Last updated April 2023.
1.1 — Covelent with its registered office at 8 Vale Grove, London W3 7QP collect and use certain Personal Data. Covelent is responsible for ensuring that it uses that Personal Data in compliance with data protection laws.
2. The products and services we provide
3. The types of personal data we collect
3.1 — Many of the services offered by Covelent require us to obtain Personal Data about you in order to perform the services we have been engaged to provide. In relation to each of the services described at paragraph
3.2 above, we will collect and process the following Personal Data about you:Information that you provide to Covelent. This includes information about you that you provide to us. The nature of the services you are requesting will determine the kind of Personal Data we might ask for, though such information may include (by way of a non-exhaustive list):Basic Personal Data (such as first name; family name; position in the company; company name; company email address; business phone number; business address; city; postcode; country);Any information that you choose to share with us (whether through our websites or otherwise) which may be considered Personal Data;Information that we collect or generate about you. This includes (by way of a non-exhaustive list):Information about the Services which you have purchased and our interactions with you; When you visit Covelent Websites, cookies are used to collect technical information about the services that you use, and how you use them. For more information on the cookies used by Covelent please see our Cookie Notice.Information we obtain from other sources.We may be supplied with CV of prospective candidates for roles at both Covelent and our portfolio companies.We may from time to time use 3rd party public and private data sources to find out more information about an individual’s employment historyAnonymised dataIn addition to the categories of Personal Data described above, Covelent will also process further anonymised information and data that is not processed by reference to a specific individual.
4. How we use your information
4.1 — Your Personal Data may be stored and processed by us in the following ways and for the following purposes:For ongoing review and improvement of the information provided on or operation and security of Covelent Websites;To assess your application for our Services, where applicable;To set you up as a customer;To provide you with our ServicesTo understand feedback on our Services and to help provide more information on the use of those products and services quickly and easily;To communicate with you in order to provide you with services or information about Covelent and our products and services;To understand your needs and interests;For the management and administration of our business;In order to comply with and in order to assess compliance with applicable laws, rules and regulations, and internal policies and procedures;For the administration and maintenance of databases storing Personal Data; and / or We may process business communications traffic data sent and received by us for the purposes of evaluating our existing or prospective business relationship.
4.2 — However we use Personal Data we make sure that the usage complies with law and the law allows us and requires us to use Personal Data for a variety of reasons. These include where:We need to do so in order to perform our contractual obligations with our customers;We have obtained your consent;We have legal and regulatory obligations that we have to discharge;We may need to do so in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;The use of your Personal Data as described is necessary for our legitimate business interests, such as:Allowing us to effectively and efficiently manage and administer the operation of our business;Conducting market research or business analysis;Maintaining compliance with internal policies and procedures; and Promoting our business or Covelent Services.
5. Disclosure of your information to third parties
5.1 — We may share your Personal Data within Covelent for the purposes described above
6. International transfers of personal data
6.1 — Covelent is a global business. Our operations are spread around the world. As a result, we collect and transfer Personal Data on a global basis. That means that we may transfer your Personal Data to locations outside of your country
6.2 — Where we transfer your Personal Data to another country outside the EEA, we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to data being transferred outside of Europe, for example, this may be done in one of the following ways:The country that we send the data to might be approved by the European Commission as offering an adequate level of protection for Personal Data;The recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your Personal Data; Where the recipient is located in the US, it might be a certified member of the EU-US Privacy Shield scheme; or In other circumstances the law may permit us to otherwise transfer your Personal Data outside Europe.
6.3 — You can obtain more details of the protection given to your Personal Data when it is transferred outside Europe (including a copy of the standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in paragraph 11 below.
7. How we safeguard your information
7.1 — We have extensive controls in place to maintain the security of our information and information systems. The information that we handle is protected with safeguards appropriate to the sensitivity of the relevant information. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised employees.
7.2 — As a condition of employment, Covelent employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive Personal Data is limited to those employees who need to it to perform their roles. Unauthorised use or disclosure of confidential client information by an Covelent employee is prohibited and may result in disciplinary measures.
8. How long we keep your personal data
8.1 — How long we will hold your Personal Data for will vary and will be determined by the following criteria:The purpose for which we are using it – Covelent will need to keep the data for as long as is necessary for that purpose; and Legal obligations – laws or regulation may set a minimum period for which we have to keep your Personal Data.
9. Your rights
9.1 — In all the above cases in which we collect, use or store your Personal Data, you may have the following rights and, in most cases, you can exercise them free of charge. These rights include:The right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;The right to withdraw your consent to the processing of your Personal Data at any time. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason for doing so. For example, we may need to retain Personal Data to comply with a legal obligation;In some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to Personal Data which you have provided directly to Covelent; The right to request that we rectify your Personal Data if it is inaccurate or incomplete; The right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it;The right to object to, or request that we restrict, our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your Personal Data but we are legally entitled to refuse that request; andThe right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us.
9.2 — You can exercise your rights by contacting us using the details listed in paragraph 11 below.
10. Designated representative
10.1 — Covelent (UK) registered office may be contacted using the following contact information: Covelent, Vale Grove, London, W3 7QP email@example.com
11. Questions and concerns
11.1 — If you have any questions or concerns about Covelent's handling of your Personal Data, or about this Policy, please contact the Data Protection Team using the following contact information: Covelent, Vale Grove, London, W3 7QP firstname.lastname@example.org. We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, we will provide you with the contact information for that regulator.