Privacy Statement

Version: 2024.09.01

Scaler Global Inc. and its various affiliated companies (collectively 'Scaler', 'we', 'us', or 'our') offer software to her customers that provides unique insights into the overall ESG performance of their real estate portfolio. Scaler is the responsible party for processing personal data. Scaler respects your privacy. This privacy statement is intended to inform you, as a user of the Scaler platform and website scalerglobal.com, about which personal data will be collected, how this data will be used and for which purposes. This privacy statement applies to all affiliated entities of Scaler, unless a separate statement has been set forth. We apply similar data protection standards to all individuals regardless of nationality, geographic location, or data source. As a general principle, personal data is used when necessary to achieve a purpose, the persons whose data it concerns are properly informed, and there are legal grounds to do so. All activities involving personal data will be checked against the EU’s GDPR or other applicable (local) laws.

For additional information about the protection of personal data regarding the GDPR, please visit the website https://www.edpb.europa.eu/about-edpb/about-edpb/members_en. Scalerglobal.com is not intended for children and Scaler does not knowingly collect data relating to children.

Collection of data

Your personal data will be collected by Scaler Personal data means any information relating to an identified or identifiable natural person. The categories of personal data we may process about you depend on your relationship with us: for example, we process different personal data about Users of our platform than we do about job applicants. Below, we explain for each category of data subjects which personal data we may process and for what purposes.

All our processing is based on one of the following legal grounds:

  • a) The processing takes place with your consent.
  • b) The processing is necessary for the performance of a contract with you or in the pre-contractual phase.
  • c) The processing is necessary for compliance with a legal obligation on our part.
  • d) The processing is necessary for the protection of our legitimate interests or those of a third party, provided that your interests do not override those interests.
  • e) To ensure that the content on the website is presented in the most effective manner.

Below, we explain for each category of data subjects which personal data we may process and for what purposes. For each processing purpose, we indicate the legal ground on which we base the processing by using a letter that corresponds to the above overview.

Users

Regarding information about our Users (of the Scaler Platform), including their employees and other contacts, we may process the following categories of personal data:

  • Name, title, job title
  • Home and work (IP) address, email address, location
  • Phone number
  • Information about your company, such as Chamber of Commerce and VAT numbers
  • Correspondence, such as letters and emails and other means of correspondence
  • Financial information, such as account details and our invoices to you

We process this personal data for the following purposes, with the following legal grounds: Making our platform available to fulfill our obligations(a,b), Invoicing (b,d), Managing and (conducting) audits of our administration (c, d), Complying with our legal obligations (b, c).

Applicants

For individuals applying to us, we may process the following categories of personal data:

  • Name, title, job title
  • Home and work address, email address
  • Phone number, fax number
  • Date and place of birth, gender
  • Education, current and previous positions
  • Names of references
  • Social media profile addresses (e.g., LinkedIn)
  • Correspondence, such as letters and emails
  • Other personal data you provide, for example, in your resume

We process this personal data for the following purposes, with the following legal grounds: Assessing your suitability (b, d), Determining and sending an offer (b, d), Complying with our legal obligations (c, d).

Website visitors and social media

Regarding the visitors to our website and the subscribers to our newsletter or social media, we may process the following categories of personal data:

  • Email address of newsletter subscribers
  • Social media profile data
  • Data on visitor behavior, such as pages visited on our website, time spent on our website, and the page visited before arriving on our website, through a Google Analytics cookie.

We process this personal data for the following purposes, with the following legal grounds: Informing about our activities (b, d), Ensuring the optimal functioning of our website and tailoring it to the behavior of our visitors (d), Complying with our legal obligations (c, d).

Other parties

Regarding other parties, such as, suppliers, referees, potential Users, and referrers, we may process the following categories of personal data:

  • Name, title, job title
  • Home and work (ip) address, email address
  • Phone number
  • Information about your company, such as Chamber of Commerce and VAT numbers
  • Correspondence, such as letters and emails and other means of correspondence
  • Financial information, such as account details and our invoices to you
  • Other personal data we have obtained from you or collected from public sources that are relevant to our relationship with you

We process this personal data for the following purposes, with the following legal grounds: Providing our services (d), Fulfilling our obligations towards you (b), Informing about our activities, acquisition (a, b, d), Purchasing products and services (b, d), Managing and (conducting) audits of our administration (c, d), Complying with our legal obligations (c, d).

Your rights regarding information

You have the right of information on and access to, and rectification, erasure, opt-out and restriction of processing of your personal data, as well as the right to object to the processing and the right to data portability (unless we're legally required to keep your personal data). If you have any questions, comments or concerns about how Scaler handles personal data or if you wish to make use of your rights described above, please contact Scaler at info@scalerglobal.com.

Data recipients

We will disclose your personal data to third parties as little as possible. In some cases, however, we may be required to disclose information to third parties, for example, legislation requires it or to the extent necessary for the purposes mentioned above.

With regard to the above purposes (see ‘website visitors’ and ‘Users’), it may be necessary to disclose data to technical service providers (subcontractors) that Scaler may engage for the website and platform, particularly, but not limited to, hosts, technical solutions or information about the use of our website (e.g. Google analytics, see below).

In such cases, we will not disclose more personal data than is necessary and we will comply with the requirements of the GDPR.

Cookies

Scaler places small data files, called cookies, or similar technologies on your browser. A cookie is a small text file saved on your computer or mobile device when you visit a website. The next time you visit the website, the cookies allow Scaler to recognise your device and/or read back settings that were stored in the previous session. It enables Scaler to adjust to your needs and it facilitates you to log in on our website.

Furthermore, we use functional cookies to collect data on visitor behavior, such as pages visited on our website, the time spent on our website, and the page you visited before arriving on our website, using a Google Analytics cookie. Google processes only a portion of your IP address and does not use your data for its own purposes.

Legal obligations

In case of infringement of any law or regulation, of which a visitor is suspected and for which the authorities require the personal data collected by Scaler, they will be provided to them after an explicit and reasoned request of those authorities, after which these personal data do not fall anymore under the protection of the provisions of this Privacy policy.

Retention Period

We do not retain your personal data longer than necessary for the purposes mentioned above or to comply with laws and regulations.

Changes to this Policy

Scaler reserves the right to change this Privacy Policy from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Policy. Contact information Please feel free to contact us if you have any questions about Scaler’s Privacy Policy or the information practices of the services. You may contact us as follows: info@scalerglobal.com

International Data Transfers

Scaler and its parent/subsidiary companies operate offices outside and inside of the European Economic Area (“EEA”), Switzerland and the United Kingdom. User data or personal data may be transferred or made accessible outside the EEA, Switzerland and the United Kingdom, but only after ensuring secure transfer and access. Among other measures, we ensure that your personal data is protected as well as possible by making contractual arrangements, in accordance with the requirements of the GDPR.

Scaler Global Inc. ("Scaler") complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), (together “DPF”), as set forth by the U.S. Department of Commerce. Scaler has (self-)certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Scaler has (self-)certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

To learn more about the Data Privacy Framework, we refer you to the Data Privacy Framework website. Under the Data Privacy Framework, we are responsible for the processing of personal information we receive and subsequently transfers to a service provider acting as a (sub)processor or agent on its behalf. We are liable for ensuring that the third parties we engage support our DPF commitments. The U.S. Federal Trade Commission has regulatory enforcement authority and jurisdiction over Scaler’s compliance with and processing of personal information received or transferred pursuant to the EU-U.S. Data Privacy Framework, and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework. Scaler commits to cooperate and comply with the advice of the regulatory authorities to whom you may raise a concern about our processing of personal information about you pursuant to the regulations ad the Data Privacy Framework.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Scaler commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to the Data Protection Authority that is relevant for you. If you do not receive timely acknowledgment/reaction to your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the website of the EU/EEA Member State data protection authority, Gibraltar Regulatory Authority, UK Information Commissioner’s Office (ICO) or the Swiss Federal Data Protection and Information Commissioner to file a complaint or for more information. The services of the DPAs are provided at no cost to you.

Under certain conditions, described more fully on the Data Privacy Framework website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Additional Information for Certain Jurisdictions

California USA

If you are a resident of California USA, this section applies to you in addition to the rest of the privacy policy.

The California Consumer Privacy Act (as amended by the California Privacy Rights Act) requires businesses to disclose whether they sell or share Personal Data. Scaler does not sell Personal Data. We may share personal data (e.g. in the form of identifiers and internet activity information) or we may allow third parties to collect personal data from our sites or services to technical service providers (subcontractors) that Scaler may engage for the website and platform, particularly, but not limited to, hosts, technical solutions or information about the use of our website (e.g. Google analytics, see above). But only if those third parties are authorised service providers who have agreed to our contractual limitations as to their retention, use, and disclosure of such personal data. See above for the categories of personal data that we disclose for certain business purposes.

California law grants state residents certain rights, including the rights to know and access specific types of Personal Data, to request deletion of Personal Data, to learn how we process Personal Data, to request correction of Personal Data, to opt-out of sharing your Personal Data, and not to be denied services for exercising these rights. We do not discriminate against California residents who exercise any of their rights described in our privacy policy. You may submit a request to exercise your California Consumer Rights by emailing info@scalerglobal.com. We will need to verify your identity before processing your request, which may require us to request additional personal information from you or require you to log into your account, if you have one.

You may appoint an authorized agent to make a request on your behalf to access or delete your personal information (via above email address). To do this, you must: provide the authorized agent with written and signed authorization to submit the request and verify your identity directly with us. Please note that we may reject requests from an authorized agent if they do not provide proof of your authorization to act on your behalf.