Privacy
Background
This Privacy Statement explains how Peregrine & Black Investment Management Bermuda Limited (PBIMBL), its subsidiaries and its affiliates, together Controllers (referred to collectively as “Peregrine & Black” “we”, “us” or “our”), collect and process certain personal information. Peregrine & Black is responsible for ensuring that it uses that personal information in compliance with the Personal Information Protection Act 2016 (“PIPA”).
At Peregrine & Black we respect the privacy of individuals, and we are committed to keeping all your personal information secure. This Privacy Statement (“statement”) applies to individuals outside our organisation with whom we interact, including but not limited to visitors to our website; clients and their personnel; vendors and service providers; visitors to our offices; and registrants for Peregrine & Black events (together, “you”).
We use the following definitions in this Privacy Notice:
“Personal information” means any information which relates to an identified, or identifiable individual[1] and other information, which is in the possession of, or is likely to come into the possession of, Peregrine & Black (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of Peregrine & Black or any other person in respect of an individual.
Children
This website is intended to provide information on Peregrine & Black. If you are a minor and are viewing this website, please do not provide any personal information even if prompted to do so. If you believe that you have inadvertently provided personal information, please ask your parent(s) or legal guardian(s) to notify us. In the event that we learn that we have inadvertently collected personal information via our site from a child, we will delete that information as quickly as possible.
The products and services we provide
This Privacy Statement concerns the following categories of information that we collect about you when providing the following products and services (together, the “services”):
(a) Information we receive through our websites ("Peregrine & Black Websites");
(b) Information we receive through our products ("Peregrine & Black Products");
(c) Information we receive through our support, mobile security solution or cloud-based services ("Peregrine & Black Services").
The types of personal information we collect
Many of the services offered by Peregrine & Black require us to obtain personal information about you in order to perform the services we have been engaged to provide. In relation to each of the services described above, we will collect and process the following personal information about you:
Information that you provide to Peregrine & Black
This includes information about you that you provide to us. The nature of the services you are requesting will determine the kind of personal information we might ask for, though such information may include (by way of a non-exhaustive list):
· basic personal information (such as first name; family name; job title; company name; company email address; business phone number; business address; city; postcode; country).
Information that we collect or generate about you
This includes (by way of non-exhaustive list):
· a file with your client records and contact history to be used for enquiry purposes so that we may ensure that you are satisfied with the services which we have provided to you; and
· details of site and marketing/communication preferences
Information we obtain from other sources
This includes:
Cookies
When you visit Peregrine & Black Websites, cookies are used to collect information about the services that you use, and how you use them. Cookies are essentially a small amount of data which is transferred to and sometimes updated on your computer or other devices by our web servers.
Anonymized data
In addition to the categories of personal information described above, Peregrine & Black will also process further anonymized information that is not processed by reference to a specific individual.
How we use your information
Your personal information may be stored and processed by us in the following ways and for the following purposes:
· for ongoing review and improvement of the information provided on Peregrine & Black websites to ensure they are user friendly and to prevent any potential disruptions or cyber-attacks;
· to conduct analysis required to detect malicious data and understand how this may affect your IT system;
· for statistical monitoring and analysis of current attacks on devices and systems and for the on-going adaptation of the solutions provided to secure devices and systems against current attacks;
· for in-depth threat analysis;
· to understand your needs and interests;
· for the management and administration of our business;
· to allow you to use and access the functionality provided by the Peregrine & Black Products;
· to assess your application for Peregrine & Black Products, where applicable;
· to set up customers to use Peregrine & Black Products;
· to understand feedback on Peregrine & Black Products and to help provide more information on the use of those products and services quickly and easily;
· to communicate with you in order to provide you with services or information about Peregrine & Black, and Peregrine & Black Products;
· in order to comply with, and in order to assess compliance with applicable laws, rules and regulations, and internal policies and procedures; or
· for the administration and maintenance of databases storing personal information.
However, when we use personal information, we make sure that the usage complies with law and the law allows us, and requires us to use personal information for a variety of reasons, including but not limited to the following:
· in order to perform our contractual obligations;
· where we have obtained your consent;
· where we have legal and regulatory obligations that we have to discharge;
· where we may need to do so in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
· the use of your Personal information as described is necessary for our legitimate business interests, such as:
▫ allowing us to effectively and efficiently manage and administer the operation of our business;
▫ maintaining compliance with internal policies and procedures;
▫ monitoring the use of our copyrighted materials;
▫ enabling quick and easy access to information on Peregrine & Black Products;
▫ offering optimal, up-to-date security solutions for mobile devices and IT systems; and
▫ obtaining further knowledge of current threats to network security in order to update our security solutions and provide these to the market.
We will take steps to ensure that your personal information is accessed only by employees of Peregrine & Black that have a need to do so for the purposes described in this Privacy Notice.
Disclosure of your information to third parties
We may share your personal information within the Peregrine & Black Group for the purposes described above.
We may also share your personal information outside of the Peregrine & Black Group for the following purposes:
· with our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf for the above stated purposes;
· with our business partners. For example, this could include our partners from whom you or your company or your organisation purchased the Peregrine & Black product(s). Personal information will only be transferred to a business partner who is contractually obliged to comply with appropriate data protection obligations and the relevant privacy and confidentiality legislation;
· with third-party agents and contractors for the purposes of providing services to us (for example, Peregrine & Black’s accountants, professional advisors, IT and communications providers and debt collectors). These third parties will be subject to appropriate data protection obligations, and they will only use your personal information as described in this Privacy Notice;
· to the extent required by law, for example if we are under a duty to disclose your personal information in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators), or to establish, exercise or defend its legal rights;
· if we sell our business or assets, in which case we may need to disclose your personal information to the prospective buyer for due diligence purposes; and
· if we are acquired by a third-party, in which case the personal information held by us about you will be disclosed to the third-party buyer.
International transfers of personal information
Peregrine & Black is a global business. Our customers and our operations are spread around the world. As a result, we collect and transfer personal information on a global basis. That means that we may transfer your personal information to locations outside of Bermuda.
Where we transfer your personal information to another country outside Bermuda, we will ensure that it is protected and transferred in a manner consistent with PIPA, and this will be done in the following ways:
· We will remain responsible for compliance with PIPA in relation to your personal information;
· We will assess, and make sure that any third parties receiving your personal information have in place appropriate levels of physical and technological protections in accordance with PIPA, which may include certification or contractual mechanisms;
· In doing so, we will also consider the level of protection afforded by law applicable to the overseas third party;
You can obtain more details of the protection given to your personal information when it is transferred overseas (including a copy of the standard data protection clauses which we have entered into with recipients of your personal information) by contacting us as described below.
How we safeguard your information
We have extensive controls in place to maintain the security of our information and information systems. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where personal information is gathered, processed, or stored is limited to authorised employees.
As a condition of employment, Peregrine & Black employees are trained and required to follow all applicable laws and regulations, including in relation to personal information protection legislation. Unauthorised use or disclosure of confidential client information by a Peregrine & Black employee is prohibited and may result in disciplinary measures.
How long we keep your personal information
How long we will hold your personal information for will vary and will be determined by the following criteria:
· the purpose for which we are using it – Peregrine & Black will need to keep the data for as long as is necessary for that purpose; and
· legal obligations – laws or regulations may set a minimum period for which we have to keep your personal information.
Your rights
You may apply in writing for access to your personal information. In all the above cases in which we collect, use or store your personal information, you may have the following rights. These rights include:
· a copy of your personal information and other supplementary information, including
· the purposes for which the personal information is used by us;
· the names of the persons to whom your personal information has been disclosed; and
· the circumstances in which your personal information has been disclosed;
· the right to withdraw your consent to the processing of your personal information at any time. Please note, however, that we may still be entitled to process your personal information if we have another legitimate reason for doing so. For example, we may need to retain personal information to comply with a legal obligation;
· in some circumstances, the right to receive some personal information in a structured, commonly used and machine-readable format and/or request that we transmit that information to a third-party where this is technically feasible. Please note that this right only applies to personal information which you have provided directly to Peregrine & Black;
· the right to request that we rectify your personal information if it is inaccurate or incomplete;
· the right to request that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information, but we are legally entitled to retain it;
· the right to object to, or request that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request;
· the right to receive a completed response from us within 45 days (as distinct from our initial acknowledgement); and
· the right to lodge a complaint with the Privacy Commissioner if you think that any of your rights have been infringed by us.
You can exercise your rights by contacting us using the details listed below.
Questions and concerns
If you have any questions or concerns about Peregrine & Black’s handling of your personal information, or about this notice, please contact us using the following contact information:
Address: 3rd Floor, Sofia House, 34 Church Street, Hamilton HM12, Bermuda
Email Address: [email protected]
Changes to this privacy statement
We may update this Privacy Statement from time to time to reflect changes in our practices or legal obligations. Any updates will be communicated and made available on our website or through other appropriate means.
We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive, you may escalate concerns to the Bermuda Privacy Commissioner. The Office of the Privacy Commissioner can be reached at [email protected] or (441) 543-7748.
[1] As defined in the Personal information Protection Act 2016 (Bermuda)