Privacy Policy

Effective from: 22^ndJanuary 2024

INTRODUCTION

This Privacy policy pertains to the platform known as “The Founders Junction”, hereinafter referred to as the “Platform”.

The term “Platform” encompasses both Our Website, termed the “Website” — which may be accessed on any device — and Our mobile application.

This policy provides details on the processing of personal data that is either collected or used by the Platform.

Our Platform may contain links to other Websites or apps. Please note that We have no control over how Your data is collected, stored, or used by other Websites and/or apps and We advise You to check the privacy policies of any such Websites or apps before providing any data to them. Therefore, We cannot be held responsible for the privacy practices of such external Websites or apps.

KEY DEFINITIONS

User: any person who accesses Our Platform and Uses any of its functionalities either with or without a registered account.

You: the User.

We, Us, Our: The Founders Junction.

Data protection legislation: the Data Protection Act 2018 and any other national and international laws and regulations applying to the processing of personal data as the case may be.

Data subject: any identified or identifiable living individual to whom personal data relates.

Personal data: any information and/or documents relating to an identified or identifiable living individual.

Special category personal data: special categories of personal data such as ethnic origin, political views, religious beliefs, genetic data, data about health and similar. Criminal offence data: any information about criminal allegations, proceedings and convictions relating to the data subject.

Processing: any operation by which personal data are collected, recorded, altered, stored, retrieved, combined, disclosed, restricted, removed or destroyed.

Cookie: a small file placed on Your computer or device by Our Platform when You visit certain pages and/or when You Use certain features of Our Platform.

Data controller: any natural or legal person who processes personal data and decides the purpose and the means of processing those data.

Data processor: any natural or legal person (not an employee) who processes data on behalf of the controller.

Data breach: a breach of security leading to accidental or unlawful loss, destruction, alteration, unauthorised disclosure of, or access to, personal data.

ABOUT US

The Founders Junction is owned by The Founders Junction Limited, a private limited company registered in England and Wales under the number 15362808 with registered office in 86-90 Paul Street, London, EC2A 4NE.

ICO registration number: ZB643520

For the purposes of the data protection legislation The Founders Junction Limited is the data controller.

Data protection manager: Mr Alessandro Bolasco

In compliance with the relevant data protection law, We have appointed a representative in the territory of the EEA and Switzerland.

Our EEA and Switzerland representative is DataRep. Their contact details are at the bottom of this policy.

PROCESSING OF PERSONAL DATA

What personal data We process

Depending upon Your Use of Our Platform, We may collect and hold different data. We place paramount importance on Your personal data and We strive to process it as and only to the extent allowed by the data protection legislation ensuring We always have a valid lawful basis and meet any prescribed conditions for doing so.

Our Platform makes use of professional analytics tools which process basic information about Our visitors relating to geolocation details such as country and town of Your server / proxy, operating system and browser.

We make Use of cookies.

Cookies are small pieces of data stored on a site visitor’s browser, Usually Used to keep track of their movements and actions on a Website and may be permanent, temporary or have a certain life span. Please refer to Our cookie policy to learn more.

The personal data We may obtain as provided by You through Our contact forms are as follows:

name and surname;
email address;
LinkedIn profile address;
Your work experience and professional qualifications;
Your professional goals;
any additional information and/or documents as provided by You.

If You apply for a position at Our company, the personal data collected will be those provided by You in Your email and/or Your CV or any other documents which You may provide to Us.

Depending on whether or not We also do work for You, We will process information as provided by You to provide Our services and/or to comply with any specific legal or statutory requirements.

How and Where We process Your personal data

The processing of personal data is carried out electronically.

Most of Users’ personal data are processed through Our Platform, where users input their personal information as necessary for them to be found and contacted by potential business partners.

As part of Our effort to make the Platform as transparent as possible and provide Users with better reassurance as to the genuineness of profiles, We offer Users the possibility to have their account verified. Such verification of the account requires those registered users to submit to Us a copy of a valid passport of them and Us to check the validity and genuineness of the submitted document. Such verification is carried out through a third-party document-checking provider.

Data that You provide through Our contact forms are sent to Our general email address through the platform and checked by Us.

We process any messages and emails as and only to the extent provided by law and, if necessary, will save data that have been provided by You on Our computers and Our cloud servers.

We may transfer Your collected data to storage outside the EU or the UK. If We do store or transfer data outside the EU or the UK, We will take all reasonable steps to ensure that Your data is treated as safely and securely as it would be within the UK and the EU, and made pursuant to appropriate safeguards in accordance with the applicable laws and regulations. If You require further information about these safeguards, please contact Us.

Purposes and legal bases for processing Your personal data We must have a legal basis to process personal data.

For all the data provided by You, the applicable legal basis is that of performing a contract or pre-contract duty. If, for example, You contact Us to request technical information or advice We will need to process Your personal data in order to comply with Your request.

Any processing of personal data through the Platform is carried out with the only legitimate purpose of ensuring the correct functioning of Our Platform.

The data collected by Google Analytics are processed for a legitimate interest which is that of collection of statistical records.

Should We process data for any marketing or promotional purposes, We shall first obtain Your consent.

Before contacting Us, You are requested to read Our privacy and cookie notices. For additional guidance in this respect, please refer to the section concerning Your rights.

Data retention

We shall not retain any personal data for any longer than is necessary in light of the purposes for which that data is collected, held, and processed.

Different types of personal data, used for different purposes, are necessarily retained for different periods (and its retention periodically reviewed).

When establishing and/or reviewing retention periods, the following are taken into account:

Our objectives and requirements;
The type of personal data in question;
The purposes for which the data in question is collected, held, and processed;
The legal basis for collecting, holding, and processing that data;
The category or categories of data subject to whom the data relates;

If a precise retention period cannot be fixed for a particular type of data, criteria shall be established by which the retention of the data will be determined, thereby ensuring that the data in question, and the retention of that data, can be regularly reviewed against those criteria.

Certain personal data may be deleted or otherwise disposed of prior to the expiry of its defined retention period (whether in response to a request by a data subject or otherwise).

Should You want Us to delete Your personal data, We will be willing to delete all those data which We are not required to keep for a statutory or a contractual obligation.

Who We share Your personal information with

We do not share personal data with marketing or advertising companies.

The personal data obtained through Our Platform are only processed by Us and Our data processors as necessary for Us to efficiently provide Our services, and only to the extent illustrated in this notice.

For all the technical support required to create, update, and efficiently manage Our Platform We use a specialised firm, Healy Web Design Limited of 17 Davies Way, Flitch Green, Dunmow, England, CM6 3GN.

For the purposes of the data protection law, Healy Web Design is Our data processor. For the delivery of some of their services, Healy Web Design may use special sub-processors.

For Users’ voluntary verification of their identity, We use a third-party ID verification provider called UAB “iDenfy”, registered in Baršausko street 59, 51423 Kaunas, Lithuania.

In compliance with the relevant data protection legislation We have appointed a representative in the territory of the European Economic Area (EEA) and Switzerland. Our appointed representative is DataRep of 77 Camden Street Lower, Dublin D02 XE80, Ireland.

Technical measures to protect Your data

We aim at maintaining and improving all those technical and organisational measures necessary to ensure the ‘confidentiality, integrity and availability’ of Our systems and services, still having regard of the effective risk involved in Our processing.

In accordance with the data protection legislation, We provide the present privacy policy for Our Users so that they are aware of Us as data controllers, how We process their data, what type of cookies We use, and all other information as per the law. The following technical measures are provided to maximise the safety of Our Platform:

IP Lockouts, blocking well known IP Address for hackers
Malware Scanning for any malicious attacks or any harmful files trying to be placed
Audit Logging to see all events that is happening with logs, failed loggings and file access
Firewall to prevent any bots hacking into the dashboard, accessing files or placing corrupt coding
Firewall to prevent username and password guessing with a 5 attempt lockoff if incorrectly guessed
404 Detection to spot any bots trying to randomly access any files that keep returning a 404
IP Banning that will automatically place IP’s into a block list if they are trying to access sensitive information, admin files or 404 links
WAF (Web Application Firewall) which filters requests against a highly optimized managed ruleset covering common attacks (OWASP top ten) and performs virtual patching of WordPress core, plugin, and theme vulnerabilities.
Core WordPress Login (wp-admin) removed to stop any bots or hackers accessing this well known link for wordpress
X-Frame Security, this prevents clickjacking attacks by ensuring that their content isn’t embedded into other websites.
X-XSS Protection, which protects the HTTP X-XSS-Protection response header that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks on Chrome, IE and Safari.
Strict Transport, this is inline with the X-XSS. The HTTP Strict-TransportSecurity response header (HSTS) lets a web site tell browsers that it should only be accessed using HTTPS, instead of using HTTP. This is extremely important for websites that store and process sensitive information like ECommerce stores and helps prevent Protocol Downgrade and Clickjacking attacks.

Our computers and servers are duly protected with relevant anti-virus and firewall applications against unauthorised access and/or processing, loss and/or corruption. Our email accounts are run with web-based services one.com and google mail, which are protected with appropriately enhanced credentials and We also Use Outlook 365 which Uses TSL encryption technology for all outbound messages.

How We Use Your information to make automated decisions

We do not normally make automated decisions about Your personal data since the matching of entrepreneurs on Our Platform is typically the result of specific search criteria set by users themselves. However, to enhance Your experience, We may employ automated systems to provide content and recommendations to help make Our Platform more relevant to Our Users. This may include Using algorithms to suggest potential connections or content based on Your profile information and preferences. Please note that these processes are designed to assist Your decisionmaking and do not have legal or similarly significant effects on You. You have the right to object to such processing, and where applicable, You can adjust Your preferences or settings to manage these recommendations.

YOUR RIGHTS

As provided by the data protection legislation, You have the following rights in relation to the personal data We hold about You:

The right to be informed: We are required to provide You with information on how We collect and Use Your personal data, for how long We are going to keep them, and the recipients or category of recipients with whom We share them. All said information is included in the present privacy notice;
The right of access: You have the right to make a so-called “Subject Access

Request” or SAR whereby You can request copy of the personal information We hold about You. We will not charge a fee for providing such information but if the request is manifestly unfounded or excessive, taking into account whether the request is repetitive in nature, We can refuse to provide it or We can charge a fee. Should You make a SAR to Us, We will respond within one month as provided by law.

The right to rectification: You have the right to have inaccurate / incomplete information about You rectified / completed and We have one month to respond.
The right to erasure (also known as the ‘right to be forgotten’): You have the right to request for Your personal data to be erased although it is not an absolute right and only applies in certain circumstances. We have one month to respond to such request. The right to erasure is applicable if the personal data We hold are no longer necessary, the data was obtained under Your consent and You have withdrawn it, You object to Our processing and We are Using those data for direct marketing purposes, among other circumstances. HoWever, the right of erasure cannot be applied, among other circumstances, if We are complying with a legal obligation (such as Money Laundering Regulations) or for the establishment, exercise or defence of legal claims.
The right to restrict processing: You have the right to request that Your personal data are restricted from Use while for example We are in the process of rectifying them and again We have one month to respond. During such period We can keep the data but We cannot Use them.
The right to data portability, which allows You to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its Usability.
The right to object; by which You have the right to object to the processing of Your personal data in certain circumstances. We have one month to respond and this right is absolute in respect of data processed for marketing purposes.
Rights with respect to automated decision-making and profiling. We must identify whether any of Our processing falls under this category and, if so, make sure that We inform You, introduce simple ways for You to request human intervention or challenge a decision, and carry out regular checks to make sure that Our systems are working as intended.

Please note, however, that as a general rule We are exempt from applying the above rights if it is necessary for the prevention or detection of crime, the compliance with any relevant money laundering regulations, the apprehension or prosecution of offenders or for the assessment or collection of tax or duties to the extension that it would be likely to prejudice those matters.

To exercise any of Your rights above mentioned please contact Us.

If You do not provide Your personal information or You want Us to delete Your personal data

In the event You do not wish to give Us certain personal information or You want Us to delete the personal data We hold about You, please note this may affect the way Our services are provided or it may make it impossible for Us to perform Our services altogether.

Should You want Us to delete Your personal data, We will be willing to delete all those data which We are not required to keep for a statutory or legal obligation as stated above.

CONTACT INFORMATION AND ADDITIONAL GUIDANCE

Changes to Our privacy policy

We keep this privacy notice under regular review. This privacy statement was last updated on 22/01/2024.

Any changes to Our privacy policy shall be notified to You by sending an email to the address provided by You to Us.

Contact information and further advice

For any additional information or any query feel free to contact Us by email at info@thefoundersjunction.com or by post at:

The Founders Junction Limited

86-90 Paul Street,

London, England, EC2A 4NE

Contacting the data protection authority

We seek to resolve directly all complaints about how We handle personal information, but You have the right to lodge a complaint with the Information Commissioner’s Office, whose contact details are as follows:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

United Kingdom

For users based in the EEA or in Switzerland

If You are resident in the territory of the EEA or in Switzerland, You may send any communication concerning personal data to Our representative, DataRep, as follows:

Email: datarequest@datarep.com quoting “The Founders Junction Limited” in the subject line

Online form: www.datarep.com/data –request

Post to the most convenient office

When writing to DataRep please ensure You address Your letter to DataRep and specify The Founders Junction Limited in the subject line

Country	Address
Austria	DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria
Belgium	DataRep, Place de L’Université 16, Louvain-La-Neuve, Waals Brabant, 1348, Belgium
Bulgaria	DataRep, 132 Mimi Balkanska Str., Sofia, 1540, Bulgaria
Croatia	DataRep, Ground & 9th Floor, Hoto Tower, Savska cesta 32, Zagreb, 10000, Croatia
Cyprus	DataRep, Victory House, 205 Archbishop Makarios Avenue, Limassol, 3030, Cyprus
Czech Republic	DataRep, Platan Office, 28. Října 205/45, Floor 3&4, Ostrava, 70200, Czech Republic
Denmark	DataRep, Lautruphøj 1-3, Ballerup, 2750, Denmark
Estonia	DataRep, 2^nd Floor, Tornimae 5, Tallinn, 10145, Estonia
Finland	DataRep, Luna House, 5.krs, Mannerheimintie 12 B, Helsinki, 00100, Finland
France	DataRep, 72 rue de Lessard, Rouen, 76100, France
Germany	DataRep, 3rd and 4th floor, Altmarkt 10 B/D, Dresden, 01067, Germany
Greece	DataRep, 24 Lagoumitzi str, Athens, 17671, Greece
Hungary	DataRep, President Centre, Kálmán Imre utca 1, Budapest, 1054, Hungary
Iceland	DataRep, Kalkofnsvegur 2, 3^rd Floor, 101 Reykjavík, Iceland
Ireland	DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland
Italy	DataRep, Viale Giorgio Ribotta 11, Piano 1, Rome, Lazio, 00144, Italy
Latvia	DataRep, 4th & 5th floors, 14 Terbatas Street, Riga, LV-1011, Latvia
Liechtenstein	DataRep, City Tower, Brückenkopfgasse 1/6. Stock, Graz, 8020, Austria
Lithuania	DataRep, 44A Gedimino Avenue, 01110 Vilnius, Lithuania
Luxembourg	DataRep, BPM 335368, Banzelt 4 A, 6921, Roodt-sur-Syre, Luxembourg
Malta	DataRep, Tower Business Centre, 2nd floor, Tower Street, Swatar, BKR4013, Malta
Netherlands	DataRep, Cuserstraat 93, Floor 2 and 3, Amsterdam, 1081 CN, Netherlands
Norway	DataRep, C.J. Hambros Plass 2c, Oslo, 0164, Norway
Poland	DataRep, Budynek Fronton ul Kamienna 21, Krakow, 31-403, Poland
Portugal	DataRep, Torre de Monsanto, Rua Afonso Praça 30, 7th floor, Algès, Lisbon, 1495-061, Portugal
Romania	DataRep, 15 Piaţa Charles de Gaulle, nr. 1-T, Bucureşti, Sectorul 1, 011857, Romania
Slovakia	DataRep, Apollo Business Centre II, Block E / 9th floor, 4D Prievozska, Bratislava, 821 09, Slovakia
Slovenia	DataRep, Trg. Republike 3, Floor 3, Ljubljana, 1000, Slovenia
Spain	DataRep, Calle de Manzanares 4, Madrid, 28005, Spain
Sweden	DataRep, S:t Johannesgatan 2, 4th floor, Malmo, SE – 211 46, Sweden
Switzerland	DataRep, Leutschenbachstrasse 95, ZURICH, 8050, Switzerland

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.