Privacy Statement
1. Introduction and Scope
This Privacy Statement sets out how TMF Group (“we”, “us”, and “our”) uses your Personal Data in connection with:
- services provided to or by you ("Services”);
- other (pre) contractual relationship between you and TMF Group, except for employment or
- similar relationship (“Relations”);
- Services provided to or by an entity that you represent or work for (“your entity”) or Relations that your entity has with TMF Group.
- your data subject requests in accordance with applicable data protection laws in order to provide you with requested information collected from us as listed under Section 3. of this Statement
For purposes of this Privacy Statement, “Personal Data” means any information through which we can identify you, as further described below under paragraph 3 (Personal Data we process).
This Privacy Statement only applies to the usage of Personal Data of (prospective) clients, vendors or other business partners (individuals) and investment funds for which TMF Group entity is responsible and qualifies as a controller in the meaning of the General Data Protection Regulation (2016/679/EU) ("GDPR") or similar qualification under other data protection laws, whereby TMF Group entity determines the purpose and the means of the processing of such Personal Data, including data collated and retained by or on behalf of investment funds managed by TMF (“TMF managed funds”).
Your Personal Data can be collected through various channels, such as in a sales process, via telephone calls, via forms you or your entity submit(s) to us, via email or other communication channels or tools, as well as during business events.
We can collect your Personal Data directly from you or indirectly from your entity.
This Privacy Statement does not apply to corporate company information if no Personal Data from individuals can be derived from such corporate information, unless it is considered Personal Data in accordance with applicable local laws.
For our usage of Personal Data in our capacity as a processor under the relevant data protection laws, Personal Data Protection Policy applies. We also have a separate Website Privacy Statement which applies and sets out how we use your Personal Data when you visit our website.
2. Who We Are
When we refer to ourselves as “TMF Group” or “we”, we mean each TMF Group entity that is responsible for using your Personal Data. This will depend on the TMF Group entity(/ies) that you intend to or have entered into a contract with for the provision of Services or with regard to Relations. An overview of the locations where TMF Group entities operate in and TMF Group entities as such can be found here.
3. Personal Data We Process
The Personal Data we process about you in connection with providing Services or Relations include the following:
- Your contact details. Your name, address, telephone number, email address and any other contact details you provide to us.
- Your personal characteristics. Including your gender, profession, job title, name of your entity, marital status (if shown on national identification cards) or other personal characteristics that are requested to identify you as a client, a vendor or a business partner, or their representative or employee, including information disclosed in commercial registers if it is considered Personal Data in accordance with the applicable local laws.
- Recording of video footage. When you enter our buildings or premises, you are recorded by our video surveillance systems (CCTV). You can also be recorded on video footage during events, such as seminars, that we host. The specific and customized information on this personal data processing (if recorded) is available in the respective TMF Group affiliate premise. Where applicable- the CCTV images may be also processed by the building owner or the authorized third party of TMF Group affiliate.
- Your communication data. Your requests, any complaints you may have, or any requests or complaints submitted for you or on your behalf, and any other data that we receive if we communicate with you via email, telephone, in person or otherwise.
- KYC information. TMF Group is required by law to conduct "know your client" identification procedures. To comply with our legal obligation, we also collect the following information from the Ultimate Beneficial Owners (UBOs) or executives and representatives (e.g. managing directors or board members) of our clients: first and family name, citizenship(s) (nationalities), your Personal Data disclosed in a copy of ID or copy passport (including its number, issuance and expiry dates, issuing authority, photo of individual), CV (in certain cases when required by Group Compliance) tax residence, private/residential address, phone number, email address, date of birth, place of birth, marital status, profession and actual function, range of annual income, range of estimated wealth, the source of wealth and (where applicable) an U.S. or other Taxpayer Identification Number.
If you are acting as a party to contract with us, then providing required Personal Data which allow us to identify you as a contracting party is a pre-condition for concluding such contract. The contract cannot be concluded without Personal Data based on which we can identify you as a party to the contract.
Providing Personal Data concerning the KYC process is necessary for us to be able to comply with the applicable legal, regulatory or professional requirements on anti-money laundering legislation. If the Personal Data is not provided then conducting required verification can be significantly hindered, and as a consequence we may not be able to conclude a contract with you or your company, or already concluded contract may be terminated due to non-compliance with the legal obligation imposed by Anti-money laundering legislation.
Providing Personal Data for the purpose of contact or communication is voluntary. However, lack of such Personal Data may significantly delay providing Services, maintaining Relations or answering your requests or complaints. Providing Personal Data only for marketing purposes is voluntary. Failure to provide the Personal
Data for such purposes has no consequences.
4. Purposes For Which We Use Your Personal Data
TMF Group collects, uses or otherwise processes your Personal Data for the purposes below and on a lawful basis. Insofar we already hold information about you, we may use that information for the same purposes.
- For the performance of our agreement with you/your entity: We use your Personal Data in order to carry out our obligations arising from any agreements entered into between you/your entity and us or a TMF managed fund, and to provide you/your entity with the information or Services that you require or request, including managing and handling you/your entity’s investment in a TMF managed fund, your requests, inquiries or complaints.
- For marketing purposes, based on your consent: If you are a prospective client: we use your Personal Data to send you marketing communications (such as newsletters, promotions, news or service updates) via email or other electronic means or via telephone, but we will only do so after we have received your explicit consent to do so, unless otherwise allowed by applicable laws. You can withdraw your consent, if any, as well as exercise any of your rights at any time; see paragraph 9 (Your rights) below.
- To comply with our legal obligations: Any information referred to above under paragraph 3 (Personal Data we process) may be used to comply with a legal obligation to which TMF is subject, such as maintaining appropriate business records, conducting Know Your Client identification procedures, commencing risk assessment, complying with lawful requests by governmental agencies and public authorities and to comply with applicable laws and regulations or as otherwise required by law.
- For our legitimate commercial interests:
- If you are an existing client, vendor or business partner, their representative or employee: we use your Personal Data (both on aggregated and on individual basis), such as your contact details and your electronic identification data for the purpose of advertising our Services that may be of interest to you (based on the Services you or your entity previously used), making contact with you for marketing or other commercial purposes. We use your Personal Data for client, vendor and business partner administration purposes, such as administration of Services agreements or other agreements, as relevant, internal administration of work done under such agreements.
- We use your Personal Data for analysing and improving the quality of our Services and to understand you or your entity as a customer (customer optimization). This enables us to assess what may interest you, to measure or understand the effectiveness of advertising we serve to you and others and to deliver relevant advertising. In addition, based on your historical use of our Services we may target you with advertisement or other marketing materials that are customized to your personal preferences and experiences.
- In addition, we use your Personal Data for our other legitimate commercial interests such as, to operate and expand our business activities, to develop and improve or modify our Services, to generate aggregated statistics about the users of our Services; to assist in security and fraud prevention; to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes.
- We also use your Personal Data for system integrity purposes (for example the prevention of hacking, spamming etc.); to facilitate our business operations, to operate company policies and procedures; to enable us to make corporate transactions, such as any merger, sale, reorganization, transfer of TMF Group’ assets or businesses, acquisition, bankruptcy, or similar event; or for other legitimate business purposes permitted by applicable law.
5. How We Share Your Personal Data
We share your Personal Data with the following parties:
- Data controllers within TMF Group. Your Personal Data will be shared between the TMF Group entities that may use your Personal Data as described in this Privacy Statement for internal administrative purposes, management purposes, analytical purposes and other business-related purposes. Each of the recipient(s) shall be responsible for ensuring the appropriate protection of your personal data, providing information on your data processing and obtaining additional consents if required. Your Personal Data will only be used by TMF Group companies for marketing purposes if you have given your explicit consent thereto and/or where we have legitimate interest to do so. An overview of the locations TMF Group entities operate in and TMF Group entities as such can be found here.*
- Service Providers and Processors. We engage third party vendors to provide Services for us or on our behalf, which may have access to your Personal Data, including:
-
- Business partners (such as law, tax and audit firms or finance providers), including subcontractors which are engaged to perform (part of) the Services under Services agreements;
- Suppliers (such as IT service providers);
- Marketing and advertising companies that carry out marketing activities on our behalf;
- Analytics and search engine providers that assist us in the improvement and optimisation of our website, such as Google Analytics.
- In providing their services, they will access, receive, maintain or otherwise process Personal Data on our behalf. Any such services provider, prior to the provision of their services, concludes a data processing agreement in line with requirement of the relevant data protection legislation. Our agreements with these service providers do not permit use of your Personal Data for their own (marketing) purposes. Consistent with applicable legal requirements, we take commercially reasonable steps to require third parties to adequately safeguard your Personal Data and only process it in accordance with our instructions. Third parties in case of legal requirement. We will disclose your Personal Data if disclosure is required by law or in the context of an investigation, regulatory requirement, judicial proceeding, court order or legal process served on us, or to protect the rights or safety of the website, us or our affiliated companies.
- Corporate transaction. In addition, information about our clients, including Personal Data, may be disclosed as part of any merger, sale, transfer of TMF Group’s assets, acquisition, bankruptcy, or similar event.
- Other third parties, based on your consent. We also disclose information about you, including Personal Data to any other third party, where you have consented or requested that we do so.
6. International Transfers of your Personal Data
Due to the global presence of our business operations, TMF Group transfers Personal Data you provide to us to countries other than your country of residence. The laws of these countries may not provide the same level of protection to your Personal Data. TMF Group or third parties we use will therefore seek to ensure that all adequate safeguards are in place and that all applicable laws and regulations are complied with in connection with such transfer, in particular for Personal Data transferred to countries outside the European Economic Area (“EEA”).
Intra-group data transfers within TMF Group take place on the basis of our Binding Corporate Rules, which can be found on the TMF Group website (https://www.tmfgroup.com/en/legal/dataprotection/binding-corporate-rules/).
For Personal Data that is transferred to third parties outside the EEA, we enter into legally required agreements with these third parties, including the most recent version of the standard contractual clauses as approved by the European Commission or other supervisory authority where required. You are entitled to receive a copy of any documentation showing the suitable safeguards that have been taken by making a request via the local TMF Group entity which collected your Personal Data or via email address dataprotection@tmf-group.com.
7. Security
TMF Group will take reasonable steps to ensure that your Personal Data are properly secured using appropriate technical, physical, and organizational measures, so that they are protected against unauthorised or unlawful use, alteration, unauthorised access or disclosure, accidental or wrongful destruction, and loss., Encryption is applied to ensure data confidentiality where deemed required; we deploy access control mechanisms to ensure only authorized personnel can access personal data; and we raise awareness among employees about the importance of protecting personal data through information security and privacy protection trainings. Access to Personal Data is granted using principle of ‘Least Privilege’. Furthermore, we contractually ensure that any third party processing your Personal Data on behalf of TMF Group affiliate adheres to CIA principles (Confidentiality, Integrity, Availability) in a secure way.
8. Data Retention
We retain your Personal Data for as long as required to satisfy the purpose for which they were collected and used (for example, for the time necessary for us to provide you with client Services) unless a longer period is necessary for our legal obligations or to defend a legal claim.
We apply data retention terms as required under the applicable laws of the country(/ies) where your data is being processed and further in accordance with TMF Group Data Retention Policy. Where this policy or the applicable laws do not determine otherwise, data retention term of ten (10) years is applied.
9. Your Rights
Subject to the conditions set forth in the applicable law, you have the right to request access to or rectification or erasure of your Personal Data and to restrict or object processing of your personal data, as well as the right to data portability. If you would like to exercise any of those rights, please send an email to the local TMF Group entity which collected your Personal Data or dataprotection@tmf-group.com specifying your request. You can also contact us via the contact form available here: the TMF Group Data Subject Request Form. We will respond to your request consistent with applicable law. In your request, please tell us which right you would like to exercise, including what Personal Data you would like to have changed, whether you would like to have it erased from our database, or otherwise let us know what limitations you would like to put on our use of it. We will try to comply with your request as soon as reasonably practicable. Please note that we may need to retain certain Personal Data for recordkeeping purposes and/or to complete any transactions that began prior to your request on exercising your rights mentioned above.
In the event your Personal Data is processed on the basis of your consent, you can withdraw your consent at any time by sending an email to the local TMF Group entity which collected your Personal Data or dataprotection@tmf-group.com specifying your request, without affecting the lawfulness of processing based on consent before its withdrawal. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You may lodge a complaint with a supervisory authority, in particular in your Member State of residence, if you consider that the collection and use of your Personal Data infringes this Privacy Statement or applicable law.
Changes To This Privacy Statement
We reserve the right to update or amend the Privacy Statement as required under the applicable laws, changes in organizational and technical measures, or other further insights. If a fundamental change to the nature of the use of your Personal Data is involved or if the change is in any other manner relevant to you, we will ensure that information is provided to you well in advance of the change actually taking effect.
Contact us
If you have any queries about this Privacy Statement or our handling of your Personal Data in general, or if you want to exercise your rights, please email us at dataprotection@tmf-group.com and be sure to indicate the nature of your query. You can also exercise your rights via the contact form included here.
Download
Privacy Statement – TMF Group | April 2024 | Version 2.2
Privacy Statement – TMF Group | September 2023 | Version 2.1
Privacy Statement – TMF Group | 1 April 2023 | Version 2.1
Privacy Statement – TMF Group | September 2022 | Version 2.0
Privacy Statement – TMF Group | June 2018 | Version 1.0
We make a complex world simple
TMF Group is a leading provider of critical administrative services, helping clients invest and operate safely around the world. with over 11,000 colleagues in more than 125 offices across 87 jurisdictions provide local expertise. Our locations cover 92% of world GDP and 95% of FDI inflow.
We are a key part of our clients’ governance, providing the accounting, tax, payroll, fund administration and legal entity management services essential to their success. We make sure rules are followed, reputations protected and operational compliance maintained. We work with the majority of the Fortune Global 500, FTSE 100 and top 300 private equity firms. Learn more about us Learn more about usExpand your business efficiently across borders
Get in touch to find out how we can help your organisation grow in a complex world.
Contact us Contact us