Who is the Controller?
If you are resident in the European Economic Area (‘EEA’) or residing elsewhere, the controller is CdR Capital Ltd of 11 Charles II St, St. James’s, London SW1Y 4QU, regulated in the UK by the Financial Conduct Authority “FCA” and regulated in the US by the Commodity Futures Trading Commission (“CFTC”) and the National Futures Association (“NFA”) (‘CdR UK’).
If you are resident in Switzerland, the controller is CdR Capital S.A. of 6 Cours de Rive, 1204 Geneva, Switzerland (‘CdR Switzerland’).
If you are resident in the UAE, the controller is CdR Capital Limited of 617 Index Tower, The DIFC, Dubai, UAE (‘CdR Dubai’).
We use ‘CdR’, ‘us’, ‘we’ and ‘our’ to refer to your controller as identified above.
Collection of Information
Information may be collected from you in the course of your use of a CdR website and/or in any communication between you and CdR personnel. If you are a CdR client, prospective client or a fund manager we may also collect information about you from company and trade registers, and other publicly available sources.
The kinds of Personal Data we may collect include your contact details (such as your work address, email address and work telephone number) and information such as your job title. In addition, we collect the Personal Data you choose to provide to us, e.g. if you contact us by letter, telephone, email or any other means of electronic or personal communication.
Uses of Personal Data
CdR may use your personal data for any of the following purposes:
- In the course of carrying out client due diligence and achieving a sufficient knowledge and understanding of a prospect or client and its business, management and employees.
- In the course of carrying out fund manager due diligence and achieving a sufficient knowledge and understanding of a fund manager and its business, management and employees.
- To provide investment advisory, due diligence and risk advisory services to its clients.
- To prevent fraud.
- In order to ensure the legitimacy of all requests for further information from CdR
- To check the identity of prospects and new clients and to prevent money laundering.
- To disclose it to its service providers, professional advisers and agents, where necessary.
- If you have registered for this purpose, to review whether you are a suitable candidate for any job opportunities within CdR
- Occasionally, to trace debtors.
- To record and monitor for internal CdR purposes your use of CdR websites. For internal administrative or training purposes.
- For responding to subpoenas, court orders or regulatory or legal requirements.
- For updating our records and databases (such as a Client Relationship Management System “CRM”)
- For responding to your queries or informing you of new developments at CdR, including news, thought-pieces or blogs
- For the marketing of CdR’s investment advisory or fund management services. See more details below.
We will process your Personal Data for our legitimate business interests and if and to the extent applicable law provides a legal basis for us to do so. The legal basis we use will be one of:
- Necessary to comply with a legal obligation, for example to carry out anti-money laundering checks, reporting to regulators and investors;
- Necessary to perform a contract we have entered into with you or in order to take steps at your request prior to entering into a contract;
- Necessary for our (or a third party’s) legitimate interest which is not overridden by your interests or fundamental rights and freedoms. Such legitimate interests include the providing of services by us, administrative or operational processes, and direct marketing; or
- Your consent.
Please note that we may use or disclose Personal Data if we are required by law to do so or if we reasonably believe that use or disclosure is necessary to protect our rights and/or to comply with judicial or regulatory proceedings, a court order or other legal process.
Sensitive Personal Data
Given the nature of our services, we do not collect ‘special categories of personal data’, which is defined as ‘personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation’. We may collect personal data relating to criminal convictions and offences, particularly for fulfilling our legal obligations regarding anti-money laundering.
To the extent that we have a business need to collect any of the above sensitive personal data for the purposes set out above, and are permitted to do so by local laws, we will identify the appropriate legal basis for that processing and identify you beforehand.
Disclosure of Data
If CdR appoint third parties to host, maintain, manage, or to provide other services in relation to data then your personal data may be accessed and used by these third parties to the extent necessary to fulfil their hosting, maintenance, managerial, and/or other functions. We may also disclose your personal data to the extent necessary if we enter into negotiations for a merger or acquisition. Where we do so, we will ensure that there is a written contract in place with appropriate safeguards for your personal data, including security measures and restrictions on the use of such data.
Due to the international nature of CdR’s business, personal data may be transferred internationally throughout CdR’s offices. CdR operates as a global business and may have a business need to transfer your personal data to countries outside of either the UAE or EEA which do not provide the same level of data protection as the UAE and EEA. Where we do so, we will ensure that appropriate safeguards are in place to protect your personal data.
How We Protect Your Personal Information
We have implemented appropriate technical and organisational measure to protect your personal data in accordance with applicable law.
We retain your personal data for any minimum retention period set out in applicable law, and for any further period necessary for the specified purpose, and subject to any legal hold, in which case a new retention period will apply for the duration of that legal hold. This is also subject to any earlier valid and accepted exercise of your data subject rights.
Your Rights in Relation to Your Information
You have rights as an individual which you can exercise under certain circumstances in relation to your Personal Data that we hold. These rights are to:
- request access to your Personal Data (commonly known as a “data subject access request”) and request certain information in relation to its processing;
- request rectification of your Personal Data;
- request the erasure of your Personal Data;
- request the restriction of processing of your Personal
- request the porting of certain of your Personal Data to another person;
- where processing is based on your consent, to withdraw that consent; and
- object to the processing of your Personal Data.
You also have the right to object to the use of your personal data for direct marketing at any time.
If you want to exercise one of these rights please contact us at firstname.lastname@example.org.
You also have the right to make a complaint at any time.
In the UK to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, or, as the case may be, any other competent supervisory authority of an EU member state.
In Dubai to the Commissioner, the individual appointed by the President of the DIFC and responsible for administering and ensuring compliance with the applicable data protection law.
Amendments and Queries
If your personal data changes or if you no longer wish to receive our service, please let us know as we will correct, update or remove your details. This can be done by emailing us at email@example.com.
© CdR Capital S.A. All rights reserved. ‘CdR Capital’ ® is a registered trade mark of CdR Capital S.A.