Updated 24th May 2021
- GENERAL PROVISIONS
- Data controller means Onfolio JV3 LLC. We solely determine the purposes and means of the processing of personal data, in and doing it in compliance with GDPR or Data Protection Act 2018. We acknowledge your privacy and make efforts to protect it against any unlawful processing. We apply all the relevant technical and organizational measures in order to protect your personal data in accordance with effective legislation.
- Data subject means you, who use our website.
- Personal data means any information relating to Data Subject. The Data Subject can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- The processing means any operation or set of operations, which is performed on personal data or on sets of personal data. Such operations include collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- PRINCIPLES OF DATA PROCESSING
3.1. We process your personal data in a manner that ensures an appropriate level of security, including protection against unauthorized or illegal processing and against accidental loss, destruction, or damage. Meanwhile, we applying suitable technical and organizational measures in compliance with the following principles:
- lawfully, fairly and in a transparent manner in relation to you (“lawfulness, fairness and transparency”)
- we collect the personal data for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- our measures regarding personal data are adequate, relevant, and limited to what is necessary for relation to the purposes for which Personal data is processed.
- we store personal data for a period not longer than necessary for the purposes for which it was processed.
- accurate and kept up to date
- HOW DO WE COLLECT YOUR PERSONAL DATA
- Direct interactions. You may provide personal data when you complete online forms, sign up for our newsletter, or otherwise or correspond with us (by post or email)
- Automated technology. We automatically collect personal data when you browse or interact with our website, by using cookies, by receiving e-mails from us (through web beacons), server logs, and other similar technologies. We may also receive technical data about you if you visit other websites, which use our cookies.
- Third parties. We may receive Personal data from (a) analytics providers based outside the EU (such as Google); (b) advertising networks (such as Twitter) based inside the EU; and (c) search information providers (such as DuckDuckGo) based outside the EU; (d) our support and maintenance providers based inside the EU
- We process personal data only if and to the extent at least one of the conditions listed below shall apply:
- processing is required for the performance of an agreement to which you are the party too.
- processing is required for compliance with a legal obligation, which applies to us.
- when you give consent for the processing of your personal data for one or more specific purposes. Personal data are processed solely on the grounds of consent.
- when we have a legitimate interest in such processing.
- WHAT PERSONAL DATA DO WE COLLECT
- Information about you that we process on our site includes:
- Identity Data – This includes your first and last name, gender, and your marital title.
- Contact Data – It includes your postal address and email address.
- Technical Data – May include your login data, internet protocol addresses, browser type, and version, browser plug-in types and versions, time zone setting and location, operating system and platform, and other technology on the devices you use to access this site.
- Marketing and Communications Data – Other preferences like how we communicate to you are what we include in this section. At times, we may include collective data from intimate details about you to find out a few details like the number of people who are actively using a certain feature on our website.
- For the avoidance of doubt, we do not collect or process Personal data which reveal racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic or biometric data, data concerning health, sex life, or sexual orientation. However, there are instances that may require you to give us intimate details about yourself as per the law or our contract. If you are not willing to surrender these details, we will have to terminate our contract.
- HOW DO WE USE YOUR PERSONAL DATA
- We use your data for the following purposes:
|Purpose/Activity||Type of data||Lawful basis for processing|
|To sign you to our daily newsletter||Identity data, contact data||to perform our agreement with You|
|to administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data)||technical data, marketing and communication data||(i) as necessary for our legitimate interests in running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise
(ii) as necessary to comply with any legal obligations
|to deliver relevant newsletters, content/advertisements to you and measure or understand the effectiveness of our advertising||Identity data, contact data, technical data, marketing and communication data||as necessary for our legitimate interests in studying how customers use our website and newsletters, to develop them|
|to use data analytics to improve our website, services, marketing, customer relationships, and experiences||Technical data, marketing, and communication data||to keep the website updated and relevant, to develop our business, and to develop our marketing strategy|
- DISCLOSURE OF PERSONAL DATA
- We may disclose the personal data to the following categories of persons:
- the persons whom the data relate to, namely: persons using our website, services, or products.
- our affiliates, parties, service providers, or parties, serving to you
- persons that have the right to access Personal data by virtue of law or another regulation;
- persons as to whom the right to disclosure is stipulated in an agreement signed with the data controller.
- We will never disclose personal data to persons to use your data to enable them to provide you with information regarding unrelated goods or services. We do not sell or trade your Personal Data.
- The information you provide to us may be transferred to and stored on our servers, or servers of third-party providers. We use the following services to store and use personal data:
- MailChimp (e-mail sending) – Identity data, contact data, technical data, marketing, and communication data are stored within MailChimp. Please visit mailchimp.com for more information on how this service works. Address: 675 Ponce de Leon Ave NE Suite 5000, Atlanta.
- YOUR RIGHTS AS A DATA SUBJECT
- Right to information – in relation to the processing of the Data subject's PersonalPersonal data by us – you have the right to receive information about us, as well as about the processing of your Personal data.
- Right of access to own Personal data – then you have the right to receive from the data controller confirmation as to whether personal data related to them are processed and if so, to be given access to the data and the following information: the purpose of the processing; respective Personal data categories; Personal data recipients or categories of recipients, if any; the intention of the Data controller to transmit personal data to a third party (where applicable); Personal data storage period; the existence of the right to correct personal data, as well as the right to object against the processing of personal data; the existence of automated decision making, including profiling (if any); information as to all rights that the data subject has; the right to file a complaint with the supervising authority.
- Right to rectification of personal data (if data is not accurate) – you have the right to request the data controller to rectify, without undue delay, any incorrect data pertaining to you.
- Right to the erasure of personal data (right “to be forgotten”) – you may request the data controller to erase personal data if any of the conditions listed below exist:
- Personal data are no longer needed for the purposes they have been collected for or processed otherwise;
- you withdraw your consent, which data processing is solely based on, and no other legal grounds for the processing exist (processing due to the regulatory obligation of the data controller, an agreement signed with the data controller);
- you object against the processing and no legal grounds for the processing exist that prevail;
- the personal data were processed unlawfully;
- the Personal data should be erased in order to comply with a legal obligation under the European Union law or the laws of the United Kingdom, which apply to the Data controller in its capacity as Personal data controller;
- Right to the limitation of processing by the data controller or by the Personal data processor – specific conditions are required to be in place for that right to be exercised, namely:
- accuracy / up-to-date nature of the data is disputed by the data subject. In this case, the limitation of the processing is over a period of time allowing us to check the accuracy of the Personal data;
- the processing is unlawful, but the data subjects do not wish their personal data to be erased, but rather require limitation of their use;
- the data controller no longer needs such personal data for processing purposes, but you require them for establishing, exercising, or defending legal claims;
- you have objected to the processing while awaiting a check to be performed whether the data controller's legal grounds prevail over the interests of the data subject.
- Right to transferability (data portability) of the Personal data between the various data controllers – you have the right to receive Personal data pertaining to them, which you have provided to us in a structured, widely used and machine-readable format and have the right to transfer such data to another data controller without hindrance by the data controller, to which Personal data has been provided when processing is based on consent or contractual obligation and the processing is automated. When exercising the right to transferability you have the right to receive also the direct transfer of the Personal data from the data controller to another data controller, where technically feasible.
- Right to object against the processing of their Personal data – you have the right to object before us against the processing of your personal data, whereby we shall cease such processing unless we are able to prove that compelling legitimate grounds for the processing exist that override your interests, rights, and freedoms, or for the establishment, exercising or defense of legal claims. In case of an objection against the processing of personal data for direct marketing purposes, we shall cease such processing forthwith.
- Right to defense through the judicial or administrative procedure if your rights have been breached – if you decide that your right to Personal data protection and privacy have been violated, you may file a complaint with the relevant supervision authority – or to file a claim with the court to defend their rights.
- EXERCISE OF THE RIGHTS
- You have the right to request from us at any time:
- confirmation as to whether data related to you is processed by us, the purpose of the processing, the data category, and recipients of such data, or the categories of recipients’ data is disclosed to;
- to send us a message in an understandable format, containing the personal data subject to processing and any information available as to the source of such data;
- information as to the logic of any automated processing of your Personal data, at least in the case of automated decisions under the provisions of the GDPR.
- We will provide this information free of charge.
- You may also request from us at any time to:
- erases, rectifies, or blocks your personal data the processing of which is not compliant with the requirements of the effective legislation
- notifies the third parties to which your personal data have been disclosed as to any erasure, rectification, or blocking in accordance with item 1 above, except when this proves to be impossible or would involve a disproportionate effort.
- Your request should contain as a minimum the following information:
- name, personal ID number, address, and other data allowing identification of the respective natural person;
- description of the request;
- signature, date, correspondence address, and telephone number.
- The filing of the request is free of charge. Upon the filing of a request by an authorized person, the notarized power of attorney must be attached to the request.
- We shall review and pronounce on the request within 1 month as of its filing. This period may be extended by further two months, if necessary. However, we will inform you of the reasons for the delay. We will provide an answer taking into account your preferred form for the provision of the information (orally or in writing – as a hard copy or electronically). Where data do not exist or law forbids their provision, access to such data is refused.
- COOKIES POLICY
- We use the following types of cookies.
|Performance, Analytics, and Research
- We use web beacons in our website and emails to see that an email message was successfully delivered and read in a marketing campaign. We also use web beacons to verify any clicks through to links or advertisements contained in our newsletter emails. We may use this information to help us identify which emails are more interesting to you and to inform our partners how many users of our website click on a particular offer on our website (this information does not identify you individually). While the website web beacons can be turned off, the e-mail web beacons cannot. Please consider it when you are subscribing to our newsletter.
- OUR CONTACT DETAILS
Name: Onfolio JV3 LLC
E-mail: [email protected]
Contact details for the Data Protection Officer (Response person for GDPR):
Name: Onfolio JV3 LLC
E-mail: [email protected]