Skip to content

Privacy Policy

Last updated: 1 March 2024

This Privacy Policy sets out the basis on which Coherent Capital Advisors Limited (and our affiliates) (“Coherent”, “us”, “our”, and “we”) collects personal data from you and how we process such data.

By visiting our website https://coherent.global/ (our “Site”) or using Coherent Flow, Coherent Pulse, Coherent Sonic, or Coherent Spark, (collectively our “Software”), you accept and consent to the practices and terms set out below.

1. Collection of information

1.1 For the purposes outlined in Section 2, we may collect and process the following information:

(a) Information provided by you when subscribing to and/or accessing our Software, including information about your clients and any authorized users of the Software, which may include a person’s full name, email address, and other personal data provided to us by filling in forms on our Site or submitting through our Software, or by corresponding with us (by phone, email or otherwise), for example:

(i) when you and/or your authorized users report any problem to us;

(ii) when you use certain features on our Site or our Software;

(iii) when you request any support or services from us; or

(iv) when you complete any survey or questionnaire we send you.

(b) Information we collect about you – information automatically collected when you visit our Site or use our Software, for example:

(i) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your log-in information, demographic data, browser type and version, time zone setting, browser plug-in types and versions, browsing behaviour, operating system, patterns of software (and its features) usage, usage time, user’s behaviour and platform;

(ii) information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer services number.

1.2 We only retain personal data for so long as it is necessary. Data may be archived as long as the purpose for which the data was used still exists.

1.3 Although you are not obliged to provide all the information and/or data as requested by us, in the event that certain information is not provided, it is possible that we will not be able to render certain services to you, and/or you may not be able to access certain features the Software.

2. Uses made of the information

We use information held about you for the following purposes:

(a) registering, and administrating your subscription account with us;

(b) providing, evaluating, improving and developing our services;

(c ) Researching, designing and launching new features, products or software;

(d) presenting content and information on our Site and our Software in the most effective manner for you and for the device you use;

(e) processing payment instructions;

(f) providing you with alerts, updates, materials or information about our services, products, software or other types of information that you requested or signed up to;

(g) responding or taking part in legal proceedings, including but not limited to seeking professional advice from legal or accounting professionals;

(h) complying with applicable laws, rules and regulations;

(i) communicating with you and responding to your questions or requests; and

(j) purposes directly related or incidental to the above.

3. Disclosure of your information

We will keep personal data that we hold confidential but you acknowledge and agree that for the purpose of providing our Software and services to you, we may provide information, on a need-to-know basis, to:

(a) any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries;

(b) personnel, agents, advisers, auditors, contractors, financial institutions, and other third-party information technology, data management service providers and related entities in connection with our operations or services (for example staff engaged in the provision of support services), some of which may be located abroad;

(c ) our overseas offices, affiliates, business partners and counterparts;

(d) persons under a duty of confidentiality to us for the purpose of seeking professional advice;

(e) persons to whom we are required to make disclosure under applicable laws and regulationsin any part of the world;

(f) actual or proposed transferees of our operations (or a substantial part thereof) in any part of the world; or

(g) at the Company's operating offices and in any other places where the parties involved in the processing or your information, including personal data, is processed, are located. This means that this information may be transferred to, and maintained on,  computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to such transfer if and where applicable.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

4. Cookies

4.1 Our Site uses cookies to distinguish you from other users of the Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve our Site.

4.2 A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree to the use of cookies.

4.3 We use persistent cookies and session cookies. Persistent cookies stay in your browser and will be read by us when you return to our Site or a partnering site that uses our services. Session cookies only last for as long as the session (usually limited to the current visit to our Site or a browser session).

4.4 We use the following cookies:

(a) Strictly necessary cookies – These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to access secured areas of our Site, use a shopping cart, make use of e-billing services or give payment instructions.

(b) Analytical/performance cookies – They allow us to recognise and count the number of visitors to the Site and to see how visitors navigate our Site when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily.

(c ) Functionality cookies – These are used to recognise you when you return to our Site. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

4.5 You can block cookies by activating the relevant settings on your browser that allow you to disable cookies. However, if you do so, you may not be able to enjoy our Site in its entirety or access to all or parts of our Site.

4.6 We may use third-party web services on our Site. The service providers that administer these services may use technologies such as cookies (which are likely to be analytical/performance cookies or targeting cookies), web server logs and web beacons to help us analysing how visitors use our Site and optimising the content to your interests. As such, the information collected through these means (including IP addresses) may be disclosed to these service providers. These data analytics services may use the data collected to contextualise and personalise the marketing materials of their own advertising network that would not be directed to you.

5. Third-party sites

Our Site, our Software or our communication with you may from time to time contain links to third-party websites over which we have no control. We do not endorse or will not be responsible for any linked third-party websites. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies, website’s terms and cookie policy of these websites to understand your rights and how use of these websites may affect you. We accept no responsibility or liability for any practices or contents of third-party websites, in particular on their accuracy, timeliness or continued availability or existence of such content.

6. Security

6.1 All information you provide to us will be stored on our secure servers which may be located in any parts of the world.

6.2 Any payment transactions will be encrypted using TLS/SSL technology.

6.3 Where we have given you (or where you have chosen) a password that enables you to access certain parts of the Site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

6.4 We restrict access to personal information to our employees, authorized service providers and contractors on a strictly need-to-know basis and ensure that those persons are subject to contractual confidentiality obligations.

6.5 We shall review our internal personal information collection, storage and processing practices from time to time to safeguard against unauthorised access, processing or use and to ensure compliance with the applicable privacy laws (including the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”)) and regulations.

6.6 You acknowledge and agree that the transmission of information over the Internet will not be completely secure. Although we will do our best in implementing reasonably suitable measures to protect your personal data, we cannot guarantee the security of your data transmitted to or through our Site; any transmission is at your own risk.

7. Your rights

7.1 You have the right to:

(a) check with us whether we hold personal data about you;

(b) access any personal data we hold about you;

(c ) require us to correct, rectify, object and/or delete your personal data we and/or the aforesaid authorized third-party hold about you; and

(d) to withdraw any consent which you have provided in respect of your personal data.

7.2 Any request under Section 7.1 can be made by writing to us at DPO@coherent.global. Please note, requests from a data subject that are manifestly unfounded or excessive, may be subject to a reasonable fee taking into account administrative costs.

8. Children’s Privacy

Our service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If uou are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from anyone under the age of 13 without verification of parental consent, we will take steps to remove that information from our servers.

If we need to rely on consent as a legal basis for processing your information and your country requires consent from a parent, we may require your parent's consent before we collect and use that information

9. Correcting Inaccurate or Incomplete Data

Pursuant to Article 5(d) of GDPR, all data held and processed by us are reviewed and verified as being accurate wherever possible and is always kept up to date. Where inconsistencies are identified and/or where the data subject or controller informs us that the data we hold is inaccurate, we will take every reasonable step to ensure that such inaccuracies are corrected.

Requests for corrections should be made to DPO@coherent.global.

Our Data Protection Officer is notified of the data subject’s request to update personal data and we are responsible for validating the information and rectifying errors where we have been notified. The information is altered as directed by the data subject, with the information audit being checked to ensure that all data relating to the subject is updated were incomplete or inaccurate.

Where notified of inaccurate data by the data subject, we will rectify the error within 30 days and inform any third party of the rectification if we have disclosed such personal data o them. The data subject is informed in writing of the correction and, where applicable, is provided with the details of any third party to whom the data has been disclosed.

If, for any reason, we are unable to act in response to a request for rectification and/or completion, we provide a written explanation to the individual and inform them of their right to complain to the Supervisory Authority and to a judicial remedy.

10. Disk Encryption

We utilise encryption as a further risk prevention measure for securing the personal data which we hold.

We utilise encryption for transferring personal data to any external party. Where special category information is being transferred and/or disclosed, our Data Protection Officer is required to authorise the transfer and review the encryption method for compliance and accuracy.

11. Erasure of PII

We comply fully with Article 5(e) of GDPR, also known as ‘The Right to be Forgotten’, and ensures that personal data which identifies a data subject is not kept longer than is necessary for the purposes for which such personal data is processed.

All personal data obtained and processed by us is categorised when assessed by the information audit and is either given an erasure date or is monitored so that it can be destroyed when no longer necessary.

We will hold your data for as long as it is required to fulfil our contract with or obligation to you.

12. The Right To Access

We have implemented appropriate measures designed to provide the information referred to in Articles 13/14 of GDPR and any communication under Articles 15 to 22 and 34 of GDPR (collectively, The Rights of Data Subjects), in a concise, transparent, intelligible and easily accessible form, using clear and plain language.

Requests for data should be sent by e-mail to DPO@coherent.global.

Information is provided to the data subject without delay, and within one calendar month from the date the request is received. Where the retrieval or provision of information is particularly complex or the requests are numerous, the period may be extended by two further calendar months. However, the data subject will be kept informed in writing throughout the retrieval process in that event, with explanations about why any extensions are necessary.

Where we do not comply with a request for data provision, the data subject is informed of the reason(s) for the refusal and of their right to lodge a complaint with the Supervisory Authority and to a judicial remedy.

13. Information Audit

To enable us to fully prepare for and comply with applicable data protection laws, we have carried out a company-wide data protection information audit to better enable us to record, categorise and protect the personal data that we hold and process.

The audit has identified, categorised and recorded all personal information obtained, processed and shared by us in our capacity as a controller/processor and has been compiled on a central register which includes: –

• What personal data do we hold

• Where it came from

• Who do we share it with

• Legal basis for processing it

• What format(s) is it in

• Who is responsible for it

• Disclosures and transfers

14. Data Subject Notification

Each of our service/entity will, when required by applicable law or contract, or

where it considers that it is reasonably appropriate to do so, provide data subjects with information as to the purpose of the processing of their personal data. When the data subject is asked to give consent to the processing of personal data and when any personal data is collected from the data subject, all appropriate disclosures will be made, in a manner that draws attention to them, unless one of the following apply:

  • The data subject already has such information; or
  • A legal exemption applies to the requirements for disclosure and/or consent.

The disclosures may be given orally, electronically or in writing. If given orally, the person making the disclosures should use a suitable script or form approved in advance by the Data Protection Officer. The associated receipt or form should be retained, along with a record of the facts, date, content, and method of disclosure.

15. Law Enforcement Requests & Disclosures

In certain circumstances, it is permitted that personal data be shared without the knowledge or consent of a data subject. This is the case where the disclosure of the personal data is necessary for any of the following purposes:

• The prevention or detection of crime.

• The apprehension or prosecution of offenders.

• The assessment or collection of a tax or duty.

• By the order of a court or by any rule of law.

If any of our service/entity processes personal data for one of these purposes, then it may apply an exception to the processing rules outlined in this policy but only to the extent that not doing so would be likely to prejudice the case in question.

16. Data Minimisation

We only ever obtain, retain, process and share the data that is essential for carrying out our services and/or meeting our legal obligations and only retain data for as long as is necessary.

Our systems, employees, processes and activities are designed to limit the collection of personal information to that which is directly relevant and necessary to accomplish the specified purpose. Data minimisation enables us to reduce data protection risks and breaches and supports our compliance with data protection laws.

Measures to ensure that only the necessary data is collected include:

• Electronic collection (i.e., forms, website, surveys etc.,) only have the fields that are relevant to the purpose of collection and subsequent processing.

• We have destruction procedures in place where a data subject or third-party provides us with personal information that is surplus to the requirement.

• Forms, contact pages and any documents used to collect personal information are reviewed to ensure they are fit for purpose and only obtaining necessary personal information about the legal basis being relied on and the purpose of processing.

17. PII Portability

We provide all personal information pertaining to the data subject to them on request and in a format that is easy to disclose and read. We ensure that we comply with the data portability rights of individuals by ensuring that all personal data is readily available enabling data subjects to obtain and reuse their personal data for their own purposes across different services.

Where requested by a data subject and if the criteria meet the above conditions, we will transmit the personal data directly from us to a designated controller, where technically feasible.

18. Audits & Monitoring

Our Data Protection Officer has overall responsibility for assessing, testing, reviewing and improving the processes, measures and controls in place and reporting improvement action plans to our Senior Management Team where applicable. Data minimisation methods are frequently reviewed, and new technologies are assessed to ensure that we are use reasonable efforts to protectdata and individuals.

All reviews, audits by our Data Protection Officer and copies are provided to our Senior Management and are made readily available to the Supervisory Authority where requested.

19. Automated Information Collection

We may connect information collected automatically with information we already have about you in order to identify you as a Coherent Guest. If we are able to identify you as a Target Guest we may, for example, link your activity on our website to your activity in a Target store or on one of our mobile application(s). This allows us to provide you with a personalized experience regardless of how you interact with us – online, in store, mobile, etc.

In order to provide an optimized Guest experience possible and run our business operations, we also use automated information collection technologies for reporting and analysis purposes. We examine metrics such as how you are shopping on our website, in our stores, the performance of our marketing efforts, and your response to those marketing efforts.

20. Changes to our privacy policy

We may amend this policy from time to time by posting the updated policy on our Site. By continuing to use our Site and our Software after the changes come into effect, it means that you agree to be bound by the revised policy. We encourage you periodically to check this Site to learn about the information we collect, use, and disclose. Your continued use of any of our digital properties, products or services affirms your agreement to such changes.

21. Contact us

If you have any questions, comments or requests regarding personal data, please address them to us by sending us an email at DPO@coherent.global.