Privacy Policy
At GIFAM, we are committed to protecting your privacy and ensuring the security of your personal data. This comprehensive privacy policy outlines how we collect, use, store, and protect your information in compliance with GDPR and international privacy regulations.
1. Introduction
GIFAM ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us in any way.
Key Principles:
- Transparency: We are clear about what data we collect and how we use it
- Security: We implement robust security measures to protect your data
- Control: You have control over your personal information
- Compliance: We adhere to GDPR and other applicable privacy laws
2. Information We Collect
2.1 Personal Information
We may collect the following types of personal information:
| Category | Examples | Purpose |
|---|---|---|
| Contact Information | Name, email address, phone number, postal address | Communication, service delivery, account management |
| Professional Information | Company name, job title, industry | Service customization, business development |
| Financial Information | Payment details, billing information | Transaction processing, financial services |
| Technical Information | IP address, browser type, device information | Website functionality, security, analytics |
| Usage Information | Pages visited, time spent, interactions | Website improvement, user experience |
2.2 How We Collect Information
- Direct Collection: When you provide information directly to us through forms, applications, or communications
- Automated Collection: Through cookies, web beacons, and similar technologies
- Third-Party Sources: From business partners, service providers, and public sources
- Client Interactions: During service delivery and client relationship management
3. How We Use Your Information
3.1 Primary Purposes
- Service Delivery: To provide our investment and consulting services
- Communication: To respond to inquiries and provide updates
- Account Management: To manage client relationships and accounts
- Legal Compliance: To meet regulatory and legal obligations
3.2 Secondary Purposes
- Business Development: To improve our services and develop new offerings
- Marketing: To send relevant information about our services (with consent)
- Analytics: To analyze website usage and improve user experience
- Security: To protect against fraud and ensure system security
3.3 Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: When you have given explicit consent
- Contract Performance: To fulfill our contractual obligations
- Legitimate Interest: For business development and service improvement
- Legal Obligation: To comply with applicable laws and regulations
4. Information Sharing and Disclosure
4.1 When We Share Your Information
We may share your information in the following circumstances:
| Recipient | Purpose | Data Protection |
|---|---|---|
| Service Providers | IT support, payment processing, analytics | Data processing agreements, security measures |
| Business Partners | Joint service delivery, strategic partnerships | Confidentiality agreements, limited access |
| Regulatory Authorities | Legal compliance, regulatory reporting | Legal obligation, secure transmission |
| Legal Representatives | Legal proceedings, dispute resolution | Legal privilege, confidentiality |
4.2 International Transfers
Your data may be transferred to countries outside the European Economic Area (EEA). We ensure adequate protection through:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Certification schemes and codes of conduct
- Binding corporate rules where applicable
5. Data Security
5.1 Security Measures
We implement comprehensive security measures to protect your personal data:
Technical Security
- Encryption in transit and at rest
- Multi-factor authentication
- Regular security audits
- Intrusion detection systems
Organizational Security
- Access controls and permissions
- Employee training and awareness
- Incident response procedures
- Regular policy reviews
5.2 Data Breach Response
In the event of a data breach, we will:
- Immediately assess the scope and impact
- Notify relevant authorities within 72 hours
- Inform affected individuals without undue delay
- Implement remedial measures to prevent recurrence
6. Your Rights
Under GDPR and other privacy laws, you have the following rights regarding your personal data:
Right to Access
You can request a copy of the personal data we hold about you and information about how we process it.
Right to Rectification
You can request correction of inaccurate or incomplete personal data we hold about you.
Right to Erasure
You can request deletion of your personal data in certain circumstances (the "right to be forgotten").
Right to Restriction
You can request that we limit how we process your personal data in certain circumstances.
Right to Portability
You can request a copy of your data in a structured, machine-readable format.
Right to Object
You can object to processing of your personal data in certain circumstances.
6.1 How to Exercise Your Rights
To exercise any of these rights, please contact us using the information provided below. We will respond to your request within one month, unless the request is complex or we receive multiple requests.
7. Data Retention
7.1 Retention Periods
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
| Data Category | Retention Period | Reason |
|---|---|---|
| Client Data | 7 years after service completion | Legal obligations, tax requirements |
| Marketing Data | 3 years from last interaction | Business development, consent period |
| Website Analytics | 2 years | Website improvement, user experience |
| Financial Records | 10 years | Regulatory requirements, audit purposes |
7.2 Data Disposal
When we no longer need your personal data, we will securely delete or anonymize it in accordance with our data disposal procedures.
8. Cookies and Tracking Technologies
8.1 Types of Cookies We Use
- Essential Cookies: Required for website functionality
- Analytics Cookies: Help us understand how visitors use our website
- Marketing Cookies: Used for targeted advertising and content
- Preference Cookies: Remember your settings and preferences
8.2 Managing Cookies
You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.
For detailed information about our use of cookies, please see our Cookie Policy.
9. Children's Privacy
Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:
- Update the "Last Updated" date at the top of this policy
- Provide notice of significant changes through our website or email
- Obtain consent for material changes where required by law
- Maintain version history for transparency
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Data Protection Officer
Email: dpo@gifam.eu
Phone: +1 (555) 123-4567
Address: 123 Business Street, Suite 100, New York, NY 10001
General Privacy Inquiries
Email: privacy@gifam.eu
Phone: +1 (555) 123-4568
Response Time: Within 48 hours
Supervisory Authority
You also have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not addressed your concerns adequately.
Questions About Your Privacy?
Our privacy team is here to help clarify any questions about how we handle your personal data.
Contact Privacy Team View All Legal Documents