Privacy Policy

ROI Land Investments Ltd. and
its subsidiaries and affiliates (following ROI) respect your concerns about
privacy. ROI is strongly committed to protecting personal data. This privacy policy
describes why and how we collect and use personal data and provides information
about individuals’ rights in relation to personal data. It applies to personal
data provided to us, both by individuals themselves or by others. We may use
personal data provided to us for any of the purposes described in this privacy policy
or as otherwise stated at the point of collection.

In this Privacy Policy “ROI”
refers to the following legal entities:

  • ROI Land Investments Ltd.

630 Fifth Avenue, 20th Floor, New York, NY 10111

  • ROI Dev Canada Inc.

4388, rue Saint-Denis, Suite 200, Montreal QC H2J 2L1

  • ROI Securitisation SA

1b Rue Jean Piret, L-2350
Luxembourg

Protection of Personal Information 

We have implemented generally
accepted standards of technology and operational security in order to protect
personal information from loss, misuse, alteration, access, disclosure or
destruction. Only authorized persons are provided access to personal
information; such individuals have agreed to maintain the confidentiality of
this information.

Although we use appropriate
security measures once we have received your personal data, the transmission of
data over the internet (including by e-mail) is never completely secure. We
endeavor to protect personal data, but we cannot guarantee the security of data
transmitted to or by us.

Legal grounds

Your local law may require us to set out the legal grounds on which we rely in order to process your personal information. In such cases, we rely on one or more of the following processing conditions:

  • to perform our obligations under a contractual arrangement with you;     
  • our legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our businesses;
  • our legitimate interests in developing and improving our businesses, services and offerings and in developing new offerings;
  • to satisfy any requirement of law, regulation or professional body of which we might be a member; or
  • where no other processing condition is available, if you have agreed to us processing your personal information for the relevant purpose.

Collection and Use of personal
data

ROI collects
only the personal data necessary for agreed purposes and we ask to only share
personal data with us where it is strictly needed for those purposes.

Where we need to process personal data, including
personal data from our own staff, to provide services or to receive services
from our suppliers, we ask to provide the necessary information to the data
subjects regarding its use. Given the diversity
of the services we provide, we process many categories of personal data:

The categories
of personal data processed by us in relation to the services we provide are
generally:

  • Personal details (e.g. name, date of birth, gender,
    marital status, country of residence);
  • Contact details (e.g. email address, contact number,
    postal address);
  • Financial details (e.g. salary, payroll details and
    other financial-related details such as income, investments and other financial
    interests, benefits, tax status);
  • Banking details (e.g. Bank, account number)
  • Job details (e.g. role, grade, experience)
  • Technology details (e.g for using Guest WiFi, Login
    credentials).

We use personal
data for the following purposes:

  • Providing our products and services
  • Operate, evaluate, and improve our business
  • Security, quality and risk management activities
  • Providing stakeholders and prospective stakeholders
    with information about us and our range of services
  • Perform data analyses
  • Comply with and enforce applicable legal requirements,
    relevant industry standards, and our policies

We retain the
personal data processed by us for as long as necessary for the purpose for
which it was collected. Personal data may be held for longer periods where
extended retention periods are required by law or regulation and in order to
establish, exercise or defend our legal rights.

We might provide
users access to applications. Such applications will contain their own privacy
statements explaining why and how personal data is collected and processed by
those applications. We encourage individuals using our applications to refer to
the privacy statements available on those applications.

We may transfer
the personal information we collect about you to recipients in countries other
than the country in which the information originally was collected.

This includes
countries outside the European Economic Area (EEA). Where we collect your
personal information within the EEA, transfer outside the EEA will be only:

  • to a recipient
    located in a country which provides an adequate level of protection for your
    personal information; and/or
  • under an
    agreement which satisfies EU requirements for the transfer of personal data to
    data processors.

Legal rights

You may have
certain rights under your local law in relation to the personal information we
hold about you. In particular, you may have a legal right to

  • obtain confirmation as to whether we process personal
    data about you, receive a copy of your personal data and obtain certain other
    information about how and why we process your personal data
  • the right to request for your personal data to be
    amended or rectified where it is inaccurate (for example, if you change your
    address) and to have incomplete personal data completed
  • the right to delete your personal data in cases
    including, but not limited to:

    • it is no longer necessary in relation to the purposes
      for which they were collected and processed;
    • the legal ground for processing is consent, you
      withdraw consent and we have no other lawful basis for the processing;
    • the objection to processing for direct marketing
      purposes;
    • personal data has been unlawfully processed; or
    • your personal data must be erased to comply with a
      legal obligation to which we are subject.
  • The right to restrict personal data processing including,
    but not limited to the following cases:

    • for a period enabling ROI to verify the accuracy of
      personal data where you contested the accuracy of the personal data;
    • personal data are no longer necessary for the purposes
      for which they were collected and processed but the personal data is required by
      you to establish, exercise or defend legal claims; or
    • for a period enabling us to verify whether the
      legitimate grounds relied on by us override your interests where you have
      objected to processing based on it being necessary for the pursuit of a legitimate
      interest identified by us.
  • The right to object to the processing of your personal
    data in the following cases:

    • our legal ground for processing is that the processing
      is necessary for a legitimate interest pursued by us or a third party; or
    • our processing is for direct marketing purposes.
  • The right to data portability: You have the right to
    receive your personal data provided by you to us and the right to send the data
    to another organisation if technically feasible where our lawful basis for processing
    the personal data is consent or necessity for the performance of our contract
    with you and the processing is carried out by automated means.

Disclosure

ROI shares
Personal Data with its affiliates and subsidiaries. We do not sell or otherwise
disclose personal information we collect about you, except as described
hereafter. We may disclose personal information in cases including but not
limited to:

  • with service
    providers in connection with the operation of this Website and our company,
    including website hosting, the provision of our services, and promotional
    material distribution. We do not authorize these service providers to use or
    disclose the information except as necessary to perform services we asked them
    to perform or comply with legal requirements.
  • when explicitly
    requested by you;
  • To law
    enforcement, regulatory and other government agencies and to professional
    bodies, as required by and/or in accordance with applicable law or regulation. We
    may also review and use your personal information to determine whether
    disclosure is required or permitted.

Third Party
Providers

ROI may transfer
or disclose the collected personal data to third party contractors,
subcontractors, and/or their subsidiaries and affiliates. Third parties support
ROI in providing its services and help provide, run and manage IT systems. For
example ROI uses providers of identity management, website hosting and
management, data analysis, data backup, security and cloud storage services.
The servers powering and facilitating our IT infrastructure are located in
secure data centres around the world, and personal data may be stored in any
one of them.

Links

Our Website may
provide links to other websites or apps for your convenience and information.
These websites may operate independently from us. Linked sites and apps may
have their own privacy notices or policies, which we strongly suggest you review.
To the extent any linked websites are not owned or controlled by us, we are not
responsible for the websites’ or apps’ content, any use of the websites or
apps, or the privacy practices of the websites or apps.

Please submit a request to exercise
a legal right in relation to your personal data, or an enquiry if you have a
question or complaint about the handling of your personal data.