javelin logo

GDPR

Privacy Statement

As a responsible organisation, Javelin is committed to upholding the highest standards. As part of its ethos, Javelin is committed to protecting personal information and personal data relating to you.

We understand the importance of privacy and this Privacy Statement seeks to explain ‘how’ and the reasons ‘why’ Javelin uses your personal information as part of its day-to-day operations, which includes circumstances where you may engage, interact or otherwise communicate with us, for example, to purchase or sell goods, or offer or receive services.

This Privacy Statement supplements any other privacy-related notice we may issue generally or provide specifically to you when we collect or process personal information or make decisions about how and why we process personal information.

TYPES AND SOURCES OF PERSONAL INFORMATION

The nature of our relationship with you will dictate what, if any, personal information we collect about you and why we use it; however, Javelin only collects and uses personal information in limited circumstances.

  • Commercial relationships. The use of personal information is generally incidental to our commercial relationship with a customer or supplier. So, for example, we usually conduct our commercial activities through a contact within a customer or supplier organisation who holds a relevant position such as front office personnel such as a marketer or trader for the purpose of evaluating a commercial opportunity or negotiating a deal, a contracts manager, a customer relations contact, the internal legal and/or compliance contact or any other key decision makers necessary to communicate with whilst managing our day-to-day commercial relationships. In these circumstances, Javelin will only use work-based contact information for the purpose of maintaining business relationships with you as an authorised representative of your organisation.
  • Due diligence and KYC. Javelin may also obtain personal information during its “know your customer” (“KYC”) checks as part of its customer due diligence verification process to fulfil its obligations to comply with applicable anti-money laundering (“AML”) rules and regulations. So, at the outset of any commercial relationship, we will require personal information relating to a director or shareholder of a prospective new customer. We may also obtain personal information about you from other sources such as third-party systems or providers and by requesting or searching for information from publicly available sources either online or from official records such as Companies House.
  • Employee information. Javelin also collects, and stores limited personal information relating to its employees, which complies with applicable legal and regulatory requirements.

The personal information we collect, and use is generally as follows:

  • Identity Check, Background and Verification Information. Full name, marital status, date and place of birth. To comply with our KYC and AML obligations, we will also require official identity documentation, such as copies of a passport-page, driving licence and a recent utility bill as evidence of home address. As part of our background and pre-employment checks, we will need to know details about qualifications, details of current role, educational background. We may collect this information from the candidate, their employer or their organisation and through the use of third-party systems and providers who assist us to conduct identity-related and other background checks.
  • Contact Information. During the negotiation and execution of transactions we will engage with you and with your employer or organisation. This is an essential commercial activity for our business. As part of this, we record calls and maintain records of all transaction details to comply with our legal obligations and for business reasons.
  • IT and Website Information.
  • On an ongoing basis, we ensure our website is operating and performing in a proper manner and we monitor its integrity, use, as well as overall security. We do so to ensure our website complies with good governance and generally accepted standards in the industry.
  • Data security is an important part of our business and we take appropriate steps to meet our legal obligations for data security. As part of our efforts, on an ongoing basis we:>
  • conduct ongoing monitoring to identify and record actual or potential fraudulent online activity and detect and prevent online crime; and
  • ensure our website is used in accordance with its terms and conditions and our policies.

General Commercial and Compliance

  • On an ongoing basis, we ensure our website is operating and performing in a proper manner and we monitor its integrity, use, as well as overall security. We do so to ensure our website complies with good governance and generally accepted standards in the industry.
  • Javelin is required to comply with legal and regulatory requirements applicable to it including those related specifically to its commercial activities. To ensure we comply, on an ongoing basis with such requirements, we conduct investigations, undertake monitoring, make evaluations, prepare reports and make reporting and other disclosures to demonstrate our compliance with applicable legal and regulatory requirements.
  • As a key element of good governance and fulfilment of our compliance obligations relating to accounting, taxation, insurance, legal and risk management (which includes for the purpose of obtaining professional advice and dealing with claims and litigation), we maintain and keep records relating to our commercial relationship with a customer and/or supplier

Security of Personal Information

The security of personal information is of central importance to Javelin. We take seriously the legal obligations upon us to keep and maintain personal information in a confidential and secure manner. In accordance with applicable data protection laws, Javelin takes steps and adopts practices which seek to safeguard personal information from unlawful or unauthorised processing.

Retention and Storage of Personal Information Retention – how long do we keep your personal information?

Javelin will retain personal information for the duration of the relationship. Once that relationship ends, Javelin will retain personal information in accordance with its rights and legal obligations and your rights and legal obligations. Often, this may result in certain types of personal information being retained by us for differing lengths of time; however, Javelin will only retain personal information for a limited period of time, which will depend on a certain factors, including: the applicable laws or regulations; whether we are in a dispute; the type of personal information that we hold; and whether a regulatory authority has requested that we keep your personal information.

Storage – where do we store personal information

At any time, the personal information that Javelin has collected from you may be:

  • transferred to, and stored in, a destination outside the European Economic Area (“EEA”), and / or
  • processed by employees, staff or authorised representatives operating outside the EEA who are employed by or work for us or for a third party entity (each a “processor”).

At all times, Javelin will ensure it takes reasonable steps to ensure that personal information is secure and treated in a manner consistent with the protections set out in this Privacy Policy.

As a result of our processing of personal information, if we are required to transfer personal information outside of the EEA, a transfer is subject to the following safeguards:

  • The transfer of personal information must be necessary for a reason specified in applicable data protection laws and regulations.
  • There must be appropriate levels of protection for personal information in the country to which the personal information is to be transferred.
  • Safeguards have been established to protect personal information, including contractual arrangements with the recipient incorporating suitable protective terms relating to the protection of personal information.
  • You have given your consent to the transfer of such personal information.

Disclosure of Personal Information

Javelin is one legal entity within a wider group of companies, partnerships and joint-venturers domiciled and with operations in various jurisdictions worldwide (“Javelin Group”). As a result, there may be occasions where Javelin may need to share personal information within the Javelin Group, including the following instances:

  • To meet customer needs/demand where we provide commercial services through various offices and locations.
  • To meet our obligations with respect to reporting.
  • Where our support functions are provided by other companies within the Javelin Group or where systems and services are shared within the Javelin Group.
  • For the purpose of obtaining an approval from, and authorisation by, a key position holder.

Where personal information is shared within the Javelin Group, it is permitted on a limited basis and on a “need to know” basis. If a company within the Javelin Group processes personal information on behalf of Javelin, we will ensure prior to such processing that they have appropriate safeguards in place to protect personal information.

On occasion, we may instruct a third party to conduct specific commercial functions on our behalf. These third parties will process your personal data on our behalf (as our processor). We will disclose your personal data to such third parties so that they can perform those functions. We will ensure that prior to such processing that they have appropriate safeguards in place to protect personal information. Examples of these third parties include service providers and sub-contractors such as IT support, back up and server hosting providers.

We may also disclose personal information to third parties (who will receive it as controllers of your personal data in their own right) for the purposes set out above, in particular:

  • Services provided to you or us by a third party acting independently to Javelin, but which has a relationship with Javelin, such as fraud checking services and our professional advisors.
  • If we are compelled to disclose your personal information in order to comply with a legal obligation or to enforce or protect the rights, property or safety of Javelin, our employees, customers or others.

The categories of recipients with whom we are likely to share personal information include the following:

  • Consultants and professional advisors such as legal advisors and accountants.
  • IT support, website and data hosting providers and administrators.
  • Banks, finance houses and other payment processors.
  • Insurance companies and brokers.
  • Regulatory authorities or bodies.
  • Business and joint venture partners.
  • Courts, arbitrators, receivers, administrators and/or liquidators.

Your Rights

In relation to any personal information that Javelin holds about you, you have certain legal rights:

Access. You can have access to your personal data by making a “data subject access request”, subject to conditions. Ideally, you should specify the type of information you wish to access to enable us to properly respond to the request. We must be able to verify your identity. Your request must not impact the rights and freedoms of other people, such as privacy and confidentiality related rights of others. Depending on the information requested and the context, there may be other exemptions that may apply.

Objections to or restrictions on data processing. You can object to or ask us to restrict the processing of your personal information, subject to conditions. This right applies where our processing of your personal information is necessary for our legitimate interests. You can also object to our processing of your personal data for direct marketing purposes.

Inaccurate personal or incomplete information. You can challenge the accuracy or completeness of your personal information. You can have it corrected or completed. You are responsible for helping us to keep your personal information accurate and up to date. This right only applies to your own personal information.

Right to “be forgotten”. You can have your personal data erased and to “be forgotten”, subject to conditions. So, if your personal information is no longer required for the purpose it was collected, or where processing is unlawful. We may not, however, be able to erase your personal information if we need it to comply with a legal obligation or defend or enforce a legal claim.

Withdraw consent. If we have processed your personal information subject to your consent, you can withdraw that consent. By withdrawing your consent, it will apply with respect to the processing of your personal information in the future.

Portable Data. You can receive the personal information that you previously provided to us and which is processed by us by automated means, in a machine readable format, subject to conditions. Ideally, you should specify the type of information you wish to receive and where it should be sent. This right only applies if the processing is based on your consent or on our contract with you and when the processing is carried out by automated means and does not apply to any paper records. The scope of this right is limited to cover only the personal information that has been provided to us by you.

The rights described above are limited because our use of personal information is incidental and for limited business-related personal information in business records and business communications which we are required to retain as discussed above.

Where we process your personal information for reasons that it is necessary for a business reason, you can object to this processing at any time. In the event that you do, Javelin is required to provide a compelling reason overriding your interests and rights as to why our processing should continue or that the processing is necessary for to establish, make or defend a legal claim.

If any of the personal information you have provided to us should change, is no longer accurate or if something is incorrect, please inform us as soon as possible.

Contact Us

You can exercise the rights above at any time by contacting us at privacy@jvln.com

If you are based in the European Union, you have the right to lodge a complaint with your local data protection regulator. If based in the UK, you can complain to the Information Commissioner’s Office (ICO) https://ico.org.uk/. If you have a complaint, Javelin would welcome the opportunity to address your concerns prior to a complaint reaching a regulator, so please free to contact us first at privacy@jvln.com

If you would like more information about any of the subjects covered in this Privacy Statement or would like to discuss any issues or concerns with us, please contact us at privacy@jvln.com