Data on how you use the site
‍The pages you visit, the means you use to visit (browser version, time zone, operating system, etc.), how long your visit and pageviews last, the frequency of your visits, and information on how you navigate the site.
‍
‍Data that identifies you
‍Your IP address, unique identifiers tied to cookies.

Legitimate interests
‍Using insights from visitor behaviour to improve the way we market our services.

Within Gatenox group companies
• Personal information will be available for our global marketing teams, and other Gatenox personnel who have a need to access this data for the purposes set out above.

‍Outside of Gatenox
• CRM and marketing automation providers
• Website analytics vendors

We use this information to contact you for the purpose specified in the form and in accordance with any marketing preferences you submit to us.This information is added to and managed through our contact database. A member of our sales team may contact you if we determine through your submission that you may be interested in our services. We analyse our contact database data to understand, track, and improve how we market and sell our services.

Email newsletters
We’ll keep your details on this list until you unsubscribe, at which point we’ll move your details to an opted-out list to ensure that we don’t send you marketing emails from other sources in future.

Sales process
We retain information relating to our sales interactions with you for up to five years following our determination that we’re not an appropriate sales fit. We use this period as service contracts in our industry often last for 5 years, so a new opportunity may arise during the retention period.

General
We retain historic information relating to any marketing preference choices that you provided, or other bases for processing that have since lapsed, for six years from the date that the basis for processing lapsed.

We use your data to:
• contact you in relation to your candidacy
• assess suitability for future vacancies
• assess your suitability for the vacancy you applied for
• monitor the impact of our diversity and inclusion programme and to make improvements

General
Your information is stored in our applicant tracking system for up to 24 months after you have been notified your application has been unsuccessful. Successful candidates’ information becomes subject to our employee privacy policy.

Legal record-keeping
If we hire someone subject to a resident labour market test for a role you applied for, we’ll retain your personal data until the expiry of the applicable record-keeping requirement (currently one year following the end of our sponsorship of the visa in question).

• Publicly available information relevant to your potential suitability to work with Gatenox
• Any information provided by someone else about you to us.
• Feedback from interviews and assessments.

Legitimate interests
• Assessing the current labour market and your suitability for available roles.
• To hold as a reference point should you make any further applications within the retention period.

Compliance with a legal obligation
If you are actively involved in our recruitment process for roles where we conduct a resident labour market test and subsequently hire someone who requires a sponsored visa, we retain unsuccessful applicant information as part of the related record-keeping requirements.

Within Gatenox
• Personal information will be available for the hiring team and our recruitment personnel.

Outside of Gatenox
• Our applicant tracking system
• Providers of any aptitude testing systems used as part of the hiring process
• Our cloud file storage systems
• External recruiters with whom you dealt as part of the recruitment process
• Government and legal service providers involved in the visa application process
• Third party background check providers

Sanctions, warnings, fitness & probity
‍Information related to and available on publicly available government lists covering sanctions, the prevention and detection of unlawful acts, and other protective functions. This will generally include a full name, a year or date of birth, nationality, reasons for appearing on the list, and the period covered by the data subject’s appearance on the list, but this depends on the information contained in the list.

‍Politically exposed persons
‍We collect publicly available information relating to individuals in prominent public positions, and their family members, close associates, and business interests. Names, dates or years of birth, position(s) held or connection(s) that we think may give rise to a PEP designation, country of nationality, residence and service, photographs (if available) and the period for which that designation would have been active (e.g. active service dates).

‍Adverse media
‍We collect links to publicly available news articles that our systems determine to name individuals in connection with financial crime, terrorist financing, other relevant unlawful acts, improper conduct, dishonesty, etc. We will also extract information relating to age from these articles to determine approximate years of birth.

‍Corporate registry information
‍We collect data from publicly available corporate registries or from third parties, relating to individuals’ shareholdings and directorships (or such analogous positions).

Legitimate interests
Our existing and prospective clients have legitimate interests in gaining access to high-quality and easily manageable data of the type we process in order to optimize compliance with obligations concerning sanctions, anti-money laundering, know-your-client and counter-terrorist financing. We also pursue our own legitimate interests in developing and improving products and services to serve this market.

• Other data controllers on whose behalf we act as processors, who search for information matching given profiles
• Partners who are reselling our services to data controllers, on whose behalf we act as subprocessors
• Gatenox group employees
• Our hosting and cloud storage providers
• Vendors we use to monitor the accuracy and performance of the data

A member of our sales team may contact you if we determine through your submission that you may be interested in our products and services.
This information – along with details of our interactions including phone calls and correspondence – is added to, and managed through, our CRM. We analyse our CRM data to understand, track, and improve how we market and sell our services. We save some correspondence to provide precedents and examples to other members of the team, and add your personal information to our e-signing and billing systems if appropriate.
We may make recordings of telephone calls with clients and prospective clients.
We may send you questionnaires or forms asking for feedback on our services, which are used to help improve the services we provide.

Email newsletters:
We’ll keep your details on this list until you unsubscribe, at which point we’ll move your details to an opted-out list to ensure that we don’t send you marketing emails from other sources in future.

Sales process
We retain information relating to our sales interactions with you for up to five years following our determination that we’re not an appropriate sales fit. We use this period as service contracts in our industry often last for 3-5 years, so a new opportunity may arise during the retention period.

General
We retain historic information relating to any consent you provided, or other bases for processing that have since lapsed, for six years from the date that the basis for processing lapsed.

• Name, contact details, professional activity
• Publicly available information relevant to your position in your organisation, and industry events you’re attending.
• Bought in data from third party providers (containing the above mentioned data)

Taking steps at your request prior to entering into a contract:
If you subsequently request that we contact you to provide more information on our services to you, we’ll process your data and contact you on this basis.

Legitimate interests:
• Identifying stakeholders in organisations with requirements for software similar to that provided by Gatenox
• To hold as a reference point should you make any further applications within the retention period.
• We’ll retain and analyse information gained from our interactions with you as part of understanding, tracking and improving how we market and sell our services.

Within Gatenox:
Personal information will be available for our marketing and sales personnel, as well as customer success and other teams as necessary to fulfil the purposes set out above.

Outside of Gatenox:
Our cloud storage providers, CRM, sales and marketing automation tools, and customer support/servicing tools.

We will use publicly available contact information in order to approach you or your employer for services, or to respond to an approach.
‍
We may make recordings of telephone calls with suppliers and prospective suppliers.
‍
We may send you questionnaires or forms asking for further information on how you or your employer provide services, which are used to facilitate our supplier management and to comply with our governance obligations.
‍
As part of receiving services from you or your employer, we will process personal data concerning employees of the supplier, that are necessary for assessing the suitability of the supplier, or for the purposes of receiving the services.

We retain information relating to the supply of services for six years from the date that the contract for the provision of the services is terminated.