Last Updated: January 2020
If you are The Westly Group investor or a representative of an investor, please see the investor privacy notice, which is available in our investor portal, for information about our collection, use, and sharing practices with respect to investor information. In addition, our investor portal provider’s policies also apply to the information collected in our investor portal.
1. Information We Collect
a. Information You Provide Directly to Us
At this time, we do not allow users to directly provide us with their information through the Site. However, you may provide us directly with information in order to access certain services, to provide services to us or to request information of us. This information may include your name, contact information, resume information, payment information or other information about yourself.
Except where we are required to screen individuals pursuant to Office of Foreign Assets Control (OFAC) laws, and similar laws and regulations, you do not have a statutory or contractual requirement to provide us or our vendors with your personal data. If you do not provide us with your information, however, we may not be able to provide certain information or services to you. For example, we will not be able to review an application for employment without certain information; similarly, we will not be able to enter into a contract with a potential investor without certain information.
b. Information We Collect from Third Parties
We may also collect information from third parties, such as a CV received from a recruiting firm, fit-for-work information received from a physician, background information received from a background check provider, information we view on social media, or details obtained from publicly available lists of individuals subject to trade restrictions. We also collect information from business partners and vendors to support our provision of investment services. The data we collect from such third parties is often in aggregate form and not individually identifiable, though at times may include personal data. For example, we may collect information from providers of market surveys and vendors who aggregate publicly available information. The extent to which we may obtain information from such sources is governed by the third-party source.
c. Information that Is Passively or Automatically Collected
i. Device/Usage Information
We may automatically collect certain information about the computer or devices (including mobile devices or tablets) you use to access the Site. As described further below, we may collect and analyze information such as (a) IP addresses, location information, unique device identifiers, IMEI and TCP/IP address, and other information about your computer or device(s), browser types, browser language, operating system, mobile device carrier information, and the state or country from which you accessed the Site; and (b) information related to the ways in which you interact with the Site, such as referring and exit web pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, statistical information about the use of the Site, the amount of time spent on particular pages, the date and time you used the Site, the frequency of your use of the Site, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.
ii. Cookies and Other Electronic Technologies
We may also collect data about your use of the Site through the use of Internet server logs, cookies and/or tracking pixels. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to: (a) recognize your computer; (b) store your preferences and settings; (c) understand the web pages of the Site you have visited; (d) enhance your user experience by delivering content and advertisements specific to your inferred interests; (e) perform searches and analytics; and (f) assist with security administrative functions. We also may include tracking pixels and web beacons in email messages, newsletters, and other electronic communications to determine whether the message has been opened and for other analytics, personalization, and promotion. As we adopt additional technologies, we may also gather additional information through other methods.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). You can also manage the use of Flash technologies, including cookies and local storage objects with the Flash management tools available at Adobe’s website. Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Site.
d. Online Analytics
We may use third-party web analytics services (such as those of Google Analytics) on our Site to collect and analyze the information discussed above, and to engage in auditing, research, or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Other Tracking Technologies” section will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Site, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
e. Do-Not-Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not currently recognize or respond to browser-initiated DNT signals. Third parties, such as our analytics providers, may collect data that relates to you on our Site. We cannot control third parties’ responses to DNT signals. Third parties’ responsiveness to DNT signals is governed by their respective privacy policies. You can learn more about Do Not Track here.
2. How We Use Your Information
We may use the information we collect from and about you for the following purposes:
- For the purposes for which you provided it to us or a vendor;
- To provide the features and services available through the Site;
- To provide and improve our investment services, including evaluating potential investments and managing existing investments;
- To respond to your requests or to send you other communications;
- To conduct surveys and analyze market trends and interests;
- To process and respond to your inquiries or to request your feedback;
- For internal research and reporting;
- To improve the content and features of the Site;
- For recruiting purposes;
- To enforce the legal terms that govern your use of the Site; and
- To administer and troubleshoot the Site.
Please note that we may combine information that we collect from you and about you (including automatically-collected information) with information we obtain about you from our affiliates, vendors, and/or other non-affiliated third parties, and use such combined information in accordance with this Policy.
We may aggregate and/or de-identify information we collect. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties.
3. When We Disclose Your Information
We may disclose and/or share your information to or with any non-affiliated third parties under the following circumstances:
Consent. We may disclose your information to any third parties based on your consent to do so.
Service Providers. We may provide access to or share your information with select third parties who perform services on our behalf, including without limitation communications, market research, customer support, data storage, analysis and processing, and legal services.
Business Transfers. As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions (including in contemplation of such transactions, e.g., due diligence), user information may be among the disclosed or transferred assets. If any of The Westly Group’s assets are sold or transferred to a third party, your information could be one of the transferred business assets.
4. Legal Basis for Processing Personal Data
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds for processing your personal data are as follows:
Legitimate Interests. In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities, such as the following, in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:
- Providing our investment services
- Providing and maintaining our Site
- Analyzing and improving our business and Site
- Communications, including responding to your inquiries about our services
- Addressing information security needs and protecting our investors, The Westly Group, The Westly Group funds, and others
- Managing legal issues
- Legal Compliance. We need to use and disclose personal data in certain ways to comply with our legal obligations.
- Honor Our Contractual Commitments to You. Much of our processing of personal data is to meet our contractual obligations to our investors, or to take steps at investors’ request in anticipation of entering into a contract with them.
- Consent. Where we collect personal data from a third party that has obtained your consent, we may process your personal data on the basis of consent.
5. Your Choices, EU Data Subject Rights and California Privacy Rights
You can request access to and/or revision of certain personal data by contacting us as described below. If you wish to limit the emails you receive from us, you can let us know by contacting us as described in the “Contact Information and Questions About this Policy” section.
Subject to local law, you may have certain rights with regard to your personal data. To learn more about the personal data we collect about you or the rights you may have, please contact us at the contact information below. These rights may include the following rights to (1) access or rectify your personal data or request its deletion, (2) request a restriction on the processing of your personal data, (3) object to the processing of your personal data, or (4) exercise other rights with respect to your personal data. Please contact us as described below. While we strongly encourage you to first raise any questions or concerns about your personal data directly with us, you may have a right to lodge a complaint with the relevant supervisory authority.
Many of the rights described here are subject to significant limitations and exceptions under applicable law (e.g., objections to the processing of personal data, and withdrawals of consent, typically will not have retroactive effect). Please also note that if we collected your personal data from a third party, you may also need to contact that third party in order to exercise your rights with them.
California residents can make certain requests about their personal information under the California Consumer Privacy Act (“CCPA”). Specifically, if you are a California resident, you may request that we:
Provide you with information about: the categories of personal information we collect, disclose or sell about you; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we share personal information. Such information is also set forth in this Policy;
- Provide access to and/or a copy of certain information we hold about you;
- Delete certain information we have about you; and/or
- Provide you with information about the financial incentives that we offer to you, if any.
California residents can also designate an authorized agent to make access and/or deletion requests on their behalf. We will take reasonable steps to verify your identity before responding to a request for access and/or deletion from you or your designated agent. The CCPA further provides you with the right to not be discriminated against (as provided for in applicable law) for exercising your rights. Please note that certain information may be exempt from such requests under California law.
If you are a California resident and would like to exercise any of legal rights under the CCPA, please contact us at firstname.lastname@example.org.
Sale of personal information. The CCPA sets forth certain obligations for businesses that “sell” personal information. Pursuant to the definition of “sell” under the CCPA and current guidance, we do not engage in such activity and have not engaged in such activity in the past twelve months, including for minors under 16. Please note, we do share certain personal information with our service providers and certain other entities as set forth in When We Disclose Your Information.
6. Notice to California Residents
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the CCPA). We describe the categories of information we collect, our business purposes for collecting such information, the sources and uses of such information and the entities to which we share such information in the Information We Collect, How We Use Your Information, and When We Disclose Your Information sections of this Policy. We provide additional information required by the CCPA below.
Categories of personal information we collect, use and disclose. Throughout this Policy, we discuss in detail the types of information we collect from and about users and discuss how we use and share such information. See Personal Information We Collect for more details. The following are the “categories” of personal information under the CCPA that we collect and that we may, as discussed throughout this Policy, use and disclose for our business purposes:
Identifiers (such as name, address, email address); commercial information (such as transaction data); financial data (such as credit card information); device identifiers (such as IP address and unique device identifiers); Internet or other network or device activity (such as browsing history or app usage (such as your notes and highlights in the Services); general geolocation data from IP addresses; and other information that identifies or can be reasonably associated with you.
How we use these categories of personal information. We use the categories of personal information we collect from and about you consistent with the various business purposes we discuss throughout this Policy. See How We Use Your Information for more details.
7. Data Transfer
Our computer systems are currently based in the United States, and your personal data will be processed in the United States, which may not offer the same level of protection as the privacy laws of your jurisdiction.
8. Children’s Privacy
The Site is intended for general audiences and not for children under the age of 16. If we become aware that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) or personal data (under the GDPR) from children under the age of 16 without valid parental consent, we will take reasonable steps to delete it as soon as practicable.
We have implemented administrative, technical, and physical security measures to protect against the loss, misuse, and/or alteration of your information. These safeguards vary based on the sensitivity of the information that we collect and store. However, we cannot and do not guarantee that these measures will prevent every unauthorized attempt to access, use, or disclose your information since despite our efforts, no Internet and/or other electronic transmissions can be completely secure.
10. Data Retention
We will hold your information for as long as necessary to fulfill the purposes set forth in this Policy or as long as we are legally required or permitted to do so. Information may persist in copies made for backup and business continuity purposes for additional time.
11. Third-Party Links and Services
The Site may contain links to or “frame” third-party websites, applications, and other services, including our investor website, as described above. Please be aware that we are not responsible for the privacy practices of such other sites and services. We encourage our users to be aware when they leave our Site and to read the privacy statements of each and every site they visit that collects their information.
12. Changes to this Policy
We will continue to evaluate this Policy, and we may make changes to the Policy accordingly. Any changes will be posted here and you should check this page periodically for updates. If we make material changes to this Policy, we will provide you with notice as required by law.
13. Contact Information and Questions About this Policy
If you have any questions about our Policy, please contact us at email@example.com.