We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
GuarantCo Ltd (GuarantCo) respects your right to privacy. We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including the United Kingdom). GuarantCo is the data controller of that personal information for the purposes of those laws.
If you have any requests concerning your personal data or any queries with regard to these practices, please contact GuarantCo using the contact details below.
- The personal information we collect and useWhat we collect from you
You do not have to give any personal information or data. We only collect personal information or data that is voluntarily supplied. By way of example, you may wish to provide personal information for the purposes of:
- Applying for a job
- Requesting funding
Information supplied by you for such purposes may include names, e-mail addresses and any other additional information that you may choose to supply.
What we collect from other sources
Other Personal Data we collect is data we obtain from third party sources. This includes:
- Information your organisation or its affiliated entities may provide about you (e.g. your company may give us your contact details in the course of our business relationship with them or we may be given know-your-customer (“KYC”) information which includes references to you)
- Information from any background checks or other information we may obtain from a third party (including Companies House or other statutory or regulatory agencies)
- How we use your personal informationWe will use the Personal Data we collect for the purposes for which such information was collected including:
- To reply to you in relation to a request for contact/funding
- To assist us in making an investment decision on your transaction
- For KYC and due diligence purposes
- Ongoing monitoring of our transactions
- For recruitment purposes
- To fulfil a legal obligation
- To compile anonymous statistical analysis
- Who we share your personal information withWe may share the Personal Data we collect with:
- Our affiliated and associated companies for the purposes of the provision of services by GuarantCo to you
- Other companies in the the Private Infrastructure Development Group and our Owners for the purposes of internal reporting and developing project opportunities
- Third party service providers who provide services or perform functions on our behalf. These service providers include:
- IT service providers (e-mail, hosting and IT systems)
- IT developers (where they are working on projects of relevance to you)
- Telecoms providers
- Storage and systems providers (e.g. remote document management and storage)
- Travel, hotel and transportation companies (where we arrange travel or accommodation for you)
- Film and media organisations (e.g. for filming purposes)
- Background checking providers
- Companies House and other statutory or regulatory agencies
Some recipients may be based outside the European Economic Area. For further information including on how we safeguard your personal data when this occurs, see section 7: ‘Transfer of your information out of the EEA’.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party for any purpose except the purpose it was provided for.
- Whether information has to be provided by you, and if so whyWe require you to provide Personal Data to allow us to respond to a request for funding or contact. We will inform you at the point of collecting such Personal Data from you, whether you are required to provide the information to us.
- How long your personal information will be keptWe shall only keep your Personal Data for as long as is necessary, for example:
- During the recruitment process – afterwards we will delete it in accordance with retention policy
- Whilst we have an ongoing relationship and, thereafter, for up to the legal limitation period
- We shall review the direct marketing databases annually with the purpose of removing any out of date Personal Data. You are able to unsubscribe from these direct marketing initiatives at any time (see section 8)
- For the period we are required to retain this information by applicable English law (i.e. tax records must be kept for six years)
At the end of such period we shall securely delete the information which is no longer required.
- Reasons we can collect and use your personal informationWe rely on the following lawful bases on which we collect and use your Personal Data, in certain cases more than one may apply:
- legitimate business interests including:
- Intra-group administrative transfers
- A relevant and appropriate relationship with you
- Processing requests for contact/funding
- A contractual relationship where the processing is necessary under a contract or because specific steps must be taken before entering into a contract (i.e. know-your-customer and due diligence processes)
- Consent (where we choose to obtain it, e.g. for filming)
- A legal obligation (i.e. the processing is necessary to comply with the law)
- Transfer of your information out of the EEAWe may transfer your Personal Data to the following countries which are located outside the European Economic Area (EEA) as certain GuarantCo personnel and those of its affiliates are based there:
Such countries do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that Kenya, Singapore and Mauritius provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your Personal Data will be subject to a European Commission approved contract (as permitted under Article 46(5) that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Data or the transfer will be to our staff (so the data will remain processed by us as data controller, be stored on our systems or equipment, and we will remain fully responsible for its processing). To obtain a copy of such safeguards please contact us using the contact details given in section 12.
Where our service providers are located outside the EEA we will ensure that any transfer of your personal information where the GDPR applies to such transfer will be subject to the appropriate or suitable relevant safeguards (e.g. European Commission approved contract (Article 46(5) GDPR or an adequacy decision (Article 45(1)) as permitted under the General Data Protection Regulation that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information.
- Your rightsUnder the General Data Protection Regulation, you have a number of important rights free of charge. In summary, those include rights to:
- Fair processing of information and transparency over how we use your Personal Data
- Access to your Personal Data and to certain other supplementary information that this Privacy Notice is already designed to address
- Require us to correct any mistakes in your information which we hold
- Require the erasure of Personal Data concerning you in certain situations
- Receive the Personal Data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit such data to a third party in certain situations
- Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Object in certain other situations to our continued processing of your Personal Data
- Otherwise restrict our processing of your Personal Data in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please contact us using the contact details given in section 12 below with details of your request.
- Keeping your personal information secureWe have appropriate security measures in place to prevent Personal Data from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your Personal Data will do so only in an authorised manner and are subject to a duty of confidentiality.We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach, where we are legally required to do so.
- How to complainWe hope that we can resolve any query or concern you raise about our use of your Personal Data directly by sending an email to email@example.com Alternatively, you may report any concerns using the following processes:The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
- Changes to this privacy noticeThis privacy notice was published on January 2019. We may change this privacy notice from time to time, when we do we will inform you via email.
- How to contact usPlease contact us if you have any questions about this privacy notice or the information we hold about you.If you wish to contact us, please send an email to firstname.lastname@example.org