Legal basis for data processing & compliance with global data privacy regulations

ESG provides data to our clients and fully complies with the requirements of global privacy regulations such as GDPR etc. Our legal basis for processing and the provision of contact data is set out below. We are more than happy to discuss any aspect of data regulations, just get in touch.

ESG adheres to global privacy policies and is aligned with GDPR (European General Data Protection Regulation). ESG  enables businesses to communicate with highly targeted and verified contacts at other businesses for reasons of sales and marketing and so utilises the legitimate business interest which is an exemption under data privacy regulations such as GDPR.

In addition:

• All data is already publicly available. ESG sources information related to business profiles using proprietary AI & human efforts online, the data all being publicly available.
• ESG provides easily accessible methods to access/amend/remove data via email, web form and/or telephone contact such as proactive notice programs.
• Contact data which is collected is limited, pertains exclusively to business information, does not include any information related to minors and limits data that is strictly necessary to achieve the purposes of legitimate business interest.
• The data is validated and verified on an ongoing and very regular basis to ensure the data is accurate and up-to-date. ESG validates information to the nth degree to ensure the data is highly targeted and accurate.

Our customers operate in and from multiple territories and jurisdictions around the world. To ensure a consistent user experience, ESG has adopted the GDPR requirements to our entire platform and support it worldwide.

As a Data Processor with regards to GPPR we process and will process data of EU residents (and UK residents post-brexit) for EU (and UK residents post-brexit) as well as for companies registered world-wide.

ESG have made necessary provisions to adhere to data security and privacy at every step of data management, data accuracy, data retention and disposal, data transfer, data profiling, data sourcing and ensuring legitimate business interest. ESG has cleared the GDPR audit requirements in accordance with DPIA,to confirm that the controls are suitably designed.

ESG have implemented and revalidated processes and systems on the basis of the following key GDPR principles:

confidentiality;
legality;
reasonable purpose;
minimisation of data footprint;
accuracy;
limitation of retention.

An individual may contact us at any time and we shall work diligently to respect the choices and requests regarding the individual’s Personal Information. The purpose of the list stipulated below is to allow Users and Contacts to exercise their rights under applicable privacy and data protection regulations.

An individual may request to access his/her Personal Information and obtain a copy of any Personal Information which is being processed by ESG. In the event that an individual requests to know what Personal Information is being processed by ESG, we will provide him/her with the following information free of charge:

purposes of processing;
categories of Personal Information processed;
recipient(s) of Personal Information;
length of time during which the Personal Information will be stored;
privacy rights;
information on data transfers.

Such requests can be made by filling in relevant details here or by contacting us on the contact details displayed on this website.

An individual may request to change, update or complete any missing data we process about that individual, by filling in relevant details here or by contacting us on the contact details displayed on this website. Please note that we may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

An individual may at any time withdraw his/her consent to our processing of his/her Personal Information. In this case, if there is no overriding legitimate interest for continuing the processing of that Personal Information (e.g. to comply with our legal obligations, resolve disputes, enforce our agreements, etc.) and the Personal Information is no longer necessary in relation to the purpose for which it was originally collected, we will erase your data. Such withdrawal of consent will be made by filling in relevant details here or by contacting us on the contact details displayed on this website.

An individual may request us to restrict processing of his/her Personal Information if one of the following applies:

the accuracy of the Personal Information is contested by that individual;
the processing is unlawful;
if we no longer need the Personal Information.

Such request will be made by filling in relevant details here or by contacting us on the contact details displayed on this website.

An individual has the right to receive his/her Personal Information in a structured, commonly used and machine-readable format. Such request will be made by by filling in relevant details here or by contacting us on the contact details displayed on this website.

If an individual wishes to raise a complaint about how we have handled his/her Personal Information, we can be contacted directly at [email protected]

If an individual is not satisfied with our response or believe we are collecting or processing his/her Personal Information not in accordance with the laws, a complaint can be made to the applicable data protection authority.

Personal Information will be retained by ESG in such a way that an individual can be identified only as long as is necessary for ESG’s processing activities (“Processing Date”).

If an organisation would like a relevant Business Profiles removed from our servers or that ESG does will not disclose the Business Profile with our Users, vendors or business partners, the organisation can have that actioned by filling in relevant details here or by contacting us on the contact details displayed on this website.