Here you will find information on how LOCK STOCK a.s. collects and uses personal information:
What is considered personal data?
As per article 4 of the GDPR, personal data is any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Personal data we could obtain from third party sources
Any publicly available personal data that has been shared via a public platform such as Twitter, LinkedIn, etc. (i.e., employment details etc.), your contact details.
How do we collect the above information?
If you are a source of collection, we usually gather the data via:
- terms of business, subscription forms or distribution agreement (& necessary supporting KYC/DD).
- telephone calls & email correspondence
- face to face meetings & office visitations
- conferences or events attended
If we have obtained your personal data from third parties, we usually collect the data via one or more of the following:
- public sources such as any available online information including social media.
- professional bodies and publicly available databases & registers including government registrations.
- your company web page or social media pages
- any other available public source
- Financial Intermediaries who you have approached for financial/investment introductions.
How we use your data/purposes of processing
To fulfil our contractual obligations with you, to verify your identity to provide you with ongoing communication & business opportunities, for crime and fraud prevention, detection, and related purposes, to enable us to manage customer/client service interactions with you; and where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute, etc.). To exercise our legal rights (for example in court cases). To make our services available to you
Sharing data with third parties:
Our service providers, Following your request or with your written or tacit consent, we may share your personal data with some or all the following:
- Any service provider we enter into a business relationship with to fulfil and comply with our contractual or statutory obligations (such as transfer agent, custody agent, bank, accountancy firm, auditor, insurer, solicitor’s etc.)
- Any regulator, enforcement agency or Government agency necessary to fulfil and comply with our statutory and/or legal obligations (such as courts/tribunals, financial/prudential regulators, tax authorities, etc), or to protect our rights or the rights of any third party.
- Any legal or natural person that we or our clients enter into a business relationship, if required by law or contract (i.e. if you are doing business with us through your legal representative, auditors, etc)
International sharing of the personal data?
As we do business internationally, we could share your information with any relevant country for business based on two considerations:
- In order to meet our statutory and legal obligations.
- In order to fulfil contractual obligations.
Under the GDPR, an international transfer of data may be made where:
- A third country, a territory or one or more specific sectors in the third country, or an international organisation ensures an adequate/equivalent level of protection, and
- The transfer is: made with the individual’s informed consent; necessary for the performance of a contract between the individual and the organisation or for pre-contractual steps taken at the individual’s request; necessary for the performance of a contract made in the interests of the individual between the controller and another person; made from a register which under UK or EU law is intended to provide information to the public.
If none of the above apply, such transfers are permitted only where the transfer:
is not repetitive (similar transfers are not made on a regular basis); involves data related to only a limited number of individuals; is necessary for the purposes of the compelling legitimate interests of the Company (provided such interests are not overridden by the interests of the individual); and is made subject to suitable safeguards put in place by the Company (in the light of an assessment of all the circumstances surrounding the transfer) to protect the personal data.
In these cases, we would be obliged to inform the relevant supervisory authority of the transfer and provide additional information to you.
Lawful basis of processing:
If you are a person entering into a contract or terms of business with us by either:
- A Professional/institutional investor
- Acting in your own name as a sole trader or introducer
- Representing a registered company (as a director)
How long do we keep your data?
We do not retain any more of your personal information than we believe is necessary for any of the purposes outlined above and we do not retain your personal information for any longer than is reasonably necessary to do so for the purpose set out in this notice. We will retain your information for:
- as long as we hold a business relationship (terms of business)
- as long as you are invested
- as long as we are obliged to by any relevant law
- as long as you do not withdraw your consent, if we hold your data under this lawful basis.
- as long as necessary in order to provide the relevant service to our clients
- as long as necessary to fulfil our legitimate interest
How do we protect your data?
Alinea is committed to put in place security measures to ensure your data security:
Confidentiality – the data can be accessed, altered, disclosed or deleted only by those you have authorised to do so (and that those people only act within the scope of the authority you give them); Secure – data is stored on password protected systems Integrity – the data we hold is accurate and complete in relation to why are we processing it; and Availability – the data remains accessible and usable, i.e. if personal data is accidentally lost, altered or destroyed, we can recover it and therefore prevent any damage or distress to the individuals concerned.
You have the following rights:
the right to be informed, hence this privacy notice gives the right to ask for a copy of personal data that we hold about you (the right of access); the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you (the right of rectification); the right to erasure, also known as the ‘right to be forgotten’. This is not applicable to data held under the lawful basis of ‘legal obligation’ or if processing is necessary for the establishment, exercise, or defence of legal claims; The right to object the processing of your personal data. So, you can object processing based on legitimate interests or direct marketing (in the last case we must stop as soon as we receive your objection).
You have the right to opt out of receiving promotional communications at any time, by:
Notifying Alinea that you want to unsubscribe via the contact channels set out in this Policy.
The right to restrict processing, so you can limit the use of your data, but only applies in certain circumstances.
If you wish to exercise any of the above rights, please contact us by email to email@example.com
For questions regarding the processing of personal data, customers are welcome to contact the company. If you believe there has been committed errors in handling of personal data, you can file a complaint firstname.lastname@example.org.