BlueLife offers a large range of property and hospitality related services to a broad market through its investors, developers and clients through its activities in relation to: property development, property transaction, property management, co-ownership management, property services and hospitality.
1. HOW AND WHEN IS YOUR DATA COLLECTED?
a. Visitors to our websites
BlueLife collects, uses and processes the following information about you when you visit our websites:
- Personal information that you provide by filling in forms on the website. This includes information you provide at the time of registering your interest in our developments on the website and signing up for media alerts and Investor email alerts. It also includes filling in recruitment forms and uploading your CV.
- If you contact us, we may keep a record of that correspondence. We may also ask you for information when you report a problem with the website.
We will do our best to protect your personal information and we will use technology that will help us to do this.
However you should understand the open nature of the internet. As such, your personal information flows over networks connecting you to systems without security measures, and are accessible to people other than those for whom the personal information is intended.
b. People who contact us via social media
If you send us a private or direct message via any social media platform, your message will be saved to ensure we have a record of all interaction with you.
c. People who contact us via email
Personal data collected via email is stored on Microsoft Office 365 and our central database system. We will use your information to respond to your request or the subject of your enquiry. Should you request to be registered on our database system, we may use your information to contact you to let you know about our services and products which may be of interest to you. We only require the information needed to provide a service to you, such as name, address, email address and telephone number. Where we request more information, it will be in the context of specific transactions or to improve our service to you. It will be made clear that this is purely voluntary on your behalf and you have to absolute right not to provide us with this information.
d. People who contact us by telephone
We will collect information that we need specifically to assist in providing a level of service to you, through your enquires in relation to our products and services or with respect to any specific transaction with you. We require information such as name, address, telephone, email address. Where we request further information in the context of a transaction or to improve our service, this will be purely voluntary on your behalf and you have the absolute right not to provide us with this information.
e. People who use property portals
We collect information when you request details on BlueLife’s properties developed, on sale or on rental, via property portals which are linked to our central database. The personal data is stored on our central database system. We only collect the information required to provide a service to you, such as name, telephone, email, country and postcode. Where we request more information to improve our service to you, it will be made clear that this is purely voluntary on your behalf and you have the absolute right not to provide us with this information.
f. People who visit our Developments
If you visit a BlueLife’s development and enquire about a particular property being developed, sold or rented, we will collect information that we need specifically in order to assist in providing a level of service to you and dealing with your enquires in relation to our products/services. We require information such as name, address, telephone number, email address. Where we request further information to improve our service, this will be purely voluntary on your behalf and you have the absolute right not to provide us with this information.
g. People for whom real estate agents, investment advisors and other investment professionals have been mandated to invest or disinvest
We may receive information about you from third parties who have been entrusted by you to invest/disinvest in properties. We only collect the information required to provide a service to the third party, such as name, telephone, email, country, postcode and budget for the transaction.
2. WHICH PERSONAL DATA DO WE USE ABOUT YOU?
We collect and use your personal data when necessary in the framework of our activities and to improve the standard of the property we develop and operate as well as for the property management and hospitality services we offer, while also improving the sales experience.
Depending on the type of property and related services we provide to you or whether you are an employee or service provider to us, we may collect various types of personal data about you, including:
- identification information (e.g. name, ID card and passport numbers, nationality, place and date of birth, gender, photograph, IP address);
- contact information (e.g. postal address and e-mail address, phone number);
- family situation (e.g. marital status, number of children);
- economic and financial information
- employment information (e.g. employment, employer’s name, remuneration);
- banking, financial and transactional data (e.g. bank account details, credit card number, credit history, debts and expenses);
- data from your interactions with us (eg: our internet websites, our apps, our social media pages, meeting, call, chat, email, interview, phone conversation, correspondence, requests for information or documents, method of commercialisation);
- video surveillance (including CCTV) located at on our operational sites in Forbach and Azuri in Mauritius;
- data necessary to fight against over indebtedness, fraud, money laundering and terrorist financing.
The data we use about you may either be directly provided by you or be obtained from the following sources in order to verify or enrich our databases:
- third parties such as fraud prevention agencies in conformity with the data protection legislation
- websites/social media pages containing information made public by you (e.g. your own website or social media)
- databases made publicly available by third parties
3. SPECIFIC CASES OF PERSONAL DATA COLLECTION, INCLUDING INDIRECT COLLECTION
We may also collect information about you, although you have no direct relationship with us, on specific circumstances.
Cases in which we may be brought to collect your data include those when information about you, or your contact details, are provided by your employer, one of our clients, one of our suppliers or service providers who would be for example:
- Family members;
- Joint borrowers or guarantors;
- Legal representatives (power of attorney);
- Beneficiaries of payment transactions made by our clients;
- Beneficiaries of insurance policies and trusts;
- Ultimate beneficial owners;
- Charge holders (e.g. in case of bankruptcy);
- Company shareholders;
- Representatives of a legal entity (which may be a client or a supplier);
- Staff of service provider and commercial partners.
4. WHY WE COLLECT YOUR PERSONAL DATA?
i. To comply with our legal and regulatory obligations
We use your personal data to comply with various legal and regulatory obligations, including:
a. Real estate regulations
b. Banking and financial regulations
In compliance with which we:
- set up security measures in order to prevent abuse and fraud;
- reply to an official request from a duly authorised public or judicial authority;
- prevent money-laundering and financing of terrorism;
- keep proof of transactions
ii. To perform a contract with you or to take steps at your request before entering into a contract
We use your personal data to enter into and perform our contracts, including to:
- Provide you with information regarding our properties and property related services as well as hospitality related services;
- Assist you and answer your requests;
- Evaluate if we can offer you a property for sale or for rental, as well as any property related services, and under which conditions; and
- To fulfil our legitimate interest (legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the best service. We make sure we consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interest.)
5. TRANSFER OF PERSONAL DATA
BlueLife will take all steps reasonably necessary to ensure that your Personal Data is treated securely and that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your Personal Data and other personal information.
6. USE OF PERSONAL DATA FOR MARKETING PURPOSES
You can exercise your right to prevent us from using your Personal Data for direct marketing (using emailing, newsletters, automatic SMS etc) in respect of our offers, by ticking certain boxes on the forms that we use to collect your Personal Data, or by utilizing opt-out mechanisms in e-mails we send to you.
Your explicit consent will be required if you do not wish to receive any of our promotional offers and marketing communications from us. If you have not opted out of receiving marketing communications, you will receive promotional offers from us. We may then use your identification information and data from your interactions with us to form a view on what we think may be of interest to you. This is how we decide which offers may be relevant for you.
You can exercise the right to discontinue marketing communications to you. In this case, we will retain minimum Personal Data to note that you opted out in order to avoid contacting you again.
7. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
In our normal course of business, we only disclose your personal data to:
- BlueLife entities;
- Service providers which perform services on our behalf;
- Independent agents, intermediaries or brokers, banking and commercial partners, with which we have regular relationship;
- Financial or judicial authorities, arbitrators and mediators, state agencies or public bodies, upon request and to the extent permitted by law;
- Certain regulated professionals such as lawyers, notaries or auditors.
8. HOW WE PROTECT YOUR PERSONAL DATA?
We protect Personal Data by maintaining physical, technical and organisational security measures to prevent risk of accidental loss, misuse, unauthorized access, disclosure, destruction and alteration of Personal Data, and to protect the Personal Data from any harm that may result therefrom.
Our security measures include :
(i) Procedure in case of breach or suspected breach of Personal Data;
(ii) Disaster recovery, business continuity and resilience of processing systems and services;
(iii) Access authorisation controls and password;
(v) Restricting access to Personal Data to our employees, agents, and other third parties on a need to know basis and involved in or otherwise engaged in the Services we are providing;
(vi) Ensuring that employees, agents or other third parties will only process Personal Data on our instructions, subject always to a duty of confidentiality.
9. HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?
We will retain your personal data for the longer of the period required in order to comply with applicable laws and regulations or another period regarding our operational requirements, such as proper account maintenance, facilitating client relationship management, and responding to legal claims or regulatory requests. For instance, most of client’s information is kept for the duration of the contractual relationship and 10 years after the end of the contractual relationship.
10. WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
In accordance with applicable law and circumstances, you have the right to :
- Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
- to lodge a complaint at any time with the Data Protection Commissioner of Mauritius (DPC). If case of an EU citizen, you have the right to lodge a complaint with the supervisory authority of the relevant EU member state.
If you wish to exercise the rights listed above, please send a request email to [email protected] or a letter to the following address: BlueLife Limited, 4th Floor, IBL House, Caudan, Mauritius to the attention of our Data Protection Officer.
We would appreciate the chance to deal with any of your concerns before you approach the DPC or any regulator. So please contact us in the first instance.
We will try to respond to all legitimate requests within 1 month. Occasionally it may take us longer than a month if the request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We will report any breaches of personal data held by us to the DPC as required under the Data Protection Act 2017 (http://dataprotection.govmu.org), within seventy-two (72) hours or to the supervisory authority of the relevant EU member state in within such delay as may be prescribed, of becoming aware of such a breach, which includes accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed.
14. HOW TO CONTACT US?
15. CHANGES TO THIS POLICY
We reserve the right to amend this Policy from time to time to reflect changing legal requirements or our processing practices.
This version is dated April 2020