Last update: Jan 2022
1. OUR COMMITMENT TO PRIVACY
Aura Labs (AURA, “We”, “Our”, “Us”) is such an organisation with a distinct focus on integrity & compliance risk management. As part of our business, we collect information about people, companies and organisations.
AURA provides this Privacy Statement to describe and explain our information practices, and the measures we take to protect your privacy and comply with applicable law and obligations. It describes how we collect, use, share and secure the personal information you provide. It also describes your choices regarding use, access and correction of your personal information.
2. SCOPE OF THIS STATEMENT
This statement covers all types of personal data that AURA holds. This may be data that we hold in our capacity, which may include:
- individuals and companies identified via a government issued list or media reports that may be of interest to AURA’s clients;
- contact persons within our actual or potential client organisations; or
- actual clients and their employees; or
- partners of clients who are involved with our clients’ compliance programmes and their employees.
3. GENERAL PRINCIPLES
AURA collects personal data from many geographical regions and sources. Our policy is to comply with all legislation, using an overarching set of principles to guide us, which we set out in further detail below.
- Notice: Where it is our responsibility under applicable law, we notify individuals about the purposes for which we collect and use information about them. This includes information about how individuals can contact us by email at our website with any inquiries or complaints, the types of third parties to which we disclose the information and the choices and means we offer for limiting its use and disclosure.
- Choice: Where we hold personal data where required by applicable law, we give individuals the opportunity to choose whether certain technologies are used (i.e. cookies) and whether their personal data will be disclosed to a third party or used for a purpose incompatible with the purpose for which it was originally collected. Where we hold personal data on behalf of a client, we ensure that the personal data is secure and processed in accordance with the instructions of our client.
- Onward Transfer (Transfers to Third Parties): Other than onward transfer to clients (as discussed in this statement), and other than as described in this Policy, AURA does not share, sell, rent, or trade personal data with third parties in any way. We may share the personal data you provide to us with business partners for services such as conducting due diligence investigations. We may also disclose personal data as required or permitted by law, or when we believe in our sole discretion that disclosure is necessary or appropriate to protect our rights or to comply with a judicial proceeding, court order, law-enforcement request, or other legal process.
- Access: Where we hold personal data where required by applicable law, we provide the ability for individuals to correct, amend, access or delete personal data held about them where it is inaccurate. You may correct, amend or delete your information by contacting us. We will respond to your request within a reasonable timeframe. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information for as long as reasonably necessary for the purpose(s) for which the information was collected.
- Security: We take reasonable organizational, technical, administrative and physical steps to protect against unauthorized access to and disclosure of personal data, which may include:
- Security policies. Designing and supporting our products and services according to documented security policies and international standards. Annually assessing our policy compliance and making necessary improvements to our policies and practices.
- Employee training and responsibilities. Taking certain steps to reduce the risks of human error, theft, fraud, and misuse of our facilities. Training our personnel on our privacy and security policies. Requiring our employees to sign confidentiality agreements. Assigning to an individual the responsibility to manage our information security program.
- Access control. Limiting access to information to only those individuals who have an authorized purpose for accessing that information. Terminating those access privileges following job change or termination.
No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about our information security, you can contact us by email at our website.
- Data integrity: We take reasonable steps to ensure that data we collect is reliable for its intended use, accurate, complete, and current.
- Enforcement: We have in place a readily available and affordable independent recourse mechanism so that any complaints and disputes can be investigated and resolved and damages awarded where the applicable law or private sector initiatives so provide. AURA has committed to voluntarily and periodically reviewing our privacy and security practices to verify that we are meeting our obligations.
4. THE TYPES OF PERSONAL DATA THAT WE MAY COLLECT
We may collect, use, store and transfer the following kinds of personal data:
- Identity Data, including first name, maiden name, last name or similar identifier, marital status, title, date of birth, gender, nationality, educational records, job title, employment history, business activities, credit history, passport number, identification number, information on compliance indiscretions, details regarding whether data subjects are on watch lists or sanctions lists or are politically exposed, criminal records;
- Contact Data including billing address, delivery address, email address and telephone numbers;
- Technical Data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the website;
- Usage Data including information about how you use our website, products and services; and
We do not collect any ‘special categories’ of personal data, such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
5. HOW WE COLLECT AND USE YOUR PERSONAL DATA
- FOR SALES AND MARKETING PURPOSES
For the purposes of communication and marketing, AURA collects information directly from you, through automated technologies or interactions, and from third parties.
You may give us your information directly, by purchasing our products and services, surfing on our website, requesting marketing information, or providing us with feedback.
We also gather certain information automatically from our website and store it in log files. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data.
We may also collect information about you from time to time through our analytics partners and search information providers.
The personal data we collect may be used to:
- accept, process and deliver an order for our products or services;
- issue invoices and collect fees;
- send you newsletters as part of a regular service;
- respond to your questions and concerns when you use our ‘contact us’ form;
- improve the contents of our website and marketing efforts;
- conduct research and analysis;
- display content based upon your interests.
Where we process your personal data to register you as a customer, accept your orders and deliver goods and services to you, we do so on the basis that it is necessary to perform our obligations under contract with you. It may also be necessary to comply with certain legal obligations.
Where we process your personal data to send you newsletters, respond to your questions, improve the contents of our website and marketing efforts, conduct research and analysis and display content based on your interests, we do so on the basis that it is necessary for our legitimate business interests. These interests include the interests of ensuring our clients receive premium service, growing our business to best satisfy changing market needs, and ensuring continual improvements to our suite of product and services.
- COOKIE AND OTHER TRACKING TECHNOLOGY
AURA and our partners, affiliates, or analytics or service providers also use technologies to analyze trends, administer the site, track users’ movements around the site and gather demographic information about our user base as a whole. These technologies may include, but are not limited to, cookies, beacons, tags and scripts. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
6. DISCLOSURE OF PERSONAL DATA
7. YOUR RIGHTS
Rights of individuals in relation to their personal data. These rights include:
- the right to request access to the personal data that we hold about you;
- the right to have us correct and update your personal data where it is inaccurate or incomplete;
- the right to have us delete your personal data;
- the right to object to our processing of your personal data;
- the right to ask us to restrict the processing of your personal data;
- the right to ask that we transfer your personal data; and
- the right to withdraw consent to our processing of your personal data.