Last revised May 25, 2018
Personal data that we collect is controlled by Cyndx Networks LLC, 757 3rd Ave., Ste. 1502, New York, NY 10017. We act as processor with respect to data that we control.
Some of our clients use our platform to process personal data that they control. With respect to such personal data, those clients act as controllers, and we act as processor.
We engage a sub-processor to provide web hosting and platform services on our behalf. We purchase our sub-processor’s standard offering; consequently, the sub-processor controls the country in which data is stored. Our sub-processor stores all data that we control and process in the United States of America.
What personal data do we collect and process from you and others in connection with the Cyndx platform?
In connection with the Cyndx platform, the categories of personal data that we collect and process from you and others include:
- email and physical addresses,
- business telephone numbers,
- information about business affiliations, and
- information about holdings in certain securities.
We obtain such personal data in several ways:
- we collect personal data when a business registers for our software-as-a-service (“SaaS”) platform and provides information regarding its authorized users;
- we collect personal data when you enter information regarding your business’s team into our Raiser capital-raise tool;
- we collect personal data when you enter information regarding natural persons’ holdings in securities into our Owner capitalization table tool;
- we collect business-related personal data from publicly available sources and third-party vendors, some of which is made available in our Raiser capital-raise tool and our Finder research tool; and
- you may choose to provide us with certain personal data when you contact us, visit our website, or register to hear about our products or services.
In using our Raiser and Owner platforms, you may choose to limit the amount of personal data that you enter into our platform or to avoid providing us with personal data at all.
What Usage Data Do We Collect?
We collect technical information about visitors to our website and users of our SaaS platform, including internet protocol (“IP”) addresses, internet service providers, browser types, date and time stamps, device types, and operating systems. To collect this information, we use common internet technologies, such as cookies and web beacons. We use this technical information:
- to administer our services more efficiently,
- to analyze trends,
- to administer our SaaS tools and website, and
- to gather information about our user base.
If you are a current, prospective or former user of Cyndx products, we may obtain similar technical information in connection with our email marketing campaigns. To evaluate the effectiveness of our email marketing, we may, for instance, see whether you opened an email message from us, if your email device supports such capabilities.
In addition, for Cyndx’s paid and logged-in platforms only, we use several third-party analytics tools to collect information about the performance and usability of the Cyndx platform.
We do not collect or process personal data falling into the special categories set forth in Articles 9 and 10 of the GDPR.
We do not offer services to children, and we do not knowingly collect children’s personal data. If you believe that we have collected or processed a child’s personal data, please contact us at firstname.lastname@example.org.
How do we use personal data?
We offer SaaS tools to companies seeking to raise capital and manage their capitalization tables and to institutional investors seeking strategic opportunities. Certain features of those tools require that we store, process, and make available to our clients—who access our platform subject to confidentiality restrictions—business-related personal data. Our clients may access such personal data to find representatives of either prospective investors or companies in which they are interested in investing. They may also store and access personal data to manage their capitalization tables. Our clients may be able to export limited amounts of personal data from the Cyndx platform for their business purposes, subject to confidentiality restrictions.
In addition to using personal data to facilitate the core functions of the Cyndx platform, we use personal data to manage and authorize access to the Cyndx platform. We also use the personal data of our clients’ authorized users to provide support to our clients.
We collect only as much personal data as is needed to further these purposes. We do not engage in, or permit, processing of personal data unconnected with these purposes.
For How Long Do We Retain Personal Data?
We retain personal data only for as long as necessary for the purposes for which it was collected, including where such data is collected for the purpose of maintaining up-to-date business-related contact information accessible by users of our SaaS tools. We may also retain personal data to comply with applicable legal or regulatory requirements, to maintain security, to prevent fraud and abuse on the Cyndx platform, or to enforce our contractual rights. To the extent that we need to retain a person’s personal data to fulfill those purposes, but identification of the person is no longer necessary, we will endeavor to pseudonymize such person’s personal data in our systems.
What Is the Legal Basis for Our Processing of Personal Data?
We process personal data only if there is a legal ground to do so. Without prejudice to other valid legal grounds for processing data under the GDPR and other laws and regulations, we may process your data if:
- you have given affirmative consent to the processing of your personal data for specific purposes;
- the processing is necessary either for the performance of a contract to which you are party or to take steps at your request before entering into a contract;
- the processing is necessary for compliance with a legal or regulatory obligation;
- the processing is necessary to protect our vital interests; or
- the processing is necessary for the pursuit of our legitimate interests or those of our clients, except where such interests are overridden by the interests or the fundamental rights and freedoms of the persons whose data is so processed.
Why, and to whom, might we disclose personal data?
In the ordinary course of our business, we may disclose certain personal data to our clients where such data is material to their efforts to complete business transactions. Further, we may disclose personal data to our subsidiaries, affiliates, agents, contractors, service providers, and other third parties that we engage to support our business. Such disclosures are limited by confidentiality restrictions contained in separate agreements in place between us and our clients.
Outside of the ordinary course of our business, we may transfer personal data in the following situations:
We do not disclose personal data for direct marketing purposes.
In the future, we may transfer personal data under our control to other countries. If we do so, we will ensure that we transfer such data subject to appropriate safeguards.
What are your rights with respect to your personal data?
You may have the following rights with respect to your personal data that we store:
- Right of Access: You may have a right to access and obtain a copy of your personal data as processed by Cyndx.
- Right to Rectification: If you believe that we possess your personal data and that your personal data are incorrect or incomplete, you may request the correction or completion of your personal data.
- Right to Erasure: You may request the deletion of your personal data from our systems.
- Right to Restrict Processing: You may request restriction of the processing of your personal data on our systems.
- Right to Object: You may object to the processing of personal data where we have not obtained your consent but have undertaken such processing where we believe that pursuit of our legitimate interests is not overridden by your fundamental rights and freedoms with respect to the personal data that we are processing.
- Right to Withdraw Consent: If we previously obtained your consent to process your personal data, you may withdraw your consent for us to process your data in the future.
We will honor your requests, objections, and withdrawals as required under applicable law and data protection rules, which qualify the rights listed above with certain exceptions. We may refuse to honor your requests, objections, and withdrawals if such exceptions apply.
If we cannot honor your request, objection, or withdrawal, we will explain to you the reasons for our decision.
To exercise your rights, or to inquire about your personal data, please contact us at email@example.com. We will investigate your concern and respond to your inquiry promptly. If you contact us, we may request additional information necessary to confirm your identity.
If you are dissatisfied with our response, you may complain to the data protection authority in the jurisdiction where you reside.
How do we secure your data?
Within our business, we have implemented internal controls to protect personal data from misuse, unlawful disclosure or access, and any other unlawful form of processing, and we take reasonable steps to secure your personal data from external misuse or unauthorized disclosure while such data is under our control.
We endeavor to protect your information during its transmission by using Secure Sockets Layer (SSL) software. Nevertheless, the transmission of information via the internet is never entirely secure, even when information is encrypted during transmission. Consequently, we do not warrant the security of information that you send to us during its transmission.
How to Contact Us
Cyndx Networks LLC
Attention: General Counsel
757 3rd Ave., Suite 1502
New York, NY 10017