DATA PROTECTION NOTICE

1. Introduction

We, at Centaur, respect your right to privacy and we seek to comply with our obligations under Regulation (EU) 2016/679 (the General Data Protection Regulation) (the “GDPR”). There are no policy waivers or exceptions. The GDPR legislation applies to individuals or organisations established in Ireland, and throughout the European Union that control or process data about identified or identifiable living people.

Centaur may also have a requirement to comply with other applicable data or privacy regimes, as they are relevant to each operating Centaur entity.

All electronic data processed by the Centaur Group is hosted in Europe; therefore, each Centaur entity is impacted by the GDPR.

In this data protection notice, we explain how Centaur collects personal data about you, how we use it and how you can interact with us about this data.

2. Centaur Group

In this notice, “we”, “us”, “our” “Centaur” or “Centaur Group” refers to the Centaur Group of companies which includes Centaur Fund Services Limited, Centaur Fund Services (Bermuda) Limited, Centaur Fund Services (Cayman) Limited, Centaur Fund Services US, Inc., Centaur Fund Services (Canada) Limited, Centaur FS Limited, Centaur Financial Limited, and any other affiliates and their respective parent and subsidiary companies which may be incorporated from time to time. For more information about the Centaur Group, please visit: www.Centaurfs.com

We may share your personal data within the Centaur Group to help us to provide our services, and comply with regulatory and legal requirements.

3. Data Controllers and Processors

Centaur may act either as a data controller or as a data processor in respect of your personal data, depending on the context of your relationship with Centaur. Our contact details can be found below.

4. Data Protection Officer and How to Contact Us

Our Data Protection Officer is based in Ireland. The Data Protection Officer oversees how we collect, use, share and protect your personal data to ensure your rights are fulfilled and that Centaur complies with the GDPR. You can contact our Data Protection Officer by:

  • Email: [email protected]
  • By Post or In Person: Data Protection Officer, Centaur Fund Services Limited, 2nd Floor, 2 Custom House Plaza, Harbourmaster Place, IFSC, Dublin, D01 V9V4, Ireland.
  • Telephone: 00353 1 899 2400

Centaur Fund Services Limited acts as the EU Representative for all non-EU entities within the Centaur Group.

5. How we collect information

We may collect personal data from you, for example, if you or your business has engaged our services or if you or an organisation with which you are connected, invest in a product for which we have been engaged to provide services to. We may collect personal data from you in connection with an application or offer of employment and where relevant, as an employee at Centaur. We may also collect personal data through our website using ‘cookie’ technology as well as through our marketing and social media channels. We may record phone conversations but, where this is the case, we will always make you aware of this before doing so. We may collect personal data from you if we engage you or your business as a service provider or in instances where we need to work in partnership with you or your business to provide our services.

As part of our due diligence on customers, potential customers, contractors, employees and job applicants, we may carry out information searches and may take steps to verify your identity in accordance with applicable legislation.

We do this by requesting the relevant information from you and where necessary, by checking your details against due diligence and risk profile databases provided to us by third parties.

6. Types of data we collect and how we use it

In order to provide the services we offer and to operate as an employer, we need to collect and use personal data. We may use the personal data that we collect to help meet our service, legal and regulatory obligations and to help protect you and others from financial crime. This can sometimes require the use of technology to analyse trends and patterns.

Personal Data
We will process any personal information you provide to us for the following purposes:

  • to provide you with the services you have requested;
  • to contact you in connection with your service request;
  • to respond to any communications, you might send to us;
  • to perform our duties under a service contract to which you are a party, or to which you are a connected party;
  • to communicate with you about Centaur activities or services;
  • to perform our duties as an employer;
  • to communicate with you as a prospective or former employee; and
  • to monitor the provision of services and/or business relationship between Centaur and you/your organisation.

Cookies
Our web site uses ’cookie’ technology. A cookie is a piece of text stored by the browser on your computer, at the request of our server. We may use cookies to deliver content specific to your interests and to save your personal preferences, so you do not have to re-enter them each time you connect to our web site. Our cookies are not available to other web sites.

Cookies exist on the Centaur website to allow users to access online services that are offered from time to time. No personal information is recorded, and the cookie is automatically deleted when you log out or close your browser. You are always free to decline our cookies, if your browser permits, or to ask your browser to indicate when a cookie is being sent. You can also delete cookie files from your computer at your discretion. Note that if you decline our cookies
or ask for notification each time a cookie is being sent, this may affect your ease of use of the web site. Further information on our cookie policy is available on our website www.Centaurfs.com.

7. Information safeguarding

We have security measures in place to protect your personal data, in accordance with applicable laws and regulations and industry standards. We also keep our computers, files and buildings secure.

If you choose to contact us to ask about your personal data, we will need to establish and where necessary, verify your identity before it can be provided. This is to help protect your data.

Your personal data is held in secure locations, for example on secure servers or secure office storage facilities. We cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. However, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your personal data once we have received it.

8. Information retention

We will normally hold your personal data for the duration of your business or employee relationship with Centaur, unless it is no longer necessary to retain such data, in which case we will destroy it. Any further retention of personal data will either be determined in line with any legal or regulatory retention requirements or where the retention of such data is otherwise deemed necessary. Where it is no longer necessary to retain the data, we will delete it in line with our data retention program.

9. Compliance with our legal and regulatory obligations

For Centaur to use your information lawfully, we may rely on one or more of the following legal bases:

  • performance of a contract
  • legal obligation
  • legitimate interest

Our legitimate interests may include the below;

  • the establishment, exercise or defence of legal claims;
  • to manage and administer the Centaur Group’s business, to improve and manage relationships with
    employees and other stakeholders and for marketing and business development activities and analysis;
  • to communicate with you in respect of your relationship with the Centaur Group;
  • for risk assessment and risk management purposes, for statistical and trend analysis, for system
    administration, operation, testing and support and to operate control systems and management information
    systems;
  • to help detect, prevent, investigate, and prosecute fraud and/or other criminal activity;
  • to manage the Centaur Group’s information technology platforms and to ensure the security of the Centaur
    Group’s systems;
  • to disclose information to a governmental, tax or regulatory body, financial market, broker or other
    intermediaries, counterparties, court, auditors or other third parties, and;
  • to investigate and respond to any complaints about the Centaur Group and to help maintain quality and to
    deal with complaints and disputes;

In order to meet our legal and regulatory obligations, we may need to collect your personal data, verify it and keep it up to date by performing ongoing reviews. We may also gather information/ personal data about you from publicly available sources, and from third parties to help us meet our legal and regulatory obligations.

10. Consent

When we need to collect and use sensitive personal data about you, such as medical information, we will ask for your consent. Before you give your consent, we will tell you what data we need to collect and what we will use it for. You can withdraw your consent at any time by contacting us.

11. Providing your information to third parties

Centaur does not share your personal data routinely with third parties, however it may be necessary to do so, in certain circumstances, to assist with the performance of a contract, for example when administering payroll, or when complying with audit or regulatory requests from authorised third parties. We will always ensure that your data is transferred securely in these situations.

We may provide non-personal data to third parties, where such information is combined with similar information about other users of our web site. For example, we might inform third parties regarding the number of unique users who visit our web site, the demographic breakdown of users of our web site, or the activities that visitors to our web site engage in while on our web site. The third parties to whom we may provide this information may include potential or actual advertisers, providers of advertising services (including web site tracking services), commercial partners, sponsors, licensees, researchers and other similar parties.

Centaur may need to share personal data with third parties to comply with applicable law, regulation or lawful requests. When we believe we have been given false, fraudulent or misleading information, or if we suspect criminal activity, we may have a duty to inform the relevant law enforcement agencies, which may be either in or outside the Republic of Ireland.

12. Transferring data internationally

We may need to transfer your personal data outside of the European Economic Area (EEA) to help us provide our services, or to comply with applicable legal or regulatory obligations. Where we need to do so, we will ensure that an equivalent standard of data protection is applied to the transfer and use of the data, so that your rights are protected.

13. Your rights regarding your personal data.

You have various rights under GDPR in relation to your personal data. These include:

  • the right to request access to your personal data;
  • the right to have your personal data rectified;
  • the right to have your personal data erased;
  • the right to request that your personal data is only used for specific purposes;
  • the right to object to your personal data being processed (if the lawful basis for processing your personal information is the legitimate interest of the Centaur Group), for example, for marketing;
  • The right to object to any automated decision making, where applicable;
  • the right to require certain aspects of your personal data to be transferred to you or a third party (in certain
    circumstances); and
  • the right to lodge a complaint with the relevant data regulator in your jurisdiction.

Your rights can be exercised by contacting our Data Protection Officer using the contact details given above.

14. Sale of business

We reserve the right to transfer information (including your personal data) to a third party in the event of a sale, merger, acquisition, liquidation, receivership or transfer of all or substantially all of the assets of our company or companies, provided that the third party agrees to adhere to the terms of this data protection notice and provided that the third party only uses your personal data for the purposes for which you provided it to us. You will be notified in the
event of any such transfer and you will be afforded an opportunity to opt-out.

15. Making a complaint

If you have a complaint about Centaur’s use of your personal data, please contact Centaur’s Data Protection Officer using the contact details given above.

All complaints received will be fully investigated. Please supply as much information as possible to assist us to resolve your complaint in a prompt and efficient manner.

You can also contact the Office of the Data Protection Commissioner in Ireland, at [email protected] or by writing to them at: Data Protection Commissioner, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois, Ireland. If you need assistance or information on how to contact the relevant data protection authorities in another country where Centaur operates, please contact our Data Protection Officer.

16. Changes to this data protection notice

Where updates are made to this data protection notice, the updated version will be posted on the Centaur web site, so you are always aware of what data we collect, how we use it, and under what circumstances, if any, we may disclose it. If at any time we decide to use your personal data in a manner significantly different from that stated in this policy, or otherwise disclosed to you at the time it was collected, we will notify you by email, and you will have a choice as to
whether or not we may use your personal data in this manner.