Mento Protocol Foundation (the “Company” or “us”) is a foundation company created under the laws of the Cayman Islands.
The purpose of this document is to provide you with information on the Company's use of your personal data in accordance with the Cayman Islands Data Protection Act, (2021 Revision) and, in respect of EU data subjects, the EU General Data Protection Regulation (together, the "Data Protection Legislation").
If you are an individual, this Data Privacy Notice will affect you directly. If you are an institution or a legal person/entity/arrangement that provides us with personal data on individuals in connection with your business with us, this Data Privacy Notice will be relevant for those individuals and you should transmit this document to such individuals or otherwise advise them of its content.
Your personal data will be processed by the Company, and by persons engaged by the Company. Under the Data Protection Legislation, you have rights, and the Company has obligations, with respect to your personal data. The purpose of this notice is to explain how and why the Company, and persons engaged by the Company, will use, store, share and otherwise process your personal data. This notice also sets out your rights under the Data Protection Legislation, and how you may exercise them.
By virtue of your business with the Company or by virtue of you otherwise providing us with personal information on individuals connected with you (for example directors, trustees, employees, representatives, shareholders, investors, clients, beneficial owners or agents), you will provide us with certain personal information which constitutes personal data within the meaning of the Data Protection Legislation.
You may provide us with personal data in the context of the following: (i) engaging in transactions with the Company; (ii) in the course of your provision of services to, or contracts with, the Company (e.g. contractors, consultants, counterparties); or (iii) any other circumstances in which you provide the Company with personal information relating to individuals.
We may also obtain personal data on you from other public accessible directories and sources. These may include websites; bankruptcy registers; tax authorities; governmental agencies and departments, and regulatory authorities, to whom we have regulatory obligations; credit reference agencies; sanctions screening databases; and fraud prevention and detection agencies and organisations, including law enforcement.
This includes information relating to you and/or any individuals connected otherwise connected with you in relation to your business with the Company such as: name, residential address, email address, contact details, corporate contact information, signature, nationality, place of birth, date of birth, tax identification, credit history, correspondence records, passport number, bank account details, and source of funds details.
The Company, as the data controller, may collect, store and use your personal data for purposes including the following:
We will only process your personal data in pursuance of our legitimate interests where we have considered that the processing is necessary and, on balance, our legitimate interests are not overridden by your legitimate interests, rights or freedoms.
The Company continues to be a data controller even though it may from time to time engage service providers and other third parties to perform certain activities on the Company's behalf.
We may share your personal data with our affiliates and delegates. In certain circumstances we may be legally obliged to share your personal data and other financial information with respect to your interest in the Company with relevant regulatory authorities such as the Cayman Islands Monetary Authority or the Tax Information Authority. They, in turn, may exchange this information with foreign authorities, including tax authorities and other applicable regulatory authorities.
The Company's affiliates and delegates may process your personal data on the Company's behalf, including with our banks, accountants, auditors and lawyers which may be data controllers in their own right. The Company's services providers are generally processors acting on the instructions of the Company. Additionally, a service provider may use your personal data where this is necessary for compliance with a legal obligation to which it is directly subject (for example, to comply with applicable law in the area of anti-money laundering and counter terrorist financing or where mandated by a court order or regulatory sanction). The service provider, in respect of this specific use of personal data, acts as a data controller.
In exceptional circumstances, we will share your personal data with regulatory, prosecuting and other governmental agencies or departments, and parties to litigation (whether pending or threatened) in any country or territory.
Due to the international nature of our business, your personal data may be transferred to jurisdictions that do not offer equivalent protection of personal data as under the Data Protection Legislation. In such cases, we will process personal data or procure that it be processed in accordance with the requirements of the Data Protection Legislation, which may include having appropriate contractual undertakings in legal agreements with service providers who process personal data on our behalf.
We will keep your personal data for as long as it is required by us. For example, we may require it for our legitimate business purposes, to perform our contractual obligations, or where law or regulation obliges us to. We will generally retain your personal data throughout the lifecycle of your engagement in transactions or business with us. Some personal data will be retained after your relationship with us ends. We expect to delete your personal data (at the latest) once there is no longer any legal or regulatory requirement or legitimate business purpose for retaining your personal data
We will not take decisions producing legal effects concerning you, or otherwise significantly affecting you, based solely on automated processing of your personal data, unless we have considered the proposed processing in a particular case and concluded in writing that it meets the applicable requirements under the Data Protection Legislation.
Contact us We are committed to processing your personal data lawfully and to respecting your data protection rights. Please contact us if you have any questions about this notice or the personal data we hold about you. Our contact details are: contact@mento.org marking your communication "Data Protection Enquiry".