Last Revision Date: May 2018
Subsidiary, Affiliate, Partner and Third-Party Websites
Purpose of Collection of Personal Information
Information Collected from Navigation, Cookies and Other Technologies
The information systems and software procedures operating this website acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
Such information (including IP addresses and/or the domain names of the computers used by any user connecting with this website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests) might allow user identification per se after being processed and matched with data held by third parties.
These data may be used to extract anonymous statistical information on website use as well as to check its functioning; they are erased immediately after being processed. The data might be used to establish liability in case computer crimes are committed against the website; except for this circumstance, any data on web contacts is currently retained for no longer than is necessary.
Kroll’s website, online services, applications, platforms, email messages, and advertisements, if any, may use “cookies” and other technologies such as pixel tags and web beacons to collect information about you (pixel tags and web beacons are also known as clear GIFs, action tags or web tags). Please see our Cookies Policy for further information.
Disclosure of Personal Information to Third Parties
Kroll will not share Personal Information collected from you with third parties for purposes other than those in support of Kroll’s operations and as necessary to facilitate the purpose for which you provided it. In some cases Kroll may share the Personal Information with its affiliated companies, clients, or with third party service providers retained by Kroll to provide services on its behalf. These affiliated companies, clients, or third party service providers will use your Personal Information only to accomplish the purposes for which the Personal Information was collected. The transfer of your Personal Information to our affiliated companies may also be done to allow these entities to offer you information about their businesses, products or services that may be of interest to you, or for other lawful business purposes.
Your Personal Information may also be shared under the following circumstances: (i) if Kroll is required to do so by law enforcement authorities or government agencies or for other regulatory purposes; and (ii) in connection with investigations or other efforts to prevent illegal activities or pertaining to public safety.
Integrity, Protection and Retention of Your Personal Information
Access to Personal Information
There may be times that you wish to access your Personal Information. Kroll makes commercially reasonable efforts to provide you with access to your Personal Information in accordance with your legal entitlements so you can instruct us to correct or update the Personal Information if it is inaccurate, or delete your Personal Information if Kroll is not required to retain it by law, for legal purposes, including claims management, or for a legitimate business purpose. To receive a copy of your Personal Information, or to provide instructions to us on what you want corrected or updated, send us an e-mail at: firstname.lastname@example.org.
Opting Out: How You Control the Use of Your Personal Information
In the event you have consented to Kroll using your Personal Information and you later decide that you want to opt out from Kroll’s use of your Personal Information, you may do so by notifying Kroll by email at: email@example.com.
Kroll does not knowingly collect information from children under the age of 13 (or such legally required higher age) and does not target its websites to children under 13 (or such legally required higher age). Kroll encourages parents and guardians to take an active role in their children’s online activities and interests. If Kroll learns that a child under the age of 13 (or such legally required higher age) has submitted Personal Information online without parental consent, we will take all reasonable steps to delete such information from our databases and not to use such information for any purpose (except where necessary to protect the safety of the child or others as required or as allowed by law). If you become aware of any Personal Information we have collected from children under 13 (or such legally required higher age), please contact us at firstname.lastname@example.org.
General Data Protection Notice (according to the Code of Ethics and Conduct in Processing Personal Data for Business Information Purposes)
During the course of our activities we, Kroll (the “Company”), as data controller, will process personal information (which may be held on paper, electronically, or otherwise) in connection with the performance, on the clients' behalf, of operations consisting in the collection, analysis, evaluation, processing and communication of information from public sources or sources that are publicly and generally available, or information that is obtained directly from the data subjects, in such a way as to provide added knowledge value to third parties.
Kroll processes personal data in accordance with the following principles:
- lawfully and fairly;
- collected and recorded for specific and lawful purposes and processed in a manner compatible with those purposes;
- accurate and, where necessary, kept up to date;
- adequate, relevant and not excessive in relation to the purpose or purposes for which they have been collected;
- kept for no longer than is necessary for the purpose for which the data were collected;
- processed in accordance with the rights of data subjects; and
1. How the Company Uses Personal Information
The Company processes personal Information for 'business information purposes' meaning the purposes of providing information to clients on natural persons' economic and financial situation and/or assets and liabilities as well as on the said persons' soundness, creditworthiness and reliability for the requirements arising from the establishment and management of business relations whether prior to entering into a contract or not, as well as from the protection of the relevant rights on the clients' part.
2. The Personal Information Collected by the Company
The types of personal information that the Company processes are personal data and, possibly, special categories of personal data such as data relating to offences, criminal convictions or security measures.
The Company collects personal information directly from data subjects or from public or publicly and generally accessible sources, or from other entities that are authorized by law to disseminate and provide such information.
- The following sources may be used:
- Public sources, meaning public registers, lists, instruments or records that are publicly accessible based on the applicable legislation in force pursuant to the limitations and arrangements set forth in such legislation as for access to, usage and disclosure of the data in question. This category includes, but is not limited to, the following:
- The companies' register; financial statements and shareholders' or partners' lists; extracts and/or records from the registers held at Chambers of Commerce; records and events relating to bankruptcy or other insolvency proceedings; and the computerized register of protested bills of exchange held by Chambers of Commerce and the related consortium called InfoCamere;
- Real estate transactions, documents containing prejudicial information (such as mortgage registrations or cancellations, attachment order registrations or cancellations, injunctions or judicial orders with the respective registrations) as kept by the Revenue Agency (including the former Land Registrar's Offices and the Public Cadaster), the Public Register of Motor Vehicles and the Census Register.
- Publicly and generally accessible sources including the following:
- Paper dailies and newspapers providing they are registered under the law;
- Business (so-called 'Yellow Pages') or general phone directories;
- Internet websites belonging to:
- Target entities and other entities connected to the latter;
- Public, governmental, regional or local bodies; public agencies and supervisory and regulatory authorities with regard to lists, registers instruments and records posted on such websites and containing information on business activities performed;
- Trade and professional associations with regard to lists or registers of businesses or enterprises as disseminated on the respective websites;
- At least three online dailies and newspapers, duly registered, confirming the information that is being provided. Account shall not be taken in this regard of online newspapers where the corresponding paper edition has already been considered, or of news features that are merely the same text published by different newspapers;
- Online business or general phone directories.
The Company may collect the personal information from the above public or publicly and generally accessible sources also by means of electronic tools and electronic networks, whether directly or indirectly, whether by relying on public bodies or other private sector providers, on the basis of ad-hoc agreements with the latter providers and in accordance with the formalities and limitations set forth in the legislation that regulates access to, usage and disclosure of the instruments and the data contained therein.
3. How the Company Protects Personal Information
The Company will take all steps reasonably necessary to ensure that there are appropriate security measures in place to safeguard personal information. In determining the appropriate security the Company takes into account technological developments and assesses the measures in place against the risk of harm that may result from a security breach. The security measures implemented by the Company are appropriate to protect against the risks presented by the processing and are put in place to prevent unauthorised or unlawful disclosure as well as to protect against accidental loss, destruction or damage to your personal information.
4. Disclosure of Personal Information to Third Parties
Kroll will not share Personal Information collected from you with third parties for purposes other than those in support of Kroll’s operations and as necessary to the purpose for which you provided it. In some cases Kroll may share the Personal Information with its affiliated companies, clients, or with third party service providers retained by Kroll to provide services on its behalf. These affiliated companies, clients, or third party service providers will use your Personal Information only to accomplish the purposes for which the Personal Information was collected.
Any information that is processed in order to provide business information services shall be communicated by the Company to its clients, also via electronic networks, in accordance with the public security legislation in force (Consolidated Statute on Public Security, TULPS).
Personal Information may also be shared under the following circumstances: (i) if Kroll is required to do so by law enforcement authorities or government agencies or for other regulatory purposes; and (ii) in connection with investigations or other efforts to prevent illegal activities or pertaining to public safety.
5. Retention of Personal Information
Any personal data collected for business information services purposes is kept for as long as it remains necessary and/or is published in the respective public source pursuant to the applicable sector-specific legislation.
The Company may take appropriate measures for updating the business information provided in the light of the personal data recorded in the respective public sources; in this respect, the limitations and arrangements set forth in the applicable sector-specific legislation shall have to be abided by as for the access to, use and publicity of the data in question including their updates.
6. Rights of Access and Correction
In accordance with applicable laws, the Company shall facilitate the reasonable and timely access to personal information upon request, as well as complying with requests to correct or amend any incorrect or inaccurate personal information. In some cases and on legitimate grounds, personal information can be erased, anonymized or blocked in accordance with applicable legislation.
7. Questions About Your Personal Data
If you have any questions about the processing of your personal data as described in this notice, please contact email@example.com. The Company will take appropriate steps to address any enquiries or complaints. The Company also cooperates with relevant data protection authorities for complaints concerning its handling of personal data.