GD1 Management (Fund II) Limited, via various investment vehicles (including any subsidiaries or affiliates of GD1 Management (Fund II) Limited, including but not limited to (i) GD1 Fund II (GP) Limited as general partner of a GD1 Fund II LP; and (ii) TGF GP Limited as the general partner of Technology Growth Fund LP) (together the “GD1“, “we“, “us“, “our“), invests in early stage concepts and ventures.
To enable us to make such investments it is necessary to process personal data, from time to time. We are committed to protecting your personal data and using it in compliance with Data Protection Legislation.
- your information is sometimes called “personal data“;
- we may also sometimes collectively refer to handling, collecting, protecting and storing your personal data as “processing” such personal data; and
- the term “Data Protection Legislation” means any legislation relating to privacy or data protection which is applicable to GD1.
For the purposes of Data Protection Legislation each GD1 entity is a controller of personal data.
- What information we collect about you
The personal data we handle, collect and process may include:
- information obtained from identification documentation (including your name, contact details, nationality and national identify numbers (where applicable));
- bank account details;
- your professional title and occupation;
- your age and marital status;
- financial information, tax status, account details and evidence of ownership of financial assets;
- personal identifiers such as your social security number, national insurance number, tax file / identification number, IP address or our internal electronic identifiers;
- information which we or our service providers need to conduct ‘know your client’ checks such as details relating to your passport or other identification documentation and credit history; and
- other information you provide in the course of your dealings with us or which they each require to provide you with products and services.
In certain circumstances, we also collect and process what are known as ‘sensitive’ or ‘special categories’ of personal data. Money laundering, sanctions, financial crime and fraud prevention checks sometimes result in GD1 obtaining information about actual or alleged criminal convictions and offences.
If you fail to provide personal data we may be unable to provide certain products and services or proceed with your business relationship with GD1.
- How we collect your information
The information we collect comes from:
- application forms, agreements, deeds or other materials you or your authorised representative submits to them during the course of your relationship with GD1;
- information gained from AML/KYC checks that GD1 are required to conduct;
- your or your authorised representative’s interactions with GD1, transactions and use of our products and services (including the use of any our website);
- your or your authorised representative’s business dealings with GD1, including via email, telephone or as stated in contracts with you;
- depending on the products or services you or your authorised representative requires, third parties (including for credit and money laundering checks, among other things); and
- recording and monitoring tools that they use for compliance or security purposes (e.g. recording of telephone calls, monitoring emails, etc.).
- Accessing and correcting your information
Subject to certain grounds for refusal in Data Protection Legislation, you have the rights to:
- request confirmation from us as to whether we hold data relating to you;
- access your readily retrievable personal information that we hold; and
- request a correction to your personal information.
Before you exercise these rights, we will need evidence to confirm that you are the individual to whom the personal information relates.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
Additionally if you are an individual located in the EU, you have the following additional rights: (i) to ask us to delete your information, if you consider that we do not have the right to hold it; (ii) to restrict processing of your information; (iii) to data portability (moving some of your information elsewhere) in certain circumstances; (iv) object to your information being processed in certain circumstances; (v) to not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your information (GD1 does not carry out any automated decision making).
- How we use your information
Our primary purposes in collecting your personal information is to administer the business of GD1, facilitate or administer the holding of shares in a GD1 fund and any related administration on an on-going basis.
Additionally, we use your information for the following specific purposes:
- to process transactions and to improve the quality of the service that we provide to you;
- to disclose information to other third parties such as service providers of GD1, auditors, regulatory authorities and technology providers (as set out in more detail below);
- to communicate with you as necessary in connection with the proper running of GD1;
- to update and maintain records, including GD1’s register of directors, and carry out fee calculations;
- to monitor and record calls and electronic communications;
- in connection with GD1’s internal management and reporting;
- to report regulatory and tax related information to regulatory and tax authorities in order to comply with a legal obligation;
- permit, administer and record an investment in GD1;
- verifying the identity of the prospective investor to comply with statutory and regulatory requirements in relation to anti-money laundering procedures;
- to comply with our legal obligations;
- in order to carry out anti-money laundering checks and related actions which are necessary to comply with legal obligations, in relation to, the prevention of fraud, money laundering, terrorist financing, bribery, corruption, tax evasion and to prevent the provision of financial and other services to persons who may be subject to economic or trade sanctions, on an on-going basis;
- for prudential and risk management purposes;
- to provide you with any products and services that you request from us; and
- other reasons compatible with the primary purpose (set out above).
- Grounds for using your personal information
We process your personal data because such use is necessary:
- for the purposes of the legitimate interests that we pursue, which are to run and administer GD1, to discharge our legal obligations, to store and disclose information where necessary and to evaluate, develop and improve our services;
- for the performance of a contract with you; and/or
- in order to comply with a legal obligation to which we are subject.
To the extent that we process any special categories of data relating to you for any of the purposes outlined above, we will do so because either: (i) you have given us your explicit consent to process that personal data; (ii) you have made the personal data manifestly public; or (iii) the processing is necessary for the establishment, exercise or defence of legal claims.
- Providing your information to third parties
- third parties such as service providers of GD1, auditors, regulatory authorities and technology providers, agents, contractors, service providers or related companies (including payment processors) if this is necessary to administer your investment in GD1, respond to your enquiries or for any other related purposes;
- any regulatory, supervisory or governmental authorities to the extent we are required by law to do so, or in other limited circumstances (for example if required by a court order or regulatory authority, or if we believe that such action is necessary to prevent fraud; and
- tax authorities.
GD1 does not undertake marketing activities for third parties, nor does it provide information to third parties for their own marketing purposes.
- Transferring data outside of the EEA (EU investors only)
Personal data may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“) or to countries not regarded by the European Commission as providing an adequate level of data protection. When we, or our permitted third parties, transfer personal information in this manner will ensure that the transfer is subject to appropriate safeguards in accordance with Data Protection Legislation.
We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change.
- How long we keep your information
This will involve us regularly reviewing our files to check that information is accurate, up to date and still required.
- How we protect your information
We ensure that there are reasonable and appropriate technical, physical, electronic, and administrative safeguards in place to protect against such risks as loss, unauthorised access, destruction, modifications, disclosure or other misuse of personal information.
While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.
In certain circumstances you may also have the right to make a complaint to the supervisory authority which regulates and supervises the use of personal data in your jurisdiction.