Fairly obtained Personal Data requires that the Data Controller, either before or at the time the Personal Data is collected, makes the Data Subject aware of the following:
The Company generally meets these requirements through the provision to Data Subjects of the Privacy Notice in shareholder communications.
The Company will ensure that all information and communications relating to the Processing of Personal Data will be clear, concise, transparent, intelligible, easily accessible and easy to understand using clear and plain language. The Company will ensure that these transparency requirements are adhered to at all stages of the collection and Processing of Personal Data.
If any of the information described above changes after it has been provided to the Data Subject, the Data Subject shall be provided with an update to the information.
The Company can process Personal Data lawfully to the extent that at least one of the following applies;
The Company will only collect and process Personal Data for purposes that are specific, explicit and for legitimate purposes. The Company will process Personal Data for the following purposes;
The Company will not process Personal Data in a manner that is incompatible with the purposes communicated to Data Subjects without first advising the Data Subjects of any other purpose and the applicable basis upon which Processing is conducted.
The Personal Data collected will be adequate, relevant and limited to what is necessary in relation to the purposes for which it is being processed.
The Company will ensure that the Personal Data held is accurate and kept up to date. The accuracy of any Personal Data will be checked at the time of collection and at regular intervals or triggers thereafter. The Company will take all reasonable steps to amend inaccurate or out-of-date Personal Data.
The Company will not keep Personal Data longer than is necessary for the purpose or purposes for which it was collected. It will take all reasonable steps to erase all Personal Data which is no longer required. The Company will be clear when informing the Data Subject about the length of time for which Personal Data will be kept or the criteria for determining such length of time and the reason why the information is being retained.
In processing Personal Data, the Company shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons. In particular, the Company shall take all appropriate security, technical security and organisational measures to address the risks of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or otherwise processed. The Company will seek assurances from any service providers that act as Data Processors for the Company that they have implemented appropriate information security measures which comply with the relevant conditions of the Data Protection Legislation.
Data Processors may only transfer Personal Data outside of the EEA (a) with the written consent of the Company (which will only be provided subject to certain conditions being satisfied); (b) where required to do so by EU or the law of an EU member state to which the relevant Data Processor is subject or (c) in certain limited circumstances, set out in the Data Protection Legislation eg: in pursuance of compliance with decisions of public authorities of the Bailiwick based on an international agreement improving international obligations on the Bailiwick. Subject to the provision by the Data Processor of appropriate safeguards in compliance with the Data Protection Legislation and subject to the availability of rights and effective legal remedies for Data Subjects, or shall otherwise be in accordance with the requirements of the Data Protection Legislation.
The Data Subject shall have the right to obtain confirmation from the Company as to whether or not Personal Data concerning them is being processed.
Where the Company is Processing their Personal Data, the Data Subject will have the right to access such Personal Data and the following information (without limitation);
Where Personal Data is transferred to a third country or an international organisation, the Data Subject shall have the right to be informed of the appropriate safeguards relating to the transfer.
The right to obtain a copy of the Personal Data undergoing Processing will not adversely affect the rights and freedoms of others, meaning the relevant information will be redacted where necessary.
The Company will not charge a fee for complying with the Data Subject's access request unless it can demonstrate that the request is excessive in nature, having regard to the number of requests made by the Data Subject. In such cases a reasonable fee based on administrative costs may be charged.
The information must be provided without delay and within at least one month. Where requests are complex, the Company will be able to extend the deadline for providing the information to three months. However, it must still respond to the request within a month, explaining why the extension is necessary.
The Company may refuse to act upon a request that is manifestly unfounded or excessive in nature, in which case it will inform the Data Subject of its reasons as soon as practicable in writing and inform the Data Subject of their right to lodge a complaint with the Supervisory Authority.
A request may be made by an individual, such as an investor or a director, and may be made in electronic format as well as by written request.
The Data Subject shall have the right for Personal Data to be erased without undue delay in certain contexts including, but not limited to, where the Personal Data has been Processed unlawfully or where the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise.
Given the specific nature for which the Company uses the Personal Data it collects, this is not likely to be applicable to the Data Subjects of the Company.
Data Subjects have the right to require that the Company restrict Processing of Personal Data in certain circumstances including, but not limited to, where the Personal Data is inaccurate, is no longer required in light of the purposes of the Processing or the Data Subject has exercised their right to object (pending verification of any legitimate grounds of the Company which overrides those of the Data Subject).
Where Processing has been restricted, such Personal Data shall, with the exception of storage, only be processed with the Data Subject's consent. The Company will inform the Data Subject before the restriction of Processing is lifted.
The Data Subject shall have the right to object, on grounds relating to their particular situation, at any time to Processing of Personal Data concerning them where the Processing is based on the legitimate interests pursued by the Company.
The Company shall no longer process the Personal Data unless the Company demonstrates compelling legitimate grounds for the Processing which override the interests, rights and freedoms of the Data Subject or for the establishment, exercise or defence of legal claims.
Data Subjects shall have the right to object to the Processing of Personal Data for direct marketing purposes at any time. Where the Data Subject objects to Processing for direct marketing purposes, the Personal Data shall no longer be processed for such purposes.
Where the conditions are met in Section 14(1)(b) of the DPL the Data Subject has the right to request the transmission of its personal data. This right is limited if the transmission were to adversely affect the rights and freedoms of others.
Notification to the Data Subject is not required in the following circumstances:
This website may also contain electronic images, known as web beacons or spotlight tags. These enable us to count users who have visited certain pages on the website. Web beacons and spotlight tags are simply tools used to obtain generic information about the web pages visited.
If you have any questions about our use of your personal data, our retention procedures or our security processes or privacy issues generally, please contact:
Better Capital PCC Limited
c/o Ocorian Administration (Guernsey) Limited
2nd floor Trafalgar Court
Les Banques
St Peter Port
Guernsey
GY1 4LY
The Data Controller
Name and contact details of Data Controller |
Better Capital PCC Limited - becapteam-GG@ocorian.com |
The purposes of Processing |
As outlined in the Privacy Notice |
The categories of Data Subjects |
Individual investors and individuals connected to institutional investors that provide the Company with Personal Data (for example directors, trustees, employees, representatives, shareholders, investors, clients, beneficial owners or agents), directors and visitors to the company website. |
The categories of Personal Data |
Name, residential address, email address, contact details, corporate contact information, signature, nationality, place of birth, date of birth, tax identification, credit history, correspondence records, passport number, bank account details, source of wealth details and details relating to investment activity, any other information about that is disclosed to us when registering interest via our website, your IP address, your browser type and language and other information about your visit to our website, cookies and online identifiers. |
The categories of recipients in the EU |
and their respective affiliates and delegates. |
The categories of recipients in third countries |
N/A |
The categories of recipients who are international organisations |
N/A |
Suitable safeguards in the case of transfers in line with Article 49(1) of the Data Protection Legislation |
In line with market standards |
Time limits for erasure of Personal Data |
Refer to the Privacy Notice, "Retention of personal data" |
A general description of the technical and organisational security measures in place |
N/A - no data held directly by the Company. |