Blue Umbrella Limited (“Blue Umbrella”) takes your privacy seriously. We want you to know how we collect, use, share, and protect your personal data.
This Privacy Statement tells you:1. What this Privacy Statement covers
Blue Umbrella has designated a Privacy Officer who is responsible for our compliance with this Privacy Statement. Our Privacy Officer may be contacted as described below.
This Privacy Statement applies to www.blueumbrella.com and www.bluedd.com (“Web Site”) and Blue Umbrella’s practices for handling personal information, including personal information provided to Blue Umbrella over the Internet by the public using the Web Site. This Privacy Statement also covers personal information provided by Blue Umbrella’s clients, and their third parties, job applicants and employees, using Blue Umbrella’s online third party compliance solution that is accessible only through an access-restricted portion of the Web Site. Blue Umbrella will collect, store, and use personal information only in compliance with this Privacy Statement and applicable law (which may include, as applicable, Hong Kong’s Personal Data (Privacy) Ordinance, cap. 486).
Please carefully read this Privacy Statement to understand how we will treat the information you provide while visiting this Web Site and while using any service that we provide. This Privacy Statement also describes your choices regarding the use of your personal information, and how you can access, update and correct your personal information. This Privacy Statement may change from time to time. Please check the Privacy Statement each time you use the Web Site for the most current information.
Your consent: If you do not want us to handle your personal data as described in this Privacy Statement, please do not use the Web Site. You will not be able to submit personal data through the Web Site unless you consent to this Privacy Statement.
We will obtain your consent to collect, use or disclose personal information except where we are authorized or required by law to do so without consent. Your consent can be express, implied or given through an authorized representative such as a lawyer, agent or broker. Consent may be provided orally, in writing, electronically, through inaction (such as when you fail to notify us that you do not wish your personal information collected/used/disclosed for various purposes after you have received notice of those purposes) or otherwise. You may withdraw consent at any time, subject to legal, contractual and other restrictions, provided that you give us reasonable notice of withdrawal of consent. If you notify us that you withdraw consent, we will inform you of the likely consequences of that withdrawal of consent, which may include our inability to provide certain services for which that information is necessary.
“Personal data” or “personal information”, as used in this Privacy Statement, means information that relates to you as an individually identifiable person.
Blue Umbrella collects personal information from you only if you have agreed that this information may be shared with us. Based on the nature of the transaction, the types of personal information that may be collected from you through the Web Site include the following:
Access to certain Blue Umbrella web pages and online services is not available to the general public and requires a login code and password provided by Blue Umbrella. Those web pages, and the information downloadable to and from those pages, is made available only to clients of Blue Umbrella.
Due Diligence Services:
Our clients may ask us to conduct a due diligence investigation on another organization (the “Client’s Third Party”) with which our client currently has, or is considering entering into, a business transaction or relationship. To initiate this due diligence investigation, our client may provide us with personal information on directors, shareholders, owners, or managers of Client’s Third Party. This personal information may include full name, date of birth, title, corporate affiliation, email address, phone number, passport or ID number. Before providing this personal information to us, our client must ensure that both our client and our Client’s Third Party have complied with any relevant data privacy legislation in their collection, use, storage and onward transmission of personal data to Blue Umbrella, including by providing applicable individuals with any legally required notice and by obtaining any legally required consent. Our Client’s Third Party also must acknowledge and agree that the due diligence investigation will include personal data relating to its directors, shareholders, owners, or managers.
1. First Party Cookies
Blue Umbrella’s Web Site may use technologies, such as cookies, scripts and tags to analyze trends, to administer the Web Site, to track users’ movements around the Web Site and to gather demographic information about our user base.
When you visit the Web Site, we may collect general Internet data, including your domain name, the web page from which you entered the Web Site, which pages you visited on the Web Site, and how much time you spend on each page. To collect this information, a “cookie” may be set on your computer whenever you visit the Web Site. A cookie is information sent by a web server to a web browser and stored by the browser. Each time the browser requests a page from the web server, the cookie communicates with the web server. This enables the web server to identify and track the web browser.
As is true of most web sites, Blue Umbrella gathers certain information automatically and stores it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp and clickstream data. We do not link this automatically-collected data to personal information.
For more information concerning our “cookie” policy, please visit https://www.blueumbrella.com/cookie-policy.html.
Blue Umbrella will not collect personal information indiscriminately but will limit collection of personal information to that which is reasonable and necessary for the purposes described in this Privacy Statement. We will also collect personal information as authorized by law.
Blue Umbrella will use and disclose personal information for the purposes set out in this Privacy Statement and as authorized by law.
2. Third Party Cookies
We may use third-party cookies and other automated devices and applications, such as those provided by Google Analytics, Google AdSense, LinkedIn and HubSpot. You can learn more about our use of these cookies through our Cookies Policy
We may track your online activities over time and across third party websites or online services. For example, we might use web beacons to help us determine what links or advertisers brought you to our Web Site. We then track your activities on our Web Site. We also may use web beacons to track your visits to other websites so that third party service providers can display Blue Umbrella advertisements to you on those other websites based on your activities while on the Web Site (“remarketing”).
When your personal information is collected on the Web Site (other than for third party compliance purposes), Blue Umbrella may use it for the purposes described in this Privacy Statement and for compliance purposes. Blue Umbrella will use your personal information for a materially different purpose only if you consent.
The purposes for which we will use your personal information include the following:
Due Diligence Services:
If our Client’s Third Party or our client provides us with personal information on the Client’s Third Party directors, shareholders, owners, or managers, we will use that information to conduct a due diligence investigation and prepare the due diligence report that our client requested. The personal information provided by our Client’s Third Party or our client may be included in the due diligence report that is disclosed to our client.
We will share your personal information with third parties only in the ways that are described in this Privacy Statement unless you consent. Blue Umbrella does not sell or rent personal information to third parties.
Previously Described Purposes:
Blue Umbrella may disclose personal information as necessary or appropriate for any of the listed above in “Purposes for Which We Use the Personal Data We Collect.”
Due Diligence Services:
When Blue Umbrella performs due diligence services for a client, the Company may disclose personal information submitted by the Client’s Third Party and/or our client through the Web Site about the Client’s Third Party directors, shareholders, owners, or managers to the Blue Umbrella client that requested the due diligence services.
Blue Umbrella also may disclose this personal information to certain third parties as necessary to conduct the due diligence investigation (such as national corporate registers and providers of databases including perpetrators of bribery, anti-money laundering and other criminal activity), as well as to third party representatives or subcontractors authorized by Blue Umbrella to assist in the due diligence investigation. Blue Umbrella discloses to these representatives and subcontractors only the personal information they need to deliver to Blue Umbrella (for the benefit of Blue Umbrella’s client) the requested product or service. Blue Umbrella prohibits these third parties from using that information for any other purpose. Blue Umbrella requires, by written agreement, that these parties maintain commercially reasonable measures to protect the confidentiality of the personal information received from Blue Umbrella.
Blue Umbrella may transfer personal information submitted to it for a due diligence investigation to an overseas receiver to perform the investigation. These transfers will occur when Blue Umbrella is attempting to verify the corporate standing of a potential third party, any past litigation or other adverse information of directors, shareholders, owners, or managers during times they were in country other than the country where they currently reside. All personal information will be transmitted and stored in a secure manner in accordance with the terms of this Privacy Statement. The Client’s Third Party and our client are responsible for obtaining the prior consent of the relevant directors, shareholders, owners, or managers to these cross-border data transfers.
Other Service Providers:
Blue Umbrella may retain agents, subcontractors or service providers from time to time in relation to our business or the products or services that we provide. If we require a service provider to deal with your personal information, we will take reasonable steps to ensure that the service provider adheres to privacy procedures and will keep your personal information confidential. We will not provide more information than is necessary to the service provider and will ensure that the information is returned or destroyed once the purpose for which it was given is filled.
Blue Umbrella is based in Hong Kong, and our affiliates and service providers may be located in various jurisdictions (including Germany, Canada, USA, Malaysia, Brazil and India), and you acknowledge that personal information may be processed and stored in foreign jurisdictions with different privacy laws, and that the governments, courts or law enforcement or regulatory agencies in those jurisdictions may be able to obtain disclosure of that personal information through the laws of the foreign jurisdiction.
Blue Umbrella also may disclose your personal information and any other additional information available to Blue Umbrella for any of the following purposes:
Blue Umbrella is committed to protecting the personal information that Blue Umbrella receives about individuals. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we cannot guarantee the security of your personal information, we utilize a combination of online and offline security technologies, procedures and organizational measures to help safeguard personal information against loss, misuse, and unauthorized access, disclosure, alteration and destruction.
We maintain physical, electronic and procedural safeguards to guard the personal information that you provide to Blue Umbrella. We employ Transport Layer Security (TLS) data encryption when data is transmitted over the Internet to our Web Site. In addition, we have security protocols and measures in place to protect the personal information we maintain about you from unauthorized access or alteration.
Specifically, we have installed firewall, physical security and technological security measures, and encryption of certain information. Strong password protection protocols are used on our computers, and employees are kept up-to-date on our security and privacy policies. The servers used to store personal information are maintained in a secure environment with appropriate security measures.
In addition, access to customer information is restricted to authorized personnel only. Only employees who need the personal data to perform a specific job (for example, a customer service representative) are granted access to personal data. Employees with access to personal data are kept up-to-date on our security and privacy practices.
It is important for you to protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Web Site.
You have a right to access your personal information held by us. If you have provided your personal information to Blue Umbrella while browsing Blue Umbrella’s publicly accessible Web Site, and wish to update such personal information (if any) that you have provided us, you may correct, update, amend or delete it by contacting us by email at the contact information listed below. If we do not make a requested change to your personal information, we will annotate the personal information under our control with a note that the correction was requested but not made.
Also, if you no longer desire our newsletters or similar marketing services, you may email us at info@bluedumbrellacom. We will promptly unsubscribe you from our mailing list.
How To Unsubscribe:
You may cancel or modify the email communications you have chosen to receive from Blue Umbrella by following the instructions contained in emails from us. Alternatively, you may email Blue Umbrella at firstname.lastname@example.org with your request, stating ‘Unsubscribe’ in the header and what email addresses you wish not to receive Blue Umbrella emails. Within a reasonable period, we shall ensure that such email addresses are unsubscribed.
Blue Umbrella will retain your information for the duration of the customer relationship, if any. We also retain your personal data for at least twelve (12) months after our last interaction with you. Further, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes or enforce our agreements. We will destroy, erase or make anonymous documents or other records containing personal information as soon as it is reasonable to assume that the original purpose is no longer being served by retaining the information and retention is no longer necessary for a legal or business purpose.
The Web Site may include links to third party web sites whose privacy practices may differ from those of Blue Umbrella. Please be aware that those third party web sites are outside of our control and are not covered by this Privacy Statement. If you submit personal information to any of those sites, your information is governed by their privacy policies. If you have questions about how another site uses your information, consult that site’s privacy statement.
Blue Umbrella does not offer services to children under the age of 16, and this Web Site is not directed to or intended for use by children under the age of 16. Blue Umbrella does not intend to collect information about children under the age of 16 through the Web Site.
California residents who use the Web Site may request that we provide certain information regarding our disclosure of your personal data to third parties for their direct marketing purposes. You can make such a request by email to email@example.com.
The information in this section, as well as the information in the section applies to users in the European Economic Area and Switzerland (collectively, the “EEA”).
Individuals who reside in the EEA (“EEA Individuals”) are not required by statute or by contract to provide any personal data to the Web Site. Blue Umbrella sometimes uses EEA Individuals’ personal data submitted through the Web Site for automated decision-making. For example, Blue Umbrella may display advertisements and send emails to you containing content automatically chosen based on the products you have ordered from us in the past. However, Blue Umbrella will not use EEA Individuals’ personal data submitted through the Web Site for automated decision-making, including profiling, which produces legal effects or similarly significantly affects the EEA Individual.
As described above in section IV, the personal data collected by Blue Umbrella may be transferred to Hong Kong or other jurisdictions (which may include Germany, Canada, USA, Malaysia, Brazil and India). The European Commission has not issued a determination that these non-European jurisdictions ensure an adequate level of protection for personal data.
Blue Umbrella processes your personal data with your consent and as required by law. In addition, if you provide information for recruitment purposes, Blue Umbrella processes your personal data as necessary to enter into an employment agreement with you. Blue Umbrella also processes personal data as necessary for its legitimate interests as follows:
1. Right to Object to Processing for Direct Marketing or Legitimate Interests
EEA Individuals have the right to object to the processing of their personal data for purposes of Blue Umbrella’s direct marketing or legitimate interests by contacting Blue Umbrella at firstname.lastname@example.org.
2. Other Individual Rights
Access, Correction, Deletion:
EEA Individuals have the right to access their personal data collected by the Web Site and to request that Blue Umbrella update, correct, or delete their personal data as provided by applicable law. EEA Individuals also have the right to restrict Blue Umbrella’s processing of their personal data.
EEA Individuals have the right to data portability concerning their personal data. Subject to certain limitations, the right to data portability allows EEA Individuals to obtain from Blue Umbrella, or to ask Blue Umbrella to send to a third party a digital copy of the personal data that they provided to the Web Site. EEA Individuals’ right to access their personal data includes their right to receive a copy of all, or a portion, of their personal data in Blue Umbrella’s possession as long as Blue Umbrella’s providing the personal data would not adversely affect the rights and freedoms of others.
Point of Contact/Complaints:
EEA Individuals can exercise these rights by contacting email@example.com. Blue Umbrella will respond to such requests in accordance with applicable data protection law. If EEA Individuals believe that their personal data has been processed in violation of applicable data protection law, they have the right to lodge a complaint with the relevant data protection authority in the country where they reside, where they work, or where the alleged violation occurred.
EEA Individuals may use the contact information above, at any time, to withdraw their consent for the processing of their personal data where Blue Umbrella requires their consent as a legal basis for processing their personal data. Any withdrawal will apply only prospectively, and Blue Umbrella will continue to retain the personal data that EEA Individuals provided before they withdrew their consent for as long as allowed or required by applicable law.
3. EU Representative:
Blue Umbrella’s representative in the European Union is Blue Umbrella Risk Management Limited. You can contact our representative at firstname.lastname@example.org.
Blue Umbrella may revise or update this Privacy Statement on occasion to reflect changes to our practices. If we make any material changes to this Privacy Statement, we will provide notification through the Web Site and such changes’ effective date prior to the changes taking effect. Blue Umbrella will not provide less privacy protection, without your consent, to information collected under a prior Privacy Statement. We encourage you to refer back to this Privacy Statement for the latest information and the effective date of any changes.
Any inquiries, complaints or questions regarding this Privacy Statement should be directed in writing to our Privacy Officer:
Blue Umbrella Limited
Last Updated: December 6, 2019