- Altstake; and
- other organizations related or affiliated to Altstake which have adopted this Policy as their own
Email : [email protected]
This does not affect your statutory rights. For example, if the GDPR applies to you, you may also have a right to lodge a complaint with a European supervisory authority, in particular in the Member State in the European Union where you are habitually resident, where you work or where an alleged infringement of Data Protection law has taken place.
When you contact us, we may require that you submit certain forms or provide certain information, including verification of your identity, before we are able to respond.
When our collection is based on consent, you can choose not to provide us with personal data. You also have the right to withdraw your consent for us to continue collecting, using, disclosing and processing your personal data, by contacting us in accordance with paragraph 1.8. However, if you do so, it may not be possible for us to fulfil the purposes for which we require the personal data, including processing your transactions or providing you with the products and services that you require.
- you register an account with us through our Applications;
- you access, download or use our Applications and services;
- you authorise us to obtain your personal data from a third party;
- you enter into agreements with us;
- you transact with us, contact us or request that we contact you through various communication channels, for example, through social media platforms, messenger platforms, face-to-face meetings, telephone calls, emails, fax and letters;
- you request to be included in an e-mail or our mailing list;
- you attend events or functions organised by us;
- we seek information about you and receive your personal data in connection with your relationship with us; and
- when you submit your personal data to us for any other reason.
Personal data provided by others. Depending on your relationship with us, we may also collect your personal data from third party sources, for example, from:
- any third parties whom you have authorised us to obtain your personal data from;
- entities in which you (or a party connected to you) have an interest;
- our business partners such as third parties providing services to us;
- your family members or friends who provide your personal data to us on your behalf; and/or
- public agencies or other public sources.
WHAT WE DO WITH YOUR PERSONAL DATA What we do. We collect, use, disclose and process your personal data where:
- you have voluntarily provided us with your personal data;
- you have given us consent;
- necessary to comply with our legal or regulatory obligations, e.g. responding to valid requests from public authorities;
necessary to support our legitimate business interests, provided that this does not override your interests or rights; and
- necessary to perform a transaction you have entered into with us, or provide a service that you have requested or require from us.
General purposes. We collect, use, disclose and process your personal data for purposes connected or relevant to our business, to manage your relationship with us. Such purposes would include:
- carrying out your transactions with us and our business partners, taking steps as may be directed by you, or to provide products and/or services to you;
- facilitating your use of our Applications, including verifying and establishing your identity;
- facilitating business asset transactions;
- communicating with you, and assisting you with your queries, requests, applications, complaints, and feedback;
- resolving any disputes, investigating any complaint, claim or dispute or any actual or suspected illegal or unlawful conduct;
- administrative purposes, including finance, IT and HR purposes, quality assurance and staff training, and compliance with internal policies and procedures, including audit, accounting, risk management and record keeping;
- sending communications to you (including surveys) for the purpose of developing new products and services or evaluation and improvement of our existing products and services;
security purposes, e.g. protecting our Applications from unauthorised access or usage and to monitor for security threats;
- compliance with any legal or regulatory obligations, applicable laws, regulations, codes of practices, guidelines, or rules (including anti-money laundering and countering the financing of terrorism laws), or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
- managing and engaging third parties or data processors that provide services to us, e.g. IT services, technological services, delivery services, and other professional services;
- carrying out our legitimate business interests;
- such purposes that may be informed to you when your personal data is collected; and/or
any other reasonable purposes related to the aforesaid.
Where personal data is used for a new purpose and where required under applicable law, we shall obtain your consent.
Legitimate business interests. We may also collect, use, disclose and process your personal data for the following purposes to support our legitimate business interests, provided that this does not override your interests or rights, which include:
- managing our business and relationship with you, and providing services to our customers;
- assistance of carrying out corporate restructuring plans;
- complying with internal policies, and procedures;
- protecting our rights and interests, and those of our customers;
- enforcing our terms and conditions, and obligations owed to us, or protecting ourselves from legal liability;
- managing our investor and shareholder relations; and
- process or share your personal data to facilitate acquisitions, mergers, or transfers of our business.
We may also automatically collect and store certain information about your interaction with our Applications including IP address, browser type, internet service provider, referring/exit pages, operating system, date/time stamps and related data.
The above links have further information about behavioural advertising and online privacy.
- disclosing your personal data to third parties who provide services to us (including, but not limited to, data providers, technology providers, insurance providers, and other professional services (including accountants, lawyers and auditors));
- disclosing your personal data to third parties in order to fulfil such third party products and/or services as may be requested or directed by you;
- disclosing your personal data to third parties that we conduct marketing and cross promotions with;
- disclosing your personal data to authorities, governments, law enforcement agencies or public agencies;
- If we are discussing selling or transferring part or all of our business – the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
- If we are reorganised or sold, information may be transferred to a buyer who can continue to provide continued relationship with you; and
- If we are defending a legal claim your information may be transferred as required in connection with defending such claim.
- When disclosing personal data to third parties, we will (where appropriate and permissible) enter into contracts with these third parties to protect your personal data in a manner that is consistent with all applicable laws and/or ensure that they only process your personal data in accordance with our instructions.
TRANSFER OF PERSONAL DATA TO OTHER COUNTRIES Transfers. We may transfer your personal data to different jurisdictions in connection with the purposes described in paragraph 5:
- from the jurisdiction where it is collected (or where you are located) to any other jurisdictions that we operate in; and
- to third parties in other jurisdictions.
Safeguards. Where we transfer your personal data across jurisdictions, we will ensure that your personal data is protected in accordance with this policy and applicable laws regardless of the jurisdictions they are transferred to, but in any event to a level that is no less stringent than the jurisdiction from which the personal data is transferred. When we transfer your personal data internationally and where required by applicable law we put in place appropriate safeguards including EU Model Clauses or rely on EU Commission adequacy decisions. You may obtain details of these safeguards by contacting us. SECURITY AND RETENTION OF PERSONAL DATA Unauthorised access. While we take reasonable precautions to safeguard your personal data in our possession or under our control, you agree not to hold us liable or responsible for any loss or damage resulting from unauthorised or unintended access that is beyond our control, such as hacking or cybercrimes. Vulnerabilities. We do not make any warranty, guarantee, or representation that your use of our systems or applications is safe and protected from malware, and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk. Period of retention. We retain your personal data only for as long as is necessary to fulfil the purposes we collected it for, and to satisfy our business and/or legal purposes, including data analytics, audit, accounting or reporting purposes. How long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may also be retained for longer, e.g. where we are required to do so by law. Anonymised data. In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we are entitled to retain and use such data without restriction. YOUR RIGHTS Rights you may enjoy. Depending on the jurisdiction that you are in or where we operate, you may enjoy certain rights under applicable law in relation to our collection, use, disclosure and processing of your personal data. Such rights may include: Access: you may ask us if we hold your personal data and, if we are, you can request access to your personal data. This enables you to receive a copy of and information on the personal data we hold about you. Correction: you may request that any incomplete or inaccurate personal data we hold about you is corrected. Erasure: you may ask us to delete or remove personal data that we hold about you in certain circumstances. Restriction: you may withdraw consent for our use of your personal data, or ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy. Portability: you may request the transfer of certain of your personal data to another party under certain conditions. Objection: where we are processing your personal data based on a legitimate interest (or those of a third party) you may object to processing on this ground.
If you wish to exercise any of your rights, you may contact us in accordance with paragraph 1.8. We may require that you submit certain forms or provide certain information to process your request. Where permitted by law, we may also charge you a fee to process your request.
Limitations. We may be permitted under applicable laws to refuse a request, for example, we may refuse (a) a request for erasure where the personal data is required for in connection with claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.