Personal Information Collection Statement
1. COLLECTION OF PERSONAL DATA
- In compliance with applicable laws, Roots Technology Limited, including its successors and assigns, (“the Company”) sets out below its Personal Information Collection Statement.
- From time to time, the Company may collect the data of customers and Relevant Individuals (as defined below) in connection with the purposes set out in this Personal Information Collection Statement. These customers and individuals may include the following or any of them (collectively, “you”, “your”):
- (a) where the customer is an individual, the customer; and
- (b) customers’ shareholders, partners, directors, employees, former employees holding shares in the customer, board members, customers’ administrators, advisors and investors and other persons whom they invite to access certain platforms of the Company (the “Relevant Individuals”).
- Failure to supply or to consent to the Company’s collection, use or disclosure of such data requested by the Company for the purposes stated in this Personal Information Collection Statement may result in the Company being unable to provide (or continue to provide) the products and or services to you or to the Relevant Individuals linked to you. Please note that the above does not affect the Company’s right to collect, use and disclose personal data where such collection, use and disclosure is permitted or required under applicable laws.
- The Company and the Company’s affiliates, subsidiaries and associated entities (the “Company’s Group”) may collect your data in the ordinary course of its business.
2. PURPOSES FOR WHICH YOUR DATA IS COLLECTED, USED, AND/OR DISCLOSED
- The Company may collect, use and/or disclose your data for one or more of the following purposes:
- (a) For the purpose of supplying services and products, including: the daily operation and supply of services and products, to maintain the Company’s database, process user accounts and user login information, and to keep a record of how the Company’s services and products are being used, which may be stored remotely on the cloud service provided by third party contractors;
- (b) To communicate with you, including but not limited to:
- (i) operational communications, to administer your accounts and contact you regarding your account, changes to the Company’s website and services, security updates, customer service and general enquiries assistance (by email, telephone, or via a “live chat” function) with using the Company’s website, services and products;
- (ii) marketing communications (about the Company or another product or service which the Company thinks you (and / or your company) might be interested in) in accordance with your marketing preferences, including notifying you of Company marketing events, initiatives, and other promotions; and
- (iii) asking for feedback on the Company’s products and services or to take part in any research the Company is conducting;
- (c) To support you: this may include assisting with the resolution of technical support issues or other issues relating to the websites, products or services, whether by email, online support or otherwise;
- (d) To analyse, aggregate and report: to produce aggregated and anonymised analytics and reports;
- (e) Behavioural Tracking: to track how you interact with the online platform. Such collection may involve tracking and recording the time and date of the access, the specific functionality that you may have utilized, and data in relation to your interaction with the platform;
- (f) To improve the Company’s website, products and services and develop new ones;
- (g) To link and interact with other sites (such as LinkedIn, Twitter and other social media and file sharing sites) including: linking to these pages and interacting with any ‘like’ or similar embedded features on the Company website or social media accounts, and the relevant social media platform may receive information relating to such interaction. In some limited circumstances the Company may share personal data in connection with this purpose, but in such instances the Company will obtain additional consent from you;
- (h) Marketing services, products and other subjects: please see further details in paragraph 4 below;
- (i) Verification of the data or information provided by you;
- (j) Enforcing your obligations;
- (k) Compliance with laws: Complying with the obligations, requirements or arrangements for disclosing and using data that apply to the Company and the Company’s Group or that it is expected to comply according to:
- (i) any law binding or applying to it within or outside the jurisdictions in which the Company operate (the “Relevant Jurisdictions”) existing currently and in the future;
- (ii) any guidelines or guidance given or issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside the Relevant Jurisdictions; and
- (iii) any present or future contractual or other commitment with local or foreign legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations that is assumed by or imposed on the Company and the Company’s Group by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;
- (l) Compliance with internal policies: complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing data and information within the Company and the Company’s Group and/or any other use of data and information in accordance with any of the Company and the Company’s Group programmes for compliance with sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities; and
- (m) Due diligence: enabling an actual lender, investor or proposed assignee of the Company (and / or any part of its business or assets), or participant or sub-participant of the Company’s or the Company’s Group’s rights in respect of the customer to evaluate the transaction intended to be the subject of the lending, investment, assignment, participation or sub-participation.
- (n) General: purposes related to or furthering any of the purposes set out in the foregoing sub-paragraphs in this paragraph 3.5.
3. TRANSFER AND DISCLOSURE OF DATA
- Data held by the Company will be kept confidential. However, to facilitate the purposes set out in paragraph 2 above, the Company may transfer, disclose, grant access to or share data with the following parties:
- (a) any member of the Group;
- (b) any agent, contractor or third party service provider who is engaged by the Company to:
- (i) credit, debit, charge card, and/or other online, virtual, digital assets and blockchain payment providers and/or banks;
- (ii) any person to whom the Company (or any of the Company’s Group) is under an obligation or required or expected to make disclosure for the purposes set out in, or in connection with, paragraph 2.1(j) above;
- (iii) any person under a duty of confidentiality to any member of the Company’s Group (including accountants, legal advisers or other advisers);
- (iv) any actual lender, investor or proposed assignee of the Company, or participant or sub-participant of the Company’s rights in respect of the customer to evaluate the transaction intended to be the subject of the lending, investment, assignment, participation or sub-participation; and/or
- (v) third parties in an aggregated or anonymised form that does not directly identify you.
- The Company will ensure that the recipients of your personal data implement any measures that may be required to protect your data under applicable legal and regulatory requirements prior to transferring your data overseas.
4. USE OF DATA IN DIRECT MARKETING
- The Company may use and/or transfer your data in / for direct marketing only if you consent (or indicate that you do not object) via the Company’s online platform or other form of written communication, or if such direct marketing is exempted under applicable laws.
- The Company intends to use your data in direct marketing, please note that:
- (a) your name and address, contact details (including email address, phone number), information relating to use of the Company’s website, products and services, pattern and behaviour, and demographic data held by the Company from time to time may be used by the Company in direct marketing;
- (b) the following classes of services, products and subjects may be marketed:
- (i) accounting, legal, project management, business planning, investment management services, financial advisory, HR management, recruitment, and employee training services in connection with the Company’s products and services; and
- (ii) financial advisory, securities and investment management services;
- (c) the above services, products and subjects may be provided or (in the case of donations and contributions) solicited by the Company and/or:
- (i) the Company’s Group;
- (ii) third party legal, project management, business planning, HR management, recruitment, and employee training service providers;
- (iii) securities and investment services providers;
- (iv) third party reward, loyalty, referral or privileges programme providers; and
- (v) [charitable or non-profit making organisations];
- (d) in addition to marketing the above services, products and subjects itself, the Company may provide the data described in paragraph 4.2(a) above to all or any of the persons described in paragraph 4.2(c) above for use by them in marketing those services, products and subjects, and the Company requires your written consent (which includes an indication of no objection) for that purpose; and
- (e) the Company may receive money or other property in return for providing the data to the other persons in paragraph 4.2(c) above and, when requesting your consent or no objection as described in paragraph 4.2(d) above, the Company will inform you if it will receive any money or other property in return for providing the data to the other persons.
- If, after providing consent, you do not wish the Company to use or provide to other persons your data for use in direct marketing as described above, you may exercise your opt-out right by notifying the Company.
- You may provide your consent for the Company to use or provide to other persons your data for use in direct marketing as described above by notifying the Group Data Protection Officer of the Company (Please see contact details in paragraph 5.3 below).
5. CUSTOMERS’ RIGHTS AND CONTACTING THE COMPANY
- Under and in accordance with the terms of applicable laws, you have the right to:
- (a) check whether the Company holds data about you and to access such data;
- (b) require the Company to correct any data relating to you which is inaccurate; and
- (c) ascertain the Company’s policies and practices in relation to data and to be informed of the kind of personal data held by the Company.
- You should send requests for access to your data or correction of your data or for information regarding the Company’s privacy policies and practices and kinds of data to the Group Data Protection Officer (“GDPO”). The contact details of the GDPO are as follows: legal@getsprout.co.
- You may, at any time, request the Company cease using your personal data for direct marketing purposes by writing to the GDPO at the email address provided in paragraph 5.3 above.
- Nothing in this Personal Information Collection Statement shall limit the rights of customers under the applicable laws.
- This Personal Information Collection Statement is written in the English language and may be translated into other languages. In the event of any inconsistency between the English version and the translated version of this Personal Information Collection Statement, the English version shall prevail.