like to know more information about our retention practices, please contact us using the information provided below.
In some circumstances we may anonymise your Personal Data so that it can no longer be associated with you, in which case it is no longer Personal Data.
Upon expiry of the applicable retention period we will securely destroy your Personal Data in accordance with applicable laws and regulations.
You will in general not have to pay a fee to exercise any of your individual rights mentioned in this Data Protection Privacy Notice. However, we may charge a reasonable fee if your request to exercise your individual rights is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
Changes to this Data Protection Privacy Notice
Careventures reserves the right to update this Data Protection Privacy Notice at any time and, in such cases, we will make an updated copy available on our website, or where required by law, we will contact you directly.
If you have any queries, questions, concerns or require any further information in relation to the Data Protection Privacy Notice or you wish to exercise any of your rights, please do not hesitate to contact us at email@example.com.