Privacy policy
Demica Limited (“Demica”, “we”, “us”, “our”), respects your privacy. This Privacy Policy (the “Policy”) describes how we process your personal data and the rights you have in relation to your personal data. We act as a controller for the processing activities described in this Policy. Please read this Policy carefully in order to understand how we process your personal data. Our contact details are set out in Section 12 of this Policy.
1. Scope of Policy
This Policy applies to personal data we collect and process about individuals: (i) who visit our website; (ii) who visit our offices; (iii) who are employed or otherwise engaged by our service providers or professional advisors; and (iv) with whom we have contact for business-related purposes.
This Policy does not apply to: (i) personal data we process in our capacity as a processor; (ii) personal data we collect and process about job applicants or our employees; and/or (iii) the processing of personal data by any third party, including through any application or content (including advertising) that may link to or be available from our website.
If you are an organization (for example, a client, business associate, service provider, professional advisor), we would ask that you provide this Policy to individuals who have or have had dealings with us on your behalf.
This Policy should be read together with any additional notice that we may provide to you when we collect or otherwise process your personal data.
2. What personal data do we process and why
(i) Individuals who visit our website
| What personal data do we process? | Why do we process your personal data? | In reliance on which legal basis do we process your personal data? |
| Name and email address
Other personal data voluntarily disclosed to us in communications |
To respond to your queries, complaints or other communications | It is in our legitimate interest to ensure we answer your questions and complaints efficiently and effectively for ongoing business administration
To the extent your request relates to the provision of our services to you under our Terms of Use our processing is necessary to conclude / perform such contract entered into with you
|
| Cookies | To personalise your visit to this website and to assist you while you use this website
|
We process personal data as necessary to conclude and perform our contract with you i.e., our Terms of Use
It is in our legitimate interest and in turn, your interests to make your experience of our products and services efficient and effective
|
| Cookies | To improve this website by helping Demica understand who uses this website
|
It is in our legitimate interest and in turn, your interests to measure the use of our website in order to inform and improve products and services
|
| Name, email address and telephone number
Cookies |
To provide any entity with which you are affiliated (e.g., your employer) with services requested from Demica
|
It is in our legitimate interest to provide services to any entity with which you are affiliated to ensure we meet our contractual obligations in this regard
|
| Name and email address
Other personal data voluntarily disclosed to us in such surveys |
To obtain your feedback on and improve the services you have requested of Demica including, without limitation, via surveys hosted by third parties
|
It is in our legitimate interest and in turn, your interests, to seek and receive customer feedback in order to improve the services we provide |
| Name and email address | To provide you with news and general information about other Demica products, services and events
|
We have a legitimate interest to carry out direct marketing activities.
If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent. If you wish to stop receiving marketing or market research communications from us you can unsubscribe via the link at the bottom of the relevant marketing e-mail or contact us using the contact details below.
|
We may also process your personal data for other purposes as detailed in Section 3 below.
Sources of personal data: We will collect the above personal data directly from you when you visit our website.
Cookies: As is now common with most websites, our website uses cookies and may use other online tracking tools (e.g., web beacons) to automatically collect information about your location, your use of the websites, or other websites you may visit after ours. Cookies are small data files generated by a website and saved by your web browser. They are used to help users navigate websites efficiently as well as to provide information to the owner of the websites. To find out more about what cookies we use and how we use them, please consult our Cookies Policy here.
(ii) Individuals who visit our offices
| What personal data do we process? | Why do we process your personal data? | In reliance on which legal basis do we process your personal data? |
| – Name, contact details and company information
– Video images from CCTV (entry and exit only) – Health data to assist in the control of infectious diseases (such as Covid-19) – Other personal data voluntarily disclosed to us in communications |
To keep our offices and personnel secure.
|
It is in our legitimate interest to process such data to manage our business operations.
The processing may be necessary to comply with our legal obligations including, those in relation to health and safety.
|
We may also process your personal data for other purposes as detailed in Section 3 below.
Sources of personal data: We will collect the above personal data directly from you or from the company with which you are affiliated (e.g., your employer).
(iii) Individuals who are employed or engaged by our service providers or professional advisors
| What personal data do we process? | Why do we process your personal data? | In reliance on which legal basis do we process your personal data? |
| Name, contact details, job title and company information
– Visual images and photographs – Other personal data voluntarily disclosed to us in communications |
To arrange calls / meetings with you or others at your company
For security reasons (CCTV) and video calls |
It is in our legitimate interest to properly operate, manage, improve and administer our business and to minimise any unintended disruption or risk thereto
|
| Name, contact details, job title and company information | Conduct our business including to enter into contracts with entities you are affiliated with (e.g., your employer) | It is in our legitimate interest to receive services from any entity with which you are affiliated to ensure we meet our contractual obligations in this regard
|
| Name, contact details, job title and company information | Manage our relationships with service providers and professional advisors (e.g., record-keeping)
|
It is in our legitimate interest to properly operate, manage, improve and administer our business and to minimise any unintended disruption or risk thereto
|
| Name, contact details, job title and company information
Data concerning your criminal convictions or offences if this is revealed to us when we perform anti-money laundering, KYC or background checks.
|
To comply with our legal obligations including to carry out anti-money laundering, KYC and background checks (including when required by our contracts with our clients).
|
The processing may be necessary to comply with our AML/KYC legal obligations
|
We may also process your personal data for other purposes as detailed in Section 3 below.
Sources of personal data: We will collect the above personal data directly from you or from the company with which you are affiliated (e.g., your employer). With respect to data concerning your criminal convictions or offences, we may obtain this data from third party sources (for example, disclosure and barring check databases).
(iv) Individuals with whom we have contact for business-related purposes
| What personal data do we process? | Why do we process your personal data? | In reliance on what legal basis do we process your personal data? |
| Name, contact details, job title and company information
Visual images and photographs Other personal data voluntarily disclosed to us in communications |
To arrange and attend calls / meetings with you or others at your company
For security reasons (CCTV) and video calls |
It is in our legitimate interest to properly operate, manage, improve and administer our business and to minimise any unintended disruption or risk thereto |
| Name, contact details, job title and company information | To conduct our business including, entering into contracts with any entity with which you are affiliated (e.g., your employer)
|
It is in our legitimate interest to provide services to any entity with which you are affiliated to ensure we meet our contractual obligations in this regard
|
| Name, contact details, job title and company information | To maintain a directory of contacts
|
We have a legitimate interest to maintain a list of business contacts in order to manage our business
|
| Name and email address | To provide you with news and general information about other Demica products, services and events | We have a legitimate interest to carry out direct marketing activities.
If applicable law requires that we receive your consent before we send you certain types of marketing communications, we will only send you those types of communications after receiving your consent. If you wish to stop receiving marketing or market research communications from us you can unsubscribe via the link at the bottom of the relevant marketing e-mail or contact us using the contact details below
|
| Name, contact details, job title and company information
Data concerning your criminal convictions or offences if this is revealed to us when we perform anti-money laundering, KYC or background checks |
To comply with our legal obligations, including anti-money laundering, KYC and background checks (including when required by our contracts with our clients)
We may also process your personal data for other purposes as detailed in Section 3 below
|
The processing may be necessary to comply with our AML/KYC legal obligations |
We may also process your personal data for other purposes as detailed in Section 3 below.
Sources of personal data: We will collect the above personal data directly from you or from the company with which you are affiliated (e.g., your employer). With respect to data concerning your criminal convictions or offences, we may obtain this data from third party sources (for example, disclosure and barring check databases). With respect to your name, email address, job title and company information, we may also source this information from third party data brokers such as, ZoomInfo which have their own privacy policies and notices.
3. For what other purposes do we process your personal data?
All personal data identified above may be processed for the following purposes and in reliance on the following legal bases:
| Purpose(s) for processing | Legal bases for processing |
| Keeping our information and systems secure
|
It is in our legitimate interest to ensure our products and services are safe and secure and are used in accordance with applicable terms
|
| Responding to data subject requests | The processing is necessary to comply with our legal obligations under the GDPR
|
| Identifying and preventing fraud and other unlawful activity | It is in our legitimate interest to prevent and address fraud, unauthorised use of our products and services, violations of our Terms of Use and policies, or other harmful or illegal activity
|
| Preparing for, responding to, and obtaining advice in connection with, enquiries, investigations, disputes or proceedings and disclosing personal data in response to legal requests where we are not compelled by law to respond
|
It is in our legitimate interest (and those of certain third parties) to seek legal advice and to protect ourselves (including our rights, personnel, property or products), our users, clients or others, including as part of investigations, regulatory inquiries, litigation and other disputes |
| Business administration including financial and statistical research and internal reporting
|
It is in our legitimate interest to properly operate, manage, improve and administer our business, to minimise any unintended disruption or risk thereto and in order to enable the provision of accurate and reliable reporting
|
| Preparing for, and participating in, transactions
|
We have a legitimate interest to operate and improve our business
|
| Training our personnel
|
It is in our legitimate interest to properly operate, manage, improve and administer our business
|
4. Right to object
You have the right to object to the processing of your personal data where that processing is carried out for Demica’s legitimate interest. Please note however that we may not be able to fulfil this request in all instances.
5. Consequences of not providing personal data
Where we require your personal data to comply with our legal or contractual requirements, failure to provide this information means we may not be able to provide services to you or any entity with which you are affiliated (e.g. your employer) and/or interact with you.
6. With whom do we share your personal data
Demica may share your personal data with, or otherwise make your personal data available to:
(i) other Demica entities or affiliates. Your personal data can be accessed by Demica or other entities within the Demica group where necessary, including for the provision of services to you or any entity with which you are affiliated (e.g. your employer);
(ii) third party service providers, including companies that provide Demica with technical support and assistance in respect of this website or Demica’s platform and companies engaged to market Demica products/services;
(iii) business associates (e.g. investors, lenders or financial intermediaries) who are involved in, or considering being involved in, transactions where we are involved;
(iv) professional advisors (e.g., accountants, lawyers or other consultants);
(v) independent public accountants and auditors;
(vi) third parties in order to comply with any law, regulation, court order, supervisory, regulatory or similar authority, or in order to enforce or apply the terms of use of this website or other agreements, or to protect the rights of Demica, its customers or others; and/or
(vii) a third party that acquires all or part of Demica’s (or its affiliates’) assets or shares, or that succeeds it in carrying on all or a part of its business, whether by merger, acquisition, reorganisation or otherwise.
7. International transfers of your personal data
Personal data collected from you via this website or that Demica otherwise collects or obtains (including from third parties) may be transferred to the recipients described above who may be in countries located outside of the European Economic Area (“EEA”) / UK (including in the U.S.) which do not provide a similar or adequate level of protection to that provided by countries in the EEA or the UK.
Your personal data will only be transferred from the EEA or the UK to a recipient in a country that is not considered to provide an adequate level of data protection when the transfer is in compliance with applicable data protection and privacy laws (e.g., by entering into standard contractual clauses or similar (“SCCs”) with the recipient, relying on the recipient’s Binding Corporate Rules, or by relying on a derogation such as, where the transfer is necessary for performance or a contract or the establishment or defence of legal claims).
You can request further information in relation to international transfers and/or a copy of the SCCs by contacting us as described in Section 12 below.
8. Your data protection rights
You have certain rights under data protection laws which may be subject to limitations and/or restrictions, such as possible restrictions on a data subject’s request regarding personal data that has been processed for anti-money laundering purposes. These rights include the right to: (i) request access to and rectification or erasure of your personal data; (ii) restrict processing or to object to the processing of your personal data; (iii) ask for a copy, in a digital format, of your personal data to be provided to you, or a third party, where held by Demica; and (iv) withdraw consent to the processing of your personal data. Withdrawing your consent does not affect the lawfulness of the processing before the withdrawal of consent being based on consent. All such requests should be made by contacting us as described in Section 12 below. We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than within one month after receipt of your request. In exceptional cases, we may extend this period by two months and we will tell you why. Demica may require proof of identity in order to consider or action your request. You also have the right to lodge a complaint about the processing of your personal data with your local data protection authority.
9. How long we retain your personal data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for (as described in Sections 2 and 3 above). The criteria used to determine the retention periods include: (i) the purposes for which we process the personal data and whether we can achieve those purposes through other means; (ii) the amount, type and sensitivity of personal data collected; (iii) the potential risk of harm from unauthorized use or disclosure of your personal data and (iv) whether Demica is subject to a legal, contractual or similar obligation to retain the data (e.g., mandatory data retention laws, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation or disputes). If you would like more information about applicable data retention periods you can request this information by contacting us as described in Section 12 below.
10. Other Websites
Our website may provide links to other third-party websites which may operate independently from us and may have their own privacy notices or policies, which we advise you to review. To the extent any linked websites or apps are not owned or controlled by us, we are not responsible for their content.
11. Changes to the Policy
We will review and update this Policy as required to keep current with rules and regulations, new technologies and security standards. We will post those changes on our website or update the “last updated” date of the Policy. If we make a material change to this Policy, you will be provided with appropriate notice in accordance with applicable legal requirements.
12. Contact us
For any privacy issues, questions or complaints concerning the application of this Policy or to exercise your rights as described in Section 8 above, you may contact us at legal@demica.com.
Demica Limited: Bow Bells House, 1 Bread Street, London EC4M 9BE
Last updated: April 2022