Data privacy is of high importance for Huawen Foundation Limited (“we”, “us” or “our”) and we want to be open and transparent with our processing of your personal data and are committed to protecting your privacy. This privacy notice sets out how your personal data will be processed. Your personal data is processed in accordance with applicable data protection law including the General Data Protection Regulation (EU 2016/679) (“GDPR”). We employ appropriate security measures and controls intended to protect your personal data against unauthorised access, disclosure, destruction or alteration.
What personal data do we collect about you?
We will not collect any unnecessary personal data from you and will process your personal data in accordance with applicable data protection law. We may collect personal data about you in the following ways:
Personal data you give us:
From our website: We collect personal data you provide by filling in one of our online enquiry forms to request further information/services and a box you may tick for direct marketing purposes. The personal data you give us may include your name, phone number and e-mail address. You may withdraw consent for the receipt of direct marketing messages at any time by using any unsubscribe facility, by emailing us at email@example.com or writing to us using the information at the end of this privacy notice. From our service: We may collect personal data about you from applications or forms you may complete, agreements you enter with us or in the course of your establishing or maintaining a client relationship with us regarding an investment product or vehicle including your name, age, postal and email address, debit card details, ongoing statements and other related information as provided by you. This is to allow us to confirm your eligibility for a transaction, complete your transaction and to provide confirmation of the transaction to you. From recruitment applications: If you apply for a job with us, you will provide us with personal data in connection with your application. Personal data we collect about you:
Each time you visit our website we will automatically collect the following information:
Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, browser plug-in types and versions, operating system and platform. Information about your site visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), traffic data and other communication data, the resources that you access, and information derived from the cookies we place on your mobile device and computer (please see our cookies policy for more information). Personal data we receive from other sources:
We may combine information and data from other websites we operate which offer similar or other services provided by us or our subsidiaries or other third-party service providers. This data may be shared between us, our subsidiaries and third-party service providers, to include: business partners, sub-contractors, payment services, advertising networks, analytics providers, search information providers and credit reference agencies who are also obliged to adhere to applicable data protection laws.
If you have applied for a job with us, we may receive personal data about you relevant to the job you have applied for, from former employers and employment agencies.
How do we use your personal data?
We may use the personal data we hold about you for the following purposes:
To analyse data to enhance the service offering with you to provide tailored services or products, or otherwise conduct business with you. To send you marketing material you have requested to receive via our websites or information on other products and services offered by us or other associated companies. To process your application for a job with us. To comply with our legal and regulatory obligations. To establish, defend or exercise our legal rights or in connection with legal proceedings. To improve our services, websites and mobile applications or create new ones. We rely on the following legal grounds to process your personal data:
Compliance with law or regulation – we may collect and use your personal data in order to comply with law and regulation. Contract performance – we may collect and use your personal data in order to enter into a contract with you or perform a contract with you. Legitimate business interests – we may collect and use your personal data where necessary in order to further our legitimate business interests such as: to communicate with you, where you have requested such communication; to keep records updated and to answer your queries; running our business and to protect property, assets, staff and others; improving our services, websites and mobile applications or creating new ones. Consent – if we rely on your consent to process your personal data we will seek your consent in a manner that complies with the GDPR. Who do we share your personal data with?
We may share the personal data we hold about you with the following categories of recipients for the purposes described above and below:
Any member of our group, being our ultimate holding company and any of its subsidiaries who assist us in the provision of and administration of services we may provide to you. Selected third parties, to include: Business partners, suppliers and sub-contractors who assist us in the provision of and administration of our services (e.g. professional advisors, IT/software systems suppliers and support, and other service providers). Regulatory authorities and the Revenue Commissioners, should they require such disclosure on legal grounds. Analytics and search engine providers that assist us in the improvement and optimisation of our site. International transfers of personal data
Your personal data may be transferred, stored and accessed within the European Economic Area (“EEA”) or transferred to, stored in, and accessed from countries outside the EEA in order to fulfil the purposes described in this notice. For transfers to countries outside the EEA, the data protection regime may be different than in the country in which you are located and will therefore be based on a legally adequate transfer method. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is given to it by ensuring at least one of the following safeguards is implemented (please contact us if you wish to obtain further information on the relevant safeguard (for example, EC model contractual clauses) used to protect personal data during such transfer):
Where the country has been deemed to provide an adequate level of protection for personal data by the European Commission. We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. Where service providers are based in the US, we may transfer data to them if they are part of the EU-U.S. Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. How long do we keep your personal data?
We will only hold your personal data for as long as necessary. How long we hold your personal data for will vary and is dependent on:
The purpose for which we have your personal data – we need to keep your personal data for as long as necessary to fulfil the purpose and with regard to any contractual obligations. Legal or regulatory obligations – we need to keep certain personal data for minimum periods set out in law or regulation. We have appropriate security measures in place to keep your personal data secure whilst we hold it. If you ask us to remove you from our marketing list, we may keep some personal details on an “opted-out” list in order to ensure that we do not market to you again.
What are your rights?
Under certain circumstances, by law you may have the following rights:
Right to access: You have the right to request information about the personal data we hold on you, the purposes the data is being processed and obtain a copy of it at any time. Right to portability: Whenever we process your personal data by automated means based on your consent or based on an agreement you have the right to get a copy of your data transferred to you or to a nominated party. This only includes the personal data you have submitted to us. Right to rectification: You have the right to request rectification of your personal data if it is incorrect or incomplete. Right to erasure: You have the right to require us to delete your personal data if our continued use of it is not justified. Right to object to processing: You have the right to object to our processing of your personal data where we are relying on a legitimate interest to do so and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. Right to restrict processing: In some circumstances, where you may not be entitled to require us to erase your personal data, you may be entitled to limit the purposes for which we can use your personal data. Right to withdraw your consent to processing: You have the right to withdraw the consent you have given us to allow us to process your personal data. This will not affect the lawfulness of any processing of your personal data carried out before you withdraw your consent. Right to object to direct marketing: You have the right to object to the processing of your personal data for direct marketing, including profiling analysis made for direct marketing purposes. How can you exercise your rights?
In order to exercise these rights, to request a Subject Access Request or if you have any concerns about our use of your personal data, please contact us at firstname.lastname@example.org or at the details in, ‘How to contact us.’ below. You can also contact the Data Protection Commission (‘DPC’) which is the supervisory authority in Ireland responsible for the implementation and enforcement of data protection law. You can contact the DPC via the DPC’s website – https://www.dataprotection.ie/en – or by calling them on +353 (0)761 104 800.
How to contact us
Huawen Foundation Limited, 97 St. Stephens Green, Dublin 2, Ireland.
Changes to our Privacy Notice
This Privacy Notice may be updated from time to time. Whenever this Privacy Notice is updated the new version will signify the date when it was last changed and it will be made available on the website. Please check for the latest version of this Privacy Notice whenever you visit the website. By using the website after any new Privacy Notice is published you accept the Privacy Notice as modified.
Huawen Foundation, 97 St. Stephens Green, Dublin 2, Ireland.