Privacy
Privacy
Introduction
Cain International (together with our subsidiaries, “we”, “our”, “us”) are committed to protecting and respecting your privacy.
This policy sets out the basis on which we will process any data we collect from you, or that you provide to us, in connection with your use of our website at www.cainint.com (the “Website”), when you engage with us at events or share your data with our personnel in the context of pursuing business, or when you have applied for a job with us. Please read this policy carefully so that you understand your rights in relation to your data, and how we will collect, use and process your data. If you do not agree with this Privacy Policy in general or in part, you should not access the Website or submit any data to us.
This Privacy Policy has been divided into four sections.
Part 1 describes the data we collect, and how we use it, when you are a visitor on our Website.
Part 2 describes the data we collect, and how we use it, when you apply for a job with us.
Part 3 describes the data we collect, and how we use it, when we are required to conduct Know Your Client checks on clients, prospective clients, partners, service providers and other parties with whom we do business.
Part 4 applies generally to the way we process data.
Data Controller
If you are in the EU, then for the purposes of the General Data Protection Regulation, Cain International is the controller of your data collected and used in the context of you visiting our Website (as described in this Part 1). We are established in the United Kingdom with a registered office at 116 Upper Street, London N1 1QP.
The type of information we, or our third parties’, collect
Technical usage information. We use Google Analytics, which is a web analytics tool that helps us understand how users engage with the Website. Like many services, Google Analytics uses first-party cookies to track user interactions, as in our case, where they are used to collect information about how users use our Website. This information is used to compile reports and to help us improve our Website. The reports disclose website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all websites you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.
Information you give us. You may also provide us with information by contacting us via email, web enquiry form, telephone or when you engage with our personnel.
Purpose and legal basis for processing
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our Website and to provide useful content, we will use your information to:
Further information about the analytics we perform on data collected from our Website can be found in our Cookies Policy.
PART 2 – APPLYING FOR A JOB WITH CAIN INTERNATIONAL
Data Controller
If you apply for a job with Cain International in the EU, the company you apply to is, for the purposes of the General Data Protection Regulation, the controller of your data. For the purpose of this Part 2, we refer to such company as the Employing Entity.
The type of information we collect
Information you give us. When you apply for a job, the Employing Entity will ask you to provide a CV. Your CV will likely include data such as your name, contact details, education and previous experience. During the application process, the Employing Entity may ask you further questions about this information and/ or request additional information such as proof of identity, proof of your qualifications, a criminal records declaration and names and contact details for referees.
Where permitted by local law, you have the option of providing certain sensitive data, such as, race or ethnic origin, or whether you have a disability, for the purposes of equal opportunities monitoring. If you decide not to provide this data, your application will not be prejudiced.
Information from third parties.
Background Screening Checks. The Employing Entity will receive information from third parties in connection with your application, such as data provided by referees, recruiters and organisations that provide background checks (this will include right to work and criminal reference checks, to the extent permitted by applicable law).
We use the services of outside agencies, including Insperity and Sterling, to perform background checks in order to research and verify the information that you have provided in relation to your job application. Prior to any background checks being undertaken, you will be contacted to inform you of the agency performing the relevant checks. This is an essential step as part of our due diligence evaluation of all potential employees and it is within the Employing Entity’s legitimate interests to process your data for the purpose of conducting and assessing the outcome of such background checks to evaluate trustworthiness, fitness and propriety, integrity and reliability. The information obtained through these background checks may be used to make employment decisions. When you receive the details of the screening agent, please review their privacy policy as they will be processing your data.
Purpose and legal basis for processing
The Employing Entity processes data to assess your suitability for the role you have applied for. The Employing Entity is therefore processing this data with a view to entering into a contract with you. We do not rely upon automated decision making in our recruitment process.
The Employing Entity processes any sensitive data you provide for equal opportunities monitoring for the purpose of carrying out specific obligations as an employer.
The Employing Entity will use your information to:
How do we share your data?
Please see How do we share your data? below.
The Employing Entity will also, when processing data for job applications, share your data with:
Your Rights
In addition to Your Rights described below, if you are located in the EU and have given information to an Employing Entity for the purpose of entering into an employment contract, you have the right to request that the Employing Entity transfer this data to you or another organisation. If you wish for the Employing Entity to transfer the data to another party, please ensure you detail that party and note that the Employing Entity can only do so where it is technically feasible. The Employing Entity is not responsible for the security of the data or its processing once received by the third party.
The Employing Entity may not be able to provide you with certain data following a portability request if providing it would interfere with another individual’s rights (e.g. where providing the data it holds about you would reveal information about another person) or where another exemption applies.
PART 3 – CLIENT AND PROSPECTIVE CLIENT CHECKS
Data Controller
If you are a client, or prospective client, of Cain International within the EU, the company you are onboarding/ onboarded with is, for the purposes of the General Data Protection Regulation, the controller of your data. For the purpose of this Part 3, we refer to such company as the Onboarding Entity.
The type of information we collect and our purpose and legal basis for processing
Prospective Clients
Cain International collects a variety of information about its clients and client contacts as part of our new client onboarding process. This may be referred to as ‘Know Your Client (KYC)’ checks and, where required by law or our internal policies, we will also undertake anti-money laundering (AML) checks. When conducting these checks, the Onboarding Entity will seek to collect data in accordance with the Joint Money Laundering Steering Group Guidance. Specifically:
If we are entering into a contract with you directly, then it is necessary for the purpose of that contract, that we verify your identity. In other cases, it may be in our legitimate interests, as a provider of services to your employer, that we verify your identity as a key contact or director. It is further incumbent on Cain International to meet its legal obligations to undertake appropriate due diligence so as to identify and assess the risks of money laundering and terrorist financing.
Clients
In order to provide you with services as agreed in our contract with you, we will process information to contact you, identify the appropriate mandate for investment and comply with local laws. This information will include data you provide to us in the course of KYC/AML checks (see above) and when filling in forms we provide to you from time to time.
How do we share your data?
Please see How do we share your data? below.
The Onboarding Entity will share your data with the following third-party vendors who assist Cain International in its performance of services:
Data Controller
For the purpose of this Part 4, “we”, “our” and “us” refers to the relevant data controller of your data, as identified in Part 1 to 3.
How do we share your data?
Sharing with Third Parties. We do not sell, rent or lease your information to others except as described in this Privacy Policy. We share your information with third parties to the extent they provide us with services which involves the processing of data. These categories of recipients include:
Sharing within the Cain International Group. The Cain International Group is a group of global companies. Your data may be transferred within the Group, which may include entities located in the UK and the USA. This transfer is limited solely to the extent it is necessary due to the centralization of certain administrative and processing services.
Sharing with Law Enforcement. We will share your information with law enforcement agencies, public authorities or other organisations if legally required to do so, or if we have a good faith belief that such use is reasonably necessary to:
Sharing data for business purposes. We will also disclose your information to third parties:
Location of data
If you are located in the European Union, we will only share your data with third parties outside of the European Economic Area, if the third party:
How long do we store your data?
For information about how long we hold your data, please our Retention Schedule.
Your rights
If you are located in the European Union the, under data protection law, you have certain rights with respect to the data we process about you. The rights available to you depend on our reason for processing your information and may be limited in certain circumstances, for example, where fulfilling your request would adversely affect other individuals, where there are overriding public interest reasons or where we are required by law to retain your data.
Your right of access. You have the right to ask us to access the data we hold about you and be provided with certain information about how we use your data and who we share it with.
Your right to rectification. You have the right to ask us to correct your data where it is inaccurate or incomplete and we will endeavour to do so without undue delay.
Your right to erasure. In certain circumstances, you have the right to ask us to delete the data we hold about you:
Your right to restrict processing. In certain circumstances, you have the right to ask us to restrict (stop any active) processing of your data. You may choose to restrict processing:
To exercise any of these rights above, please contact us at legal@cainint.com. In addition, you have the right to complain to the Information Commissioner’s Office or other applicable data protection supervisory authority.
Objection to Communications
At any time you have the right to object to our processing of data about you in order to send you newsletters or other materials relating to Cain International. If you object, which you can do by emailing legal@cainint.com or by clicking ‘unsubscribe’ on any correspondence you receive from us, we will stop processing the data for that purpose.
The security of your data
We cannot guarantee the security of your information transmitted through the Website or over email; any transmission is at your own risk. Once we have received your information, we will take appropriate technical and organisational measures to safeguard your data against loss, theft and unauthorised use, access or modification.
We will, from time to time, host links to and from the websites of our affiliates or third parties. If you follow a link to any of these websites, these websites will have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any information to those websites.
Complaints
In the event that you wish to make a complaint about how we process your data, please contact us in the first instance at legal@cainint.com and we will endeavour to deal with your request. This is without prejudice to your right to launch a claim with the Information Commissioner’s Office or the data protection supervisory authority in the EU country in which you live or work where you think we have infringed data protection laws.
Changes
Any changes we will make to this policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this policy.
Contact
Questions, comments and requests regarding this policy are welcomed and should be addressed to legal@cainint.com.