We will only disclose personal information to others for business purposes and when legally permitted. When we disclose information to others, we put contractual arrangements and security mechanisms in place to protect the information and comply with our information protection, confidentiality and security standards. In addition to any information disclosure practices described in the relevant section under Our processing activities, we disclose personal information to the following categories of recipients:
• Other Deslyon member organisations
– For details of our member organisations’ locations, please click here.
– We may disclose personal information to other Deslyon member organisations where necessary for administrative purposes and to provide professional services to our clients (e.g., when providing services involving advice from Deslyon member organisations in different territories).
– We store personal information on our or other Deslyon member organisations’ servers in the United States, EU and Africa.
IT support, and services are provided by Deslyon’s IT services.
• Third-party organisations that provide us with applications/functionality, data processing or IT services. We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems – for example, providers of information technology, cloud-based software-as-a-service, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in data centres worldwide, and personal information may be stored in any of them. Further details of these providers are set out below.
Microsoft Corporation Cloud Services One Microsoft Way, Redmond, WA 98052, USA
Data centres are located in several locations around the world (see Microsoft website)
• Auditors, professional advisors and insurers
We engage auditors and other professional advisors, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice concerning the running of our business. Personal information may be disclosed to these auditors and other advisors as necessary concerning the products and services they have been engaged to provide. We also have several business insurance policies in place, and we may need to disclose personal
information to the insurer, for example, in the event of a claim.
• Law enforcement or other government and regulatory agencies or other third parties as required by applicable law or regulation
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal information, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, and to establish, exercise or defend legal rights. We will only fulfil requests for personal information where we are permitted to do so following applicable law or regulation.
• Third-party organisations in connection with a corporate transaction
We may disclose personal information to a third party as necessary concerning a corporate reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or capital.