data, and explains your privacy rights under applicable privacy and security laws.
If you are an EU national and reside in the EU, or are non-EU national residing in the EU, the data controller (as defined under EU data protection law) will be Blu Family Office Limited.
2. What personal data may we process?
The types of personal data relating to you that we may "process" (such as collect, use and store) depends on your interaction with us. The key types of personal data that we may process are set out below.
*Note that the legal bases in the table below are required to be specified under EU data protection law, but are not required, or required to be specified, if you are not an EU citizen/do not reside in the EU.
Personal data that you give us
Personal data that we may collect through cookies
"Cookies" are small pieces of information that are stored by your browser on your computer's hard-drive for record-keeping purposes.
b) Enhanced website functionality – for instance to provide account log-in prompts and to record preferences that you input on areas of the website so that you do not have to keep re-entering information.
Personal data from minors
Our services, including its website, are directed solely at adults. If you are under the age of thirteen (or if being a 'minor' is defined as a younger age in your relevant jurisdiction, that relevant age), please do not provide us with any of your personal data, including your email address.
Other information that we may collect automatically
We collect the following information relating to our website visitors automatically: domain name, IP address, and type of browser used and type of operating system used. We use this information for internal statistical analysis, such as to see where our website is being used geographically. However, we do not link this information with any personal data.
3. How and why may we process your personal data?
We may process your personal data in the following ways (depending upon your interaction with us):
a) Collecting your personal data that you input on our website, or provide to us in conversations, emails, or meetings with us.
b) Recording your personal data, such as through electronic or handwritten notes that we make.
c) Organising and storing your personal data on our servers, in our case management system, in our electronic HR filing system, in our employee's email inbox folders, or in hard copy files.
d) Using your personal data to provide our services to you, and address any preferences, complaints, or comments that you have.
e) Disclosing your personal data to third parties, where necessary, appropriate and/or as required by law (see section 5 providing more information on this below).
We may process your personal data for the following purposes:
a) To process and manage your purchase and use of our services.
b) To respond to your questions, comments, complaints, or requests.
c) To follow up with you on a job application.
d) To create and deliver personalized communications that are relevant to your preferences.
e) To further our business purposes, such as to perform data analysis, audits, fraud monitoring, and prevention; enhance, improve, or modify our website or services; identify client trends; determine the effectiveness of our promotional campaigns; and operate and expand our business activities.
4. How will we protect your personal data?
We have implemented security policies and technical measures to protect the personal data that we collect, consistent with applicable privacy and security laws. These security measures are designed to prevent unauthorized access, improper use or disclosure, unauthorized modification, and unlawful destruction or accidental loss of your personal data.
5. With whom may we share your personal data?
We take your privacy seriously and will not share your personal data with others, except in the following circumstances:
a) Service providers – we may disclose your personal data to third-party service providers to provide us with services such as website hosting and professional services, including information technology services, payroll services, auditing services, consultancy services, regulatory services, and legal services in other countries.
b) Our other group entities – we may disclose your personal data to our other group entities in order to provide you with tailored services and communications, or in accordance with our business administrative practices.
c) To fulfil your option to share our website content with third parties – using the sharing features on our website (to share content with Facebook, LinkedIn, or Twitter, for example).
d) Corporate transactions or events – we may disclose your personal data to a third party in connection with a corporate reorganization, merger, joint venture, sale, transfer, or other disposition of all or any portion of our business or shares.
e) Legal reasons – we may use or disclose your personal data as we deem necessary or appropriate under applicable laws; to respond to requests from public, governmental; and regulatory authorities; to comply with court orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; to protect the operations of our group entities; and to protect the rights, safety, or property of our employees, you, or others.
International transfers of personal data
Some of our group entities and service providers are located globally. Accordingly, if you are an EU citizen/resident in the EU, please note that we will transfer your personal data globally in accordance with EU data protection law requirements by using standard contractual clauses that have been approved by the European Commission. Such a transfer may also be necessary in order to perform a contract with you/fulfil your request and/or through obtaining your explicit consent.
6. What rights do you have respect to your personal data?
If you are an EU citizen and reside in the EU, or are non-EU national residing in the EU, you may have the following rights with respect to the personal data you provide to us, to the extent permitted by applicable data protection laws:
a) To withdraw any consent that you have provided to us to process your personal data.
b) To access or rectify your personal data.
c) To have your personal data erased if it is no longer necessary for the purposes for which it was processed, you have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it or you consider it has been unlawfully processed.
d) To have the processing of your personal data restricted if you contest its accuracy, its processing is unlawful, we no longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our legitimate grounds for processing it.
e) To have your personal data transferred to another company under certain circumstances.
f) To complain to your national data protection regulator if you feel that your personal data has been unlawfully processed.
7. For how long do we retain your personal data?
8. Links to third-party sites
Our website may include links to other sites operated by third parties. We are not responsible for information on these sites, nor for services or products offered by them. Use of such sites, including transmitting your personal data to them, is at your own risk. You should check the privacy policies (and other applicable terms and conditions) of these third-party sites.