Smart Oversight Privacy Policy

Smart Oversight provides its clients with AML name screening services.

Smart Oversight S.à.r.l. (Smart Oversight, ‘we’, ‘us’ or ‘our’) is the owner and operator of the So Comply Online Service, an Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) service designed for entities required to comply with AML/CTF obligations and regulations.
Smart Oversight is committed to protecting the privacy of individuals whose information is collected including information contained in our databases, and to assist in resolving any issues that may arise in relation to this information. This policy describes how Smart Oversight handles personal information collected.

Smart Oversight is dedicated to being transparent about what personal information we collect and how we use it. Your information will be processed in accordance with European Union Data Protection laws.

Smart Oversight may review and update this policy from time to time to take account of new laws, technology, changes to our operations, and the changing business environment. Updates will be published on the Smart Oversight website.

What personal information do we collect?

The databases maintained by Smart Oversight contain personal information about individuals. Smart Oversight obtains personal information for its databases from official Watchlists, publicly available information and from Clients regarding their Members and Customers. This information may typically include an individual’s names, date of birth, residential address, a client number allocated to the individual and gender. The information received from official Watchlists may also include information about criminal records, personal relationships and other publicly available information. Because of the nature of the Smart Oversight service, it is not possible to collect this information directly from the individual.

Smart Oversight will not use this personal information for any purpose other than to assist its Clients to meet their obligations under their AML/CTF legislation. Smart Oversight maintains strict security over this personal information.

Smart Oversight also collects personal information from Clients permitted to use the Smart Oversight service when the Client registers with the service and a Client contact logs in for the first time. This information may include the Client contacts’ name and contact details. Where there are several users in a Client’s company those users’ names and contact details will also be collected and may be provided by another user in the Client company. If this information is not provided you cannot use the Smart Oversight service.

We may collect personal information for our other business activities such as interactions with suppliers, responding to general business enquiries or resolving complaints. This information is generally only contacting information (name, address, email and telephone numbers) collected directly from you or someone you have permitted to provide the information to us. If you do not provide the information required, we may not be able to respond or interact with you.

Also, if you use our website we will record your contact details, which may include your name, email address, address and phone number if you send them to us in an email or complete an online contact form. We will use your personal information to deal with your specific enquiry. If you do not provide this information, we may not be able to respond to your enquiry.

If we hold your personal information through official Watchlists or Clients, this is not controlled by us and you should refer to their respective privacy policies.

Use of the Smart Oversight service requires registration and prior identification. Your personal data (surname, first name, mailing address, e-mail, telephone number, …) are used to fulfil our legal obligations resulting from the delivery of services, under the service agreement, the limit warranty, if any, or any other applicable condition. You must not provide false personal information and will not create an account for another person without his or her permission. Your contact information must always be accurate and up to date.

How we collect personal information?

We collect personal information from:

Publicly available AML/CTF official Watchlists;
Publicly available information;
Our clients regarding their members and customers;
Our clients permitted to use Smart Oversight services.

With whom do we share information?

On the basis of the legal obligations, your personal data may be disclosed in accordance with a law, a regulation or by virtue of a decision of a competent regulatory or judicial authority. In General, we are committed to complying with all legal rules that could prevent, restrict or regulate the dissemination of information or data.

The personal data that you provide to us for subscribing our services may be disclosed to our suppliers for the processing of it as usual business activities. This information is considered by our suppliers to be strictly confidential.

In the event that we take part in a merger, acquisition or other form of disposal of assets, we undertake to ensure the confidentiality of your personal data and to inform you before it is transferred or subject to new privacy rules.

How we use this personal information

To process daily operations related to:

name screening services provided to our Clients as defined in our Service Agreement

contracts orders deliveries, invoice accounting and in particular the management of accounts receivable;

an incentive program within an entity or several legal entities;

the follow-up of the customer relationship such as the realization of satisfaction surveys, the management of the complaints and the support service

the selection of customers to carry out studies, surveys and product tests (these operations should not lead to the creation of profiles that can reveal sensitive data)

Retention and deletion of personal information

Personal information collected from Clients who use the Smart Oversight service is retained only for the duration of the Client’s subscription and for a period of 1 month after termination of our agreement, in accordance with our data retention practices. Following that period, we will make sure it is deleted or anonymized.

We retain the personal data for the duration strictly necessary for the realization of the purposes described in this privacy policy. Beyond this duration, they will be anonymized and preserved for purely statistical purposes and will not give rise to any exploitation of any kind whatsoever.

Data purging means are put in place in order to provide for the effective deletion of the information as long as the retention or archiving time necessary for the fulfilment of the specified or imposed purposes is reached. You also have a right of deletion on your data that you can exercise at any time by contacting Smart Oversight.

Account deletion

The user has the option to delete his account at any time, by a simple request to Smart Oversight.

In the event of a violation of one or more provisions of the business agreement or any other document incorporated herein by reference, Smart Oversight reserves the right to terminate or restrict without any prior warning and at its sole discretion, your use and access services, your account and all sites.

Personal data storage and security

Smart Oversight databases are held and stored by Smart Oversight our cloud services provider.

All personal data collected are held and stored in the European Economic Area (or Switzerland on demand) by our cloud services provider in data centres with a Tier III or above security level.

We undertake to implement all appropriate technical and organisational measures to ensure a level of security adapted to the risks of accidental, unauthorized or unlawful access, disclosure, alteration, loss or destruction of your personal data. In the event that we become aware of illegal access to your personal data stored on our servers or those of our providers, or unauthorized access that results in the realization of the risks identified above, we are committed to:

notify you of the incident as soon as possible;
review and inform you of the causes of the incident;
take the necessary measures within the reasonable limit in order to lessen the negative effects and damage that may result from the incident
In no event shall the commitments set out in the above paragraph relating to the notification in the event of a security breach may be assimilated to any acknowledgement of fault or liability related to the incident in question.

Your rights

You have various rights in relation to your personal data and we respect those rights. With regards to marketing emails, you can request us not to send you these at any time – just follow the ‘update your preferences’ or ‘unsubscribe’ from this list’ options at the end of the marketing email.
You also have rights to:

request a copy of the personal information we hold about you;
request us to update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
request us to delete the personal information we hold about you without undue delay, subject to our legal rights and obligations to retain the same; and
object to our processing of your personal information.
If you are a registered user of the Smart Oversight service, you may still receive important service-related information email notifications.

Social Networking

If you communicate with us through a social networking service such as Twitter or Linked In, the social network provider and its partners may collect and hold your personal information outside the EU. This is not controlled by us and you should review their privacy policies.

Cookies

Our website may use cookies. Cookies are small text files that are stored on your computer when you visit some websites. You can disable any cookies already stored on your computer, but these may stop our website and services from functioning properly. When you look at our website, our internet server may record the following information for statistical and analysis purposes and to improve our website:

your server address
your top-level domain (for example .com, .gov, .net etc.)
the pages you accessed and the documents downloaded
the previous site you have visited
the type of web browser you are using.
This information is however anonymous.
Smart Oversight will track the pages you visit via Google Analytics. This information is disclosed to Google Analytics when you visit our site and may be stored overseas in multiple countries.

Technical data collection

Some of the technical data on your device is automatically collected by the website. This information includes your IP address, Internet service provider, hardware configuration, software configuration, browser type and language… The collection of such data is necessary for the provision of services.

The technical data of your device are automatically collected and recorded by the site for advertising, commercial and statistical purposes. This information helps us to personalize and continually improve your experience on our site. We do not collect or retain any personal data (name, surname, address…) possibly attached to technical data.

Links to other websites

Our website and services may include links to other websites that are operated by third parties. We are not responsible for the content or operation of those websites or for any products, services or information contained in them or offered by them. You should review the privacy policy and terms and conditions of use of those websites when you visit them.

How to contact us?

Should you have any questions or any concerns about our privacy policy, privacy practices, or processing of your personal data, you can contact us by email: info@smart-oversight.com or by postal mail: Smart Oversight Sàrl – 9, rue du Blues L-4368 Belvaux, Luxembourg.