The Posturnban VC (the “Organisation”) is committed to protecting and respecting your privacy. This Policy explains how your personal information is processed by the Organisation, including any affiliates listed in the Data Controllers and Contact section below (hereinafter also collectively referred to as “us”, or “we”).
This Policy covers personal information relating to you that we may collect through any medium, including specifically in relation to the investment services we provide to you, via our partners and service providers, or through our website. This policy describes how you can access and make certain choices about how we use your personal information.
We may collect and process the below listed information with respect to persons connected with the angel networking and investment services that we provide. As well as collecting personal data from our clients, we may also process personal data about relevant persons connected with the investment services, for example investors in our funds, co-investors, directors of investee startup companies, etc.
We may collect this information from a number of sources, including directly from you, via our affiliates, delegates, partners, service providers, professional advisors, or third-party entities with whom we undertake due diligence checks upon you and via automated technologies or interactions. In doing so, we will ensure that the information we collect is proportionate to our stated purposes.
Where relevant, we may collect and process personal information related to persons related to you. In such circumstances, it is your responsibility to ensure you have permission from that third-party for us to collect their information and you remain responsible for ensuring that the third-party understands how their information is being used.
We may collect and process your personal details, including your name, address, email and telephone/fax numbers, date of birth, nationality; employment details, including your employers name, your position or title and your corporate contact details; information on your financial circumstances, including your profession, income, assets and liabilities, as well as sensitive and/or criminal data as part of our standard due diligence process.
We may collect and process your contact information, including your name, address, position, email and telephone/fax numbers; financial details, including relevant details for invoicing and billing; and KYC documentation, if and where required under relevant Anti-Money Laundering, Financial Sanctions, Non-Proliferation or Counter Terrorism Financing (“AML”) legislation.
We may collect and process your personal details, including your name, address, email and telephone/fax numbers, as well as your login identification and password details; and technical information, including your IP address, browser information, and details relating to your visit behaviour on our website. Further details are provided under our ‘Cookie Policy’ heading below.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Unless specifically stated otherwise in a Privacy Notice provided to you, we use your personal information in the following ways and based upon the following lawful bases:
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. You may receive marketing communications from us if you have requested information from us or entered into a contract with us and you have not opted out of receiving that marketing. We will not share your personal data with any third party for marketing purposes. You can ask us to stop sending you marketing messages at any time following the opt-out links on any marketing message sent to you.
Where you opt out of receiving these marketing messages, this will not apply to platform related messages (for example, providing you with information on your portfolio of investments with us).
We may disclose your personal information with the following category of recipients, and based upon the legal bases and purposes set-out above:
We store your electronically held personal information on Amazon Web Services servers located in the UK/EU. Our web application is encrypted using SSL certificate and monitored for vulnerabilities by a specialist third party service, Proberly. We understand that we have to ensure that service providers do comply with GDPR requirements.
We take all reasonable steps to protect your personal information; however, where you choose to transmit your personal data to us via the internet, we do not guarantee the security of the personal information transmitted and therefore any transmission is at your own risk.
We may transfer your personal information to our affiliates, partners or service providers that are based outside of the UK/EU. In such circumstances, we will ensure that your personal information is adequately protected to UK/EU approved standards.
In certain circumstances, in relation to your data, you have:
Further details of your rights can be found at the ICO website, however, please note that your rights are subject to our overarching legal responsibilities: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you wish to exercise any of these rights, please contact the relevant data controller (listed below).
We reserve the right to retain your personal information for as long as we reasonably believe it to be necessary in order to facilitate our legitimate interests, in order for us to comply with our legal or regulatory obligations, where based upon reasons of substantial public interest, or where your personal information remains public information by your own actions. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. For further information, please contact the relevant data controller (listed below).
We may make changes to our Privacy Policy at any time and may do so without expressly notifying you of these changes. However, should the legal bases or purpose for processing your personal information changes then we shall expressly notify you.