As a global financial services and technology provider, Chronograph, LLC and its subsidiaries and affiliated entities (collectively, “Chronograph”, “we,” “our” or “us”) are committed to protecting Personal Information and complying with applicable privacy requirements in a trustworthy, transparent and responsible manner.

This Privacy Policy describes how Chronograph collects, uses and discloses Personal Information about individuals (collectively, “users” or “you”) receiving our products and services, exploring or maintaining a business relationship with us (either directly or through an intermediary such as your employer) and / or using the Chronograph website(s), online features, or mobile applications (each a “Site” or collectively, our “Sites”).

As used in this Privacy Policy, Personal Information means any information relating to an identified or identifiable natural person; Personal Information is intended to cover all information subject to personal data processing and privacy laws applicable to our business.

This Privacy Policy also describes your rights, where applicable, and how to exercise them. You may contact us at any time with questions related to our Personal Information processing and privacy via email at [email protected].

In some instances, we may post or provide materials that provide further description of Personal Information processing related to certain products and services. We may also post information about how we comply with specific Personal Information laws or regulations like European Union or United States privacy laws. Such materials are for informational purposes only and are not intended as an exhaustive listing of Personal Information processing related to the product and service. The materials should not be construed as modifying this Privacy Policy.

GLOBAL APPLICABILITY

As a global service provider, different Chronograph entities, products, services and Sites may be subject to different privacy laws based on where an affiliated entity operates, where the products or services are delivered, and / or where you are located. For example, the European Union General Data Protection Regulation imposes certain requirements on some Chronograph entities or services that are not applicable to all of our entities or services. Where this Privacy Policy states that a provision applies “to the extent required by applicable law,” such provision will be applicable only to the extent that Chronograph is subject to legal requirements imposing it.

For purposes of data protection laws, except where this Privacy Policy does not apply, as described below, the Chronograph entity that will be the “controller” of your Personal Information will be the entity that delivers the products or services you (or the company for whom you are working or have a business relationship) are receiving or maintains the Site that you are using. You can identify a particular Site through the Site’s web address (URL).

Although your data controller may be a specific Chronograph entity, contact and other client relationship information that we collect may be held in a client relationship management or contact database which can be accessed by other Chronograph entities which may be located globally; further information about international transfers of information is provided below. To the extent required or permitted by applicable law, by visiting or using our Sites, you are consenting to us collecting and processing information about you in accordance with this Privacy Policy.

SELECT NON-APPLICABILITY

This Privacy Policy does not apply to Personal Information processed in connection with delivery of services to Chronograph by suppliers or contractors; such relationships are governed solely by the Personal Information processing terms and conditions between Chronograph and the supplier / contractor. It also does not apply to job applicants or employees, which are subject to relevant privacy notices.

This Privacy Policy also does not apply to the extent that:

  • Chronograph’s contract for delivery of products or service prescribes different terms and conditions for the processing of your Personal Information;
  • Chronograph is delivering products or services as a data processor, in which case the contractual terms and conditions between Chronograph and the data controller / contracting party shall govern;
  • The Site for the products or services sets forth an additional or alternative Privacy Policy; or
  • Applicable law imposes different processing or privacy requirements on your Personal Information.

EU GENERAL DATA PROTECTION REGULATION (GDPR)

As a global organization, Chronograph understands the special requirements related to privacy and information security when processing personal data. Accordingly, Chronograph accounts for privacy laws and regulations that apply to the different geographies in which we operate, including the GDPR.

We have conducted an assessment of all business systems and processes across our enterprise, and where we identified personal data processing subject to GDPR, we assessed the basis for processing and evaluated that appropriate technological and organizational measures are in place to protect the data. We have updated our company-wide Code of Ethics to include core elements of GDPR and implemented updates to certain policies, notifications and related procedures to account for GDPR. This includes updates to our website forms and this Privacy Policy, effective as of May 25, 2018.

CLIENT CONTRIBUTIONS

Many professional firms voluntarily provide data to Chronograph for inclusion in our databases and other data products pursuant to a data input agreement between the firm and Chronograph. This data may include personal data, which we process in accordance with the data input agreement.

If your employer contributes data to Chronograph and wants your name and professional information included in our databases and other data products, then someone at your firm may have provided Chronograph with your personal data. If your personal data has been contributed to Chronograph by your employer, then we do process your personal data. With respect to privacy laws, your employer is the “controller” of the data, and Chronograph acts as a processor on its behalf.

Chronograph processes the personal data that professional firms provide for inclusion in our databases and other data products. This is limited to information related to professional activities, such as an individual’s name, role, business contact information, employment status, and professional credentials (please see “Information We Collect”, below).

Chronograph uses hosted solutions to store and process this personal data. The personal data may also be provided to our affiliates, our partners and subscribers of our data solutions as described further herein. Our subscribers include, among others, investment consulting firms, plan sponsors / pension funds, financial advisors, fund managers, investment banks, educational institutions, sovereign wealth funds, foundations, endowments, and other institutional investors.

With regard to client-contributed data, we recommend you reach out to your employer, as they are the controller of your data. If you reach out to Chronograph directly, we will refer your request to your employer.

INFORMATION WE COLLECT

We only collect information from you or your representative (such as your employer) or about you that is reasonably necessary for us to provide the relevant product or service, business relationship and/or communication, consistent with the nature of such product, service, relationship or communication. Based on the specific products, services, business relationship or Sites involved as well as requirements under applicable law, we may collect the following categories of personal information (“Personal Information”) from you or your representative:

  • Name;
  • Email address;
  • Telephone number;
  • Mailing address;
  • Company;
  • Title or Position;
  • Business contact information;
  • Username and password; and
  • Any other Personal Information you or your representative volunteers on or provides access to via any or our Sites and / or any Chronograph community forum, social media offering or blog.

We may also automatically collect the following categories of information from devices (e.g., mobile, computer, laptop, tablet) used to visit or use our Sites or that receive HTML-formatted email messages (“Device Information”):

  • IP address;
  • Device identifier;
  • Log files;
  • Cookies;
  • Clear gifs;
  • Pixel tags and similar technologies;
  • Flash LSOs; and

Certain Device Information may be deemed Personal Information in accordance with applicable law. Personal Information and Device Information are collectively referred to as “information.”

Based on the specific products, services, business relationship or Sites involved (as well as requirements under applicable law), we may collect the following categories of Personal Information on our own or from third parties about you:

  • Information about you available in news feeds, exchange data feeds and other public data sources (including the public internet);
  • Information provided by relevant regulators, government agencies and non-government credentialing or professional organizations;
  • Information related to your status under economic sanctions, anti-money laundering and similar laws or other information that may impact our ability to engage in business with you or a company at which you are an employee, officer or director, or significant shareholder;
  • Information that you, your employer or other representative make publicly available via your personal or company website or in social media profiles;
  • Information related to your professional activities (such as consulting to public retirement funds) that is contained in documents released by a governmental body under Freedom of Information Act, State open records laws, Open Government License or similar laws and regulations;
  • Information from event organizers for events that you have attended;
  • Information from companies providing professional contact information to their customers/subscribers; and
  • Other Personal Information to the extent permitted by applicable law and reasonably necessary for the performance of our business obligations, compliance with laws applicable to our business or pursuit of our legitimate business interests.

HOW WE USE YOUR INFORMATION

The following is an overview of Chronograph’s purposes for processing Personal Information. Often due to the nature of the product or service involved or the context in which the Personal Information is used, it will be apparent how we intend to use the information. Additional information about processing related to a particular product or service may be separately posted on the relevant Site or contained in the applicable terms and conditions.

We may use the information we collect for the purposes identified below. To the extent required by applicable law, each purpose for the processing of Personal Information is substantiated by one or more lawful bases for processing. Unless otherwise identified with respect to a particular product or service, our processing is done based on one or more of the following:

Purpose of ProcessingBasis for Processing
Provide you (or your employer / represented company) with our services and products and communicate with you about your (or your employer’s / represented company’s) account or use of our products, services and/or Sites• Perform or enter into a contract
• Legitimate business interests
• Comply with a legal obligation
• Consent
Monitor for security threats and fraud involving the use of our products, services, Sites or physical facilities• Legitimate business interests
• Comply with a legal obligation
Register or establish an account for you (or your employer / represented company) as a client• Perform or enter into a contract
• Legitimate business interests
• Comply with a legal obligation
Register you (or your employer / represented company) to receive services or information through one or more of our Sites• Perform or enter into a contract
• Consent
To the extent permitted by applicable law, identify you (or your employer / represented company) as a prospective client for products or services and provide you with relevant information and/or invitations to events• Legitimate business interest
• Consent
Manage our relationship with you (or your employer / represented company) as a client, business prospect and/or information recipient• Perform or enter into a contract
• Legitimate business interest
• Consent
Pursue or enforce our legal rights related to our business, products, services or Sites and/or defend against claims made against us• Perform or enter into a contract
• Legitimate business interest
Communicate with you (or your employer / represented company) about your (or your employer’s/represented company’s) account or use of our products, services or Sites• Perform or enter into a contract
• Legitimate business interest
• Consent
Create informational materials and statistical extracts for our products and services• Perform or enter into a contract
• Legitimate business interest
• Consent
Develop, provide content for, operate, deliver, and market our products, services and Sites• Perform or enter into a contract
• Legitimate business interest
• Consent
Improve the quality of our Sites and tailor them to your preferences• Legitimate business interest
• Consent

With respect to situations where we process Personal Information based on our legitimate business interest, reflecting that we are generally a business-to-business product and service provider, we typically collect and process limited Personal Information about corporate client points of contact and individuals acting in their professional capacities as part of our overall effect to reduce the privacy impact on individuals. To the extent required by applicable law, you have the right to object to our processing of your Personal Information where the legal basis for our processing is a legitimate interest. Where our processing of your Personal Information is based on your consent, you have the right to withdraw your consent at any time.

We also use your information for compliance with our company policies and procedures, for accounting and financial purposes, and otherwise as required or permitted by applicable law. If you do not provide us with information as described above, we may not be able to fulfill the applicable purpose of collection, such as completing a contemplated transaction, responding to your queries or providing access to our Sites to you.

AUTOMATED PROCESSING

Chronograph does not engage decision-making based solely on automated processing of Personal Information, including profiling, which produces legal effects concerning an individual or similarly significantly affects an individual.

HOW WE SHARE YOUR INFORMATION

From time to time, to the extent permitted by applicable law and subject to any contractual limitations on sharing Personal Information set forth in a relevant contract for products and services, we may share your information with our affiliates, subsidiaries, business partners, clients (such as where we process your Personal Information in connection with your role with your employer), third party service providers and authorities in the following circumstances:

Affiliates, Subsidiaries, Business Partners and Clients. We may share your information with our affiliates (including other Chronograph business units), subsidiaries, business partners, and clients in the US and worldwide for purposes identified above. To the extent required or permitted by applicable law, by visiting or using our Sites or otherwise providing us with your information, you consent to this sharing of your information. Where such consent exists, to opt-out of such sharing, please contact us via email at [email protected] or at the location in the Contact section below.

Service Providers. We may share your information with third parties who perform functions on our behalf (e.g., hosting or operating our services or Sites, sending email marketing communications, or data analysis). We do not authorize these third parties to use your information for purposes other than for which it has been provided, and we do not authorize these third parties to disclose that information to unauthorized parties. We require these third parties to maintain appropriate security to protect your information from unauthorized access or processing.

As Required or Appropriate by Law. We may disclose your information to regulatory authorities, courts, and government agencies where we believe that doing so would be in accordance with or permitted or required by any applicable law, regulation or legal process, to defend the interests, rights, and / or property of Chronograph, or others, or to respond to emergencies.

Business Transfers. We may transfer your information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, brands, affiliates, subsidiaries or other assets. To the extent permitted by applicable law, we may share information with a prospective buyer or transferee of the business as part of the diligence process provided that we require any such third party to maintain the confidentiality of your information and protect it with appropriate technical and organizational security measures.

We may share your information with other third parties as directed by you or subject to your consent. We may also share and otherwise process aggregated information or de-identified information that does not identify you individually with other third parties. We also use this aggregated or de-identified information for Chronograph’s and its affiliates’ various business purposes, including the creation and sale of other products and services to our clients and potential clients. This aggregate or de-identified information is not traceable to any particular client or user and will not be used by a third party to contact you.

WE DO NOT SHARE, SELL, RENT OR TRADE THE PERSONAL INFORMATION YOU PROVIDE THROUGH OUR SITE TO OUR SERVICE PROVIDERS OR BUSINESS PARTNERS FOR THEIR OWN DIRECT MARKETING PURPOSES, unless we have explicitly given you the option to opt-in or opt-out of such disclosures. The foregoing restriction does not apply to information provided by those firms voluntarily contributing data for inclusion in our databases and other data products.

MARKETING COMMUNICATIONS

We process Personal Information within the scope of our marketing and market segmentation. With market segmentation, we mean that we categorize our client base based on professional affiliations and functions, alignment with our services and products and information gathered from public sources of information. For clients or users of our Sites, we may also use information gathered from your use of our products, services and / or Sites for marketing purposes.

You always have right to request that we stop using your Personal Information for direct marketing purposes. To the extent required by applicable law, you have the right to object to the processing of your Personal Information based on a legitimate interest as legal basis. You also always have the right to withdraw your consent at any time when we need your consent in order to process your Personal Information. If you withdraw your consent, you will no longer receive information and offers that are tailored for you.

If you no longer wish to receive marketing communications from Chronograph, you may opt-out of receiving marketing-related emails by: (1) using the unsubscribe method provided in our communications; and (2) updating your preferences in the “Manage Preferences” section of our Sites. You also have the right to object our use of your personal information for direct marketing and in certain other situations (in accordance with applicable law) by contacting us at [email protected]. If you are having difficulty unsubscribing from our email marketing communications using the above methods, please contact us as at [email protected].

We will try to comply with your request as soon as reasonably practicable as required by applicable law. Please note that we may need to retain certain information for recordkeeping purposes, to complete any transactions that you began prior to your request, or for other purposes as required or permitted by applicable law. In addition, please note that even if you opt-out of receiving marketing communications from one or all of our Sites, we may need to send you service-related communications.

YOUR RIGHTS REGARDING YOUR PERSONAL INFORMATION

To the extent required by applicable law, in our capacity as the controller of your Personal Information, we will also provide you with the opportunity to be informed of whether we are processing your Personal Information and at any time to access, correct, update, oppose, delete, block, limit or object to our use of your Personal Information. The foregoing rights will be afforded to you free of charge (except to the extent that your requests are manifestly unfounded or excessive, in which case, we may charge an administrative fee or refuse to meet your request). Please note that legal obligations that apply to our business may prevent us from immediately deleting parts of your information. To exercise your rights, please contact us as detailed below.

To prevent fraudulent activity, we may require you to authenticate your identity when you contact us. We will try to comply with your request as soon as reasonably practicable and within timeframes required by applicable law. Please note that in some instances, due to the nature of the information that we receive, we may require you to provide additional information that will help us identify which information is yours. For requests subject to the European General Data Protection Regulation, we will respond to your request within one month of our receipt of it. We may extend this period by two further months taking into account the complexity of your request or the number of requests that we have received; we will inform you of any such extension within one month of receiving your request along with the reasons for the delay and information about your right to file a complaint with the supervisory authority.

The following sets out a summary of your rights to the extent that your Personal Information is processed subject to the European General Data Protection Regulation:

Right to access, rectification, erasure and restriction of processing. You have the right to request:

  • Access to your Personal Information. This means that you have the right to request information on our use of your Personal Information. You also have the right to request a copy of the Personal Information being processed at no cost. However, we may charge you a reasonable administrative fee to provide you with additional copies of the Personal Information. If you make your access request by electronic means such as email, we will provide you with the information in a commonly used electronic format.
  • Rectification of your Personal Information. We will at your request, or at our own initiative, rectify, anonymize, erase or complement Personal Information that you or we discover is inaccurate, incomplete or misleading. You also have the right to complete the Personal Information with additional data if relevant information is missing.
  • Erasure of your Personal Information. You have the right to request that we erase your Personal Information if we no longer have an acceptable reason for processing the data. Given this, erasure shall be made by us if 1) the Personal Information is no longer necessary for the purposes for which it was collected; 2) we use your Personal Information with your consent and you withdraw your consent; 3) you object to the processing of your Personal Information based on our legitimate interest and there is no overriding legitimate ground for the processing; 4) the Personal Information has not been lawfully processed; 5) we are required to erase the Personal Information due to a legal obligation; or 6) you are a child. However, there might be requirements under applicable law, or other compelling reasons, that prevents us from immediately erasing your Personal Information. In such case, we will stop using your Personal Information for any other reasons than to comply with the applicable law, or the relevant compelling reason.

Right to restrict processing: This means that we temporarily restrict the processing of your Personal Information. You have the right to request restriction of the processing when:

  • You have requested rectification of your Personal Information in accordance with this Privacy Policy, during the period of time we are verifying the accuracy of the data;
  • The processing is unlawful and you do not want the Personal Information to be erased;
  • As data controller, we no longer need the Personal Information for the purposes for which it was collected, but you require us to retain the information for the establishment, exercise or defense of legal claims; or
  • You have objected to our legitimate interest for the processing in accordance with this Privacy Policy, during the period of time that we are determining whether the legitimate interest overrides your privacy rights.

Right to object to processing. You have the right to object to the processing of your Personal Information based on our legitimate interest. If you object to such processing, we will only continue with the processing if we have a compelling legitimate reason for the processing that outweighs your interest, rights or freedoms, or if continued processing is necessary for the establishment, exercise or defense of a legal claim.

Right to portability. You have the right to receive certain of your Personal Information in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. You only have this right when your Personal Information is processed by automated means and our legal basis for the processing is performance of a contract between you and us.

Right to lodge a complaint. You have the right to lodge any complaints regarding our processing of your Personal Information with the supervisory authority.

SECURITY OF YOUR INFORMATION

We take reasonable technical, administrative and physical security measures to protect your information, including applying generally accepted industry standards to protect the information submitted to us during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage is 100% secure, so we unfortunately cannot guarantee absolute security. If you have reason to believe that your interaction with us is no longer secure (e.g., if you feel that the security of any account you might have with us has been compromised), please contact us immediately at: [email protected].

INTERNATIONAL TRANSFERS

Some of the parties with which we may share your information, as detailed in “How We Share Your Information”, may be located in countries that do not provide an equivalent level of protection as your home country. Where required, Chronograph has implemented appropriate cross-border transfer solutions to provide adequate protection for transfers of certain personal information, including, but not limited to, the European Commission’s Standard Contractual Clauses. To the extent permitted by applicable law, by using our Sites, and providing us information about you, you consent to the international transfer of information about you to the above parties.

RETENTION OF YOUR INFORMATION

We will retain your information for the period necessary to fulfill the purposes outlined in this Privacy Policy and as otherwise needed to comply with applicable law and recordkeeping requirements or to address any complaints, challenges, legal or compliance matters related to the information.

COOKIES

When you use our Sites, we along with our affiliates, subsidiaries and third party service providers may use “cookies” and similar technologies (e.g., log files, clear gifs, pixel tags and Flash LSOs) (collectively, “technology”). This technology may involve placing small files/code on your device or browser that serve a number of purposes, such as remembering your preferences (e.g., language) and generally improving your experience on our Sites. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymized tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. Specifically, we may use such technology for purposes such as to:

  • Provide us with general analytics about our Sites, including demographic information in a non-identifiable form, in order to improve our Sites’ performance and customize users’ experience;
  • Enable us to help you make better use of our services or Sites such as by suggesting how you can improve your use of different features or functionality or help address technical issues that you encounter in using our services or Sites;
  • Support security measures, such as requiring re-login into your account or additional authentication when using a new device to access our Sites;
  • Measure the success of our marketing campaigns and compile statistics about the Site’s usage and email response rates; and
  • More effectively market our Sites and advertise other Sites that may be of interest to you. When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you. We may then send communications to you. You may opt out of receiving this advertising by visiting https://app.retention.com/optout.

You may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.

LINKS TO OTHER WEBSITES

Our Sites may contain links to other websites or services that are not owned or controlled by Chronograph. This Privacy Policy only applies to information collected by our Sites. We have no control over third party websites, and your use of third party websites and features are subject to privacy policies posted on those websites.

We may use third party payment services to process purchases made through the Sites. If such service is made available and you wish to make a purchase through the Site, your Personal Information may be collected by the third party (and not by us). In that case, the information you provide to the third party will be subject to that third party’s privacy policy and not this Privacy Policy.

We are not responsible or liable for the privacy or business practices of any third party websites linked to our Sites. Your use of third parties’ websites linked to our Sites is at your own risk, so we encourage you to read the privacy policies of any linked third party websites when you leave one of our Sites.

CHILDREN

None of our Sites are targeted for use by children under the age of eighteen. We do not target any of our products or services or Site content / features for use by children of such age.

CHANGES TO THIS PRIVACY POLICY

Except to the extent limited by applicable law, we reserve the right to update this Privacy Policy to reflect changes to our information practices by posting notice of the update on our Sites. To the extent practical, we will provide advance notice of any changes; however, we may be unable to do so if the revisions are in response to legal or regulatory changes or guidance.

CONTACT

If you have any questions, complaints, or additional claims with respect to the Website or Services, you may contact us at:

Chronograph, LLC
Ten Grand Street | Floor 10
Brooklyn, NY 11249

[email protected]