Important Data Privacy notice
The purpose of this Data Privacy Notice (hereinafter referred to as the "Notice") is to inform Clients, Connected Individuals, Prospective Clients, Business Relationships and any other data subjects about how we collect, store and process data (hereinafter collectively referred to as the "Subjects").
1. Entity Responsible for Processing and Principles
The responsible entity for processing, Probus Group (hereinafter referred to as "Probus"), recognizes the importance of keeping the personal data of its customers confidential and protecting their privacy rights. Regarding its activities and the data collected by it, Probus intends to apply the most restrictive principles and standards that are identifiable with respect to the protection of personal data.
Consequently, all personal data and information (hereinafter referred to as "Data") provided in connection with our services will be processed lawfully, fairly, transparently and confidentially by Probus.
By contracting the services offered by Probus (hereinafter referred to as the "Services"), and in accordance with the legal provisions in force, you acknowledge and agree that, in connection with our Services, Data is or will be collected by Probus. The Data will be collected and used solely for the purposes of the Services offered by Probus or any subsequent contractual relationship with Probus.
Therefore, entering into an engagement with Probus means that you agree to the collection, processing of Data and agree to this Notice.
3. Legal Basis and Purposes of Data Collection and Processing
3.1 Legal Basis
The Subject concerned acknowledges that the collection and processing of Data by Probus is necessary for the fulfilment of the mandate entrusted to Probus to which the Subject concerned is a party in connection with the Services, but also for the preservation of the legitimate interests of Probus and for the fulfilment of legal obligations incumbent upon Probus.
The Data is collected and processed by Probus for the following purposes (hereinafter referred to as "Purposes"):
The opening and maintaining of the contractual relationship with the Subject or the beginning of a business relationship with Probus (hereinafter referred to as "Business Relationship"), including all formalities relating to the identification of the Subject and of any person or entity over whom the Subject or a third party provides information and / or of which Probus has knowledge in any other way in connection with the Business Relationship (hereinafter referred to as "Related person").
Any other related services provided by Probus' service providers and subcontractors in a Business Relationship.
The management, administration, placement and distribution of financial products, including all services related to these activities.
Compliance with legal and regulatory obligations to which Probus is subject under regulations applicable to financial intermediaries and any other regulations applicable to the various individual entities of Probus (Money Laundering and Enforcement Act, International Financial Regulations (e.g. FATCA, Automatic Exchange of Information)).
Weighing interests, to protect the interests of Probus or third parties: prevention and elucidation of criminal offenses, risk management, exercise of rights and defence in litigation, consultation and exchange of information with information desks, computer security, safety of buildings and facilities.
Probus Customer Management: Probus' customer administration, invoicing services, marketing (newsletters, event invitations, etc.) and others.
4. What Data is Collected?
4.1 Types of Data
As part of the Services, Probus collects the following data (contemplative, non-exhaustive list) from its counter-parties (customers, administrators of private equity vehicles, lawyers, banks, other financial intermediaries):
Identification data: personal identification data (name, surname, title, tax identification number) and structural identification data (information relating to investment entities).
Identification data issued by public authorities and other registers: identity cards, passports, certificate of incorporation, articles of association, share registers.
Location data: personal and business addresses of investment entities.
Communication and electronic identification data (personal and business): telephone number, e-mail address.
Financial data: identification number and bank account numbers, financial means / assets, financial transactions.
4.2 Information Collected Directly from Subjects
Probus collects and records all information provided to it in connection with the Services or by any other means in its Customer Relationship Management system. The Subject may choose not to provide Probus with certain information, however this decision may have the effect of depriving the Subject of certain Services or features offered in connection with the Services.
4.3 Information Collected from Third Parties - Subcontractors
As part of its Services, Probus may also collect data from third parties (administrators of private equity vehicles, lawyers, banks, other financial intermediaries, list of international sanctions, information available to the public (e.g. Bloomberg, World-Check, FACTIVA or LexisNexis)). Data collected from third parties is treated in the same way as Data collected directly from the Subjects (see paragraph 4.2 above).
Probus may be considered as a processor of personal data in the context of information collected from third parties, according to the applicable regulations. Should this be the case, Probus will enter into a subcontracting agreement with the third parties concerned to ensure compliance with the present Notice.
5. Methods of Data Processing
The Data is processed by Probus - or by third parties selected on the basis of their reliability and competence, as well as by duly appointed data controllers - solely for the purpose of carrying out the purposes specified in paragraph 3.2 above, mainly by means of computer tools, but also on paper.
Probus retains the Data for as long as necessary for the fulfilment of the Purposes for which it was collected and in accordance with the regulations applicable to the Services (for example, ten years in connection with banking services or seven years in accordance with FATCA regulations).
Similarly, Probus deletes or anonymizes personal data (or takes equivalent measures) as soon as they are no longer necessary to achieve the Purposes, subject however (i) to legal or regulatory requirements applicable to the data retention for a longer period of time, or (ii) to ascertain, exercise and / or defend actual or potential rights in legal proceedings, investigations or similar proceedings, including legal holds that Probus might impose to preserve relevant information.
Specific measures are applied to prevent the risk of loss of data, unlawful or improper use and unauthorized access (see paragraph 7 (Confidentiality, Security and Data Protection) below).
Probus may evaluate certain characteristics of the Subjects and Related Persons on the basis of automatically processed Data in order, in particular, to offer them personalized offers and advice or information about its Services. Probus may also use technologies to identify the level of risk associated with a particular Subject or Business Relation activity.
In contrast, Probus does not use automated decision making in relation to a Business Relationship, a Subject, or a Related Person.
7. Access to Data and Data Transfers
The Data transmitted to Probus will be known and used by Probus employees and/or its subsidiaries (national or foreign) for the sole purpose of performing the Services that constitute the purpose for which the Data was collected.
As part of the performance of the Services, Probus may transmit the Data to third parties, in particular to custodian banks or national and international tax authorities, in accordance with fiscal reporting obligations.
The transmission of data to third parties abroad is alternatively based on (i) an adequacy decision, (ii) appropriate safeguards or (iii) a waiver for specific situations (execution of a mandate related to the Services offered by Probus, in particular).
It is already stated that:
In dealings with custodian banks, Data transfers may take place towards national and international banks, as well as towards any other financial intermediary.
As part of the implementation of FATCA regulations, data transfers may be made to the Internal Revenue Service (IRS) or any other competent tax authority recognized by the IRS.
In the context of the implementation of the Automatic Exchange of Information (AEOI), data transfers may take place with any competent tax authority, it being specified that the condition of confidentiality of data is a sine qua non stipulated by the OECD to adhere to the AEOI Mechanism.
As part of the implementation of any other regulations and Services, Probus carries out an assessment of Data recipients in accordance with applicable data standards.
Probus does not sell or rent the Data to any third party.
Finally, Probus may have to share the personal data:
To put the needed Service to the Subjects disposal;
Where permitted or required by law to comply with a valid legal process;
To protect and defend Probus' rights or property, including the security of its products and services.;
To protect the personal safety, property or other rights of the public, Probus or its customers or employees; or
In connection with the sale of all or part of Probus' operations.
If Probus is required by law to disclose the Data to third parties, Probus will take all commercially reasonable steps to notify you in advance, unless otherwise required by law. If Probus engages in a process of merging, acquiring or selling assets, Probus will comply with this Notice.
8. Privacy, Security and Data Protection
Probus undertakes to ensure that there are adequate levels of protection of Data, in particular those relating to banking secrecy and data protection.
Subjects’ Data will be transmitted to and stored on Probus' servers, access to which is strictly limited. Probus has taken the appropriate technical and organizational precautions to ensure that its servers are accessible exclusively to duly authorized persons, as well as special precautions with regard to the protection of its technical environment (e.g. use of anti-viruses and firewalls). Probus' servers also comply with the ISO 27001 standard, combined with strong authentication and encrypted communications.
9. Rights of the Subjects
In accordance with the applicable regulations, Subjects may exercise the following rights with respect to their data in connection with the processing of Data:
Right to request access to stored data;
Right to request the rectification of stored data;
Right to request the deletion of stored data, subject to the applicable legal provisions on data retention;
Right to request a limitation of the processing of stored data, subject to the applicable legal provisions regarding the processing of data; and
Right to request a prohibition on the processing of stored data, subject to the applicable legal provisions regarding the processing of data.
Even if a Subject contests the processing of its Data, Probus is entitled to continue such processing if it is (i) legally binding, (ii) necessary for the performance of the Contract to which the Subject is party, (iii) necessary for the performance of a public interest mission or (iv) necessary for the legitimate interests that Probus pursues, including the finding, exercise or defence of a right in justice.
Generally speaking, the Subject has the right to require Probus to protect their data. Probus works tirelessly to protect itself and its users from unauthorized access, alteration, disclosure or destruction of information that is held. More specifically:
Probus respects this Notice in all circumstances with respect to all Data that Probus collects about the Subject concerned;
Probus limits the use and disclosure of Data and ensures that anyone with whom Probus shares this information will treat it with the confidentiality and security it deserves.; and
Probus has implemented physical, technical and administrative procedures to protect the information collected.
The exercise of any right set forth in the paragraph shall be carried out in accordance with the communication provisions of paragraph 10 (Communication and Remarks) below.
10. Communication and Remarks
If you have any questions about Probus' data protection, a detailed message can be sent to (firstname.lastname@example.org) and Probus will address them as soon as possible.
You may exercise any of your rights related to Personal Data (paragraph 9) by sending your request to the aforementioned address.
Probus' business is constantly evolving and this Notice and the Terms of Service may change. Unless otherwise stated, our Notice applies to the use of all information collected about any Subject.