Join the Registry
Join the Registry
Join the registry

GDPR Privacy Notice

This GDPR Privacy Notice explains how we process your personal data and your rights regarding your personal data under the applicable Data Protection Law. This GDPR Privacy Notice supplements our Privacy Policy.

This GDPR Privacy Notice applies to personal data provided by you if you are located in the European Economic Area or the United Kingdom when you provided the personal data.

We rely on the following legal grounds for the collection, processing, and use of your personal data:

  • As necessary to provide a service or perform a transaction (such as when we respond to your requests)
  • Consent (where you have provided consent as appropriate under applicable law, such as for direct marketing and communications)
  • As necessary for legitimate interests (such as when we act to maintain our global registry generally, including maintaining the safety and security of the Sites)
  • Compliance with legal obligations, particularly in the area of labor and employment law, social security and protection law, data protection law, tax law, and compliance laws.

Before using your personal data for any purposes, which fall outside those set out in the Privacy Policy, we will undertake an analysis to establish if our new use of your personal data is compatible with the purposes set out in the Privacy Policy. Please contact us using the details stated in the “How to Contact Us” section of the Privacy Policy if you want further information on the analysis we will undertake.

Your personal data may be stored and processed in the United States or any other country in which we, or our Service Providers, maintain facilities. In certain situations, we may transfer your personal information to countries where data protection laws are not considered to provide an equivalent level of privacy protection to that provided by the laws of your home country. In such circumstances, we will take appropriate steps to provide an adequate level of data protection within the meaning of applicable Data Protection Law, including by implementing the EU Standard Contractual Clauses or the UK Addendum to the EU Standard Contractual Clauses, where required. You can request a copy of the appropriate safeguards referenced in this section by contacting us as stated in the “How To Contact Us” section of the Privacy Policy.

We also use commercially reasonable safeguards to help keep the information collected through the Sites secure from loss, interference, misuse, unauthorized access, disclosure, alteration, or destruction. We also maintain reasonable procedures to help ensure that such data is reliable for its intended use and is accurate, complete, and current.

  • We may retain your personal data for so long as the Red Hill Registry maintains in effect and for a commercially reasonable time after its dissolution.

For personal data that is subject to regulation under applicable Data Protection Law, you have the following rights:

  • Right of Access –the right to request a copy of your personal data.
  • Right of Rectification – the right to correct your personal data that is inaccurate.
  • Right of Erasure (“Right to be Forgotten”) – the right, in certain circumstances, for your personal data to be erased from our records.
  • Right to Restrict Processing – the right, when certain conditions apply to you, to restrict the processing of your personal data.
  • Right to Data Portability – the right to have your personal data transferred to another organization or entity.
  • Right to Object – the right to object to certain types of processing such as direct marketing or research purposes not in the public interest.
  • Right to Object to Automated Processing – the right to object to a decision based solely on automated processing or profiling.
  • Right to Review – the right to obtain a reason should we refuse your requests under any of the above rights, including the right to file a complaint as set forth below.

 

Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions or special circumstances apply. We may also request that you provide additional information necessary to confirm the identity of the data subject making any such request. Should we determine that you are not entitled to exercise any rights, we will provide you with the reason(s) for denial.

To exercise your rights please contact us as stated in the “How to Contact Us” section of the Privacy Policy.

  • Data Protection Law means the EEA and UK data protection laws applicable to the processing of personal data, including the GDPR and the UK Data Protection Laws.
  • “GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
  • “Personal Data” or “personal data” means any information relating to an identified or identifiable natural person. References to “personal information” in the Privacy Policy are to be interpreted as “personal data” for purposes of this GDPR Privacy Notice.
  • “UK” means the United Kingdom.
  • “UK Data Protection Laws” means the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 in the UK (“UK GDPR”) and the Data Protection Act 2018.

If you have any questions about this Privacy Policy or the Sites, please contact us through email at [email protected] or mail at 2425 Campus Road, Sinclair 1, Honolulu, HI 96822-2247, USA