25. Cookie Notice
Cookies are small text files of letters and numbers, which often include a unique identifier that is sent by a web server to your computer. Cookies are widely used in order to make websites work efficiently and help provide us with business and marketing information to enable us to make informed decisions on the development of our website. Please note that Global Evolution Manco S.A. only uses necessary cookies that are essential for a website to function correctly.
You will find below the description of the cookies used on our website, including their name, purpose, and shell life:
- Name: cookie_agreed
Purpose: Remember the decision the user has made regarding the cookies
Expiration time: 30 days
- Name: selected_investor_type
Purpose: Remembers the investor type the user has chosen
Expiration time: 15 days
- Name: selected_country
Purpose: Remembers the country the user has chosen
Expiration time: 15 days
- Name: selected_language
Purpose: Remembers the language the user has chosen
Expiration time: 15 days
26. DATA PROTECTION NOTICE TO VENDORS, CLIENTS AND SERVICE PROVIDERS
Global Evolution Manco S.A (having its registered office at 15, rue d’Epernay, L-1490 Luxembourg, Grand-duchy of Luxembourg) (“we”, “us” or “our”) collects and processes information about clients, individuals connected with our vendors and service providers such as their directors, board members, employees and other staff members and/or agents, representatives and/or beneficial owners and shareholders and about vendors and service providers that are natural persons such as independent consultants, compliance officers or conducting officers (“you” or “your”). This notice aims at informing you about what information we collect, how we process it, why we do so and when we share it with others. This notice does not apply to information related to legal persons.
We need to collect and process certain information about you for the purposes of entering into and performing a contract with you as well as for maintaining our commercial and contractual relationship. If you do not provide us with such information, we may not be in a position to enter into, execute or perform a contract with you.
We will inform you if your refusal to provide certain information or your exercise of the rights afforded to you by law (as further described below) may result in the termination of the contract we have with you or have other consequences for you.
This data protection notice will continue to produce its effects as applicable after the end of the contracts we entered into with our service providers and vendors.
Who is the controller of your information?
As required by applicable data protection law, we inform you that we are the controller of the information we collect about you. Such legislation includes Regulation (EU) 2016/679 of 27 April 2016 (the “GDPR”) and any other applicable national or supranational statutory law (together the “Data Protection Legislation”).
What information do we collect?
The information we collect may include (a) contact details such as your name, address, telephone numbers, e-mail addresses, date of birth, your signature, (b) copy of identity card or passport, tax identification number and other KYC/AML information (c) result of name screening against sanction lists (d) communications data (telephone conversations, emails, etc.), (e) relationship history with us as well as (f) any other personal data you provide us with in the course of your pre-contractual, contractual and commercial relationship with us or that we collect online or otherwise, through subscription-based services or from publicly available sources. Please note that some of your information is collected automatically. Thus, when you access our website, we may automatically collect, through log files, certain information from your device, such as the IP address, the operating system of your device, the pages visited, the requests made and the day and time of connection (g). The use of such files allows us to offer you a more consistent experience on the website (together “Personal Data”).
What are the legal bases for and the purposes of our processing?
We collect, use, store, share and otherwise process your Personal Data as follows:
Categories of personal data (by reference to information referred to under section 2 above)
The processing is necessary for us to perform our contract with you or for requested pre-contractual steps
Performance of our contract with you and, where relevant, provision of the correlated services or execution of the orders requested by you
(a), (b), (c), (d), (e), (f)
Administrative purposes including maintenance of our files (in particular electronic files and e-mails), accounting, payment of fees and expenses
(a), (b), (c), (d), (e), (f)
The processing is necessary to comply with our legal obligations
Verifying your identity (KYC/AML/CFT obligations) and legal reporting (such as FATCA and CRS), fraud prevention, tax or judicial-related proceedings
(a), (b), (d), (f)
Carrying out background checks, in particular on World Check.
Administrative purposes including maintenance of our files (in particular electronic files and e-mails)
The processing is necessary for our or a third party’s legitimate interests (as listed in the adjoining column) and where your interests do not override these interests
Ensuring the maintenance of our IT systems or repairing any IT defects or failures; securing communication channels and IT systems
(a), (b), (c), (d), (e), (f), (g)
Fraud prevention, conducting internal or external audits
Where applicable, managing disputes and complaints concerning you and exercise or defence of legal claims in relation to you
Transferring Personal Data in case of merger, acquisition or other restructuring operations, transfer of rights, assets or liabilities to third parties, including their legal counsels, financial and other advisors and appointed auditors and due diligence by potential buyers or beneficiaries. This data is also gathered to meet listing obligations in case if a company is listed on a stock exchange.
Only Personal Data necessary to:
- the performance of the transaction, and/or
- the pursuit of the activity and services by the transferee/assignee, and/or
- the carrying out of the due diligence process.
- Who do we share Personal Data with?
Due to the fact that we are the daughter company of an international group and considering the international nature of our business, the worldwide location of our service providers and customers, and our global organisation of human and information technology resources management, communications, information (including Personal Data) are transferred to a wide range of countries, including outside of the European Union.
In relation to countries that do not offer a similar level of data protection as within the European Union, we implement appropriate safeguards according to Data Protection Legislation , such as standard contractual clauses adopted and approved by the European Commission.
You can obtain more information in respect of transfers outside of the European Union by contacting us as at the contact point mentioned in section 8. (“How can you obtain more information”).
In that context, we may share Personal Data with the following recipients (the "Recipients") to the extent we deem such disclosure or transmission to be necessary or desirable for satisfying the Purposes:
- our mother company/affiliate company (Global Evolution Financial ApS) located in Denmark for the purposes of service provider/vendor administration and management and the management and protection of our corporate information technology resources and system;
- our board members and shareholders located in Luxembourg, Denmark, USA and Taiwan;
- our legal counsels, internal and external auditors and legal or other advisers located in Luxembourg;
- representatives, agents, officers and/or employees of buyers or potential buyers, including their legal counsels, financial and other advisors and appointed auditors, in case of (potential) merger, acquisition or other restructuring operations, transfer of rights, assets or liabilities and/or during the due diligence process.
- our service providers (including mother company, affiliates and branches) such as accountants, auditors, insurers and IT as well as telecom operators.
- public, governmental, administrative (such as the Commission de Surveillance du Secteur Financier (CSSF), the Administration des contributions directes and the Administration de l'enregistrement, des domaines et de la TVA), police department or judicial entities in Luxembourg.
- For how long do we keep Personal Data?
We will not keep Personal Data for longer than the time necessary for satisfying the Purposes, subject to the legal periods of limitation (as a principle, 10 years for commercial matters) and to the situations where applicable laws require or allow Personal Data to be retained for a certain period of time after the termination of the contractual and commercial relationship (such as the legal obligation to keep accounting documents for a period of 10 years).
Personal Data processed for carrying out background checks, in particular on World Check, will be kept for a period of 5 years as from the moment they were collected, unless applicable laws require certain Personal Data to be retained longer.
We may also keep and process Personal Data about you after the termination of our contractual and commercial relationship for specific purposes such as the compliance with legal obligations or the establishment, exercise or defence of legal claims.
Finally, the log files collected during interactions with the website are destroyed after 6 months after the moment of the collection.
- What are your rights?
Subject to the conditions of the Data Protection Legislation, you may:
- obtain from us confirmation as to whether or not personal data relating to you are being processed, and, where that is the case, access to the personal data and relevant information in that regard;
- obtain from us without undue delay the rectification of inaccurate Personal Data relating to you and, taking into account the purposes of the processing, the right to have incomplete Personal Data completed;
- obtain from us that we erase Personal Data relating to you, although we might not always do so for example if we have a legal obligation to keep such Personal Data;
- ask a restriction of the processing of Personal Data relating to you (i.e. the marking of stored Personal Data with the aim of limiting their processing in the future);
- where relevant, request to receive Personal Data concerning you which you have provided to us on the basis of the contract with us in a structured, commonly used, machine-readable format, and to transmit it to another controller;
- on grounds relating to your particular situation, object to the processing of Personal Data relating to you that we carry out on the basis of the legitimate interest we pursue; in such a situation we shall stop processing such Personal Data except if we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
You can exercise your above-mentioned rights by contacting our Compliance Department at firstname.lastname@example.org.
You also have the right to lodge a complaint with a supervisory authority, in particular in the member state of your habitual residence, place of work or of an alleged infringement of the GDPR (i.e. the “Commission Nationale pour la Protection des Données” in Luxembourg – www.cnpd.lu).
- What do we expect from you?
We request that you inform us in writing and without undue delay about changes in the information you provided us about you so that we can keep it up-to-date.
If you provide us with Personal Data not relating to you (e.g. information about your directors, employees or other staff members and/or agents, representatives, beneficial owners, shareholders, etc.), you must first inform them about this fact and make sure they acknowledge that we can use such information as set out in this data protection notice. In particular, you must provide them with the information relating to their rights as data subjects. We will consider that these individuals are informed of the processing of Personal Data relating to them that we may carry out and of the transfer of their Personal Data to third parties as described above and that, as far as necessary, you have obtained these data subjects‘ prior written consent.
- How can you obtain more information?
If you would like to receive more information on how we process Personal Data relating to you, please contact our Compliance Department at email@example.com
- How do we update this data protection notice?
Changes may occur in the way we process information about you. In case these changes oblige us to update this data protection notice, we will bring this to your attention and may do so by any means such as by email or letter or otherwise. The latest version will always be available at our office and be published on our website.