Privacy Policy
In order to provide our due diligence services via our Products, we gather publicly available information about the companies and related individuals that our clients ask us to due diligence on.
This is the Privacy Policy (the ‘Policy’) relating to Ethixbase UK Limited Pte Ltd, Singapore company registration 201131414M, and its affiliates, including Ethixbase UK Limited, company number 10651805, of 27 Old Gloucester Street, London, United Kingdom WC1N 3AX (hereafter ‘Ethixbase UK Limited’, ‘we’ or ‘us’). We provide various due diligence services including via our products such as the Ethixbase UK Limited Third Party Risk Management Platform and Enhanced Due Diligence Reports (each a “Product”).
This Policy describes the ways in which Ethixbase UK Limited collects and uses information about you when you visit our website at https://ethixbase360.com (the “Website”), register for an account (“Account”) permitting you to use our Products or if you are asked to complete a questionnaire with us (“Questionnaire”). This Policy also describes how Ethixbase UK Limited prepares the Report(s) for each client.
If we have collected information about you in order to create an Account, Report or complete a Questionnaire, unless you object to the information we have collected about you (which you can do as set out in, and subject to the terms of, this Policy), you agree to us collecting and using such information as set out in this Policy. In addition, by visiting our Website and using our Products you agree to be bound by this Policy in respect of the information collected about you. Ethixbase UK Limited may change this Policy at any time in which case we shall notify you of any changes to this Policy by noting this on the Website and updating the “last changed” date below. The changes will apply to your use of the Website and/or our Products (as applicable) after we have given notice. If you do not wish to accept the new Policy you should not continue to use the Website and/or our Products (as applicable). If you continue to use the Website and/or our Products (as applicable), or do not object to us continuing to collect your data after the date on which the change comes into effect, your use of the Website and/or our Products (as applicable), or your lack of objection, indicates your agreement to be bound by the new Policy.
This Policy was last changed on 22 December 2021.
Information that we collect about you and how we use it and protect it
1. ICO registration: If you are a UK customer, Ethixbase UK Limited has notified the Information Commissioner’s Office (“ICO”) of its processing of personal data. The notification indicates what data is processed by Ethixbase UK Limited and for what purpose, and to which persons or entities the data will be provided. Click here to consult the notification in the public register of the ICO. Ethixbase UK Limited’s registration number is ZA261305. Ethixbase UK Limited’s Data Protection Officer is Russell Potter.
2. Information which is collected by us: Ethixbase UK Limited collects the following information:
a. if you register for e-mail alerts on the Website we will collect your e-mail address and, if you wish to submit such information: (i) your name; (ii) your job title; (iii) your business phone number, including landline and mobile, (iv) employer name; (v) the country in which your employer is based, (vi) the industry in which your employer operates, (vi) business contact details of your employer, such as phone number and e-mail address; and (vii) the number of employees at your company. (“Marketing Data”);
b. if you use our Products then we collect any information which you provide to us when creating an Account to use our Products, including: (i) your name; (ii) your employer name; (iii) your job title; (iv) your e-mail address and the e-mail addresses of any other contact persons; and (v) your employer’s country of incorporation (“Client Data”);
c. if you use our Products then we collect the information that you provide to us (whether provided directly by you, by you based on information that you have received from a third party and transferred to us or provided direct to us by the third parties who we are checking on your behalf) in order for us to be able to carry out our due diligence services. This will include: (i) the full entity name of the company/ies for due diligence purposes; (ii) the country of registration of such company/ies ((i) and (ii) being the “Organisation Data”); (iii) the full name of the associated individuals of the company/ies that you want us to check for due diligence purposes; (iv) the country of residence of the associated individuals of the company/ies that you want us to check for due diligence purposes; and (v) any other information that we request from you in relation to such individuals such as nationality, date of birth and passport number ((iii), (iv) and (v) being the “Individuals Data” and together with the Organisation Data the “Client Provided Data”);
d. if you are an individual listed in any of our Reports, then, in addition to the Individuals Data which is provided by our clients (as detailed in paragraph 2(c) above), we will collect certain information about you in the course of our due diligence searches. This information is obtained from a variety of publicly available sources, including news reports, as well as via our third-party service providers whom we use to assist us in relation to such searches (“Report Data”);
e. If you are asked to complete a Questionnaire with us, we will collect the information you provide to us when completing the Questionnaire (“Questionnaire Data”); and
f. when you use our Website and any of our Products, the information collected by our use of cookies and similar technologies (please see the information set out in paragraph 10 below), including other technical information and analytical information such as your IP address and information as to how you use our Website and Products (“Analytical Data”).
How the information collected about you when you create and use our Products or complete a Questionnaire is used: The information about you described in paragraph 2 may be used by Ethixbase UK Limited as follows:
a. if you provide your e-mail address to us under paragraph 2(a), we use your e-mail address to provide our e-mail alerts to you. If you provide the other items of Marketing Data listed under paragraph 2(a), we use such information to build up a fuller marketing profile for you in order to be able to decide which products and services we consider that you might be interested in. You have the right to opt-out of our use of such data for this marketing purpose at any time by contacting [email protected] If you want to stop receiving the e-mails at any time you may click “Unsubscribe” in the e-mail itself or contact [email protected].
b. the Client Data listed in paragraph 2(b) is used to create an Account for you and provide a Report or our other Products to you. Ethixbase UK Limited requires your name, job title and e-mail address to provide the Report to you and requires your employer’s name and country of incorporation to undertake certain fraud and security checks in relation to its provision of services to you;
c. the Client Provided Data listed in paragraph 2(c) is used for us to provide our services to you, namely in order for us to be able to carry out our due diligence research. We will use this information to prepare the Report for you. You can select which type of Report you want us to prepare when asking us to perform such services for the first time;
d. the Report Data listed in paragraph 2(d) is used to provide the Report to Ethixbase UK Limited’s clients. It comprises the core content of each Report;
e. the Questionnaire Data listed in paragraph 2(e) is collected as part of the process of producing a Report, meaning the Questionnaire Data will be provided to Ethixbase UK Limited’s clients. In addition, Questionnaire Data may also be used to communicate with you in order to deliver compliance related materials that we consider you might be interested in. Where any such communication is received, you have the right to opt-out of us using such data for this marketing purpose at any time by clicking “Unsubscribe” in the e-mail itself or by contacting [email protected];
f. the Analytical Data listed in paragraph 2(f) enables Ethixbase UK Limited to undertake administrative tasks in relation to the management of the Website and its Products including to evaluate how our visitors use and navigate our Website and Products, including the number and frequency of visitors to each web page, and the length of their visits as well as to provide technical support and troubleshooting, and to tweak, tune and facilitate the improvement of the customer experience. It’s also used to allow us to personalise the content that you and others see based on personal characteristics or preferences and to target ads to you on another website. You may opt out from receiving targeted advertisements from us by visiting the NAI website opt-out page or the DAA opt-out page or, for EU users, the EDAA opt-out page;
g. the Client Data may also be used to communicate with you in order to deliver compliance related materials that we consider you might be interested in. Where any such communication is received, you have the right to opt-out of us using such data for this marketing purpose at any time by clicking “Unsubscribe” in the e-mail itself or by contacting [email protected];
h. the information in paragraph 2 may also be used by us to allow us to personalise the content that you and others see based on personal characteristics or preferences and to target ads to you on another website. You may opt-out from receiving targeted advertisements from us by visiting the NAI website opt-out page or the DAA opt-out page or, for EU users, the EDAA opt-out page; and
i.the information set out in paragraph 2 is shared with third parties as described in paragraph 5 below.
4. Ground for processing:
a. In relation to the information collected as listed in paragraph 2(a): In collecting your e-mail address we rely on the fact that such e-mail address is required to fulfil our contract with you (namely providing you the e-mail alerts requested by you entering your e-mail address). In collecting the other items of Marketing Data listed in paragraph 2(a) above, we rely on consent as you have the choice as to whether to provide such items to us or not. You can still receive the marketing e-mails if you only provide your e-mail address but if you choose to provide the additional items of information it allows us to build up a fuller profile in order to be able to decide which product and service e-mails are likely to be of most interest to you.
b. In relation to the Client Data collected as listed in paragraph 2(b): In collecting and processing the Client Data we rely on the fact that this is necessary to fulfil our contract with you (namely to administer your Account and deliver Reports and other Products).
c. In relation to Client Provided Data collected as listed in paragraph 2(c) and Report Data as detailed in paragraph 2(d): You will be the data controller of this information and we will be processing this information as data processor on your behalf. You are responsible for establishing the ground for processing in relation to this data.
d. In relation to the information collected as listed in paragraph 2(e) (Questionnaire Data) which forms part of a Report, Ethixbase UK Limited’s client will be the data controller of this information and Ethixbase UK Limited will be processing this information as data processor on its client’s behalf. Ethixbase UK Limited’s client is responsible for establishing the ground for processing in relation to this data and communicating it to you. To the extent that Ethixbase UK Limited uses Questionnaire Data for marketing purposes, this is also a legitimate interest of Ethixbase UK Limited which is necessary in order to permit Ethixbase UK Limited to be able to grow and market its business offering of streamlining due diligence services to interested potential customers.
e. In relation to the information collected as listed in paragraphs 2(f):Ethixbase UK Limited relies on the legitimate interests processing ground to collect all of the information listed in paragraphs 2(f). It is in Ethixbase UK Limited’s legitimate interests to collect such items of personal data listed above because this is necessary in order to provide and improve the due diligence services via its Products and Website.
f. In addition, where Ethixbase UK Limited uses the Client Data for marketing purposes, this is also a legitimate interest of Ethixbase UK Limited which is necessary in order to permit Ethixbase UK Limited to be able to grow and market its business offering of streamlining due diligence services to interested customers. The items of personal data collected in each instance are not of a nature whereby your rights and freedoms as a data subject are outweighed by such data collection because with respect to the Client Data and Analytical Data, such data is not particularly sensitive data and is used to provide and improve our Products or to market to such clients subject to compliance with applicable data protection and direct marketing legislation.
5. Sharing information with third parties: Ethixbase UK Limited shall not pass your information to any third party (other than as described in this paragraph). Your information may, subject to Ethixbase UK Limited’s obligations to comply with applicable data protection legislation, be shared with the following third parties:
a. the Client Provided Data, Report Data, Client Data, Questionnaire Data and Analytical Data with its hosting provider for web hosting;
b. the Marketing Data, Client Data, Questionnaire Data and Analytical Data with its CRM providers for CRM management, such as Hubspot, Zendesk, Mailchimp, Salesforce and Autopilot, as well as the collation of publicly available data using third-party tools, such as Zimplify and Seamless.ai;
c. the Marketing Data, Client Data, Questionnaire Data and Analytical Data with its marketing automation providers for marketing automation and tracking, such as Zimplify, Hubspot, Salesforce, Zendesk and Autopilot;
d. the Marketing Data, Client Data and Questionnaire Data with its marketing providers for sending out marketing material as opted into/out of by the individual via tools such as Hubspot, Autopilot or MailChimp;;
e. the Questionnaire Data and Report Data with Ethixbase UK Limited’s clients;
f. the Client Data with its accounting provider for accounting purposes;
g. the Analytical Data with Google Suite, Hubspot, Adroll (Next Roll), Linkedin, Google Analytics and Google Ads for tracking website activities and to offer personalised marketing material;
h. the Client Provided Data and Marketing Data with Zoom, WordPress, QuizWorks, Survey Monkey, FormStack and Gravity Forms for creating forms that third parties complete and submit;
i. having taken precautions to maintain the security of such information, Ethixbase UK Limited may share all information collected under paragraph 2 with its regulator (the ICO);
j. in anonymised form, Ethixbase UK Limited may share all information collected under paragraph 2 with:
-
- its online advertising partners to serve adverts that you may see on the Website and to ensure that such ads are relevant to you, such as Google Ads, Adroll (Next Roll) or Linkedin;
-
- any third party, in relation to the sale of some or all Ethixbase UK Limited’s business, or its assets, or as part of any business restructuring or reorganisation. Ethixbase UK Limited will take steps with the aim of ensuring that your rights continue to be protected if your personal data is transferred in accordance with this paragraph;
-
- data aggregators and platform providers as part of an analysis of user metrics or sales performance; or
-
- law enforcement agencies in compliance with law enforcement.
6. Security: Ethixbase UK Limited has implemented technology and policies to safeguard your privacy from unauthorised access and improper use, including limited access servers and associated security measures.
7. Storage and Data Retention: We store your personal data in the UK, EEA and other countries outside the UK and EEA, including the USA. Where we transfer your personal data outside the UK or EEA we take steps to ensure the adequacy of such transfer, such as the use of model clauses. We retain your personal data for as long as you use our Products or are identified by us within a Report, and for one year thereafter.
8. Links to third party websites and third-party adverts:Ethixbase UK Limited is not responsible for the privacy policies and practices of other sites even if you access them using links from the Website. You should check the policy of each site you visit and contact its owner or operator if you have any concerns or questions. In addition, if you link to the Website from a third-party site, Ethixbase UK Limited is not responsible for the privacy policies and practices of the owners or operators of that third party site and recommends that you check the policy of that third party site and contact its owner or operator if you have any concerns or questions.
Contact with Ethixbase UK Limited
9. Information Ethixbase UK Limited collects and uses if you contact us or make complaints: When Ethixbase UK Limited receives complaints by email it files any relevant document and may retain details of the complainant and other individuals identified in the complaint. Ethixbase UK Limited will only use this information to process the complaint and to check on Ethixbase UK Limited’s Website and staff. Ethixbase UK Limited shall retain information in relation to a complaint for a maximum of 6 years after its closure, in a secure environment and access to it will be restricted on a ‘need to know’ basis.
Cookies and Similar Technologies
10. Cookies:
a. What are Cookies? Cookies are small text files that are placed on your device when you visit the Website and use any of our Products. Ethixbase UK Limited’s use of cookies is detailed below. Session cookies enable you to move from page to page within websites and any information you enter will be remembered but is deleted when you close your browser or after a short time. Persistent cookies allow us to remember your preferences and settings when you use the Website and our Products in the future, in different browser sessions.
b. Disabling Cookies: The use of the cookies described above improves the functionality of the Website and your experience of using them. If you do not want these cookies to be served on your device, you are able to disable them by changing the settings on your browser, or on your device. Please note that if you do decide to disable cookies you may not be able to access some of the Website, and some of the features of the Website or our Products may not function properly. By continuing to use the Website or our Products, you consent to the relevant cookies being set on your device.
c. Third Party Cookies: Third Party advertisers may place or read cookies on your browser or device in the Website or when using our Products. This Policy is applicable only to the use of cookies by Ethixbase UK Limited and does not cover the use of cookies by any third parties (including advertisers or social media companies).
d. More information: To find out more about how cookies work, how to manage and delete them and to see which ones have been set please visit aboutcookies.org or www.allaboutcookies.org.
Ethixbase UK Limited uses cookies and similar technologies in the following ways when you use the Website and/or our Products:
Session Cookie
Ethixbase UK Limited uses session cookies to help with the navigation of a user on a website and provide the ability for a user to traverse and navigate the website without losing data or a selection made from a previous page.
Further Information
This cookie expires when a browser is closed or after 15 mins of inactivity
Permanent Cookie
Ethixbase UK Limited uses permanent cookies to remember the user’s login and password information if they opt to from the login page. This allows the users not to re-enter their login information each time they visit the website.
Further Information
Although the cookie is persistent, it expires after a period of 3 months
First Party Cookie
Ethixbase UK Limited uses First Party cookies to track and report website users via WordPress. This includes information such as comments on articles or forms filled in where hosted directly via WordPress.
Further Information
This cookie only includes information as submitted by users.
Google Analytics Third Party Cookie
Ethixbase UK Limited uses Google Analytics cookies to track and report on website traffic. This cookie collects information in an anonymous form on website usage such as number of visitors on the website, frequency and volume of users at any given time which Ethixbase UK Limited use in turn to help improve its services.
Further Information
This is a session cookie and does not store any personal identifiable information.
Hubspot Third Party Cookie
Ethixbase UK Limited uses Hubspot session cookies to collect information on users’ behaviour while navigating the ethixbase360.com website. It tracks when users access the site, pages visited and succeeding transactions of users to identify possible ways to improve the user experience when on the ethiXbase.com website.
Further Information
Hubspot Third Party Cookie
AutoPilot Third Party Cookie
Ethixbase UK Limited uses AutoPilot session cookies to collect information on users’ behaviour while navigating our website. It tracks when users access the site, pages visited and succeeding transactions of users to identify possible ways to improve the user experience of its products.
Further Information
This is a session cookie and does not store any personally identifiable information.
Your rights and our contact details
11. Exercising your rights: You can contact us using the details set out in paragraph 12 below if you wish to: (i) access a copy of the personal data that we hold about you; (ii) correct any items of personal data that we hold about you; and/or (iii) have any items of personal data that we hold about you erased or object to our processing of such items of personal data. Please note that we may not be able to erase the personal data that we hold about you if we are required to retain it for other legal reasons – for example if you are subject to a particular sanction requirement we will be obliged to report this to our clients.
12. Ethixbase UK LimitedDetails and complaints: If at any time you would like to contact Ethixbase UK Limited about your views on this Policy or any enquiry relating to your personal information, you can do so by sending an e-mail to us at [email protected]. You have the right to make a complaint to the ICO by contacting them at any time. or write to us at Data Protection Officer: [email protected] .