1. WHAT IS THIS?
This policy may change from time to time so please check this page occasionally to ensure that you’re happy with any changes.
This policy was last updated on 7 July 2021. Please see Changes to this policy.
2. WHO WE ARE
We, LeapFrog Investments Group, Ltd. (company number 117455 C1/GBL), whose registered office is at c/o AXIS Fiduciary Ltd, 2nd Floor, The AXIS, 26 Cybercity, Ebene, Mauritius, 72201 is the owner of the sites (www.leapfroginvest.com and www.leapfrogresults.com) and the data controller in relation to the processing activities described below. This means that we decide why and how your personal data
3. INFORMATION WE COLLECT ABOUT YOU
When you use this website, our products or services, the categories of information that we may collect about you are as follows:
Personal data you give to us: this includes information about you that you give to us by entering information via:
• social media platforms; and
• corresponding with us by phone, email or otherwise,
and is provided entirely voluntarily. This includes information provided at the time of registering to use our site, subscribing to the services we provide through our site (including newsletters), posting material or requesting further services. We may also ask you for information when you report a problem with our site.
If you complete any surveys that we request you complete for research purposes, we will collect information in such circumstances as well.
The information you give us includes your name, address, email address, phone number, enquiry details and may include records of any correspondence and responses to any surveys.
We have a separate privacy notice in respect of job applicants and the personal data collected when individuals apply for job opportunities at the Leapfrog Investments group.
Personal data we collect about you: we may automatically collect the following information:
• details of your visits to our site, including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources you access;
• anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version,
time zone setting, browser plug-in types and versions, operating system and platform. Please see Cookies for further information;
• personal data which you allow to be shared that is part of your public profile or third party social network, type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Personal data we may receive from other sources: we may receive certain personal data about you from sources outside of our business which may include our group companies. This may include your name, address, email address, phone number, enquiry details, records of any correspondence and responses to any surveys.
4. HOW WE USE YOUR PERSONAL DATA
The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are explained below.
Where there is a LEGITIMATE INTEREST
We may use and process your personal data where it is necessary for us to pursue our legitimate interests as a business, or that of a third party, for the following purposes:
• for analysis to inform our marketing strategy;
• to correspond or communicate with you;
• to verify the accuracy of data that we hold about you;
• for network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
• for prevention of fraud and other criminal activities;
• to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
• for the management of queries, complaints, or claims; and
• for the establishment and defence of our legal rights.
Where you have provided CONSENT
We may use and process your personal data where you have consented for us to do so, including in order to contact you via email with information about our us and our group companies if you sign up to our newsletter emails via our website or other medium where available.
You may withdraw your consent for us to use your information in any of these ways at any time. Please see Withdrawing your consent for further details.
Where there is a LEGAL REQUIREMENT
We will use your personal data to comply with our legal obligations: (i) to assist any public authority or criminal investigation body; (ii) to identify you when you contact us; and/or (iii) to verify the accuracy of data we hold about you.
5. OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO YOUR PERSONAL DATA Group companies
We may share your information with other companies within the Leapfrog Investments group. They may use your personal data in the ways set out in How we use your personal data, in connection with business strategy analysis, business management or administration, and to assist in the provision of services to you. They may also process personal data on Leapfrog’s behalf for the purposes of providing services to us.
Our suppliers and service providers
We may disclose your information to our third party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include IT and cloud service providers (such as hosting and email management), technical and professional advisors (including accountants and lawyers), advertising and marketing agencies and administrative services.
When we use third party service providers, we only disclose to them any personal data that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
Customer satisfaction surveys
As customer satisfaction is important to us, we may ask a third party research company to contact you for the sole purpose of gathering general information and specific information relating to us and our products and services.
Other ways we may share your personal data
We may transfer your personal data to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal data if we’re under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors and customers. We will always take steps with the aim of ensuring that your privacy rights continue to be protected.
6. WHERE WE STORE YOUR PERSONAL DATA
The Leapfrog Investments group is a global organisation with entities across a number of countries, including the UK, Australia, Mauritius, South Africa, Singapore, Nigeria, and Kenya. As a result, all information you provide to us may be transferred to other third countries, including to countries outside the UK and the European Economic Area (EEA). These countries may not have equivalent or similar data protection laws to the country in which you are located.
If we transfer your personal data to a ‘third country’ outside of the UK or the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy. These steps include imposing contractual obligations on the recipient of your personal data that aim to ensure adequate protection or ensuring that the recipients are subscribed to international frameworks that aim to ensure adequate protection.
Please contact us using the details at the end of this policy for more information about the protections that we put in place and to obtain a copy of the relevant documents.
If you use our services whilst you are outside the UK or the EEA, your information may be transferred outside the UK or the EEA in order to provide you with those services.
7. HOW LONG WE KEEP YOUR PERSONAL DATA FOR
If we collect your personal data, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. Subject to other applicable laws (e.g. tax requirements), personal data (in an identifiable format) should not be kept longer than is necessary for the purposes for which it was collected and processed.
Leapfrog has implemented and maintains a separate Data Retention Policy that sets out the specific retention periods in which different categories of personal data will be retained. If you would like further information in respect of these retention periods, please contact us at the details at the end of this policy.
When it is no longer necessary to retain your personal data, we will delete the personal data that we hold about you from our systems. After that time, we may aggregate the data (from which you cannot be identified) and retain it for analytical purposes.
The only exceptions to this are where:
• we need your personal data to establish, bring or defend legal claims or to comply with a legal or regulatory requirement;
• the law requires us to hold your personal data for a longer period, or delete it sooner;
• you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Erasing your personal data or restricting its processing below); or
• in limited cases, the law permits us to keep your personal data indefinitely provided we put certain protections in place.
8. SECURITY AND LINKS TO OTHER SITES
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our website and any transmission is at your own risk. Once we have received your personal data, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.
Where we have given (or where you have chosen) a password which enables you to access an account, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Our website may contain links to other websites run by other organisations. This policy does not apply to those other websites‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links that we provide. In addition, if you linked to our website from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
sent to your computer or device and stored on its hard drive to allow our websites to recognise you when you visit.
10. OUR MARKETING
We may collect your preferences to receive marketing information directly from us by email if you opt in to receive our newsletter then we receive your name and email address.
We may contact you through targeted advertising delivered online through social media and platforms operated by other companies, unless you object.
11. YOUR RIGHTS
The below data subject rights shall only apply to the extent applicable under the data protection laws of the country in which you are located. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal data. Except in rare cases, we will respond to you in accordance with any timescales set by the applicable data protection laws of the country in which you are located, which is usually within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request.
• Accessing your personal data. You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal data if this concerns other individuals or we have another lawful reason to withhold that information.
• Correcting and updating your personal data. The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us at the details at the end of this policy.
• Withdrawing your consent. Where we rely on your consent as the legal basis for processing your personal data, as set out under How we use your personal data, you may withdraw your consent at any time by contacting us using the details at the end of this policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can do so using our unsubscribe tool. If you withdraw your consent, our use of your personal data before you withdraw is still lawful.
• Objecting to our use of your personal data and automated decisions made about you. Where we rely on your legitimate business interests as the legal basis for processing your personal data for any purpose(s), as out under How we use your personal data, you may object to us using your personal data for these purposes by emailing or writing to us at the address at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal data, we will temporarily stop processing your personal data in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data. If you would no longer like us to use your personal data for direct marketing purposes (including to receive our newsletter) then please use the unsubscribe link at the bottom of the most recent newsletter that you received, and we will comply with your request.
• Erasing your personal data or restricting its processing. In certain circumstances, you may ask for your personal data to be removed from our systems by emailing or writing to us at the
address at the end of this policy. Unless there is a reason that the law allows us to use your personal data for longer, we will make reasonable efforts to comply with your request. You may also ask us to restrict processing your personal data where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. In these situations, we may only process your personal data whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
• Transferring your personal data in a structured data file (“data portability”). Where we rely on your consent as the legal basis for processing your personal data or need to process it in connection with your contract, as set out under How we use your personal data, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file. You can ask us to send your personal data directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal data if this concerns other individuals or we have another lawful reason to withhold that information.
12. CHANGES TO THIS POLICY
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our website and/or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on our website, whichever is the earlier. We recommend you regularly check for changes and review this policy whenever you visit our website. If you do not agree with any aspect of the updated policy, you must immediately notify us and cease using our services.
Please contact us using the details in section 14 below if you have any concerns or complaints about the way we have collected or processed your personal data. We will investigate your complaint and respond to you in writing within 30 days.
You have the right to discuss your concerns or lodge a complaint to the relevant data protection authority if you are concerned about the way we have processed your personal data, which in the UK is the Information Commissioner’s Office (www.ico.org.uk) and in Australia is the Australian Information Commissioner (www.oaic.gov.au).
14. CONTACT US
If you have any queries about this policy or about the way we process your personal data please contact us by sending an email to firstname.lastname@example.org or writing to us at c/o AXIS Fiduciary Ltd, 2nd Floor, The AXIS, 26 Cybercity, Ebene, Mauritius, 72201.