Data that we hold and how we use it
As an investor or private shareholder in Nivo, we hold your contact and investment details. This data will have been sourced directly from you in the course of your investment.
We use this data to pass to the regulators*, to issue your share certificates** and to manage our relationship with you***.
Lawful basis for processing
Our lawful basis for processing your data is a legal obligation*; contractual obligation** and legitimate interest***.Our legitimate interest balancing test indicates that this is a legitimate purpose; you would not be surprised to hear from us based on the nature of our relationship, and our processing does not cause any harm or risk to you as a data subject.
Data Sharing and Transfers
We share your contact details in line with our regulatory requirements, so will be listed in official documents such as company filings and would be used in any potential data room.
Like most companies, we use a number of other companies as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield, or Standard Contractual Clauses. We do not sell your data to anybody.
As a shareholder/investor we hold your information for as long as we are legally required to do so.
Technical and Operational Security
All data is password protected, access controlled by 2factor authentication, backed up securely and encrypted when appropriate. All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects. Data Privacy by Design and Default is an integral part of our development processes. All devices are protected by leading enterprise mobility management technologies. We are ISO 27001 certified.