1. Who Are We?
Green Build Systems (“GBS”) is a company incorporated in England & Wales under registration number 10964673, with our registered office address is Pinnacle 17th Floor, 67 Albion Street, Leeds LS1 5AA, UK. This policy applies to our collection and use of your data in connection with our services (the “Services”). We are registered with the information Commissioner’s Office under the reference number ZA785226, as a data controller.
2. How to Reach Our Data Protection Officer?
To contact GBS’s Data Protection Officer regarding our processing of your personal data, email: firstname.lastname@example.org.
3. How Do We Notify You of Changes to this Policy?
4. What Are Your Rights?
GBS recognises that your personal data belongs to you and we don’t wish to use it in ways that you don’t want us to. You can control whether or not you receive marketing email from GBS by contacting us in respect of the same. You can also exercise a variety of rights regarding our use of your data:
- You can ask us for a copy of the information we have about you.
- You can ask us to correct any incorrect data we have about you.
- You can ask us to delete your data.
- You can ask for your data in a common, machine-readable format.
- You can object to any processing we do on the basis of legitimate interests (see below).
- You can ask us to restrict the processing of your data.
To exercise any of the foregoing rights, please contact us. For the purposes of the General Data Protection Regulation or GDPR (EU 2016/679), please note that some of these rights may not be enforceable until 25 May 2018 and some aren’t absolute—for example, we may not be able to forget you if we have to keep some of your data to comply with the law—but we’ll evaluate your request in accordance with applicable data protection laws. GBS will respond to your request within one month of receiving it. Also, note that you have the right to lodge a complaint with the UK Information Commissioner’s Office or the supervisory authority in your country of residence or place of work.
5. What Data Do We Collect?
We don’t receive any personal data about you other than what you provide us or what you have consented for others to forward to us, or data we can infer from your use of the Services.
When you register with us we will collect contact information about you and if you are an actual or prospective investor then we collect information as to how much and in what products you would like to invest. This will include your name, date of birth, address, e-mail address, telephone contact number(s) and investment amount. We will also ask you to provide AML information including your photo ID and proof of address.
We will ask you what investor category you fall into and we may ask you a series of questions relating to your financial circumstances and your understanding of the investment into which you have entered and the manner in which it was sold to you.
These questions usually take place via a recorded telephone conversation.
Where you are an introducer you may be providing us with information about prospective third party investors and in such circumstances you must ensure that they have agreed to you providing us with their information. Where required by local laws, we would advise you to keep a record of their agreement and provide them with a copy of, or link to this Policy. You should also only contact individuals who you know would be happy to hear from you and must not use our Services to send unsolicited ‘spam’ messages.
6. What Happens If You Don’t Want Us to Have Your Data?
You are not required to provide personal data to us. Note, however, that your failure to do so may affect our ability to provide the Services you request.
7. How Do We Use Your Data?
GBS uses your personal data to provide you with our Services, to personalise your GBS experience, to send you communications and to keep you updated about an investment into which you have entered or may be considering entering.
We also use your data to help us make GBS better and to advertise to you. We use your data to drive our research and development and to better understand our customers. GBS does this analysis using a variety of data sources, including transactional data (how you use the Services), log data (web traffic and Services usage), email data (how you respond to emails we send you), survey data, customer service data.
- For information about products into which you have invested, such as newsletters – you can opt out here.
- For information about new products and services – you can opt out here.
- Survey and customer satisfaction questionnaires in respect of our Services – you can opt out here.
8. On What Legal Bases Do We Process Your Data?
We process your personal data on a variety of legal bases depending on the use. For example, we will only process your personal data to send you direct marketing if we have your consent and you can withdraw this consent at any time by opting out of receiving such emails. Sometimes it is necessary to process your data for us to comply with our legal obligations.
9. How Are We Using Your Data Based on Our Legitimate Interests?
We may process your personal data for the purposes of our legitimate interests, provided that these uses aren’t outweighed by your rights or interests. What is a ‘legitimate interest’? It essentially means that we use your data in a way which might reasonably be expected as part of running our business and which doesn’t impact materially on your rights, freedom or interests.
For example, we may use your investment history to send you information about products in the same industry, or to keep you updated about similar products.
For any uses we justify on the basis of legitimate interest, you have the right to opt out of such processing by writing to us or by e-mailing us at: email@example.com.
10. With Whom Are We Sharing Your Data?
We may disclose your data to our affiliated organisations and subsidiaries, and to service providers who render services to us or you on our behalf (all of which are contractually obligated to act only on our instructions and in accordance with applicable laws, including GDPR). We also may disclose your information if required by law, requested by law enforcement authorities or to enforce our legal rights, such as pursuant to a subpoena.
Our service providers include:
- Banks and payment service providers – to authorise and complete payment transactions;
- Third party identity checking or credit reference agencies – for the purposes of identity checking and bank account verification;
- Investment product providers;
- CRM, administration, IT, information security and cloud services providers – to help us provide the Services and keep your data safe;
- Communication providers – to assist us with the processing and delivery of email and other communications;
- Security trustee providers (if this applies to your investment).
11. How Secure Is Your Data?
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
Access to your personal data is password-protected. We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
12. Where Are We Sending Your Data?
GBS stores users’ personal data inside the European Union. Some of our service providers and affiliated organisations may lie outside the EU. Therefore, sometimes we may transfer your data outside the EU. If we do, we ensure your data is processed only in countries that provide an adequate level of protection for your data or where the recipient provides appropriate safeguards, such as model contract clauses, binding corporate rules, or mechanisms like the EU-U.S. Privacy Shield framework. For a copy of such safeguards, please contact us.
12. How Long Do We Keep Your Data?
We keep your personal data in an identifiable form for as long as we have a legitimate reason to use the data and as required by law.
13. Third Party Links
You may find links to third party websites on our site. The operators of those websites will apply their own privacy policies and you should check them before you use them or submit any data to them. We are not responsible for their policies or the way they use your data or cookies, and we will not be liable for any loss, damage or distress you may suffer of incur as a consequence.
14. How Do You Complain?
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling: 0303 123 1113.
Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can’t be responsible for the content of external websites).
If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.