The FutureList – Step into the Future

logo-futurelist
Menu
PLATFORM ➔
Platform
Menu

Privacy Policy

Last updated APRIL 2024

The FutureList Platform Privacy Policy

Last updated June 2024

 

This policy explains:

  • who we are
  • why we collect personal data
  • what kinds of personal data we collect 
  • where we get it from
  • how we use it;
  • direct marketing;
  • who we might share it with;
  • how we store and secure it; 
  • how long we keep it; 
  • your rights; and
  • how to complain about our use of personal data.

 

WHO WE ARE

 

Sand Tech Holdings Limited (“Sand”, “we”, “us”) is a company registered in Mauritius.

Business registration number: C14117099

Registered office address: 5th Floor, The CORE Building, No. 62, ICT Avenue, Cybercity, Ebene, Mauritius

 

We act as a ‘controller’ of the personal data in The FutureList platform (www.thefuturelist.com).

 

WHY WE COLLECT PERSONAL DATA 

 

The FutureList is a platform that maps the innovation ecosystem across the world. 

 

It provides an online community and searchable database to help connect: 

  • Innovative and tech-driven companies 
  • potential investors 
  • R&D collaborators. 
  • business accelerators /innovation hubs; and 
  • other support services. 

 

The objective is to build meaningful connections and partnerships to support innovators and help them thrive. To do this, we use names and business contact details supplied by our members along with data from publicly accessible sources. 

 

We never sell personal data to anyone for any purpose. We do not give personal data to others for their own use.

HOW WE USE PERSONAL DATA ABOUT YOU

 

Under the law, we must process your data lawfully, fairly, and transparently. We rely on one of the legal bases below for processing personal data, depending on what the data is and what we use it for:

  • our legitimate interests;
  • to comply with the law;
  • your consent; or
  • to perform our contract with you (providing your user account)

 

Why we process it

Type of personal data

Our legal basis

Providing and managing access to The FutureList (www.thefuturelist.com), including user support and related communication

Identification details of registered users (e.g. name, e-mail, organisation, role) IP address and referral IP addresses, URLs for the organisation’s social media profile or company websites, organisation’s registry details (including published details about officers and shareholders)

to perform our contract with you (providing your user account)

Lead generation for organisations

Identification details of individuals related to an organisation on the platform (including the names, roles, contact details, and LinkedIn profiles of key personnel of the organisation)

consent or legitimate interest if the data is available from a publicly available source (e.g. an official company registry)

Data analysis and statistics

Identification details of registered users (e.g. name, e-mail, organisation, role), IP Address and referral IP addresses, referral URLs, user activity logs, including data on outreach and deliverability of communications, checking the quality of the data, and how users are engaging with the platform. 


Data are aggregated for this purpose.

Legitimate interest

Commercial communication with you (marketing)

Identification details (e.g. name, business e-mail, personal e-mail, geographic location, technical information (browser information, operating system information)) of registered users / individuals related to an organisation on the platform

Legitimate interest for  direct marketing of our services or other products to existing customers and registered users 

Organising marketing events and webinars

Identification details of customers/prospective founders/investors and their representatives and contact persons (e.g. full name, business e-mail, phone number, country of residence, company represented and company website)


For communication via social media (e.g. Telegram, WhatsApp, Instagram, or Facebook/Meta, Tiktok, LinkedIn), relevant profiles


Data on outreach and deliverability of communications:

– advert engagement data (e.g. views, clicks, keywords used, posts engaged with, sentiment reports) 

– Website Conversion Actions (e.g. form fills, link clicks) and user traffic source. 

– browsing patterns (e.g. , device type, operation system, number of sessions, pages viewed, time spent on website, link engagement, bounce rate) 


Image (for marketing of events; photos/videos)


IP (for webinars), user logs (e.g. for e-mail communications, for webinars)

to perform our contract with you (organising the event/webinar)


consent for collecting photos/videos at the event/webinar

For website security and to diagnose technical issues

IP address, user activity logs

To comply with the law (securing personal data from unauthorised access) and for our legitimate interest

Compliance with legal requests from public authorities, with our legal obligations, or for the establishment, exercise, or defence of legal claims

all the personal data we collect for  The FutureList

To comply with the law and for our legitimate interest

For reorganisation of our business (such as transfers, mergers, spin-off) 

Our legitimate interest

For internal collaboration and communication

Performance of a contract and our legitimate interest to improve our product and your experience




We do not collect any “special categories” of personal data as defined in the Data Protection Act 2017 (Mauritius) or the GDPR (European Union).

Some of your legal rights will depend on which legal basis we are relying on for processing. Please see the Your Rights section below.

WHERE WE GET YOUR PERSONAL DATA FROM

We collect personal data about registered website users directly from them when they register their accounts.

For organisation, we get personal data about the organisation from registered users. They can add new listings for organisations and then add details about the organisation’s personnel. 

We may add new organisations to the database ourselves. However, we will only add personal data about an individual associated with these organisations where either: 

– we have the individual’s permission; or 

– the personal data is available from a publicly accessible source, such as an official company registry

Sometimes we collect information about an organisation from third parties, including publicly accessible sources such as LinkedIn or government agencies (mainly from the official company registry). This could include, for example, the names and contact details of directors and persons with significant control.

DIRECT MARKETING

 

If you are an existing or previous client, we may send you promotional emails about goods or services that are similar to what you have bought from us before. You have the right to opt out of receiving these emails at any time by:

 

  • contacting us by email at [email protected]; or
  • using the ‘unsubscribe’ link at the bottom of the email.

 

We never sell personal data to anyone for any purpose. Also, we will not give your data to others for their own use without your permission.

 

WHO WE SHARE PERSONAL DATA WITH

The personal data held in the platform is, for the most part, available for both guest users and registered users to search and view. 

 

In addition, we may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work, such as 



  1. IT maintenance and service providers, providers of software applications through which our IT systems and document management activities are carried out (including Google workspace, especially for e-mail end document storage), as well as the hosting of these software applications,  
  2. data analysis, data statistics, surveys/feedback, customer service. We may allow selected third parties to use tracking technology on The FutureList, which will enable them to collect data about how you interact with the Services over time. This information may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity.
  3. service providers which we use for managing and allowing access to The FutureList, including our external data processor which monitors our deployment of the platform, for lead generation and for marketing communications, providers of workflow (CRM), productivity software solutions, e-mail delivery and e-mail outreach service providers, e-mail validation service providers, providers of self-service ticketing platform for live experiences. 
  4. Service providers for our internal organisational flows, such as our digital productivity, collaboration, and organizational app, video-conferencing solutions and calendar application services.  

Such third-party service providers are also not allowed to reuse your personal data for their own purposes. 

 

We sometimes share personal data with third parties as part of providing our services or to comply with our legal duties. These third parties can include:

  • public authorities. We may share your information with law enforcement agencies, public authorities or other organizations, if legally required to do so. This includes tax authorities, auditors, various categories of consultants or institutions with powers to carry out inspections and controls our activity and assets, who request us to provide information, by virtue of our legal obligations, courts, public notaries, bailiffs, official company registry;
  • group and affiliated companies. We may share your information within entities affiliated to us by common control, management or ownership; 
  • business partners. We may share your information to offer you certain products, services or promotions. We do this when we work together with our partners on a common purpose; or
  • to third party acquirers/potential acquirers and to their auditors and consultants. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. 

HOW WE STORE AND SECURE PERSONAL DATA

 

The FutureList data is held in Stockholm, Sweden, European Union. Generally, we only store data with a provider if we are satisfied they protect it with robust policies and cybersecurity measures. 

 

We have appropriate security measures to protect your personal data against misuse. Only those with a genuine business need have access to your data, and all are under a legal duty of confidentiality.

 

All external processors have contracts with us. They are required not to reuse your personal data for their own purposes unless they observe the applicable privacy requirements.

 

Transferring your personal data to other countries

 

The FutureList data is hosted in Sweden and processed by us. The FutureList will also be managed through our entity in Estonia. However, sometimes we need to send personal data to countries with less robust data protection laws, such as:

  • to another office in our corporate group. To operate The FutureList, data is regularly accessed from our offices in Mauritius and Kenya;
  • if one of our service providers is located outside Mauritius, such as in the United States of America; or
  • if you are located outside.

 

If we need to send data to a country that does not have “adequate” data protection laws according to the European Commission, we will only send the data after agreeing to the standard data protection contract clauses approved by the EC. You can see a copy of these standard clauses on the EC website here: Standard Contractual Clauses (SCC) (europa.eu). We will also take supplementary measures, if necessary, to compensate for any lack of protection afforded by the laws of the recipient country.

 

If you would like further information about data transfers to other countries please contact us.

 

HOW LONG WE KEEP PERSONAL DATA 

 

If you ask us to delete your user account, we will delete your account data promptly, as we will have 

no further use for it once you stop using the platform.

 

When we log the IP addresses of website visitors, we delete this data automatically after 30 days.

 

The remaining personal data in The FutureList is contact details of business owners and officers. 

We will keep this data until it is no longer accurate or relevant (such as where the company closes, or 

the officers change).

 

We will keep your personal data after we have finished advising or acting for you or your organisation for one of these reasons:

  • to respond to any questions, complaints made by you or on your behalf;
  • to pursue or defend legal claims;

 

When it is no longer necessary to retain your personal data, we will delete or irreversibly anonymise it.

 

If you have any questions in this regard, or any concerns about how long we keep your information for, please contact us using the details below.

 

YOUR RIGHTS

You can ask us to:

  • provide you with a copy of your personal data;
  • correct mistakes in data we hold about you;
  • delete your personal data from our records (subject to some exceptions in the Data Protection Act 2017 or another applicable privacy law);
  • restrict the processing of your personal data in some circumstances, such as where you contest the accuracy of the data; and
  • in certain situations, provide you with a copy of the personal data you provided to us in an easily portable format.

You can object: 

  • at any time to your personal data being processed for direct marketing;
  • in certain other situations, to our continued processing of your personal data, such as where 

we carry out processing based on our legitimate interests.

If we are relying on your consent (permission) to use your personal data, you can withdraw your consent any time. However, in some cases if you withdraw consent:

  • we may still process your personal data without your consent as required or permitted by law, for example to defend our legal rights or to obey a legal requirement to keep the data; or
  • we may no longer be able to provide you with goods or services (we’ll let you know when this would be the case)

COMPLAINTS

If you wish to complain about our use of personal data, we would appreciate the chance to deal with your concerns first. If you still wish to complain, please consult the Mauritius Data Protection Office  website at https://dataprotection.govmu.org/

If you are resident in the EEA (which includes the EU), the GDPR also gives you right to lodge a complaint with your local data protection regulator. 

CHANGES TO THIS PRIVACY POLICY

 

This privacy policy was published in April 2024. We periodically review this policy and we will publish any changes on this website.

HOW TO CONTACT US

 

Please contact us by post, email, or telephone if you have any questions about either this policy or the information that we hold about you:

Privacy Team 

Sand Tech Holdings Limited 

5th Floor, The CORE Building,

No. 62, ICT Avenue, Cybercity,

Ebene, Mauritius

[email protected]

 

or our 

 

Data Protection Officer

dpo@sandtech.com

 

or our

 

EU Representative

Kinstellar SPARL

8 – 10 Nicolae Iorga, Sector 1, 

010434 Bucharest, Romania

[email protected] 

 

Last updated: June 2024