Introduction
The privacy statement serves to inform you on our policy with regard to privacy and personal data protection inter alia in light of the EU data privacy regulation (2016/679 of 27 April 2016) effective from 25 May 2018.
ILX B.V. (ILX) qualifies both as a data processor (verwerker) and a controller (verantwoordelijke) for the purposes of the Regulation.
What are personal data?
Personal data refers to any data that can identify an individual. Someone is identifiable if his or her identity can be established without disproportionate effort. Both data used to directly identify a person (such as name and address) as data used to indirectly identify a person (pseudonymous data, IP addresses etc.) qualify as personal data.
Which data do we process, how and for which purpose?
- ILX shall protect all personal data in any form or format it collected. ILX shall ensure that the processing of personal data will at all times be lawful, fair, transparent, proportionate and justified in light of the specific purpose for which we collect data, to promote and ensure the confidence of the persons concerned (hereafter: ‘Data Subjects’).
- ILX employees continue to respect the protection and confidential nature of personal data shared with them, including after termination of the employment relationship.
- ILX only processes data with a specific purpose, and based on explicit consent from the Data Subject(s), or any other legal ground as specified in Article 6 of the Regulation.
- In the event that we need to verify the identity of a person, in the context of executing a contract to which that person is a party, ILX may request to collect contact details, including email address, your signature and a copy of your passport. ILX does not process any special personal data (as referred to in Article 9 of the Regulation).
- ILX shares personal data, with any person within ILX or a third-party processor, on a need-to-know basis only.
- A request for your personal data shall always refer to the purpose for which we collect such data.
- From job applicants, ILX may collect resumes. By sending your resume to TIM, you agree to ILX storing (which we will do in a secure way) your resume for the period from receipt up until four weeks after filling the position for which you applied. If we wish to store your resume beyond that period, for possible future positions, we will ask for your explicit consent to do so, for a maximum of one (1) year.
- From ILX website visitors we collect anonymized IP addresses for the purpose of analyzing the use of our website, please also take note of our cookie policy published on our website.
How do we safeguard the security of your personal data?
ILX has the appropriate technical, organizational and security measures in place to prevent the unlawful use of these data or any breach of a Data Subject’s right to privacy. Some of those measures include:
- Encryption on our website. Through this encryption, the data traffic between you and the webserver is inaccessible for unauthorized parties.
- Two-factor authentication
- Mobile Device Management
- Management of access rights to personal data processed by TIM
- Implementation of operational guidelines & code of conduct
- Awareness training
- Appropriate processing agreements in place with all third-party service providers.
Rights
In case we process any personal data of you, you have the right to access the data we collected, you have the right to request rectification, or erasure, you may request to restrict the processing and you have the right to data portability, all by virtue of the Regulation and as specified therein.
Should you wish to exercise one of these rights you can contact Ms. Tanja Pelle, with such request by email. The request shall be handled with due care and complied with as soon as reasonably possible, and at maximum, within four weeks.
Complaint procedure
Should you want to make a complaint, please contact us and we will do our best to solve the issue as soon as reasonably possible. Please note that you have the right, at all times, to turn to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens (AP)). The AP has a complaint procedure in place. Please use the following link for more information:
https://autoriteitpersoonsgegevens.nl/nl/zelf-doen/privacyrechten/privacyklacht-indienen
Data retention
We do not keep data longer than is necessary for the purpose of processing those data. We will destroy or return your personal data as at the moment you cease to be involved with ILX, unless any regulatory or legal rule or obligation requires ILX to store data for a longer period.
Third party service providers
We allow access to the personal data we process, to a number of third-party service providers, including financial and operational auditors, accountants, IT service provider, and the Fund’s depositary, but strictly on a need-to-know basis, in other words exclusively for the execution of their respective tasks.
We shall ensure that your privacy remains guaranteed at all times by the implementation of the necessary contractual arrangements with these third parties on their compliance with the Regulation.
Changes
Amendments to this Privacy Statement made from time to time, will be notified and published on the ILX website https://www.ilxfund.com/
Contact
Should you have any questions in relation to the above, please contact us through the contact form on our main page.