Kingland Systems Privacy Statement
JULY 26, 2023
Kingland Systems LLC (formerly known as Kingland Systems Corporation and hereinafter referred to as ‘Kingland’), acting as Data Processor1 , receives and processes the data on behalf of and as contracted by various organizations acting as Data Controllers1 . Data we process on behalf of the Data Controllers are;
- Personal employee information on behalf of global audit firms for the purpose of ensuring compliance with regulations. The activities and responsibilities of Kingland are that of a Data Processor for the regulatory compliance software application developed and managed by Kingland. The audit firms contracted with Kingland function in the capacity of Data Controllers.
- Personal contact information of persons submitting business entity information on the GMEI Utility website in support of registration for a legal entity identifier (LEI) issued by Business Entity Data B.V. The activities of Kingland are that of Data Processor for the GMEI Utility as contracted by Business Entity Data B.V. The firm Business Entity Data B.V. functions in the capacity of Data Controller.
When the systems which Kingland manages collects your personal information, the software applications and data services enable you to transmit and record certain types of personal information required under the policies of the Data Controller. Your use of Kingland’s software applications and services, including websites we operate to allow your use of those resources, occurs pursuant to our contracts with the Data Controller. Our management and collection of the data is for the sole purpose stipulated by those contracts and the data is managed consistent with the principles of the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) and those agreements, which may also include Standard Contractual Clauses.
This Privacy Statement describes our practices regarding the collection, processing and use of the personal information you transmit and record on systems managed by Kingland in connection with your obligations to the Data Controller. All personal information submitted to Kingland through the website or other facilities to Kingland Systems is subject to the terms and conditions of this Privacy Statement.
This Privacy Statement covers seven main topics: Notice, Choice, and Accountability for Onward Transfer, Security, Data Integrity and
1 Term as defined by the European Union Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016.
What Information We Collect
The personal information that you are required to maintain on our system(s) will vary based on the nature of business we are contracted to provide for the Data Controller for data management, and the Data Controllers published policies. This information may vary from Data Controller to Data Controller, and the Data Controller should provide you with detailed information regarding the information collected and its purpose. The Data Controller for your data is either the global audit firm for whom you are employed, or Business Entity Data B.V. if you are entering data concurrent with registration for a legal entity identifier (LEI).
However, as a general matter, the information required will include your name, and certain other data necessary for the system to uniquely identify you from other users. For certain types of use, based on Data Controller policies, you may also be required to provide explicit disclosure of individual financial interests or relationships (i.e. specific holdings, without disclosing the value of such holdings.) and ongoing investments you may be making. Please contact the Data Controller for initial questions regarding the information necessary to be collected.
How We Use the Information
Kingland receives and processes your information solely for the purpose of providing the services required by the Data Controller, per contract with the Data Controller. Kingland will store your information in the global organization’s unique database and maintain that information solely to support the review, analysis and reporting services the global organization (i.e. your Data Controller) requires.
The Data Controller may also use your information to communicate with you regarding your use of our software applications and services, including notices to remind you to update or modify your records on our systems when required by the global organization’s policies, as well as notices relating to potential conflicts. Kingland does not utilize, share or otherwise employ your personal information for any other purposes, including any marketing activities Kingland may conduct relating to other products or services we may offer.
WHO WE SHARE INFORMATION WITH
For data collected on behalf of global audit firms
Kingland will only make available the personal information that you submit, to you and authorized representatives of your member firm. However, in certain situations, at the request of the global organization or your member firm, or in response to a legal proceeding, Kingland, in conjunction with your global organization, may provide to regulatory authorities or other third parties your personal information relating to questions of independence or other compliance obligations. We may also be required to provide information under our control to national security or law enforcement authorities, but will only do so in conjunction with notification to the Data Controllers within the limits of legal authority. Kingland will not otherwise provide, sell, rent, or lease your personal information to any others, and will not make available to credit reporting agencies any of the personal information you submit, even if that information is inconsistent with the information produced by such agencies.
For data collected for registration for a LEI
Kingland will only make available the personal information that you submit, to you and the Data Controller (Business Entity Data B.V.). However, in certain situations, at the request of the firm for which the registration was made, or in response to a legal proceeding, Kingland, in conjunction with Business Entity Data B.V., may provide to regulatory authorities, or the firm for which the registration was made, your personal information relating to your registration for a Legal Entity Identifier. We may also be required to provide information under our control to national security or law enforcement authorities, but will only do so in conjunction with notification to the Data Controllers within the limits of legal authority. Kingland will not otherwise provide, sell, rent, or lease your personal information to any others.
Information collected is at the sole direction of the Data Controllers, with any and all opt out opportunities being managed according to those directions. If you have any difficulty exercising any choice regarding the collection or use of your personal data, please contact the Data Controller.
Kingland will not use or share the personal information provided to us about you or your family in any manner that is different than described above without first letting you know and offering you an explicit written choice. Your permission will always be secured first, should we ever wish to share your information with any third parties in any manner that is not described by the preceding terms of this Privacy Statement.
ACCOUNTABILITY FOR ONWARD TRANSFER
Kingland maintains contracts with the Data Controllers that specify the nature of use expected for the data, as well as stipulations related to authorized transfers and security of the data to be maintained by Kingland. Our Security practices are formally documented and audited by an independent certified auditor on an annual basis.
The personal information that Kingland collects and maintains will be made available to you and authorized persons as described above in the section titled “Who We Share Information With”. Such transfers are made per written contracts with the Data Controller and are made securely and in a manner that may include the transfer of that information across certain state or country borders.
Kingland may also transfer the location of the storage of your personal information among Kingland’s facilities and computer environments under our control; this may be done to consolidate data storage, simplify the management of certain records or provide different protection to certain information. We may also from time to time, host our applications and your data on physical or virtual computer systems leased to us for our specific and individual control. Such circumstances does not include access granted to the third party to our applications or your data. Please read the information in the Choice and Security sections regarding the practices that cover such transfers.
Kingland does not, nor do we intend to, transfer your data to third parties acting as our agent. In the event such transfer does become necessary we will only do so with appropriate contracts in place to ensure that our agent manages the data consistent with our practices and as described herein. In case of such transfers, Kingland remains responsible for compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Framework Principles. For additional information please visit the Data Privacy Framework website.
Kingland Systems is committed to ensuring the security of your personal information. To prevent unauthorized access or disclosure, maintain data accuracy, and ensure the appropriate use of information, we have put in place physical, electronic, and managerial procedures to safeguard and secure the personal information we collect and maintain, including provisions for security audits by the Data Controllers and/or independent certified audit firms.
In the event that any security incident occurs which results in, or is reasonably believed to result in, any unauthorized access to, or misuse of any personal information, Kingland has established procedures to report such incidents to the Data Controller and appropriate civil authorities and to take any actions reasonably necessary to remedy the effects of such incident, including providing written notice to you.
DATA INTEGRITY AND PURPOSE LIMITATION
The data you submit and which is maintained by Kingland is solely for the purposes for which it was intended as specified by the agreements between Kingland and the Data Controller. We agree to abide by those requirements for as long as Kingland maintains the data, and will ensure that the disposition of the data is per the terms specified in the agreements between Kingland and the Data Controller.
In the event you have concerns regarding the accuracy or use of your individual personal information, please contact the support mechanism as indicated in the on-line application or per the instructions of the Data Controller.
Kingland Systems understands it is in the best interests of the Data Controller and you to keep your personal information accurate. Our software applications and services allow you online access to all of the personal information we maintain about you and the opportunity to correct, update or otherwise supplement the existing personal information with additional or replacement information. In the event you have concerns regarding an inability to correct any of your individual personal information, please contact the support mechanism as indicated in the on-line application or per the instructions of the Data Controller.
RECOURSE, ENFORCEMENT AND LIABILITY
Kingland agrees that privacy protection must include a robust mechanism for assuring compliance with data privacy requirements.
All of our efforts are guided by contracts with your Data Controllers, and is governed day-to-day by our formal Information Assurance Program, which includes privacy and security concerns, the principles of which are grounded in requirements articulated within the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF Framework
Kingland has certified that its activities involving the import and processing of personal information from the European Union comply with the EU-U.S. and Data Privacy Framework as set forth by the U.S. Department of Commerce. For further information about the Data Privacy Framework program visit the Data Privacy Framework website.
In the event you believe that any personal information about you which Kingland collects or maintains has been improperly used or accessed, or that Kingland has otherwise failed to comply with its obligations under this Privacy Statement, you should notify the data privacy officer (or equivalent) at your Data Controller. The agreement between Kingland and the Data Controller provides a dispute resolution mechanism in which Kingland will participate with respect to any notice you may provide to the Data Controller.
In the event you are unable to determine how to contact the data privacy officer of your Data Controller, or your state or national data protection authority, you may contact Kingland directly at Privacy@kingland.com for assistance.
With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Kingland is subject to the regulatory enforce
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge).
As a last resort, privacy complaints that remain unresolved after pursuing these and other channels may be subject to binding arbitration before the EU-U.S. Data Privacy Framework Panel to be created jointly by the US Department of Commerce and the European Commission
CHANGES IN THIS PRIVACY STATEMENT
This Privacy Statement is subject to change, including to comply with applicable law or to meet requirements under Kingland’s agreement with the Data Controllers. Kingland will publish notice any changes in this Privacy Statement. Recent changes to this Privacy Statement include the following;
- Made minor wording changes for improved clarity
- Updated the previous Privacy Shield Framework to align with the new Data Privacy Framework Principles
If you have any questions or comments regarding our online privacy practices, please send them to the data privacy officer (or equivalent) at the Data Controller. In the event you are unable to determine how to contact the data privacy officer of your Data Controller, or your state or national data protection authority, you may contact Kingland Systems directly at Privacy@kingland.com for assistance. You may also contact us at:
Kingland Systems LLC
Attention: Data Protection Officer / Chief Security Officer
1401 Sixth Avenue South
Clear Lake, IA 50428