Last updated: November 2022
This Privacy Notice is issued by Apex Financial Services B.V., Van Heuven Goedhartlaan 935A, 1181 LD Amstelveen, the Netherlands and applicable to its shareholder Apex Financial Services Group B.V., its subsidiary Apex Fiduciary Services B.V. and affiliated companies Apex Administrative Services B.V., Apex Company Secretarial Services B.V. and Apex Fund Services (Netherlands) B.V. (together “Apex Netherlands”).
1. Who are Apex?
Apex Netherlands principally offers corporate and administration services. Apex Netherlands are wholly owned subsidiaries of Apex Group Limited (Apex Netherlands and other subsidiaries of Apex Group Limited together the “Apex Group”).
2. What is this Privacy Notice?
At Apex Netherlands we collect personal information about you and are committed to protecting this information and your privacy. Set out below is an explanation of how we use, collect and safeguard your personal information. This Privacy Notice applies where Apex Netherlands receives personal data through its website, or in connection with any services provided for you (“Services”).
3. What personal information do we collect?
Apex Netherlands will collect and use only as much personal data from you as is necessary to be able to provide you with the products and services you have requested from us. You may provide us with your personal information where you enter your personal information via our website, engage with us in respect of our Services, or correspond with us by phone, email or otherwise. Depending on the services, products or information you request from us, we may ask you to provide the following personal information:
- name, date and place of birth, address, email address, telephone number and other contact details, social security number, nationality, gender, marital status, copy of ID documents, source of wealth, utility bill, bank statements and tax residency;
- bank account details or other payment or financial information;
- a record of any correspondence you have with us, including certain telephone calls; and
- online identifiers including IP address and cookies.
We may, from time to time, receive information about you from other companies in the Apex Group or our network, or from publicly available sources.
4. Why do we collect your personal information and what is the legal basis?
We collect this information to enable you to use our website and to provide any Services to you. Our use of your information is based on either performance of a contract, legitimate business interest or required by law to provide the Services.
In addition, we are required by law to obtain “know your client” information as detailed in our terms of engagement for our Services, and this includes certain personal information including information contained in a formal identification document or other unique reference relating to you.
5. How do we use your personal information?
We will use the information we hold about you for the following purposes:
- To provide you with the services, products, and/or information you request from us;
- To check your identity;
- To assess any application you make to participate in any service we provide;
- Prevent and detect fraud and/or money laundering;
- To communicate with you as necessary;
- To carry out analyses about our services and how we might improve them; and
- To notify you about changes to our services.
6. Who we share personal information with?
We will only disclose your personal information in accordance with applicable laws and regulations. We will disclose your information to the following third parties:
- Any person with legal or regulatory power (such as the Dutch Central Bank, Tax Authorities, police or Dutch Data Protection Agency that may require disclosure on legal grounds);
- Service providers engaged by us to help us run our business and perform the Services. Such service providers will include, for example, cloud storage providers (engaged by us to provide electronic storage facilities for our business data and your information); and
- Any member of the Apex Group which means our subsidiaries, our ultimate holding company and its subsidiaries (from time to time) as necessary to perform the services.
Some of these third parties (including Apex Group subsidiaries and service providers) may be outside of the European Economic Area (EEA). We will ensure that any such subsidiary or service provider has put in place adequate safeguards to ensure that your information is held securely and in accordance with this Privacy Notice.
Transfers within the Apex Group will be covered by an agreement entered into by members of the Apex Group (an intra-group agreement) which contractually obliges each member to ensure that your Personal Data receives an adequate and consistent level of protection wherever it is transferred within the Group.
7. How we keep your information secure?
We store the information you provide about yourself in a secure database or when it concerns physical information in a secure cabinet and take appropriate security measures to protect such information from unauthorized access. For example, we have adopted internal data protection procedures and trained our staff with a view to preventing breaches of security. All electronic exchanges of information goes through encrypted channels in order to prevent interception of your information. As Apex websites are grouped to the internet, which is inherently insecure, Apex cannot guarantee the information you supply will not be intercepted while being transmitted over the internet. Accordingly, Apex has no responsibility or liability for the security of personal information transmitted via our website.
8. How long we will store your information for?
We generally hold your personal data on our systems for as long as is necessary to provide the Services and as required by law. This is ordinarily 5-10 years from the date you cease to use the Services in order to allow us to refer to your information in correspondence with you, or in connection with legal or regulatory proceedings.
9. Your rights
You have the following rights in relation to how we use your information. If you’d like to exercise these rights, please contact us using the contact details listed at section 13 “Who can you speak to about this Privacy Notice?”
- Right of access – you have the right to know if we are using your information and, if so, the right to access it and to receive information about how we are using;
- Right of rectification – you have the right to require us to rectify any errors in the information we hold about;
- Right to erasure – you have the right to require us to delete your information in certain circumstances if our continued use is not justified;
- Right to restrict processing - in some circumstances, although you may not be entitled to require us to erase your information but may be entitled to limit the purposes for which we can use your information;
- Right of data portability – you have the right to require us to provide you with a copy of your information in a commonly used machine-readable format or to transfer your information directly to another controller (e.g. a third party offering services competing with ours); and
- Right to object for using your information for direct marketing purposes.
Apex Netherlands does not make decisions about you using automated decision making or profiling of your personal data.
10. How do Apex websites use my Internet Protocol (IP) address and collect cookies?
Each time you use our websites, we will automatically collect certain technical information, including the type of browser you use, the Internet Protocol (IP) address used to connect your computer to the internet and information about your visit, including the full Uniform Resource Locations (URL), clickstream to, through and from our sites, traffic data and other communication data, the resources that you access, and the information derived from the cookies we place on your mobile device and/or computer. In order to improve the quality of our website and services, we may from time to time send your computer a "cookie". Cookies are text files that identify your computer to our server and are stored on your device. Cookies in themselves do not identify the individual user, just the computer used. Cookies enable us to improve your user experience by avoiding the need for you to enter the same information more than once. They also allow us to analyse user behaviour to improve the functionality and performance of our website.
For more information about how we collect information from the Apex Group website, please visit our cookie notice.
11. Following links from our websites
Our site may contain links to other sites. Such other sites may also make use of their own cookies and will have their own privacy policies. You should carefully review the privacy policies and practices of other sites, as we cannot control or be responsible for their privacy practices. We do not accept any liability for the privacy practices of such third-party websites and your use of such websites is at your own risk.
12. Changes to this Privacy Notice
We will update this Privacy Notice when necessary to reflect changes in the law, our used practices and in our services, as well as to ensure it is accurate and up to date. When we make an update we will amend the date at the top of this notice, you are therefore advised to check this Privacy Notice periodically. We may also notify you in other ways from time to time about the processing of your personal information.
13. Who can you speak to about this Privacy Notice?
Questions, comments and the exercise of your rights regarding this Privacy Notice and your information are welcomed and should be addressed to the local Data Protection Manager by e-mail: firstname.lastname@example.org or by post to the local Data Protection Manager, Apex, Van Heuven Goedhartlaan 935A, 1181 LD Amstelveen, The Netherlands.
If you wish to make a complaint on how we have handled your personal information, you can contact our local Data Protection Manager. If you are not satisfied with our response or believe we are processing your personal information not in accordance with the applicable law you can complain to the supervisory authority in the Netherlands responsible for the implementation and enforcement of GDPR: the Dutch Data Protection Authority (Autoriteit Persoonsgegevens hereafter the “AP”). You have the right to complain to the AP about our collection and use of your information. You can contact the AP via their website – https://autoriteitpersoonsgegevens.nl/.