Amber Infrastructure Limited (“Amber”) is committed to protecting and respecting your privacy.
Amber may change this policy from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes. This policy was last updated on 25 May 2018.
In this Policy the term “Data Protection Legislation” means the EU General Data Protection Regulation 2016/679; together with all other applicable legislation relating to privacy or data protection.
COLLECTING YOUR PERSONAL INFORMATION
We may collect, record and use information about you in physical and electronic form and will hold, use and otherwise process it in accordance with the Data Protection Legislation and as set out in this policy in order to run and maintain our website, engage with you in connection with the provision or receipt of services, or for any other purpose as outlined below. We may collect or obtain such information because you give it to us (for example by filling in a form on our Website or by corresponding with us by phone, e-mail or otherwise), or because other people give that information to us on your behalf. It includes personal data you provide when you register on the Website for us to contact you, and when you report a problem with our Website.
If any information which you provide to us relates to a third party (such as a friend, spouse or other family member, or a third party beneficial owner), by providing us with their personal data you confirm that you have obtained any necessary permissions from such persons to the reasonable use of their personal data in accordance with the above provisions, or are otherwise permitted to give us this information.
The personal data we collect and process may include:
- your name;
- your contact information such as your email address and telephone number;
- information you provide to us to confirm your identity and carry out background checks for our KYC (or “know your client”) purposes; such as your home address and contact details (including your mobile telephone number), your date of birth, passport details and any other information about you that you disclose to us during the KYC process;
- information we obtain from third parties, such as information that we obtain when verifying details supplied by you. This information may include fraud prevention agencies and information which is collected from publicly available sources;
- any other information about you that you disclose to us when registering your interest via the Website; and
- your IP address, your browser type and language and other information about your visit to our website.
The personal data that we collect about you, particularly where applicable to the KYC process, may include special categories of personal data, such as information about your racial or ethnic origin or criminal or alleged criminal offences.
If you fail to provide us with your personal data, or you object to us processing such information, we may not be able to fulfil our agreement with you (such as to send you the information you requested) or we may be prevented from completing our KYC process.
We do not carry out automated decision-making or profiling in relation to your personal information.
USING YOUR PERSONAL INFORMATION
We, or another company in the Amber Group, may collect, hold and use information about you in the following ways and for the following purposes:
- to manage and respond to any request you submit through our Website;
- to provide you with the information, products and services that you request from us (for example to send you our press releases);
- to confirm your identity and carry out background checks in order to complete our KYC process, including as part of our checks in relation to anti-money laundering, compliance screening and to prevent fraud and other crimes;
- to comply with any requirement of applicable laws or regulations;
- to contact you by telephone or email about products, developments or services that may be relevant to you, unless you indicate at any time that you do not wish us to do so;
- for research purposes;
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes; and
- in the context of a sale or potential sale of a relevant part of our business, subject always to confidentiality obligations.
SHARING AND TRANSFERRING YOUR PERSONAL INFORMATION
We work with third parties to research certain usage and activities on our Website on our behalf. No personal information about you is shared, however in the course of conducting this research these third parties may place a unique ‘cookie’ on your browser.
Amber also reserves the right to disclose information relating to individuals in order to comply with applicable law, and legitimate government or other regulatory requests.
We will ensure that, if we share your information with third parties, any such disclosure complies at all times with Data Protection Legislation.
We will not generally transfer personal information about you in our possession to countries outside the European Economic Area (“EEA”) or to any country not deemed to provide adequate protection of personal data. If we, or our permitted third parties, do transfer your personal data outside the EEA in certain circumstances (for example because we have to provide such information by law), we or they will put in place appropriate safeguards to ensure that your personal data remains adequately protected.
LEGAL GROUNDS FOR USING YOUR PERSONAL INFORMATION
Data Protection Legislation requires us to inform you of the legal grounds on which we rely in order to process your personal data. We rely on one or more of the following lawful grounds:
- you have explicitly agreed to us processing your information for a specific reason or purpose (for example when you register your details on our Website);
- the processing is necessary for us to take steps to enter into an agreement with you;
- the processing is necessary in order for us to comply with a legal or regulatory obligation to which we are subject; and/or
- the processing is necessary for the purposes of a legitimate interest pursued by us, including to keep you informed about products, developments or services that may be relevant to you, to protect our business interests, to ensure that our internal processes are well-managed; to prevent fraud; or to evaluate, develop or improve our services.
We will make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To the extent that we process any special categories of data relating to you for any of the purposes outlined above, we will generally do so because you have given us your explicit consent to process that data.
Please note that in certain circumstances it may be still lawful for us to continue processing your information even where you have withdrawn your consent, if one of the other legal bases described above is applicable.
PROTECTING AND KEEPING YOUR PERSONAL INFORMATION
We will only keep the information we collect about you for as long as required for the purposes set out above or as required to comply with any legal obligations to which we are subject. We will normally delete your personal data after 7 years, but may retain your information for longer than this, provide it is permitted for a legal, regulatory or other legitimate business purpose. We will regularly review our files to check that information is accurate, up-to-date and still required.
All data is stored securely and security measures and procedures are in place relating to the storage and disclosure of information to prevent unauthorised access. However, although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure and we cannot guarantee the security of data transmitted to us or by us.
At any time, you have the following rights in relation to your personal data:
- to be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);
- to request access to or a copy of any personal data which we hold about you;
- to ask that we update the personal data we hold about you or correct such personal data that you think is incorrect or incomplete;
- to ask us to delete your personal data, if you consider that we do not have the right to hold it;
- to object to your personal data being processed in certain circumstances;
- to request not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data;
- to ask us to transfer a copy of your personal data to you or to another service provider or third party where technically feasible;
- to withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent); and
- to ask us to stop or start sending you marketing messages by using the below contact details.
We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change. We will correct any incorrect or incomplete information and will stop processing your personal data, or erase it, where there is no legal reason for us to continue to hold or use that information.
Any request for access to or a copy of your personal data must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will comply with our legal obligations as regards your rights as a data subject.
We work with third parties to research certain usage and activities on the Website on our behalf. In the course of conducting this research these third parties may place a unique ‘cookie’ on your browser. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors to their sites. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website.
In addition, we use two specific types of cookie on this Website:
- Session cookies, which are temporary cookies that remain in the cookie file of your computer until you close your browser (at which point they are deleted).
- Persistent or stored cookies that remain permanently on the cookie file of your computer.
|Default expiration time|
|ASP.NET_SesionId||This cookie is automatically generated by asp.net. It is created the first time application is accessed over the browser.||End of browser session|
Cookie that is used for storing CSFR token.
|End of browser session|
|XSRF-V||End of browser session|
This cookie is set by websites using the Umbraco web content management system.
Stores a Guid reference to the current logged in user. Randomly generated at login and stored in the umbracoUserLogins database table, it allows you access the current user, without having to store any user specific data in the cookie.
This cookie is set by websites using the Umbraco web content management system.
Stores a flag to say an update check has occurred. When a cookie expires, or no cookie is found, another update check takes place (setting the cookie again). Can be disabled by setting umbracoVersionCheckPeriod app setting to 0, though not recommended. Checks only take place if the current user is an admin.
Duration: Configurable via umbracoVersionCheckPeriod app setting. Defaults to 7 days.
|umbLastOpenedMediaNodeId||Return to user to last picked image folder||Session|
|__RequestVerificationToken||Anti forgery token that prevents CSRF attack.||Session|
|ga||Used to distinguish users.||2 years|
|gat||Used to throttle request rate.||10 minutes|
|ASP.Net_SessionId||Used for implementation of disclaimer.||Session|
HOW TO MANAGE COOKIES
The web browsers of most computers are initially set up to accept cookies. If you prefer, you can set your web browser to disable cookies or to inform you when a website is attempting to add a cookie. You can also delete cookies that have previously been added to your computer’s cookie file.
You can set your browser to disable persistent cookies and/or session cookies but if you disable session cookies, although you will be able to view this Website’s unsecured pages, you may not be able to log onto any authenticated pages. Please visit http://www.allaboutcookies.org/manage-cookies/ to discover how to disable and delete cookies.
WEB BEACONS AND SPOTLIGHT TAGS
This Website may also contain electronic images, known as web beacons or spotlight tags. These enable us to count users who have visited certain pages on the website. Web beacons and spotlight tags are simply tools used to obtain generic information about the web pages visited.
If you do not wish us to contact you, you can unsubscribe at any time by writing to Amber Infrastructure Limited, 3 More London Riverside, London, SE1 2AQ requesting that you no longer wish to be contacted by Amber or any third parties authorised to act on our behalf.
If you have concerns about our use of your information, you also have the right to make a complaint to the Information Commissioner’s Office, which regulates and supervises the use of personal data in the UK.