Privacy Policy

We take privacy and security of your information seriously and will only use such personal information as set out in this privacy policy.

Inverleith LLP respects the privacy of every individual whose personal information it handles. This Privacy Policy explains how Inverleith LLP collects, stores and uses personal information.

Where used in this policy, “Inverleith” means Inverleith LLP. For the purposes of applicable legislation, including the EU General Data Protection Regulation, as amended or supplemented (“Data Protection Laws”), Inverleith LLP is the controller of your personal information.

Where we obtain personal information

Personal data comprises information obtained from identification documents and can include name, contact details, nationality, employment history, income and personal wealth, source of wealth, tax status, tax identification numbers, bank account details and other identifiers which may be collected as part of your engagement with Inverleith LLP.

Inverleith LLP collects personal data from the following sources:

I. From information which you or your authorised representative gives to us, including but not limited to:

  • information set out in any agreement or other materials you submit to us during the course of your relationship with us;
  • such other forms and documents as we may request that are completed in relation to the administration/management of any investment made by you;
  • client due diligence documentation as part of our regulatory requirements;
  • any personal data provided by you by way of correspondence with us by phone, e-mail or otherwise;
  • your interactions with us, transactions and use of our products and services (including the use of our website);
  • your business dealings with us, including via email, telephone or as stated in our contracts with you;
  • depending on the products or services you require, third parties (including for credit and money laundering checks, among other things);
  • recording and monitoring tools that we use for compliance or security purposes (e.g. monitoring emails).

II. Personal data we receive from you or any third-party sources which may include:

  • entities in which you or someone connected to you has an interest;
  • your legal and/or financial advisors;
  • other financial institutions who hold and process your personal data to satisfy their own regulatory requirements;
  • credit reference agencies and financial crime databases for the purposes of complying with our regulatory requirements.

We may also collect and process your personal data in the course of dealing with advisors, regulators, official authorities and service providers by whom you are employed or engaged or for whom you act.

Personal information of business contacts and professional advisors

If you have had contact with Inverleith LLP, for example through emailing us or meeting an Inverleith LLP representative, we may store limited amounts of personal information relating to you, such as your name, job title, employer organisation and contact details.

We will collect and store this personal information for the purposes of:

  • maintaining a record of contacts;
  • organising meetings between you and Inverleith LLP’s representatives;
  • administering and maintaining records of services or advice we have received, and commissioning further services.
  • The personal information we hold about business contacts may be shared with:
  • companies who process personal information on Inverleith LLP’s behalf, such as providers of cloud hosting solutions;
  • professional advisors, such as accountants, lawyers or other consultants.

Personal information of actual or potential management teams

If you are involved in a transaction that Inverleith LLP and/or the funds that it manages or advises enters into, or a potential transaction that Inverleith LLP considers, we may store personal information relating to you. This might include your CV, details of your previous employment history and professional activities, information relating to your financial status and dealings, nationality information (including copies of identity documents, such as a passport), references provided by third parties, and results of other due diligence carried out. We collect and store this information for the purposes of:

  • assessing potential transactions;
  • maintaining records of investments and potential investments;
  • communicating with you as necessary in connection with your affairs and generally in connection with your investment;
  • administering any transaction that we enter into;
  • facilitating the internal administration of the Fund and any Administrator retaining your personal data as part of our Regulatory Assessments or future services entered into by you;
  • liaising with or reporting to any regulatory authority (including tax authorities) as required by law or direct instruction from such authority;
  • assessing your suitability for involvement in a transaction, including by verifying your identity;
  • complying with our regulatory and legal obligations, including assessing and managing risk;
    safeguarding our legal rights and interests;
  • seeking and receiving advice from our professional advisors, including accountants, lawyers and other consultants;
  • providing periodic business updates.

We will only use your personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where it is required or permitted by law.

The personal information we hold about actual or potential management teams may be shared with:

  • companies who process personal information on Inverleith’s behalf, such as providers of cloud hosting solutions and third party outsourced services providers;
  • financial intermediaries;
  • regulatory authorities;
  • professional advisors, such as accountants, lawyers or other consultants;
  • other persons who have an interest or involvement in, or who are considering an interest or involvement in an Inverleith transaction, including co-investors, other providers of finance and investors in Inverleith LLP’s funds.

Information for marketing purposes

We use your information to identify products and services that we think may be of interest to you.

We will only send you marketing messages where you have consented to such contact, or in the case of products and services, where these are similar to those that we have already provided to you.

You have the right to ask us not to not send you marketing materials by post, telephone or e-mail or any combination of these at any time. To do so, you can either reply directly to the marketing email or else contact us at gdpr@inverleith.com. You can also let us know at any time that you wish to change your mind and to start receiving such messages by the same mean.

Lawful ground for processing personal data

The General Partner and the Administrator are entitled to hold and process your personal data on the following lawful grounds:

  • for the legitimate interests of the funds managed or advised by Inverleith LLP such as running the firm’s business, managing portfolio companies, carrying out Anti-Money Laundering checks and fulfilling the firm’s Know Your Client Due Diligence process – provided your interests and fundamental rights do not override those interests;
  • where the Applicant is a natural person, the processing is necessary to comply with our respective contractual duties to you under the terms of our subscription agreement with you and all supplemental agreements thereto;
  • to comply with legal and regulatory requirements;
  • (on exceptional occasions) where we have obtained your consent; and
  • on very rare occasions, where it is needed in the public interest.

Some of the grounds for processing described above will overlap and there may be several grounds which justify our use of personal data.

Mandatory provision of information

We will explain to you when the provision of particular information is mandatory, including the possible consequences of not providing particular information, for example, which prevents us from proceeding with a transaction involving you. Inverleith LLP will only process the personal information you provide to Inverleith LLP for the purposes listed above.

Sensitive or special category personal data

Different rules apply to data concerning race, ethnic origin, political opinions or beliefs, religious or other similar beliefs, trade union membership, physical or mental health, sexual life and any offences committed and sentences or court proceedings relating to actual or potential offences – these are all called sensitive or special category personal data. Please do not send us sensitive personal data as generally we do not need it.

International transfers of personal information

Personal information that we hold may be transferred to, and stored at, a country outside of your country of residence, including countries outside of the EEA, such as North America, Asia and the Middle East. Where we transfer personal information to Inverleith LLP consultants or other third parties outside of the EEA, we will ensure that those transfers take place in accordance with the Data Protection Laws. If you would like more information about how your personal information may be transferred, please contact us using the information below.

Retention of personal information

The period for which Inverleith LLP will retain personal information will be only for as long as necessary depending on the purposes that it was collected for, as well as the requirements of any applicable law or regulation. Inverleith LLP will retain records for at least five years and for as long as is necessary for the purposes for which the information was collected.

Inverleith LLP shall endeavour to store your personal data securely in accordance with accepted market standards and may do so either electronically or manually.

Whilst Inverleith LLP has taken every reasonable care to ensure the implementation of appropriate technical and security measures, the firm cannot guarantee the security of your personal data over the internet, via email or via their websites nor do the General Partner and the Administrator accept, to the fullest extent permitted by law, any liability for any errors in data transmission, machine, software or operating error or any other cause.

Your rights

Your rights relating to personal information

Individuals whose personal information we hold may be entitled to access their personal information, or to request that it is erased, that its processing is restricted, or that any inaccurate personal information is rectified. You may also have the right to object to the processing of your personal information, or in some circumstances to obtain a copy of the personal information in machine readable format. Any such request should be submitted in writing to the compliance officers (gdpr@inverleith.com). Individuals also have the right to complain about the use of their personal information to the Supervisory Authority, which in the UK is the Information Commissioner’s Office (https://ico.org.uk/global/contact-us/ or 0303 123 1113).

Accuracy and security

Inverleith LLP will take all reasonable steps to keep your personal information accurate and, where necessary, up to date. If you believe that any of the information that Inverleith LLP holds about you is incorrect please notify Inverleith LLP (see contact below).

During regular business hours access to customer records is monitored so that only those with approval may access the files. During hours in which the company is not in operation, the customer records are locked.

Inverleith LLP will take appropriate technical and organisational security measures to protect the confidentiality and security of your personal information, but cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information online over the Internet and will not hold Inverleith LLP responsible for any breach of security unless this is due to Inverleith LLP’s negligence or willful default. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data Privacy contacts

For all enquiries please email gdpr@inverleith.com or call +44 131 285 1712.

This Privacy Policy is dated May 2018.

We reserve the right to amend this Privacy Notice at any time without notice, in which case the date of the policy will be revised.