BERGGRUEN HOLDINGS LTD – DATA PROTECTION
The new GDPR legislation requires Berggruen Holdings Ltd. (the “Company”) to provide this notice, which sets out how the Company will process personal information that it receives. Where your details are provided to the Company as a consequence of your engagement with it, we will process your personal information or, if applicable, that of your directors, officers, employees and/or beneficial owners.
PURPOSES OF PROCESSING AND LEGAL BASIS FOR PROCESSING
- In order to carry out anti-money laundering checks and related actions which the Company considers appropriate to comply with legal obligations imposed upon it;
- To record electronic communications for the verification of instructions, investigations and fraud prevention purposes; crime detection prevention, investigation and prosecution; to enforce rights or defend the Company and its affiliates directly or through third parties to comply with any legal obligation imposed; and to pursue the Company’s legitimate interest in relation to such matters or where the processing is in the public interest;
- To disclose information to other third parties such as service providers of the Company including regulatory authorities, payroll bureaus, technology providers, auditors and advisors in order to comply with any legal obligation imposed on the Company or to fulfill the services included in your engagement letter(s) with the Company; and
- To update and maintain records.
THE COMPANY MAY DISCLOSE YOUR PERSONAL INFORMATION:
- To its service providers and affiliates and other third-party service providers engaged by the Company in order to process the data for the above-mentioned purposes; and
- To competent authorities (including tax authorities), courts and bodies as required by law or requested by any regulatory authority, where there is a legal obligation to report.
The disclosure of personal information to any third party may involve the transfer of data to jurisdictions outside the European Economic Area, in accordance with the requirements of GDPR. Such countries may not have the same data protection laws as the EEA. The Company has not verified the compliance of those third parties and cannot be held responsible if any party does not comply with GDPR.
DATA SUBJECT RIGHTS
You have the following rights, in certain circumstances, in relation to your personal information:
- The right to access your personal information;
- The right to rectify your personal information;
- The right to restrict the use of your personal information (in certain specific circumstances); and
- The right to object to processing of your personal information (in certain specific circumstances).
You have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data relating to you, carried out by the Company, or its service providers, infringes the General Data Protection Regulation.