- Privacy Notice
The Cayman Islands Real Estate Brokers Association or any of its subsidiaries (collectively, CIREBA) is committed to being a responsible custodian of the information you provide to us and the information we collect in the course of operating our business and providing real estate services.
Wherever we have said “we”, “our” or “us”, we mean CIREBA.
Where there is any conflict between the terms of this Privacy Notice and any other document in relation to data protection the terms of this Privacy Notice shall prevail, although its contents are not contractual.
An “individual connected to you” could be any guarantor, a director, officer or employee of a company, partners or members of a partnership, any substantial owner, controlling person, or beneficial owner, trustee, settlor or protector of a trust, account holder of a designated account, recipient of a designated payment, your attorney or representative (e.g. authorised signatories), agent or nominee, or any other persons or entities with whom you have a relationship that is relevant to your relationship with us. Whenever we say “you”, “individuals connected to you” should be read as included as well.
For the purpose of this Privacy Notice, CIREBA will act as data controller in accordance with the Cayman Islands Data Protection Law (as amended from time to time) (the “Law”).
Please ensure that any relevant individuals are made aware of this Privacy Notice and the individual rights and information it sets out, prior to providing their information to us or our obtaining their information from another source. If you, or anyone else on your behalf, has provided or provides information on an individual connected to you, you or they must first ensure that you or they have the authority and appropriate legal basis to do so.
This Privacy Notice is concerned with personal data we collect about you. Personal data means any data by which you as an individual can be directly or indirectly (e.g. if several pieces of data are combined) identified. Data which is completely anonymised or de-personalised will not count as personal data.
Some of the personal data we hold about you will have been supplied by yourself. Other personal data may have come from your solicitors, broker or other intermediary, or other sources you’ve asked us to obtain information from. We might also get some personal data from publicly available sources.
We will usually collect personal data such as:
In addition to the above, in relation to our Website www.cirebarentals.com we may also collect:
Please note that the Website is not designed or intended for children and we do not knowingly collect data relating to children.
We may also collect certain types of sensitive or special category data about you, such as details about any criminal records or information about your health, political affiliations, ethnicity or religious beliefs.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Based on the reasons for using your data noted above, the purposes for which we use your information commonly include:
To permit selected third parties:
(consent; legitimate interests)
We may collect information about your computer (or mobile device), including where available your IP address, operating system and browser type, for system administration or for our own commercial purposes. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
We may share relevant personal data of yours with other parties where it is lawful to do so, including where:
Parties we might share your personal data with can include (without limitation):
We might share aggregated and/or anonymised or de-personalised data with third parties for analytics, marketing and research purposes. Where we do so, we will ensure that neither you nor any other person will be identifiable from the data.
We keep personal data only for as long as it is necessary for the specific purpose the data was collected for or as long as we are required by applicable laws and regulation. We are generally required to retain its records for at least six (6) years from the date the contractual relationship with you ends or potentially longer, depending on the kind of data and relevant laws and regulations applicable to it.
We may keep personal data likewise for longer periods where we have a legitimate interest for doing so, for instance to address complaints, assert or defend our rights in litigation or other dispute resolution procedures or to respond to requests from regulators or assist judicial authorities.
Any information we are not required to hold for any minimum period and for which there is no purpose in us holding it anymore will be deleted, destroyed or returned to you more promptly.
Where we share your personal data with third parties, the privacy notices and laws and regulations of the third party will determine how long they will have to retain your data.
Where we have to transfer personal data outside of the Cayman Islands we will ensure that the transfer is lawful and that the data is appropriately secure and protected. Where necessary, we will ensure that separate and appropriate legal agreements are put in place with the recipient of that data.
Reasons for having to transfer your personal data outside the Cayman Islands may include:
In some countries the law might compel us to share certain information (e.g. with tax authorities). We will only share any information with parties who have the lawful authority and right to see it and only to the extent that such parties are permitted to see it.
As an individual or “data subject”, you have certain rights in relation to your personal data. These rights include:
You also have the right to complain to the data protection regulator in the Cayman Islands, which is the Office of the Ombudsman. You can access their website here: ombudsman.ky
You may also be able to seek redress for any violation of your data protection rights in the Cayman Islands courts or challenge a decision by the regulator.
Please ensure that any data you give us or ask third parties to provide to us is up to date, accurate and complete in all respects. Please inform us about any changes as soon as reasonably possible.
We use a range of measures to keep information safe and secure which may include encryption and other forms of security. We require our staff and any third parties who carry out any work on our behalf to comply with appropriate compliance standards including obligations to protect any information and applying appropriate measures for the use and transfer of information. If you wish to know more about our data protection measures, please contact us (details provided below).
This Privacy Notice is governed by the laws of the Cayman Islands. Any dispute arising from or in connection with this Privacy Notice is subject to the exclusive jurisdiction of the Cayman Islands courts.
For any further questions or queries in relation to this Privacy Notice, please get in touch with your usual CIREBA contact or email: email@example.com.
You can also request data removal via the form on our Data Removal Request page.