EU Privacy

Privacy Notice for EU Website Visitors/Customers/Service Providers/Job Candidates

1 Information About Us and Introduction FGI Worldwide LLC (“FGI”, “we”, “us“ or “our”) offers a range of asset based lending services to both UK-based and international customers. In the course of providing these services, we process relevant personal data about our customers, related individuals, vendors and other business and marketing contacts.

This Privacy Notice contains important information about the way in which we collect, use, disclose, retain and otherwise process personal data in relation to EU citizens. FGI is committed to protecting the personal data of our customers and business contacts and respecting their privacy.

Data Controller: For the purpose of the General Data Protection Regulation 2016/679 and any implementing legislation (the “GDPR”), FGI Worldwide LLC is the data controller responsible for any personal data that we process. The address of our registered office is: 410 Park Avenue, Suite 920, New York, NY 10022.

2 Privacy Manager Contact Details Questions, comments, and other communications regarding this Privacy Notice, or our privacy practices in general, are welcomed and should be addressed to our Privacy Manager. Any queries and requests regarding this privacy notice may be emailed to Postmaster@FGIWW.com

3 What Personal Data Do We Collect and Why? This section 3 covers the different sources and categories of personal data that we collect and process, why we do so, and FGI’s lawful bases for processing personal data.

3.1 IF YOU ARE A CUSTOMER (or an employee, officer, shareholder or other individual associated with it)

A – Sources of personal data

B – Categories of Personal Data and Lawful Bases

C – Who does FGI share your personal data with?

D – How long will your personal data be kept by FGI?

A – Sources of personal data

We may obtain your personal data from the following sources:

From you:

a) from you directly (for example, by telephone, via our website, by e-mail, when you fill out our forms, or in the course of carrying out services for you if applicable). Please note that our calls with you may be recorded for training and/or security purposes. When we record our calls, we will ask you for your prior consent; or
b) if you contact us (by whatever means), we may keep a record of that correspondence.

From FGI (FGI generated):

a) from our own affiliates, including accountants and auditors; or
b) if you visit our premises, any incidental personal data that may be collected.

From third parties:

a) from a company that employs you, if you are our corporate customer;
b) from your advisors, including your bankers, accountants and auditors;
c) from other parties (or their advisers);
d) from credit reference agencies (who may search the UK Electoral Register);
e) fraud prevention agencies, CIFAS, or other organisations;
f) from various subscription services;
g) from publicly available sources (for example, governmental websites, company registries, credit reference agencies, search engines and social media sites); or
h) from your device or browser.

We reserve the right to carry out further checks from any of these sources from time to time for fraud prevention and credit control purposes.

B – Categories of Personal Data and Lawful Bases

The personal data we collect is used to protect our business interests including the following:

We collect the following personal data:

Our lawful basis for doing so is:

Our reasons in doing so are:

name

work email address

work address

work mobile telephone number

job title/function

video footage if you visit our premises

Legitimate interests

a) for the management of our customer records;

b) to develop and improve our services to you and other customers;

c) to learn from the way you use and manage your account(s), from transactions you make and from the payments which are made to your account;

d) to carry out operational and administrative actions, such as head office reporting and statistical analysis;

e) to collect debts;

f) to exercise or to defend legal claims.

g) to inform you of products, services and events that may be of interest to you by letter, telephone, messages, e-mail and other electronic methods, provided that we have your permission, where necessary; or

h) to exchange personal data with FGI Group companies for the purpose of reporting, global management, carrying out monitoring, analysing business, complying with group regulatory requirements and any other purposes that are incidental to or connected with the foregoing purposes; or

i) for the safety and security of our premises.

a copy of a passport, ID card or any other equivalent identity document

proof of residential address (for example, a copy of a utility bill, bank statement or any other equivalent document confirming the residential address)

a specimen signature

a completed “politically exposed person” questionnaire

source of funds

income levels and other financial data

Legal Obligation

a) for assessment and analysis necessary to prevent and detect money laundering, including but not limited to carrying out any relevant anti-money laundering and sanctions checks and fulfilling our obligations under any relevant anti-money laundering law or regulation (including under The Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017); or

b) to comply with any other professional, UK or EU legal and regulatory obligations which apply to us.

You may tell us at any time if you do not wish your personal data to be used for the purposes of our legitimate interests listed above, including to receive marketing communications from us by contacting our Privacy Manager.

Legal obligation

As a financial institution, FGI has a legal obligation to carry out due diligence on its customers in compliance with various anti-money laundering, counter terrorism, anti-bribery and anti-corruption, tax and other similar legislation prior to providing services to a customer. To do this, FGI may request personal data relating to an individual customer, a corporate customer’s directors and officers, authorised signatories, direct/indirect shareholders, trustees, settlors, protectors and beneficial owners. We may also process the personal data of the directors of any parent or subsidiary that provides our customers with credit support, or any other affiliated person of our customer who provides such credit support.

FGI may conduct real-time and/or automated screening against politically exposed persons and prohibited and/or sanctioned persons lists published by various regulators from time to time or checks through certain subscription services. This may include information relating to your partner or other members of your household.

If you are an individual customer, or an officer or authorised signatory of a corporate customer, FGI may also collect your contact details (including your name, title, postal address, telephone number(s) and email address) and other verification details, such as call-back contact details.

However, where you are unable to provide us with your personal data that is a legal (or a contractual) requirement in relation to the provision of our services to you, we may be compelled to refuse to offer our services.

Where we rely on legal obligation as the lawful basis, FGI may not be able to proceed with providing services if:

the documents listed above are not provided to complete our checks required by law; or
the documents and/or screening checks are not satisfactory to FGI in its sole opinion.

In providing our services to you, we will process the details of your transactions, account summaries, and other financial details relevant to the management of your account with us.

If you do not want us to process your personal data for the purposes above, please send an email to our Privacy Manager as set out in section 2 above.

C – Who does FGI share your personal data with?

We may share your information with companies that provide the following services to FGI:

*Parties*	*Explanation*
Credit reference and fraud prevention agencies	In some cases, where you are an individual associated with a corporate customer, we may need to share your personal data with authorised credit reference and fraud prevention agencies in order to obtain information from them that is necessary to make credit assessments and to prevent and detect fraud, money laundering and other crimes. Should an unaffiliated third party request a credit reference from us, or any other request for a reference that concerns you, we will not provide such a reference without your written permission. Such credit reference agencies may keep a record of the search. We reserve the right to carry out further checks from any of these sources from time to time for fraud prevention and credit control purposes.
Government or regulatory authorities	We may also disclose information about you if we have a legal duty to do so or if we are required or requested by any governmental, banking, taxation or other regulatory authority or similar body, or by the rules of any relevant stock exchange or pursuant to any applicable law or regulation or if the law allows us to do so. Otherwise, we will keep information about you confidential.
Third Parties involved in a Finance Document	We may also disclose information about you, including financial data and the results of any background (including for anti-money laundering or know-your-customer purposes) or credit checks to the following persons or entities: a) any person or entity to which we either propose to or actually assign any of our rights or transfer or otherwise dispose of (including by way of participation or sub-participation) any of our rights and obligations under any finance document to which a customer is a party; b) any person or entity to which we either propose to or actually assign any of our or customer’s Receivables or customer’s Receivables finance document to which a customer is a party; c) Guarantors or Indemnifiers who are party to a finance document; and/or d) Customer’s insurers, customers, service providers, advisers, agents and any other person or entities acting on customer’s behalf to assist the customer with a finance document.
Affiliates of FGI	FGI may share your personal data with its affiliates (see list in Annex 1), for the purposes of: a) providing us with back-office and middle-office support and systems for managing operations and treasury related risk; b) overall group-wide risk management; c) litigation management; d) allowing them to evaluate the opportunity to participate in lending transactions and opportunities that involve you or a company with which you are associated; e) compliance with regulatory requirements applicable to affiliates; and f) marketing. We may also share your personal data with [INSERT] where that is necessary for the purpose of enabling our affiliate(s) to evaluate the opportunity to participate in lending transactions and opportunities that involve you or a company with which you are associated, and for compliance with regulatory requirements applicable to affiliates. In so doing, FGI’s affiliates may be data controllers and / or data processors of your personal data together with FGI. As data controllers and / or data processors, these affiliates will process your data in line with the intra-group data transfer agreements that are in line with the requirements of the GDPR.
FGI’s service providers	We may give information about you and how you manage your account to organisations that provide a service to us or are acting as our agents, subject to contractual measures that we put in place obligating such organisations, on the understanding that they will keep the information confidential and will comply with applicable data protection laws. For example, we may share your information with the following types of service providers that we engage with: a) Technical support providers who assist with our website and IT infrastructure; b) Third party software providers, who may include ‘software as a service’ solution providers, where the provider hosts the relevant personal data on our behalf; c) Professional advisers such as solicitors, accountants, tax advisors, auditors and insurance brokers, insurers; d) Money laundering and compliance search providers; e) Providers that assist in debt collection; f) Providers that help us store, collate and organise information effectively and securely, both electronically and in hard copy format, and for marketing purposes; g) Providers that assist us in transferring information effectively and securely for HMRC and Court purposes; and/or h) Providers that help us generate and collate reviews in relation to our services.

D – How long will your personal data be kept by FGI?

We keep your personal data for as long as necessary for the purposes set out above, i.e. to respond to your queries and/or to maintain a relationship with you. We review the information we retain regularly and when there is no longer a legal or business need for us to hold it, we will either delete it securely or, in some cases, anonymise it in a way that no longer identifies you.

3.2 IF YOU ARE A CLIENT OF OUR CUSTOMER (i.e. a Business Debtor)

A – Sources of personal data

B – Categories of Personal Data and Lawful Bases

C – Who does FGI share your personal data with?

D – How long will your personal data be kept by FGI?

A – Sources of personal data

From you:

a) Directly

From third parties:

a) From our Customer; and
b) From credit reference agencies.

B – Categories of Personal Data and our Lawful Bases

We collect the following personal data:

Our lawful basis for doing so is:

Our reasons in doing so are:

Name

Business address

Work email address

Job title/function

Work (mobile) telephone/fax number

Credit reference data

Legitimate interests

a) Providing services to our customers

b) Debt Collection

C – Who will FGI share your personal data with?

Our Customers that you are connected to; and
FGI Affiliates.

D – How long will your personal data be kept by FGI?

FGI will retain your business contact details for as long as it is necessary for the purposes set out above (e.g. for as long as we have a relationship with you as our business contact).

We review the information we retain regularly and when there is no longer a legal or business need for us to hold it, we will either delete it securely or, in some cases, anonymise it in a way that no longer identifies you.

3.3 IF YOU ARE A PROSPECTIVE CUSTOMER

A – Sources of personal data

B – Categories of Personal Data and Lawful Bases

C – Who does FGI share your personal data with?

D – How long will your personal data be kept by FGI?

A – Sources of personal data

If you are a prospective corporate customer or an individual associated with a prospective customer (e.g. an employee, shareholder, a representative, a potential Security Obligor or otherwise connected) and not our existing customer, we will mainly process business contact details.

These details may be provided:

From you:

a) directly (for example, by telephone, via our website, by e-mail, when you fill out our forms). Please note that our calls with you may be recorded for training and/or security purposes. When we record our calls, we will ask you for your prior consent.

From FGI (FGI generated):

a) via our website;
b) by email;
c) by telephone;
d) during networking events that we have either hosted, or sponsored, or attended;
e) if you visit our premises;

From third parties:

a) from publicly available sources (for example, your company website).

B – Categories of Personal Data and Lawful Bases

We may process personal data for the purposes below:

We collect the following personal data:

Our lawful basis for doing so is:

Our reasons in doing so are:

contact details, including your name, title, postal address, telephone number(s), email address, survey responses

video footage

internal due diligence checks from publically available sources

financial data relating to associated individuals of our prospective customers

Legitimate interests

a) To provide you with information, products or services that you request from us or that we feel may interest you.

b) To enable us to plan visits to prospective customer premises and establish commercial relationship with the customer.

c) To provide security of our offices, when you visit us.

d) To carry out due diligence to check if we can provide our services to you.

Where required to do so by law, we will seek your prior consent where we use your email to communicate marketing information to you.

C – Who does FGI share your personal data with?

FGI may share your personal data with:

FGI’s affiliates with whom we may carry out joint marketing campaigns or events; and
From time to time, share your personal data with our advertising and promotional agencies and consultants and those organisations selected by us to carry out marketing campaigns on our behalf subject to appropriate contractual safeguards.

Please see further detail on the sharing of personal data in section 4 below.

D – How long will your personal data be kept by FGI?

FGI will retain your business contact details for as long as it is necessary for the purposes set out above (e.g. for as long as we have a relationship with you as our business contact).

If you wish to withdraw your consent, or object to our using your contact details for any of the purposes listed above, including direct marketing, please send us an email at: Postmaster@FGIWW.com

3.4 IF YOU ARE A SERVICE PROVIDER (covering their employees, authorised signatories, officers, directors and representatives)

A – Sources of personal data

B – Personal data that we collect and process

C – Why do we collect your personal data and what are our lawful bases for it?

D – Who does FGI share your personal data with?

E – How long will your personal data be kept by FGI?

A – Sources of personal data
FGI may obtain your personal data from the following sources:

from you directly (for example, when you fill out our forms, sign agreements with us, or in the course of carrying out services for us);
from a company that employs you, if you are a representative of one of our corporate service providers; and/or
from publicly available sources (for example, your company website).

B – Personal data that we collect and process

FGI may request personal data relating to our service providers’ officers, authorised signatories, and other associated individuals. This may include:

name;
job title; and
business contact details.

C – Why do we collect your personal data and what are our lawful bases for it?
We may need to collect your personal data to comply with any professional, legal and regulatory obligations which apply to us. The personal data we collect may also be used for the following of our legitimate interests:

We collect the following personal data:

Our lawful basis for doing so is:

Our reasons in doing so are:

name;

job title; and

business contact details

Legitimate interests

a) to communicate with you in relation to the services provided to us;

b) to meet our obligations to any relevant regulatory authority; and

c) to exercise or to defend legal claims and protect FGI’s legal rights.

If you object to us using your contact details for these purposes, please send us an email Postmaster@FGIWW.com

D – Who does FGI share your personal data with?

Party

Explanation

FGI’s affiliates

FGI may share your personal data with its affiliates (see the list in Annex 1) for the purposes of overall group-wide risk management, litigation management, compliance with regulatory requirements applicable to affiliates, and marketing.

Regulatory authorities

We may disclose information about you if we have a duty to do so or if we are required or requested by any governmental or regulatory authority or similar body, or by the rules of any relevant stock exchange or pursuant to any applicable law or regulation or if the law allows us to do so. Otherwise, we will keep information about you confidential.

Please see further detail on the sharing of personal data in section 4 below.

E – How long will your personal data be kept by FGI?

FGI will retain your business contact details for as long as it is necessary for the purposes set out above (e.g. for as long as we have, or need to keep a record of, our relationship with you as our business contact).

3.5 IF YOU ARE OUR WEBSITE VISITOR

A – Sources of personal data

B – Personal data that we collect and process

C – Why do we collect your personal data and what are our lawful bases for it?

D – Who does FGI share your personal data with?

E – How long will your personal data be kept by FGI?

A- Sources of personal data

We may obtain your personal data from the following sources:

from you directly (for example, at the time of subscribing to any services offered on our websites (FGIFinance.com, www.FGIRisk.com, www.FGIWorldWatch.com, www.FGIWorldWatchReport.com), including but not limited to email mailing lists, including your newsletter and email campaign preferences, interactive services, posting material or requesting further goods or services);
from your device or browser; and/or
if you contact us, we may keep a record of that correspondence.

B- Personal data that we collect and process

name;
work email address;
system passwords;
usernames;
business address;
personal address if witnessing a document;
location data;
job title/function;
operating system;
browser type;
cookie data (for more information please see our Cookie Policy: ; and/or
IP address (both static and dynamic).

C – Why do we collect your personal data and what are our lawful bases for it?
FGI processes your personal data for the following purposes:

We collect the following personal data:

Our lawful basis for doing so is:

Our reasons in doing so are:

name;

work email address;

system passwords;

usernames;

job title/function

operating system;

browser type;

cookie data; and/or

IP address.

Legitimate interests

a) to allow you to participate in interactive features of our service when you choose to do so

b) to ensure that content from our website is presented in the most effective manner for you and for your device

c) to allow us to share information in order to provide any product or service you have requested

d) for the provision of support services

e) for the management of our customer records

f) for system administration purposes

g) for generating and monitoring statistical data about our users’ browsing actions and patterns, the number of visitors to our website, the pages visited and how long they stayed

h) to exchange personal data with FGI Group companies for the purpose of reporting, global management, carrying out monitoring, analysing business, complying with group regulatory requirements and any other purposes that is incidental to or connected with the foregoing purposes.

As described in our Cookie Policy, we will not set cookies on a user’s device unless they have consented to our doing so, unless the cookies in question are necessary for the performance or navigation of our website.

Please do not submit your information to via our website, if you do not want us to process your personal data for the above purpose.

If you do not want us to process your personal data for the purposes above, please send an email to Postmaster@FGIWW.com

D – Who does FGI share your personal data with?

We may share your information with companies that provide the following services to FGI:

Analyse or evaluate our data collection process or customer service fulfilment;
Service providers, such as website hosting companies or those that operate the website on which information about you is collected.

Please see further detail on the sharing of personal data in section 3.6 below.

E – How long will your personal data be kept by FGI?

We keep your personal data for as long as necessary to respond to your queries and/or to maintain a relationship with you. When our relationship ends, we will delete your personal data or aggregate the data we collect about our website use, so that the data no longer identifies you.

3.6 IF YOU ARE A JOB CANDIDATE

A – Sources of personal data

B – Personal data that we collect and process and our lawful bases

C – Who does FGI share your personal data with?

D – How long will your personal data be kept by FGI?

A- Sources of personal data

We may obtain your personal data from the following sources:

From you:

a) Candidate CVs/ Application Forms
b) FGI website

From FGI (FGI generated):

a) Interview notes
b) Derived data (generated as a result of interviews/application forms)

From Third Parties:

a) From publicly available sources (for example, professional networks, such as LinkedIn and other social network sites)
b) FGI Affiliates
c) Individual referrals or a recruitment agency

B – Personal data that we collect and process and our lawful bases

FGI processes your personal data for the following purposes:

*We collect the following personal data:*	*Our lawful basis for doing so is:*	*Our legitimate interests in doing so are:*
Candidate CVs (which may include but is not limited to date of birth, address, telephone contact numbers, salary information and hobbies) Application forms Interview notes Evidence of skills and qualifications (including education and qualification history) References	Legitimate Interest	Evaluating the suitability of candidates
Special Categories of Personal Data (race; ethnic origin; politics; religion; trade union membership; genetics; biometrics (where used for ID purposes); health; sex life; or sexual orientation).	Legal obligation	To make reasonable adjustments during the recruitment process.
Criminal convictions data	Legal obligation Legitimate interest Consent	To assess suitability
Details of (requirement for) residency, visas or work permit Passport/other relevant national ID document	Legal obligation	Comply with the obligation to hire individuals with the right to work

C – Who does FGI share your personal data with?

As a multinational company, FGI shares Personal Data of job applicants with other members of the FGI group of companies, for the purposes set out in Annex 1 of this Notice. We will ensure that Standard Contractual Clauses are in place to ensure that these group companies Process your data in accordance with this notice.

D – How long will your personal data be kept by FGI?

We will keep and process your Personal Data until the end of Company’s recruitment process regarding your application, extended to cover the relevant statutory period or for the duration of any relevant legal proceedings. More specifically, your personal data will be retained as follows:

If you submit your own personal data and are unsuccessful:

Your personal data will be deleted after the expiration of 6 months following the conclusion of the recruitment process for the role for which you have applied, unless you tell us that you consent for us to retain your data for a further 6 months in case a suitable opportunity arises.

If you apply via a third-party staffing or recruiting company and are an unsuccessful candidate:

Your personal data will be deleted after the expiration of 6 months following the conclusion of the recruitment process for the role for which you have applied, save that your name, email address and the name of the agency that submitted your name will be retained for 12 months. This is to enable us to meet our contractual obligations with the third-party staffing and recruiting company that referred you to us.

If you have made a speculative application through the website and we have not pursued your application, we will also delete your personal data after the expiration of 6 months.

4 Sharing of Your Information Data that we collect may be shared with our affiliated companies (please see Annex 1), suppliers or service providers as mentioned specifically in each relevant section above. Also, we may share your personal data in the following cases:

a) as permitted by law in order to investigate, prevent or take action regarding illegal activities, suspected fraud, violation of our intellectual property rights, situations involving potential threats to the physical safety of any person, violation of our Terms and Conditions or other agreements, or as required by law; and/or
b) in the context of mergers and acquisitions, FGI may transfer your personal data to potential purchasers and their advisors, subject to appropriate confidentiality obligations, in the event FGI decides to dispose of all or parts of its business.

5 Transfers Outside the European Economic Area
In general, when transferring your personal data outside the EEA to a third party (which consists of EU member states and Iceland, Lichtenstein and Norway), we will put in place one of the following and only transfer data using one of the following safeguards:

i. the transfer is to a non-EEA country which has an adequacy decision by the EU Commission;
ii. the transfer is covered by a contractual agreement, which covers the GDPR requirements relating to transfers to countries outside the EEA.
iii. the transfer is to an organisation which has Binding Corporate Rules approved by an EU data protection authority; or
iv. the transfer is to an organisation in the US that is EU-US Privacy Shield certified.

For security purposes (in particular back-up and failover), FGI mirrors EU personal data on FGI servers located in the United States.

You may request a copy of the relevant documents by contacting our Privacy Manager as indicated in section 2 above.

6 Your Rights If you are an EU citizen, you have the following rights in relation to your personal data under the GDPR:

a) to obtain information on how we handle your personal data and access documents which contain your personal data;
b) to request us to correct or update your personal data if it is inaccurate or out of date;
c) to object to the processing of your personal data for the purposes of our legitimate interests, as discussed above;
d) to erase personal data about you that is held by us:
- i. which is no longer necessary in relation to the purposes for which is was collected,
- ii. to the processing of which you object, or
- iii. which may have been unlawfully processed by us;
e) to restrict processing by us, i.e. to restrict processing to storage only:
- i. where you oppose to deletion of your personal data and prefer restriction of processing instead, or
- ii. where you object to the processing by us on the basis of its legitimate interests;
f) to transmit personal data that you submitted to us back to you or to another organisation in certain circumstances; and
g) to withdraw your consent at any time, if we rely on your consent (for example, when setting cookies on your device or for direct marketing).

If you at any time decide that you do not want to be contacted for direct marketing purposes or if you would like to exercise any of these rights, please contact our Privacy Manager as indicated in section 2 above.

If you are unhappy with how we have dealt with your request or concern, you have the right to file a complaint with the Information Commissioner’s Office, the UK supervisory authority. For more details, please visit the ICO’s website: https://ico.org.uk/concerns/handling/

Annex 1 – FGI entities

FGI entity	Address
FGI Worldwide LLC (primary operating company)	410 Park Avenue, Suite 920 New York, NY 10022
FGI Finance UK LLP	4 Fulwood Place London, WC1V 6HG
FGI Licensing Insurance Services LLC	410 Park Avenue, Suite 920 New York, NY 10022