We commit ourselves to the highest standard for data protection and privacy. We are compliant with the EU’s General Data Protection Regulation, the applicable national data protection law in Latvia, and any data protection related terms in any agreement or contract in force between Findanode and its customers in relation to the supply by Findanode of services and/or products. Data protection is ensured by encryption and security measures throughout the lifecycle of your data.
The terms “Personal Data”, “Data Processing”, “Data Subject”, “Data Controller” and “Data Processor” have the same meaning as under Regulation (EU) 2016/679 – the General Data Protection Regulation (“GDPR”).
When and how we collect data
Findanode may collect your Personal Data through our communication and your usage of our products and services. Personal Data can be directly provided by you or indirectly collected by us (i.e. from your interactions, use, and experiences with our products and services).
Types of data we collect
We collect information to provide better services to you. We do not collect any data other than data strictly necessary for carrying out business operations and providing our services.
We collect the following data types:
● Contact (Information that facilitates communication, such as email and physical address, telephone number).
● Identifying (Information that can identify a specific individual. For example, depending on the Data Subject – name, government-issued ID, profile picture, birthdate).
● Professional (Information about an educational and professional career, such as employment history and previous roles).
● Location (Information about an individual’s location, such as Country, IP address).
● Communication (Information communicated to or from an individual, such as email conversations and the Personal Data that you might freely share with us in the communications).
How we use your data
● Administration, performance and termination of the contractual relationship between Findanode and the Client. Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR). This relates to Clients.
● Administration, performance and termination of the employment agreement (i.e. paying out salaries and providing benefits). Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR). This relates to Employees
● Legally required purposes (i.e. managing time off and sick days, pension and retirement administration, tax reporting, establishing and exercising legal claims in connection with the employment relationship). Legal basis for this is Compliance with a legal obligation (Art. 6(1)(c) GDPR). This relates to Employees
● Conduct integrity screenings. Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR) . This relates to Partners
● Assistance with the drafting, negotiating, and execution of the contract between the Client and a third party (buyer/seller of the airplane). Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR). This relates to Clients, Contractors.
● KYC/AML checks. Legal basis for this is Compliance with a legal obligation (Art. 6(1)(c) GDPR). This relates to Clients, Clients’ UBO(s) and directors.
● Payment and management of Partner invoices on behalf of the Client. Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR). This relates to Clients, Partners.
● Identify you and help you solve issues related to the usage of our services. Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR). This relates to Clients, Partners, Employees.
● Notify you of any changes to our services. Legal basis for this is Performance of a contract (Art. 6(1)(b) GDPR). This relates to Clients, Partners.
● Contact you to improve our services and customer experience. Legal basis for this is Legitimate interest (Art. 6(1)(f) GDPR). This relates to Clients, Partners, Employees.
● Direct Marketing. Legal basis for this is Consent (Art. 6(1)(a) GDPR). This relates to Data Subjects who gave their explicit consent
● Send you marketing material about our company (newsletters, blogposts, webinars, prizes, etc.). Legal basis for this is Legitimate interest (Art. 6(1)(f) GDPR). This relates to Clients, Partners
● Reporting marketing campaign activities (i.e. understanding how many leads our marketing campaigns were able to convert). Legal basis for this is Legitimate interest (Art. 6(1)(f) GDPR). This relates to Clients
Legal grounds for processing your data
Under the GDPR, we need to have a legal basis to lawfully process your Personal Data. For the described Data Processing, we rely on the following legal grounds:
● Performance of a contract: The Data Processing is necessary for the performance of a contract in which the Data Subject is a party or to take steps at the request of the Data Subject before entering into a contract.
● Legitimate interests: We process your data following our own, our business partners’, or your legitimate interests. For example, this occurs when we believe you would benefit from our services, products, or content.
● Consent: We will only process your Personal Data for the specific purposes you allowed us to. You can withdraw your consent whenever you wish.
Although restricting access to certain data might affect your experience, you can always make changes, such as:
● Disable cookies: You can block cookies in your web browser (check your browser’s Help page).
● Don’t provide Personal Data: You can still navigate the Website and access features that don’t require your personal information.
● You can withdraw your consent for marketing communications: We will contact you directly if we receive your explicit consent to send marketing communication, but if you don’t wish to hear from us again, please click the unsubscribe button on the communication or send us an email to email@example.com to let us know.
Data Subject rights
You may exercise any rights related to the Personal Data we collect by sending an email to firstname.lastname@example.org. We will then verify your identity and respond to your inquiry without undue delay within one month of receipt of the request.
That period may be extended by two further months where necessary, taking into account the complexity and number of the requests. We will inform you of any such extension within one month of receipt of the request, together with the reasons for the delay.
We note that where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either:
(a)charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or
(b) refuse to act on the request.
In such cases Findanode shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.
Find below a summary list of your rights and how you can exercise them:
If you require additional information regarding your Personal Data that we process, the purposes of the Data Processing, retention period, to whom we disclose personal information, any other information about your data please send us an email to email@example.com.
You can update most of the Personal Data we hold about you by sending us an email to firstname.lastname@example.org. To avoid any errors changes to some of the data types, such as ID, require submitting a document confirming the change.
You have the right to receive, upon request, your Personal Data that you have provided to us for purposes of Data Processing in a portable and machine-readable format.
In the event that the processing of your Personal Data by us is alleged to be carried out in the public interest or for the purpose of the legitimate interest pursued by us, you have the right to object to it by asserting specific reasons relating to your particular situation. If you object, we will not further process your Personal Data unless we can demonstrate that our continued processing of your Personal Data is premised on compelling legitimate grounds which override your interests, rights and freedoms affected by our continued processing of your Personal Data, or because your Personal Data serves to assert, exercise or defend legal claims. Any such objection does not affect the lawfulness of the processing activities carried out prior to your objection being communicated to us. To exercise your right, please send us an email to email@example.com.
If your objection is related to receiving marketing communications or our newsletter, please hit the unsubscribe link on the communication you no longer wish to receive.
You can restrict your data from being processed if:
a) we processed or will process inaccurate Personal Data
b) we processed your Personal Data unlawfully
c) we don’t need to process your Personal Data, but we need to keep it to allow you to establish, exercise, or defend a legal claim
d) you exercised your right to object processing, but we are still validating your request.
Under the following circumstances you may request that we erase (delete) your Personal Data without undue delay:
a) in case your Personal Data is no longer needed for the purposes for which it was collected;
b) if you have withdrawn your consent and there is no other legal basis for the processing of your Personal Data;
c) if you have filed an objection to our processing of certain of your Personal Data and there are no overriding legitimate reasons for continued processing such Personal Data;
d) if your Personal Data is being processed unlawfully;
e) if your Personal Data must be deleted in order to fulfill a legal obligation.
Please note that the Right to Erasure does not apply when the processing of your Personal Data is necessary for the compliance with a legal obligation Findanode is subject to, or for the establishment, exercise or defense of legal claims.
Lodge a complaint
If you believe that we are not processing your data in a lawful way under the GDPR or if you are not satisfied with any response we provide, you may lodge a complaint with a relevant data protection authority.
Personal Data Disclosure
We respect your rights as a Data Subject and only share your Personal Data with third parties if we are legally obliged to do so or where we need to comply with our contractual obligations, for example we may need to share certain information to external service providers such as agencies and authorities (including, but not limited to: various governmental agencies, airport authorities, customs officials etc.). Any third party with whom we share Personal Data is subject to an extensive security and privacy assessment review to ensure they can provide adequate technical and organizational security measures, however, some of them can make independent decisions on processing of Personal Data without adhering to our instructions, and therefore acting as independent Data Controllers, in this case Findanode shall not be held liable for any misuse of data made while processing of Personal Data by the abovementioned authorities due to their incompliance with GDPR.
When providing our services, we may also share your Personal Data with other Data Controllers, such as financial institutions, lawyers or notaries, licensed auditors assisting or supervising us in connection with our compliance obligations.
We might also need to disclose your Personal Data to comply with applicable law, enforce contractual rights, and respond to requests from courts, law enforcement, or regulatory agencies and government authorities as long as the request is deemed lawful.
Findanode operates at a global level and therefore Personal Data may need to be transferred to countries outside of where it was originally collected. When we transfer your Personal Data to a third country, we will ensure that this transfer complies with applicable laws and legislation. We share Personal Data with countries located outside the EU and the EEA, on the basis of EU Standard Contractual Clauses.
In accordance with applicable data protection laws, we do not store your Personal Data for longer than needed for the purposes of the respective processing activity. The relevant retention periods depend on the national legislation of the country you are based in.
If the Personal Data is no longer required for the performance or enforcement of contractual or legal obligations, we will delete it regularly, unless its further temporary storage is still necessary to:
– fulfil Findanode’s obligations pursuant to the agreement between Findanode and the Client;
– fulfil Findanode’s obligations pursuant to the employment agreement or other agreements with you, including payment of holiday allowance;
– establish, exercise, and defend a legal claim;
– fulfil statutory obligations to which Findanode is subject, such as continued storage pursuant to accounting legislation.
For more detailed information about the retention periods of the Personal Data that Findanode processes you can request a copy of our Archiving Policy at: firstname.lastname@example.org.
– Cookies cannot be used to run programs or deliver viruses to your computer.
– Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
– Most web browsers automatically accept cookies, but you can modify your browser settings to disable cookies if you prefer (check your browser’s Help page).
– If you choose to decline cookies, you may not be able to experience all the features of the Website and Services.
To learn more about cookies and how to manage them, visit internetcookies.org.
Privacy of Minors
We do not knowingly collect any Personal Data from persons under the age of 18. If you are under the age of 18, please do not submit any Personal Data through our Website or Service.
If you have reason to believe that a person under the age of 18 has provided Personal Information to us through our Website or Service, please contact us at email@example.com.
Changes and Amendments
We reserve the right to modify this Policy relating to the Website or Services at any time, effective upon posting of an updated version of this Policy on the Website. You can find the date of our last update at the bottom of the document.
Acceptance of this Policy
You acknowledge that you have read this Policy and agree to all its terms and conditions. By using the Website or its Services, you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to use or access the Website and its Services.
We have a dedicated person who is constantly monitoring our compliance with the General Data Protection Regulation (GDPR), other data protection regimes and policies of FCG in relation to the protection of Personal Data and privacy. For inquiries or requests, please contact us at firstname.lastname@example.org.
Last updated: 06.02.2023