External Privacy Notice

1 Introduction

In the context of our activities and your business relationship with us, we will collect, hold, use and/or otherwise process personal data about you. 

Based on applicable data protection and privacy law, such as EU General Data Protection Regulation 2016/679, GDPR and the Dutch GDPR Implementation Act, United International Holdings (Netherlands) B.V., Perennial Administration Services B.V. and United International Management B.V. (hereinafter referred to as United), qualify as individual “controllers” with respect to the personal data which each entity collects and processes about you. The aforementioned entities will hereinafter be referred to as: “we” or “us”. 

We understand that your privacy is important and that you care about how your personal data is used. We respect and value your privacy and will only collect and use personal data in the manner and for the purposes as described in this document and that is consistent with our obligations and your rights under the applicable legislation and regulations. By entering into a business relationship with us and by sharing your personal data with us, you acknowledge and understand that your personal data will be processed by us in accordance with this Privacy Notice. 

2 Information about us

United International Holdings (Netherlands) B.V.
Registered in the Netherlands under company number 34373123
Address: Strawinskylaan 411 (1077 XX) Amsterdam, the Netherlands

United International Management B.V.
Registered in the Netherlands under company number 34269697
Address: Strawinskylaan 411 (1077 XX) Amsterdam, the Netherlands

United has appointed a privacy officer. For questions and requests in connection with the processing of your personal information you can also contact our privacy officer by email at: privacynl@uibt.com.

3 What does this Privacy Notice cover and whose personal data do we process?

This Privacy Notice is intended to ensure compliance with the GDPR and the Dutch GDPR Implementation Act (UAVG).

This external Privacy Notice is relevant for anyone whose personal data we may process in the context of our (business) activities, including but not limited to directors, authorised representatives, employees and/or (other) contact persons of our current and former clients, contracting parties, business partners and/or service providers and users of our corporate website (United – finance and trust services (uibt.com)) (hereinafter also referred to as: “you”). This Privacy Notice is not relevant for employees and job applicants. 

This Privacy Notice explains on what legal basis we may process your personal data and:

We encourage you to carefully read this Privacy Notice. From time to time, we may need to update this Privacy Notice. This may be necessary, for example, if the law changes or if we change our business in a way that affects the way we process personal data. The most recent version of this Privacy Notice will always be available on our website United – finance and trust services (uibt.com). You may also ask us to send you a copy of the most recent version of this Privacy Notice.

In the event that the Privacy Notice materially and/or substantially changes, we will actively inform you of this change and provide you with the new version of the Privacy Notice.

Note: Where you provide personal data to us which relates to another individual than yourself (for example of the legal representative of the company you are representing), please provide the concerned individual with (a copy of) this Privacy Notice before providing us with their personal data.

4 What personal data do we collect and how do we collect this personal data?

We collect personal data in various ways:

We collect or process some or all of the following personal data:

It is a necessary condition to enter into an agreement with us and/or a legal obligation to provide us with the personal data above.

5 Legal bases for processing

The following legal bases apply with respect to the processing of these personal data:

We will only process your personal data on the basis of consent if this has been explicitly stated. If any kind of processing is based on your consent, we hereby inform you that you have the right to withdraw your consent at any time by contacting us via the contact details mentioned in paragraph 13, without affecting the lawfulness of processing based on consent before its withdrawal.

We do not seek to collect or otherwise process your sensitive personal data, save for instances where we receive personal data relating to your political affiliations as part of our politically-exposed-persons (PEP) checks and/or sanctions information. Any processing of such sensitive personal data about you will be necessary for reasons of substantial public interest, on the basis of an applicable law that is proportionate to the aim pursued and provides for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject. 

There may, however, be other exceptional occasions where we may need to process your sensitive personal data or information relating to a criminal background namely where:

6 Purposes for processing

We process your personal data for the following purposes:

7 How long will we keep your personal data?

We will not keep your personal data for a longer period than is necessary in light of the purposes for which we process them (we refer to the purposes as listed above in paragraph 6). Only where we are legally obliged to, or where this is necessary for defending our interests in the context of judicial proceedings, we will keep the personal data for longer periods. 

We will only retain your personal data for as long as necessary to fulfil the purposes for which we had collected it (that is, the ongoing performance of your business relationship with us) and, thereafter:

By and large, our retention of your personal data shall not exceed the period of six (6) years from the end or termination of your business relationship with us. This retention period enables us to make use of your personal data for potential AML reporting obligations to the Financial Intelligence Unit – Netherlands (FIU-NL) (a legal obligation), and/or to assert, file, exercise or defend possible legal claims against you (taking into account applicable statutes of limitation and prescriptive periods).

In certain cases though, we may need to retain your personal data for a period of up to eleven (11) years to comply with applicable accounting and tax laws or where continued retention has been mandated by the FIU-NL or other applicable competent authority.

In some circumstances you can ask us to delete your data. See Request erasure below for further information.

8 How do we protect your personal data?

We have implemented the necessary administrative, technical and organisational measures for ensuring a level of security appropriate to the specific risks that we have identified. We protect your personal data against destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed. 

Further, we seek to ensure that we keep your personal data accurate and up to date. In that respect we kindly request that you actively inform us of any changes to your personal data (such as a change in your contact details).

9 Do we share your personal data?

In the context of the purposes as listed above in paragraph 6, we may share your personal data with third parties in the following situations:

  1. To our affiliates and/or United group companies for the purposes of:

2. To any third party service providers engaged by us, in order to provide our services to you, to comply with regulatory requirements or to provide (without limitation) the following functions: 

3. To our professional advisors where it is necessary for us to obtain their advice or assistance, including lawyers, accountants, IT or public relations advisors

4. To third parties and their advisors where those third parties are acquiring, or considering acquiring, all or part of our business

5. To any bank, financial institution, insurer, tax authority, court or any other authority or supervisor, where required 

Where relevant, we will implement appropriate safeguards to ensure the protection of your personal data when disclosing your personal data to a third party. For example, we will enter into data processing agreements when engaging a data processor (providing for restrictions on the use of your personal data and obligations with respect to the protection and security of your personal data).

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our documented instructions. 

Some of the above-mentioned recipients may be situated or operating in countries outside the European Economic Area. Where we transfer your data outside the European Economic Area we will do so on the basis of: (i) an adequacy decision; (ii) contractual model clauses as drafted and approved by the European Commission; or (iii) other valid transfer mechanisms pursuant to the GDPR. For more information about the safeguards applied by us to international transfers, please contact us via our contact details mentioned in paragraph 13.

10 Can I access my personal data?

If you want to know what personal data we have relating to you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “data subject access request”.

All such requests should be made in writing (including by email) and sent to the email or postal addresses shown in paragraph 13 below. In principle, there is no charge for a subject access request. If your request is “manifestly unfounded or excessive” (for example, if you make unnecessary repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will respond to your subject access request within 30 working days after receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time is required up to a maximum of three months after the date on which we received your request. In this case you will, of course, be kept fully informed of our progress.

11 What are your other rights?

Under certain circumstances you have the right to:

You have the right to receive information when we collect and process personal data about you from publicly accessible or third-party sources. When this takes place, we will inform you, within a reasonable and practicable timeframe, about the third-party or publicly accessible source from which we have collected your personal data.

You have the right to request correction or rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected and/or updated, though we may need to verify the accuracy of the new data you provide to us. As mentioned, it is in your interest to keep us informed of any changes or updates to your personal data which occur during the course of your relationship with us.

You have the right to request erasure of your personal data. This enables you to ask us to delete or remove personal data where: 

Note, however, that we may not always be able to comply with your erasure request for specific legal reasons which will be notified to you, if applicable, at the time of your request. These may include instances where continued processing is necessary in order to be able to:

You have the right to object to processing of your personal data where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes on the basis of our legitimate interests.

In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. 

You have a right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

You have a right to request the transfer (data portability) of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. 

You have a right to withdraw consent at any time where we are relying on your consent to process your personal data (which will not generally be the case). This will not, however, affect the lawfulness of any processing which we carried out before you withdrew your consent. Any processing activities that are not based on your consent will remain unaffected.

Kindly note that none of these data subject rights are absolute and must generally be weighed against our own legal obligations and legitimate interests. If a decision is taken to override your data subject request, you will be informed of this by our privacy team along with the reasons for our decision.

Finally, you also have the right to lodge a complaint to the local data protection authority. The contact details of the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) are as follows: Bezuidenhoutseweg 30 (2594 AV) The Hague; telephone no. 088 – 1805 250.

12 Contact details

To contact us about anything related to your personal data and/or data protection, including exercising your data subject rights as discussed above in paragraphs 10 and 11, in particular your right to object, please use the contact details below:

For the attention of: Privacy Officer
Email address: privacynl@uibt.com
Telephone number: +31 (0)20 575 2727 
Postal Address: P.O. Box 79141, 1070 ND, Amsterdam 
The Netherlands

Got a question?

If you have any questions about our privacy notice or yours, 
don’t hesitate to ask.

Our website uses cookies

Cookies are small text files stored on your computer. They allow you to experience our website’s full range of features and they give us insight into your use of our site. They do not contain any personal or confidential information about you. Find out more about cookies.