GDPR PRIVACY NOTICE

Overview

Legal & Other Notices.
In relation to:

4Syte Group

4Syte Ltd (4S), 4Syte Funding Ltd (4SF), 4Syte Construction Finance ltd (4SC), 4Syte Trade Ltd 4ST), together 4Syte

This GDPR Privacy Notice (this “Notice”) relates to each of the 4syte companies above in respect of its processing of personal data of all individuals.

Each 4Syte company has its registered address at First Floor Steeple House, Church Lane, Chelmsford, Essex, England, CM1 1NH.

About this Notice

For the purposes of GDPR, 4Syte Group (“we”, “our”, “us” or “4Syte”) is a data controller in respect of personal data of individuals which we may collect from time to time about our clients, prospective clients, prospective employees, individuals applying for or enquiring about and employment with us, or other third parties or their employees, directors, officers or representatives (any of whom are referred to as “you” in this statement).

This Notice explains how we use your personal data.

If you are a legal entity or partnership, by engaging in the provision of services with us, you confirm to us that you have provided your employees, directors, officers or representatives with the information set out in this statement and that they have consented to us using, in accordance with this statement, any personal data about them that you provide to us in connection of our financial services business. By continuing to engage in the provision of services with us, you authorise us to use and transfer the personal data about your employees, directors, officers or representatives in accordance with this statement as amended from time to time in accordance with the “Notification of changes” section below.

What types of personal data do we collect?

We may control, process and use your “personal data” which may include names, postal addresses, e-mail addresses, telephone numbers or any other personal data that you provide to us. We may also, in appropriate cases and to the extent permitted by law, control, process and use certain “sensitive personal data” (e.g. when undertaking “Know Your Customer” (“KYC”) or anti-money laundering (“AML”) checks, we may collect information about any offences that you or your employees, directors, officers or representatives have committed). For the purposes of the relevant jurisdiction in which we receive your personal data we are respectively the data controller or the data user of your personal data.

Who might we provide your personal data to?

In the course of running our financial services business we may provide your personal data to any of the following recipients or categories of recipients:

– our employees, board members, partners, officers or representatives;

– our prospective employees: individuals applying for or enquiring about and employment with us;

– our third-party service providers, business associates, distributors, advisors or auditors (including their employees, directors, – officers, sub-contractors or representatives);

– domestic and foreign regulators (“Regulators”), governments, law prevention, detection, investigation or enforcement authorities, tax, social or labour authorities (“Authorities”) and any other authorities or official bodies and their representatives;

– domestic and foreign courts, tribunals, arbitrators, ombudsmen, mediators, other dispute resolution bodies (“Courts/Tribunals”) and their representatives;

– any party who are directly relating to any one of these recipients; and

– any person that you request us or permit us to keep If you no longer wish us to share your personal data with such person(s) or wish to change your preferences in this respect, please inform our information officer at information.officer@4syte.co.uk

When we provide your personal data to any of the above recipients, that recipient may process your personal data on our behalf or for its own purposes. If the recipient processes the personal data for its own purposes, it will be responsible for its compliance with any applicable law with regards to your personal data.

How may we use your personal data?

We may process, use or transfer your personal data for the following purposes connected to our financial services business:

– administering the provision of services between us including, without limitation, billing, internal reporting and analysis and any other ancillary matters;

– services related to employment, including but not limited to, carrying out money laundering, background and criminal record checks

– complying with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, AML and anticorruption) and, in appropriate cases, carrying out KYC checks and other procedures that we undertake prior to you becoming a customer of ours;

– establishing, exercising or defending rights;

– complying with demands and requests made by, or making voluntary disclosures to Regulators, governments, Authorities or Courts/Tribunals;

– obtaining advice, receiving services or providing a third party with information about matters that may impact on the 4Syte group;

– providing you with marketing information relating to our products or services; and

– any other purposes that are incidental to or directly connected with the foregoing purposes or otherwise in the course of our legitimate financial services business activity.

We are entitled to process your personal data in these ways for the following reasons:

1 | If you are the applicant, you may enter into a financing agreement with 4Syte and some processing will be necessary for the performance of that contract or will be done at your request prior to entering into that contract.

2 | Processing may be necessary to discharge a relevant legal or regulatory obligation.

3 | The processing will, in all cases, be necessary for the legitimate business interests of 4Syte or another person, such as:

– carrying out the ordinary or reasonable business activities of or other activities previously disclosed to you or referred to in this privacy notice;

– ensuring compliance with all legal and regulatory obligations and industry standards, and preventing fraud;

– establishing, exercising or defending legal rights or for other purposes relating to legal proceedings; and

– ensuring the security of information systems.

4 | In respect of any processing of sensitive personal data falling within special categories, such as any personal data relating to the political opinions of a politically exposed person, the processing will be necessary for reasons of substantial public interest.

If you do not wish to provide your personal data for any of the purposes listed immediately above except for the purpose of providing you with marketing information, we will not be able to provide our financial services to you.

For the purpose of providing you with marketing information relating to our products or services, you are providing your personal data to us on a voluntary basis.

Transfers of your personal data outside the European Economic Area

Your personal data collected by 4Syte will be stored in 4Syte’s cloud-based servers in the UK and may be transferred to any of the recipients identified in this statement in connection with our business, some of which may be outside the EEA, and may be processed by us and any of these recipients in any country worldwide.

Where personal data is transferred outside the EEA, we will ensure that the transfer is subject to appropriate safeguards or is otherwise permitted under applicable law. For example, the country to which the personal data is transferred may be approved by the European Commission, the recipient may have agreed to model contractual clauses approved by the European Commission that oblige them to protect the personal data, or the recipient may be located in the United States and be a certified member of the EU-US Privacy Shield scheme.

You can obtain more details of the protection given to your personal data when it is transferred outside the EEA, including a copy of any standard data protection clauses entered into with recipients of your personal data, by contacting us using the details set out under “Contacting 4Syte” below.

Updating and retaining your personal data

It is important for us to maintain accurate records of your personal data. Please inform us of any changes to or errors in your personal data as soon as possible and we will update our records accordingly.

We will only retain your personal data for as long as, in our reasonable opinion, is necessary to comply with applicable law or for the purposes for which we process your personal data (as set out in this statement).

Recording of telephone calls

To the extent permitted by and in accordance with applicable law, we may monitor and/or record your telephone calls with us.

Your rights

You have a number of legal rights in relation to the personal data that we hold about you. These rights include the following:

1 | The right to obtain information regarding the processing of your personal data and access to the personal data that we hold about you.

2 | In some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and the right to request that we transmit that data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us.

3 | The right to request that rectify your personal data if it is inaccurate or incomplete.

4 | The right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain it.

5 | The right to object to, and the right to request, that we restrict our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict its processing of your personal data but we are legally entitled to continue processing your personal data or to refuse that request.

6 | The right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.

You can exercise your rights by contacting us using the details set out under “Contacting 4Syte” below. You can find out more information about your rights by contacting an EU data regulator such as the UK’s Information Commissioner’s Office, or by searching their website at www.ico.org.uk

Contacting 4Syte

If you have any questions or comments on this statement, please contact our information officer at information.officer@4syte.co.uk

Notification of changes

This Notice is dated 6 September 2019. From time to time we may amend this Notice without warning and an amended statement will be available at www.4syte.co.uk or by contacting our information officer at information.officer@4syte.co.uk This may be for a number of reasons, including changes in law, market practice or our treatment of your personal data.

In relation to:

4Syte Structured Finance

This GDPR Privacy Notice (this “Notice”) relates to 4Syte Structured Finance Ltd in respect of its processing of personal data of all individuals.

4Syte Structured Finance Ltd has its registered address at First Floor Steeple House, Church Lane, Chelmsford, Essex, England, CM1 1NH.

About this Notice

For the purposes of GDPR, 4Syte Structured Finance Ltd (“we”, “our”, “us” or “4Syte”) is a data controller in respect of personal data of individuals which we may collect from time to time about our clients, prospective clients, prospective employees, individuals applying for or enquiring about and employment with us, or other third parties or their employees, directors, officers or representatives (any of whom are referred to as “you” in this statement).

This Notice explains how we use your personal data.

If you are a legal entity or partnership, by engaging in the provision of services with us, you confirm to us that you have provided your employees, directors, officers or representatives with the information set out in this statement and that they have consented to us using, in accordance with this statement, any personal data about them that you provide to us in connection of our financial services business. By continuing to engage in the provision of services with us, you authorise us to use and transfer the personal data about your employees, directors, officers or representatives in accordance with this statement as amended from time to time in accordance with the “Notification of changes” section below.

What types of personal data do we collect?

We may control, process and use your “personal data” which may include names, postal addresses, e-mail addresses, telephone numbers or any other personal data that you provide to us. We may also, in appropriate cases and to the extent permitted by law, control, process and use certain “sensitive personal data” (e.g. when undertaking “Know Your Customer” (“KYC”) or anti-money laundering (“AML”) checks, we may collect information about any offences that you or your employees, directors, officers or representatives have committed). For the purposes of the relevant jurisdiction in which we receive your personal data we are respectively the data controller or the data user of your personal data.

Who might we provide your personal data to?

In the course of running our financial services business we may provide your personal data to any of the following recipients or categories of recipients:

– our employees, board members, partners, officers or representatives;

– our prospective employees: individuals applying for or enquiring about and employment with us;

– our third-party service providers, business associates, distributors, advisors or auditors (including their employees, directors, – officers, sub-contractors or representatives);

– domestic and foreign regulators (“Regulators”), governments, law prevention, detection, investigation or enforcement authorities, tax, social or labour authorities (“Authorities”) and any other authorities or official bodies and their representatives;

– domestic and foreign courts, tribunals, arbitrators, ombudsmen, mediators, other dispute resolution bodies (“Courts/Tribunals”) and their representatives;

– any party who are directly relating to any one of these recipients; and

– any person that you request us or permit us to keep If you no longer wish us to share your personal data with such person(s) or wish to change your preferences in this respect, please inform our information officer at information.officer@4syte.co.uk

When we provide your personal data to any of the above recipients, that recipient may process your personal data on our behalf or for its own purposes. If the recipient processes the personal data for its own purposes, it will be responsible for its compliance with any applicable law with regards to your personal data.

How may we use your personal data?

We may process, use or transfer your personal data for the following purposes connected to our financial services business:

– administering the provision of services between us including, without limitation, billing, internal reporting and analysis and any other ancillary matters;

– services related to employment, including but not limited to, carrying out money laundering, background and criminal record checks

– complying with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, AML and anticorruption) and, in appropriate cases, carrying out KYC checks and other procedures that we undertake prior to you becoming a customer of ours;

– establishing, exercising or defending rights;

– complying with demands and requests made by, or making voluntary disclosures to Regulators, governments, Authorities or Courts/Tribunals;

– obtaining advice, receiving services or providing a third party with information about matters that may impact on the 4Syte group;

– providing you with marketing information relating to our products or services; and

– any other purposes that are incidental to or directly connected with the foregoing purposes or otherwise in the course of our legitimate financial services business activity.

We are entitled to process your personal data in these ways for the following reasons:

(a) If you are the applicant, you may enter into a financing agreement with 4Syte and some processing will be necessary for the performance of that contract or will be done at your request prior to entering into that contract.
(b) Processing may be necessary to discharge a relevant legal or regulatory obligation.
(c) The processing will, in all cases, be necessary for the legitimate business interests of 4Syte or another person, such as:
(i) carrying out the ordinary or reasonable business activities of or other activities previously disclosed to you or referred to in this privacy notice;
(ii) ensuring compliance with all legal and regulatory obligations and industry standards, and preventing fraud;
(iii) establishing, exercising or defending legal rights or for other purposes relating to legal proceedings; and
(iv) ensuring the security of information systems.
(d) In respect of any processing of sensitive personal data falling within special categories, such as any personal data relating to the political opinions of a politically exposed person, the processing will be necessary for reasons of substantial public interest.

If you do not wish to provide your personal data for any of the purposes listed immediately above except for the purpose of providing you with marketing information, we will not be able to provide our financial services to you.

For the purpose of providing you with marketing information relating to our products or services, you are providing your personal data to us on a voluntary basis.

Transfers of your personal data outside the European Economic Area

Your personal data collected by 4Syte will be stored in 4Syte’s cloud-based servers in the UK and may be transferred to any of the recipients identified in this statement in connection with our business, some of which may be outside the EEA, and may be processed by us and any of these recipients in any country worldwide.

Where personal data is transferred outside the EEA, we will ensure that the transfer is subject to appropriate safeguards or is otherwise permitted under applicable law. For example, the country to which the personal data is transferred may be approved by the European Commission, the recipient may have agreed to model contractual clauses approved by the European Commission that oblige them to protect the personal data, or the recipient may be located in the United States and be a certified member of the EU-US Privacy Shield scheme.

You can obtain more details of the protection given to your personal data when it is transferred outside the EEA, including a copy of any standard data protection clauses entered into with recipients of your personal data, by contacting us using the details set out under “Contacting 4Syte” below.

Updating and retaining your personal data

It is important for us to maintain accurate records of your personal data. Please inform us of any changes to or errors in your personal data as soon as possible and we will update our records accordingly.

We will only retain your personal data for as long as, in our reasonable opinion, is necessary to comply with applicable law or for the purposes for which we process your personal data (as set out in this statement).

Recording of telephone calls

To the extent permitted by and in accordance with applicable law, we may monitor and/or record your telephone calls with us.

Your rights

You have a number of legal rights in relation to the personal data that we hold about you. These rights include the following:

(a) The right to obtain information regarding the processing of your personal data and access to the personal data that we hold about you.
(b) In some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and the right to request that we transmit that data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us.
(c) The right to request that rectify your personal data if it is inaccurate or incomplete.
(d) The right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain it.
(e) The right to object to, and the right to request, that we restrict our processing of your personal data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict its processing of your personal data but we are legally entitled to continue processing your personal data or to refuse that request.
(f) The right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.

You can exercise your rights by contacting us using the details set out under “Contacting 4Syte” below. You can find out more information about your rights by contacting an EU data regulator such as the UK’s Information Commissioner’s Office, or by searching their website at www.ico.org.uk

Contacting 4Syte

If you have any questions or comments on this statement, please contact our information officer at information.officer@4syte.co.uk

Notification of changes

This Notice is dated 6 September 2019. From time to time we may amend this Notice without warning and an amended statement will be available at www.4syte.co.uk or by contacting our information officer at information.officer@4syte.co.uk. This may be for a number of reasons, including changes in law, market practice or our treatment of your personal data.

Chelmsford Office
Head Office

First Floor, Steeple House, Church Lane, Chelmsford, Essex, CM1 1NH
01245 377 032 info@4syte.co.uk

London Office

224 Linen Hall, 162-168 Regent Street, London W1B 5TE
0845 652 0400 info@4syte.co.uk

Leeds Office

17 Park Place, Leeds, West Yorkshire LS1 2SJ
01134 033 302 info@4syte.co.uk

Leave us your info

and we will get back to you.