Privacy Notice

The CAACI is committed to protecting your privacy and developing technology that gives you the most powerful and safe online experience. This Statement of Privacy applies to the CAACI’s web site at caacayman.com (or other electronic sites that may be developed) and governs data collection and usage. By using the CAACI’s website, you consent to the data practices described in this statement.

CONTACT INFORMATION

Please contact us if you have any questions about our privacy notice or about how the CAACI processes Personal Data. Please contact our Data Protection Officer (“DPO”) via the details below:

DATA PROTECTION OFFICER
Address: 205 Owens Roberts Drive,  Grand Cayman, CAYMAN ISLANDS
Email Address: dataprotection@caacayman.com
P.O. Box: P.O. Box 10277, Grand Cayman, KY1-1003, CAYMAN ISLANDS

DEFINITIONS

Data Controller: A Data Controller is the person who, alone or jointly with others determines the purposes, conditions and manner in which any Personal Data are, or are to be, processed and includes a local representative. A Data Controller can be any legal person, i.e. an individual, corporation, either aggregate or sole, or any club, society, association, public authority or other body, of one or more persons.

Data Processor: A Data Processor processes Personal Data on behalf of a Data Controller and does not itself determine why Personal Data should be processed. A Data Processor may, to a certain extent, decide on how the Personal Data should be processed.

Data Subject: A Data Subject is (a) an identified living individual; or (b) a living individual who can be identified directly or indirectly by means reasonably likely to be used by the Data Controller or by any other person.

Personal Data: Part 1 of the Cayman Islands Data Protection Act (“DPA”) defines Personal Data as any information about a living, natural person (including but not limited to information about staff or members of the public) who can be identified. However, information about sole traders, employees, partners, and company directors who are individually identifiable will still constitute Personal Data.

Examples of Personal Data include, but are not limited to, the following:

  1. First name, last name;
  2. Home contact information (including street address, personal telephone number and personal email address);
  3. Age;
  4. Gender;
  5. Citizenship;
  6. Marital status;
  7. Full credit or debit card number;
  8. Health insurance Identification (“ID”) or account number; and
  9. Bank account number and routing number.

Sensitive Personal Data: Part 1 of the DPA defines Sensitive Personal Data as any information that with unauthorised disclosure could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual. The DPA defines “Sensitive Personal Data” as Personal Data consisting of:

  1. The racial or ethnic origin of the Data Subject;
  2. The political opinions of the Data Subject;
  3. The Data Subject’s religious beliefs or other beliefs of a similar nature;
  4. Whether the Data Subject is a member of a trade union;
  5. Genetic data of the Data Subject;
  6. The Data Subject’s physical or mental health or condition;
  7. Medical data;
  8. The Data Subject’s sex life;
  9. The Data Subject’s commission, or alleged commission, of an offence; and
  10. Any proceedings for any offence committed, or alleged, to have been committed, by the Data Subject, the disposal of any such proceedings or any sentence of a court in the Cayman Islands or elsewhere.

Third Parties: Third Parties mean any person other than:

  1. The Data Subject;
  2. The Data Controller; or
  3. Any Data Processor or other person authorised to process data for the Data Controller or Data Processor.

CHANGES TO OUR PRIVACY NOTICE

This Privacy Notice was last updated in January, 2024. We have the right to update the contents of this Privacy Notice from time to time to reflect any changes in the way in which we process your Personal Data or to reflect legal requirements as these may change. In case of updates, we will post the revised Privacy Notice on our website. Changes will take effect as soon as the revised version is made available on our website.

WHAT PERSONAL DATA WE COLLECT AND WHY WE COLLECT IT

We collect several different types of information for various purposes to provide and improve our service to you. We collect the following types of data:

1. Contact Forms, Surveys, and Applications

The CAA may collect the following information when you fill out a contact form, survey, application or subscribe to our newsletter or apply for business processes via CAACI online data management portal(s):

  • Your name;
  • Contact information such as email address, phone number(s), etc.;
  • Payment data which is necessary for us to process payments and implement fraud prevention measures, including credit/debit card numbers, security codes, etc.;
  • Business details such as company name, occupation, etc.; and
  • Demographic Information such as address and postal code.

2. Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included as visitors to the website can download and extract any location data from images on the website.

3. Cookies

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no Personal Data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

4. Embedded Content from Other Websites

Pages on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content may collect data about you, use cookies, embed additional Third-Party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged into that website.

5. Google Analytics Cookies

We use Google Analytics to collect information about how you use this site. We do this to help make sure the site is meeting the needs of its users and to help us make improvements.

We use Google Analytics cookies. Cookies are small text files that are downloaded to your device by websites you visit. These cookies help us improve our site by providing us with information about how users interact with our website such as the number of visitors to the site, the pages they visit and the length of time spent on the site. These cookies do not collect information that identifies a visitor. All of the information that the cookies collect is aggregated and anonymous. You may change your browser settings to delete and block cookies. To find out how, please visit www.allaboutcookies.org .

By continuing to use this site without changing your settings you consent to our use of cookies as described above.

6. CCTV & Security Systems

The CAACI will, for the purposes of crime prevention and public safety, collect static or moving imagery via CCTV or Security Systems as a person enters the CAACI property on 205 Owen Roberts Drive, Grand Cayman, Cayman Islands. 

WHAT ARE YOUR DATA PROTECTION RIGHTS?

The Cayman Islands Data Protection Act 2021 revision (“DPA”) grants individuals a number of rights in relation to their Personal Data. We must respond to requests in relation to your rights within 30 days of receipt; however, there are some exceptions to this.

The availability of some of these rights depends on the legal basis that applies in relation to the processing of your Personal Data, and there are some other circumstances in which we may not uphold a request to exercise a right. Your rights and how they apply are described below:

  1. The right to be informed
    Your right to be informed is met by the provision of this privacy notice, and similar information when we communicate with you directly – at the point of contact.
  2. The right of access
    You have the right to obtain a copy of Personal Data that we hold about you and other information specified in the DPA, although there are exceptions to what we are obliged to disclose.
  3. The right to rectification
    You have the right to ask us to rectify any inaccurate data that we hold about