Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy
|
|
- Collin Evans
- 5 years ago
- Views:
Transcription
1 Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy Contents Definitions.. 2 The Product... 2 Fund Board Governance... 2 Delegation of the Processing of Personal Data... 2 Data Protection Officer ( DPO ) / Data Protection Compliance Consultant ( DPCC )... 3 Principles Relating to Processing of Personal Data and Lawfulness of Processing... 3 Rights of Data Subjects... 4 Data Subject Requests... 4 Transfer of Personal Data to Third Countries... 5 Processing of Special Categories of Personal Data... 5 Data Protection Impact Assessments... 5 Reporting of Personal Data Breaches... 5 Review of the Fund s Data Protection Policy... 6 Aegon Investment Management B.V. Data Protection Policy.. 6 1
2 Definitions Personal Data: Any information relating to an identifiable natural person ('data subject'); Data Controller: Natural or legal person which determines the purposes and means of the Processing of Personal Data; Data Processor: Natural or legal person which Processes Personal Data on behalf of the Data Controller; Processing: Any operation which is performed on Personal Data such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. The Product The Fund is a collective investment scheme, and processes the Personal Data of: Investors/related parties Directors of the Fund Designated Persons of the Fund The Fund is a Data Controller as defined in Regulation EU 2016/679, the General Data Protection Regulation ( GDPR ), and as such must ensure that Personal Data processed by, or on behalf of, the Fund is processed in a manner which complies with the requirements and obligations prescribed by GDPR. GDPR applies to the processing of Personal Data in the context of the activities of an establishment of a Data Controller or Data Processor in the EU, regardless of whether the processing takes place in the EU or not. Fund Board Governance The board of directors (the Board ) is ultimately responsible for compliance with GDPR, and will seek assurances from Data Processors that the processing of Personal Data carried out on behalf of the Fund complies with GDPR. Delegation of the Processing of Personal Data The Fund has delegated certain activities which require the processing of personal data to the following service providers ( Data Processors ): Administrator: Citibank Europe PLC Depositary: Citi Depositary Services Ireland Limited Company Secretary: Goodbody Secretarial Limited Designated Person(s): KB Associates Investment Manager and Distributor: Aegon Investment Management B.V. Money Laundering Reporting Officer ( MLRO ): KB Associates Payroll Service Provider: Deloitte Ireland 2
3 The Fund has conducted a data inventory and a gap analysis to understand how personal data is processed by the Data Processors. The Board is satisfied that the Data Processors have implemented appropriate technical and organizational measures to ensure that processing meets the requirements of GDPR and ensures the protection of the rights of the Data Subjects. In all cases, processing is governed by a contract between the Fund and the Data Processor. Data Protection Officer ( DPO ) / Data Protection Compliance Consultant ( DPCC ) An analysis has been conducted to determine whether a Data Protection Officer must be designated pursuant to Article 37 of GDPR. A DPO must be designated where: (a) the processing is carried out by a public authority or body; (b) the core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or (c) the core activities of the controller or the processor consist of processing on a large scale of special categories of data. After considering these criteria, it has been determined that the Fund is not required to appoint a DPO. However, best practice dictates that an individual be appointed to carry out many of the duties of a DPO, principally to ensure ongoing compliance with GDPR. Alice Oliveira has been appointed to carry out the role of DPCC in respect of the Fund. Alice Oliveira is an employee of KB Associates, and is a qualified lawyer. The DPCC can be contacted by at DataProtection@KBAssociates.ie or by phone at The DPCC is responsible for ensuring that the processing of personal data is carried out in accordance with the requirements of GDPR. The DPCC has sufficient knowledge of the Fund and the requirements of GDPR to perform the role. The DPCC performs the following tasks on behalf of the Fund: Reports data breaches to the Office of the Data Protection Commissioner ( ODPC ) where required within the statutory time limit; Obtains confirmations from service providers to the Fund of their compliance with GDPR; Carries out privacy impact assessments where processing activities change and are likely to result in a high risk to the rights and freedoms of natural persons; Addresses any requests from data subjects to rectify inaccurate personal data, erase personal data, restrict processing of personal data or receive copies of personal data being held within the statutory time limit; Reports to the Board on an annual basis on the following issues: o GDPR compliance status of the Fund; o GDPR compliance status of service providers to the Fund; o Records of any data protection breaches, and whether they were reported to the ODPC (to be reported to the board at the end of the quarter in which such breaches occur); o Records of any data requests received from data subjects and information about how such requests were addressed (to be reported to the board at the end of the quarter in which such data subject requests occur). Principles Relating to Processing of Personal Data and Lawfulness of Processing 3
4 The Fund is responsible for, and is in a position to demonstrate compliance with, the principles relating to the processing of personal data as set out below. Personal data shall be: Processed lawfully, fairly, and in a transparent manner Collected for a specified, legitimate purpose Adequate, relevant, and limited to what is necessary Accurate and up to date Kept no longer than necessary Processed in a manner that ensures appropriate security Personal data processed by, or on behalf of, the Fund, is processed for the following lawful purposes: For the performance of a contract with investors, member of the Board, and service providers In order to comply with the Fund s legal obligations For the purposes of the legitimate interests pursued by the Fund (where such interests are not overridden by the interests or fundamental rights and freedoms of the data subjects) Rights of Data Subjects Data subjects will be provided with information where required under Articles 13 and 14 of GDPR at the time the personal data is obtained. The Fund will comply with its obligations under GDPR with regard to the rights of data subjects to access and obtain copies, rectify, request erasure, restriction of processing, or object to the processing of their personal data held by or on behalf of the Fund. The DPCC will act as the point of contact for any personal data access requests or complaints, and will ensure that the rights of data subjects whose personal data is being processed by or on behalf of the Fund are upheld in accordance with GDPR. Data Subject Requests Data Subjects, whose personal data is processed by, or on behalf of, the Fund may request access, rectification erasure, or restriction of processing of their Personal Data. The contact details of the Fund and the DPCC are contained in Privacy Notices, which are provided to all investors at initial subscription. Where such a request is received from a Data Subject, the DPCC will, following consultation with the Data Processors, respond to the Data Subject without undue delay, at the latest, within one month, and in accordance with articles of GDPR. In addition to the response to be provided by the DPCC, the Data Processor holding the Personal Data relevant to the request will consult with the DPCC, and will provide copies of Personal Data directly to the Data Subject where required under GDPR. Where the Data Subject has requested 4
5 rectification, erasure, or restriction of processing of Personal Data, the Data Processor will, following consultation with the DPCC, take the appropriate action, and confirm to the Data Subject directly. Where the Fund is unable to comply with the request from the Data Subject, the response will clearly set out the reasons. The Fund reserves the right to charge a fee to cover administrative costs for additional copies requested. In addition, where requests from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, the Fund may either charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or refuse to act on the request. The Fund shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request. Transfer of Personal Data to Third Countries Data may be transferred for lawful processing to third countries outside of the EEA. Such transfers will be made in compliance with Articles 44 to 49 of the GDPR. Where such transfers are made to countries that do not have an adequacy decision in place, appropriate safeguards such as European Commission approved standard contractual clauses will be put in place or data subject consent will be obtained prior to the transfer. Processing of Special Categories of Personal Data The processing of special categories 1 of Personal Data is prohibited under GDPR, except for in limited circumstances, which do no not apply to the Fund, and therefore the Fund will not process special categories of personal data. Data Protection Impact Assessments Given that the activities of the Fund will not change over time, it is not foreseen that the Fund will engage in any new types of processing of Personal Data, beyond that which is currently undertaken, that would necessitate a data protection impact assessment. However, should the Fund engage in any new processing activity requiring a data protection impact assessment, this will be carried out as per the requirements of article 35 of GDPR. Reporting of Personal Data Breaches The Data Processors have confirmed that they will advise the Board and DPCC without undue delay of any Personal Data breaches which affect the Fund. 1 Special Categories of Personal Data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and the processing of genetic data, biometric data or the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person s sex life or sexual orientation. 5
6 The DPCC will report Personal Data breaches to the ODPC on behalf of the Fund when required by GDPR, and within 72 hours where feasible. Where the DPCC has been made aware of a data breach affecting the Fund, the following steps will be taken: An assessment is carried out to determine if the Personal Data breach is likely to result in a risk to the rights and freedoms of natural persons. Where the result of the assessment is that the breach is likely to result in a risk to the rights and freedoms of natural persons, the DPCC will make a report to the ODPC and will notify affected Data Subjects without undue delay, and, where feasible, within 72 hours. Where the DPCC is required to make a report, and has not done so within 72 hours of becoming aware of a data breach, the report to the ODPC, when it is made, will be accompanied by reasons for the delay. Where the DPCC s assessment has determined that the Personal Data breach is not likely to result in a risk to the rights and freedoms of natural persons, no reports or notifications are required. The DPCC will maintain a log of all Personal Data breaches, and related assessments in relation to the Fund. The log of Personal Data breaches will contain the following information: Facts relating to the Personal Data breach Effects of the Personal Data breach Remedial action taken, if any Review of the Fund s Data Protection Policy This document is subject to annual review by both the DPCC and the Board. Aegon Investment Management B.V. Data Protection Policy For access to the Aegon Investment Management B.V. Data Protection Policy, please visit the following website: 6
GROUP PRIVACY POLICY. Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ).
GROUP PRIVACY POLICY Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ). 1 PURPOSE AND SCOPE 1.1 The aim of this policy is to establish uniform,
More informationEuropean Union General Data Protection Regulation
European Union General Data Protection Regulation Policy 25 May 2018 Bendigo and Adelaide Bank Limited ABN 11 068 049 178 General Data Protection Regulation (GDPR) Application This GDPR section of our
More informationAll Sorts UK Limited Data Protection Policy 17 th May 2018
All Sorts UK Limited Data Protection Policy 17 th May 2018 1. Introduction This Policy sets out the obligations of All Sorts UK Limited, a company registered in England under number 03534972, whose registered
More informationAppropriate Policy Document
Appropriate Policy Document Schedule 1, Part 4, Data Protection Act 2018 July 2018 Privacy Notice - Appropriate Policy Document v2.docx Page 1 of 8 Contents 1 Introduction... 3 2 Relevant Schedule 1 conditions
More informationDATA PROTECTION NOTICE
DATA PROTECTION NOTICE Who are we? We are the Trustees of the Pension Scheme for the Nursing and Midwifery Council and Associated Employers (the Scheme). We collect, hold and use personal information to
More informationEU Data Processing Addendum
EU Data Processing Addendum This EU Data Processing Addendum ( Addendum ) is made and entered into by and between AlienVault, Inc., a Delaware corporation ( AlienVault ) and the customer specified in the
More informationMan and Machine - Data Protection Policy
Man and Machine - Data Protection Policy 1. Introduction This Policy sets out the obligations of Man and Machine Ltd, whose registered office is at Unit 8 Thame 40, Jane Morbey Road, Thame, Oxfordshire,
More informationROSETTA STONE LTD. PROCESSING ADDENDUM
ROSETTA STONE LTD. PROCESSING ADDENDUM This Data Processing Addendum (this DPA ) forms part of the order document(s) (each a Service Order ) and Services Agreement (collectively, the Agreement ), entered
More informationMember Circular March Implementation of the EU General Data Protection Regulation 2016/679 General Guidance to Members
Member Circular March 2018 Implementation of the EU General Data Protection Regulation 2016/679 General Guidance to Members Introduction Regulation (EU) 2016/679 containing the General Data Protection
More informationMobius Life Limited Data Privacy Notice
Mobius Life Limited Data Privacy Notice Introduction This data privacy notice confirms how Mobius Life Limited (referred to hereafter as our, us, we or MLL ) obtains, manages, uses, retains and destroys
More informationBanks Sheridan Limited Data Protection Privacy Policy 19 May 2018
Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018 1. Introduction This Policy sets out the obligations of Banks Sheridan Limited ( the Company ) regarding data protection and the rights
More informationCPI PROPERTY GROUP. Group Data Protection Policy. 25 May Summary
CPI PROPERTY GROUP Group Data Protection Policy Summary This Group Data Protection Policy ( Data Protection Policy ) stipulates the rules for personal data protection in the CPI PROPERTY GROUP ( CPIPG
More informationBINDING CORPORATE RULES
BINDING CORPORATE RULES CONTROLLER PRINCIPLES INTRODUCTION At Marsh & McLennan Companies (MMC), we respect and are committed to protecting the privacy, security and integrity of Personal Information 1
More informationMoxtra, Inc. DATA PROCESSING ADDENDUM
Moxtra, Inc. DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Terms of Service found at http://moxtra.com/terms-of-service/, unless Company has entered into a superseding
More informationData Privacy Notice of Sumitomo Mitsui Banking Corporation, Brussels Branch ( SMBC )
Data Privacy Notice of Sumitomo Mitsui Banking Corporation, Brussels Branch ( SMBC ) 1 ABOUT THIS NOTICE 1.1 Company issuing this Notice Sumitomo Mitsui Banking Corporation Brussels Branch, Neo Building,
More informationDATA PROCESSING ADDENDUM
Page 1 of 20 DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms a part of the Customer Terms of Service found at https://slack.com/terms-of-service, unless Customer has entered into a
More informationSouthern Golden Retriever Rescue Data Protection Policy
Southern Golden Retriever Rescue Data Protection Policy Date: 16.05.18 V3 Next Policy Review Date by Trustees: May 2019 Contents 1. Introduction... 2 2. Policy... 2 3. Responsibilities... 2 4. Definitions...
More informationDATA PROTECTION ADDENDUM
DATA PROTECTION ADDENDUM In the event an agreement ( Underlying Agreement ) entered into by and between (i) either Sunovion Pharmaceuticals Inc. or its subsidiary, Sunovion Pharmaceuticals Europe Ltd.
More informationPersonal Data. Protection Policy
Personal Data Protection Policy Version 1 May 2018 Contents Terms Definitions... 3 1. Objective and Scope... 4 2. What are Personal Data?... 4 3. Who are affected by Personal Data Processing?... 4 4. What
More informationPrivacy Policy Statement
Privacy Policy Statement QuoteDevil is committed to protecting and respecting your privacy. It is the intention of this privacy policy statement to explain to you the information practices of QuoteDevil
More informationPrivacy Statement. Key Definitions. Data Controller. Processing
Privacy Statement This Privacy Statement details our policies and procedures in relation to the personal data we process. Haven Claims ( Haven ) are committed to processing data in accordance with the
More informationThe Controller and Processor Data Protection Binding Corporate Rules of BMC Software
The Controller and Processor Data Protection Binding Corporate Rules of BMC Software 4 August 2015 Table of Contents Introduction 2 PART I: BACKGROUND AND ACTIONS 3 PART II: BMC AS A CONTROLLER 5 PART
More informationAmgen Binding Corporate Rules (BCRs) Public Document
Amgen Binding Corporate Rules (BCRs) Public Document Introduction: Amgen is a biotechnology leader committed to serving patients with grievous illness. Binding Corporate Rules (BCRs) express Amgen s commitment
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement ( DPA or Agreement ), entered into by the CPI customer identified on the applicable CPI services agreement for CPI services ( Customer ) and the
More informationSECTION 1 IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
INFORMATION DOCUMENT REGARDING PERSONS UNDER ARTICLES 13 AND 14 OF THE EUROPEAN COMMUNITIES REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 27 APRIL 2016 (THE STATEMENT ) The Regulation
More informationPREPARING FOR THE EU GDPR IN RESEARCH SETTINGS
PREPARING FOR THE EU GDPR IN RESEARCH SETTINGS May 22, 2018 1 1 This guidance document is based on information available as of May 22, 2018. As the GDPR is enforced and further guidance is provided this
More informationNew legislation brings changes to how data is handled
New legislation brings changes to how data is handled April 2018 Lockton Companies New European Union (EU) data protection rules may require changes to how businesses handle personal data even if the businesses
More informationPrivacy Statement v 1.1
Privacy Statement v 1.1 Context and Overview This notice will take effect from 25/05/2018 Burke Insurances Ltd. is committed to protecting and respecting your privacy. It is the intention of this privacy
More informationVanguard Group (Ireland) Limited Vanguard Funds plc Vanguard Investment Series plc Privacy policy. May 2018
Vanguard Group (Ireland) Limited Vanguard Funds plc Vanguard Investment Series plc Privacy policy May 2018 Vanguard Group (Ireland) Limited (the Manager ), Vanguard Funds plc ( VF ), and Vanguard Investment
More informationGDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS
GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR JOSTLE CUSTOMERS WHO SHOULD EXECUTE THIS DPA: If you have determined that you qualify as a data controller under the GDPR, and need a data processing addendum
More informationGDPR : We protect your data
GDPR : We protect your data Dear customer, From the 25th May 2018 the new law of Personal Data Protection (GDPR) will enter into force. At Almagest Wealth Management S.A., we understand your need to be
More informationTEREX CORPORATION DATA PROTECTION POLICY
TEREX CORPORATION DATA PROTECTION POLICY Terex Data Protection Policy Page 1 Index 1.0 Policy Statement, Purpose and Scope... 3 2.0 Requirements... 3 2.1 Data Protection Principles... 3 2.2 Communication
More informationThe General Data Protection Regulation (GDPR): action plan for pension scheme trustees
The General Data Protection Regulation (GDPR): action plan for pension scheme trustees July 2017 (revised March 2018) Pension briefing HIGHLIGHTS The European General Data Protection Regulation (GDPR)
More informationDATA PROCESSING AGREEMENT
DATA PROCESSING AGREEMENT This Data Processing Agreement (the DPA ), entered into by the Customer and the company Ganttic OÜ (company registration number 11979702) having its registered office at Lai tn
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM (European Union GDPR) (May 2018) This Data Processing Addendum ( DPA ) forms part of the Pancake Laboratories Inc, DBA ShortStack.com ( ShortStack) Terms and Conditions (https://www.shortstack.com/terms-andconditions/),
More informationWhat U.S.- Based Investment Advisers Should Know
BulletPoint June 2018 What U.S.- Based Investment Advisers Should Know The European Union s ( EU ) General Data Protection Regulation (the GDPR ) became effective on May 25, 2018, and provides individuals
More informationDATA PROCESSING TERMS DEFINITIONS
DATA PROCESSING TERMS DEFINITIONS Agency: means KTS Events Limited (company registration number 05289039) and any business entity from time to time controlling, controlled by, or under common control or
More informationData Protection Cayman Islands
Data Protection Cayman Islands Author: Martin S. Lane, Partner In June 2017, The Data Protection Law (the DP Law ) was published in the Cayman Islands Official Gazette. The DP Law will be brought into
More informationFINANCIAL SERVICES OPPORTUNITIES INVESTMENT FUND LIMITED Company Registration Number: PRIVACY NOTICE
FINANCIAL SERVICES OPPORTUNITIES INVESTMENT FUND LIMITED Company Registration Number: 62421 PRIVACY NOTICE This Privacy Notice sets out how your personal data is collected, processed and disclosed in connection
More informationNewsletter NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN: Similarities and Differences. Atsumi & Sakai
Newsletter Atsumi & Sakai NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN: Similarities and Differences ATSUMI & SAKAI TOKYO LONDON FRANKFURT www.aplaw.jp/en NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN:
More informationClaims Handling We process Your Personal Data in order to record and handle your insurance claim. This may include sharing your Personal Data with:
Privacy Statement This Privacy Statement details our policies and procedures in relation to the personal data we process. Haven Claims are committed to processing data in accordance with the General Data
More informationMichael R. Cohen CIPP/US, CIPP/E Gray Plant Mooty. Overview of the EU General Data Protection Regulation (GDPR)
Michael R. Cohen CIPP/US, CIPP/E Gray Plant Mooty Overview of the EU General Data Protection Regulation (GDPR) WHAT YOU NEED TO KNOW ABOUT THE EU GENERAL DATA PROTECTION REGULATION (GDPR) What is the GDPR?
More informationCHARITY & NFP LAW BULLETIN NO. 419
CHARITY & NFP LAW BULLETIN NO. 419 APRIL 25, 2018 EDITOR: TERRANCE S. CARTER IMPLICATIONS OF THE EU S GENERAL DATA PROTECTION REGULATION IN CANADA By Esther Shainblum & Sepal Bonni * A. INTRODUCTION The
More informationInstitutional Investment Advisors Limited
Institutional Investment Advisors Limited Privacy Notice This Privacy Notice explains how we use the personal information that Institutional Investment Advisors collects or generates in relation to our
More informationWe take privacy and security of your information seriously and will only use such personal information as set out in this Privacy Notice.
Data Protection Privacy Notice for Shareholders This Privacy Notice sets out how personal data is collected, processed and disclosed in connection with The Renewables Infrastructure Group Limited (the
More informationDATA PROTECTION POLICY
DATA PROTECTION POLICY Author: Mrs A Taylor Approval needed Board of Directors by: Adopted (date): 6 December 2016 Date of next review: December 2017 Data Protection Policy Introduction The de Ferrers
More informationPension Trustees. Final Countdown to the GDPR
Pension Trustees Final Countdown to the GDPR Introduction The General Data Protection Regulation (GDPR) will come into force in all EU Member States in May 2018. It is not a radical departure from the
More informationhenriksen limited This document sets out how Henriksen processes data and your rights as the data subject.
henriksen limited Henriksen Limited Fair Processing and Privacy Notice Henriksen is committed to protecting the rights and privacy of data subjects and ensuring all data is processed in line with the requirements
More informationData Processing Appendix
Company Name* Execution Date *Company name indicated must conform to the name on customer s Master Subscription Agreement executed with SugarCRM. This Data Processing Appendix on the processing of personal
More informationCP is licenced and supervised by the Commission de Surveillance du Secteur Financier (hereinafter CSSF ).
PRIVACY NOTICE Introduction -Who Are We? Compliance Partners S.A. (hereinafter CP ) is a service provide headquartered in Luxembourg, providing a full range of services in all areas of compliance, substance
More informationBASWARE PERSONAL DATA PROCESSING APPENDIX
This Basware personal data processing appendix and its annexes ( DPA ) is an appendix to, and legally binding only in connection with, the sales agreement between Basware and Customer with regard to Basware
More informationPrivacy Policy. This privacy policy shall be valid even if you have reserved your transfers through the other sales partners of Plus Group Kft.
Privacy Policy Plus Group Kft. (1033 Budapest, Polgár utca 8-10., www.plusairsolutions.com, informationsecurity@plusairsolutions.com, tax number: 22976309-2-41, hereinafter: Plus Group Kft., service provider
More informationManagement of Personal Information Policy (Privacy Policy)
Management of Personal Information Policy (Privacy Policy) Henkel Australia and New Zealand Prepared by: Reviewed by: Human Resources Henkel Australia ANZ EXCOM Henkel Australia & New Zealand Approved
More informationThe New EU General Data Protection Regulation (GDPR)
The New EU General Data Protection Regulation (GDPR) The clock has started on the biggest change to the European data protection regime in 20 years. After four years of negotiation, the new EU General
More informationDATA PROTECTION AND PERSONAL INFORMATION FAIR PROCESSING POLICY
Directorate of Clinical and Quality Assurance & Trust Secretary DATA PROTECTION AND PERSONAL INFORMATION FAIR PROCESSING POLICY Reference: CQP013 Version: 1.1 This version issued: 07/03/13 Result of last
More informationLOCAL GOVERNMENT PENSION SCHEME (LGPS) GENERAL DATA PROTECTION REGULATION - THE IMPLICATIONS FOR THE LGPS
LOCAL GOVERNMENT PENSION SCHEME (LGPS) GENERAL DATA PROTECTION REGULATION - THE IMPLICATIONS FOR THE LGPS INTRODUCTION Thank you for providing us with a list of questions and background information in
More informationLAMP Services Limited Privacy Notice v1.2 4 th March Controller
1. Controller LAMP Services Limited is the Controller under the EU General Data Protection Regulation (EU GDPR). LAMP Services Limited is incorporated in England, company registration number 04967967.
More informationDATA PROCESSING AGREEMENT/ADDENDUM
DATA PROCESSING AGREEMENT/ADDENDUM This Data Processing Agreement ( DPA ) is made and entered into as of this day of, 2018 forms part of our Terms and Conditions (available at www.storemaven.com/terms-of-service)
More informationDATA SUBJECT ACCESS REQUEST POLICY AND PROCEDURE
DATA SUBJECT ACCESS REQUEST POLICY AND PROCEDURE CONTENTS 1. PURPOSE.... SCOPE.... POLICY STATEMENT... 4. PROCEDURE... How should DSARs be processed after receiving... Fees... Subject access requests made
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) is made between Cognito, LLC., a South Carolina corporation ( Cognito Forms ) and {OrganizationLegalName} ( Customer or Controller or {Organization}
More informationDATA PROCESSING ANNEX
Page 1 (5) 1 BACKGROUND AND PURPOSE DATA PROCESSING ANNEX 1.1 The terms of this Annex shall apply to the Agreement between Solibri Oy and/or its Subsidiary/Subsidiaries (Solibri Oy and the Subsidiaries
More informationPERSONAL DATA PROCESSOR AGREEMENT
1 PERSONAL DATA PROCESSOR AGREEMENT PARTIES This personal data processor agreement ( Processor Agreement ) has been entered into between: Buyer/Client/Customer ( Controller ), and The company within the
More informationWe are the Sanne Group, a listed multinational provider of alternative asset and administration services.
PRIVACY NOTICE Introduction - Who Are We? We are the Sanne Group, a listed multinational provider of alternative asset and administration services. In this policy, "Sanne", "we", "our" or "us" may refer
More informationEMPLOYEE NOTICE OF DATA PRIVACY POLICIES AND PROCEDURES
EMPLOYEE NOTICE OF DATA PRIVACY POLICIES TABLE OF CONTENTS A. Ecolab s Commitment to Data Privacy... 2 B. Definitions... 2 C. Scope... 3 D. Application of Local Law... 3 E. Employee Data Collected... 3
More informationHOW TO EXECUTE THIS DPA:
DATA PROCESSING ADDENDUM (GDPR, and EU Standard Contractual Clauses) (Rev. April 20, 2018) This Data Processing Addendum ( DPA ) forms part of the Master Subscription Agreement or other written or electronic
More informationEU GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS FOR CLOUDFLARE CUSTOMERS
EU GDPR DATA PROCESSING ADDENDUM INSTRUCTIONS WHO SHOULD EXECUTE THIS DPA: FOR CLOUDFLARE CUSTOMERS If you have determined that you qualify as a data controller under the GDPR, and need a data processing
More informationFirefighters Pension Scheme
Compliance Firefighters Pension Scheme General Data Protection Regulation Privacy Notices As confirmed in bulletin 7 (April 2018) the LGA Bluelight team commissioned Squire Patton Boggs to produce a template
More informationDATA PROCESSING ADDENDUM
DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms part of the Master Purchase Agreement, Customer Agreement, Channel Partner Agreement, End User License Agreement or other written agreement
More informationDATA PROCESSING ADDENDUM (INCLUDING EU STANDARD CONTRACTUAL CLAUSES)
DATA PROCESSING ADDENDUM (INCLUDING EU STANDARD CONTRACTUAL CLAUSES) This Data Processing Addendum ( DPA ) shall become effective without any further action by the parties: (a) if Customer signing this
More informationEnrolment Terms and Conditions
Enrolment Terms and Conditions 2018-2019 These Terms set out the basis on which the University of the Arts London ("us" or "we" or "University") will deliver educational services to students who enrol
More informationCLOUDINARY DATA PROCESSING ADDENDUM
CLOUDINARY DATA PROCESSING ADDENDUM This Data Processing Addendum ( DPA ) forms part of the agreement for the subscription by the Customer to the Cloudinary Service ("Subscription Agreement") between Cloudinary
More information1. What Data do we collect and where do we get it from?
HOW WE PROTECT YOUR PERSONAL INFORMATION PLEASE READ THIS CAREFULLY 1. What Data do we collect and where do we get it from? For the purposes set out in this notice, the Information Commissioner (ICO) requires
More informationData Processing Addendum
Data Processing Addendum This Data Processing Addendum ( DPA ) forms part of the Agreement(s) and is entered by and between the Customer and the Service Provider on the Effective Date. For the avoidance
More informationPRIVACY NOTICE Use of Information Data Controller and Data Processor
PRIVACY NOTICE Please take time to read this document carefully as it contains details of the basis on which we will process (collect, use, share, transfer) and store your information. You should show
More informationDocument Title. Date coming into force: Review Date: Edition No:
Document Title Data Protection Policy Document Author and Department: David Farley, Data Protection Officer, Library Responsible person and Department: David Farley, Data Protection Officer, Library Approving
More informationWhat does GDPR and the new Data Protection Act mean to Brokers/Intermediaries?
YYYYYYYYYYY The New Class 2016-2017 Report 2: General Date Protection Regulation (GDPR) What does GDPR and the new Data Protection Act mean to Brokers/Intermediaries? 1 2 Contents The Insurance Institute
More informationDATA PROCESSING ADENDUM
W www.exponea.com C +421 948 127 332 sales@exponea.com A Exponea, Twin City B, Mlynské Nivy 12 821 09 Bratislava, SK DATA PROCESSING ADENDUM Exponea s.r.o. registered in the Commercial Register maintained
More informationGeneral Data Protection Regulations Briefing (the presentation you ve all been waiting for)
Item 6 General Data Protection Regulations Briefing (the presentation you ve all been waiting for) Current law Data Protection Act 1998 Defines how an individual s personal data may be held lawfully by
More informationPrivacy Notice under the General Data Protection Regulation (GDPR)
Privacy Notice under the General Data Protection Regulation (GDPR) Who we are Royal Mail Pensions Trustees Limited is the trustee ( the Trustee ) of the Royal Mail Pension Plan ( the RMPP ). As the Trustee,
More informationWHAT DECISIONS WILL YOU NEED TO TAKE? GETTING READY FOR THE GDPR PART FOUR LEGAL ISSUES AND TRUSTEE DECISIONS
WHAT DECISIONS WILL YOU NEED TO TAKE? GETTING READY FOR THE GDPR PART FOUR LEGAL ISSUES AND TRUSTEE DECISIONS LEGAL ISSUES AND TRUSTEE DECISIONS As data controllers, pension scheme trustees will need to
More informationEU General Data Protection Regulation vs. Swiss Data Protection Act (in the Private Sector 1 )
EU General Data Protection Regulation vs. Swiss Data Protection Act (in the Private Sector 1 ) October 26, 2017 Version 4.01 David Rosenthal (david.rosenthal@homburger.ch) Updates and more infos: http://www.homburger.ch/dataprotection
More informationData Processing Addendum
Data Processing Addendum Based on the General Data Protection Regulation (GDPR) and European Commission Decision 2010/87/EU - Standard Contractual Clauses (Processors) This Data Processing Addendum ( DPA
More informationCNPD Course: Data Protection Basics
CNPD Course: Data Protection Basics The obligations of controllers Esch-sur-Alzette (Belval) Mathilde Stenersen 4-6 July 2017 Legal department Introduction to data protection 1. Introduction 2. Basic concepts
More informationArk Syndicate Management Limited. Privacy and Transparency Notice. Version 1
Ark Syndicate Management Limited Privacy and Transparency Notice Insurance Market Information Notice Insurance is the pooling and sharing of risk in order to provide protection against a possible eventuality.
More informationAXA GROUP BINDING CORPORATE RULES
AXA GROUP BINDING CORPORATE RULES Background AXA Group is committed to maintaining the privacy of data obtained in the course of its business activities and complying with applicable laws and regulations
More informationa publication of the health care compliance association SEPTEMBER 2018
hcca-info.org Compliance TODAY a publication of the health care compliance association SEPTEMBER 2018 Strengthening the relationship between DOJ attorneys and compliance professionals an interview with
More informationDATA PROCESSING ADDENDUM (v1.0)
DATA PROCESSING ADDENDUM (v1.0) Progressive Voice Services Limited trading as Meetupcall of Premier House, Carolina Court, Doncaster, DN45RA ( Meetupcall ) and having its place of business at, ( Customer
More informationWHO IS RESPONSIBLE FOR LOOKING AFTER YOUR PERSONAL DATA?
OVERVIEW of this Policy and Commitments to Privacy within Dual At Dual ("we", "us", "our"), we regularly collect and use information which may identify individuals ("personal data"), including insured
More informationData Transfer Policy Version 1.1 Last amended: 18 September 2014 Policy Owner: Governance Team
Data Transfer Policy Version 1.1 Last amended: 18 September 2014 Policy Owner: Governance Team The University of Nottingham ( the University ) Tri-Campus Data Transfer Policy Background and Statement of
More informationDATA PROTECTION NOTICE
DATA PROTECTION NOTICE WSB Property Consultants LLP offer a comprehensive range of property services to its investor, developer, occupier and public sector clients, at every stage of the real estate lifecycle:
More informationDATA PROTECTION NOTICE. The protection of your personal data is important to the BNP Paribas Group 1.
DATA PROTECTION NOTICE The protection of your personal data is important to the BNP Paribas Group 1. This Data Protection Notice provides you with detailed information relating to the protection of your
More informationTHE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL
THE UNIVERSITY, CAMBRIDGE IN AMERICA AND THE COLLEGES DATA SHARING PROTOCOL THIS PROTOCOL is dated 2018 BETWEEN (1) The Chancellor, Masters, and Scholars of the University of Cambridge of The Old Schools,
More informationLEGAL PRIVACY NOTICE (EFFECTIVE MAY/2018) 12 Demostheni Severi Avenue 5th Floor 1080 Nicosia Cyprus
LEGAL PRIVACY NOTICE (EFFECTIVE MAY/2018) 12 Demostheni Severi Avenue 5th Floor 1080 Nicosia Cyprus BACKGROUND Emergo Wealth Ltd. understands that your privacy is important to you and that you care about
More informationON24 DATA PROCESSING ADDENDUM
ON24 DATA PROCESSING ADDENDUM This Data Processing Addendum ( Addendum ) is entered into by and between ON24 Inc., on behalf of itself and its Affiliates ( ON24 ), and Client, on behalf of itself and its
More informationYour Right Hand Finance Ltd (YRH) Subject Request Policy
Your Right Hand Finance Ltd (YRH) Subject Request Policy CONTENTS 1 Purpose... 2 2 Scope... 2 3 Policy Statement... 2 4 Procedure... 2 4.1 How should SRFs be processed after receiving... 2 4.2 Fees...
More informationDATA PROTECTION LAWS OF THE WORLD. Czech Republic
DATA PROTECTION LAWS OF THE WORLD Czech Republic Downloaded: 15 July 2018 CZECH REPUBLIC Last modified 24 May 2018 LAW The General Data Protection Regulation (Regulation (EU) 2016/679) (" GDPR") is a European
More informationDATA PROTECTION POLICY. Little Baddow Parochial Church Council
DATA PROTECTION POLICY Little Baddow Parochial Church Council INTRODUCTION: The Data Protection Act 1998 ( the Act ) seeks to protect individuals against the unfair use of personal information. There are
More informationDATA PROCESSING TERMS AND CONDITIONS
DATA PROCESSING TERMS AND CONDITIONS These Data Processing Terms and Conditions apply in respect of Personal Data that we process on behalf of Customers who purchase the Powwownow Premium Service. Please
More informationThis information, or "personal data" as it is often referred to, must be processed according to the principles contained within the Regulation.
MBIT Data Protection Policy (May 2018) Introduction The Margaret Beaufort Institute of Theology (MBIT) is committed to protecting the rights and privacy of individuals in accordance with the EU General
More informationGDPR Data Processing Addendum
GDPR Data Processing Addendum Effective Date 24 May 2018 This Data Processing Addendum for the GDPR (Addendum) is made as of the Effective Date by and between Fresh Relevance Ltd incorporated and registered
More information