Privacy Notice

PRIVACY NOTICE

Updated January 2020

Mgrcp’s commitment to privacy

This Privacy Notice is provided by The Mgrcp Group (“Mgrcp”, “we” and “us”), and it applies to the way we interact with individuals, (“Data Subjects”) in connection with our business, including, without limitation:

  • directors, officers, employees and other representatives of portfolio companies where Mgrcp has made an investment or is considering making an investment;
  • individual representatives of third party sellers, investment agents, finders, investment bankers, consultants, lawyers, accountants, consultants and other service providers, whether or not engaged in Mgrcp activities;
  • directors, officers, employees and other representatives of Mgrcp;
  • individuals applying for or enquiring about and employment with us;
  • individuals who consider or invest with us and their representative agents with whom we interact during the normal course of business; and
  • visitors to our websites and users of any digital services we provide.

We respect the privacy of the data subjects concerned. This Privacy Notice describes how we collect, use, store, process, disclose and transmit information that we may collect from Data Subjects. Please note that Mgrcp may provide additional privacy notices or similar disclosures with respect to certain categories of Data Subjects (e.g. certain investors or prospective investors in Mgrcp-managed or Mgrcp-controlled funds, certain former or existing Mgrcp-associated employees, etc.) and certain geographies and jurisdictions.

What data do we collect and how?

Personal Data.  When we use the term “Personal Data” we mean information that reasonably can be used to identify you as an individual person. In connection with our business, we collect various types of Personal Data, including but not limited to, personal data:

  • Identifiers such as your name, postal address, tax ID, passport number, internet protocol address, email address, account name, social security number, driver's license number, mail address, phone number, or similar identifiers.
  • Information classified as personal or protected information by state, federal or other applicable law, including nationality, place and date of birth, gender, picture, marital status, number of children, and information on criminal history/unlawful conduct.
  • Commercial information, including tax information, bank account details, credit card number, money transfers, including bank transfer communications, assets, investor profile, credit history, debt and expenses.
  • Information on the Internet or other electronic network activity, including but not limited to browsing history, search history, and information on consumer interaction with a website, application, or advertisement.
  • Visual information, including your picture.
  • Professional or employment-related information, including your job, the name of the employer and the remuneration.
  • Information on education, including your level of education.

We collect this Personal Data in a variety of ways, including:

  • Directly from the Data Subject (e.g., when you voluntarily submit information to the Site, or send us an email or other written correspondence)
     
  • Indirectly from other sources (e.g., from public records or from a counterparty in possession of the data).

Automatic Collection Tools.  In addition, we automatically collect certain data from Data Subjects who visit the Site. To this end, we use data collection tools (“Cookies”) on the Site to record certain usage information, such as the number and frequency of visitors to the Site. This information may include the websites that you access immediately before and after your visit to our Site, and which Internet browser you are using. Please see our separate Cookies Policy to learn about how we use Cookies on the Site. 

If you are located outside the United States, please be aware that the Personal Data we collect will be processed and stored in the United States, a jurisdiction where the data protection and privacy laws may not provide the same level of protection as those in the country where you reside or are a citizen. 

How and on what basis are we using your Personal Data?

We use your Personal Data for a variety of reasonable and legitimate business purposes, including but not limited to the following:

  • Compliance with legal or regulatory obligations, such as our knowledge-based and anti-money laundering obligations;
     
  • Performing a contract with you or taking action on your request before entering into a contract, including: (i) providing you with information on Mgrcp products or services; (ii) assisting you and responding to your requests; (iii) assessing whether we can offer you a Mgrcp product or service and under what conditions;.
  • Other legitimate purposes, such as:
    • Communicating with Data Subjects;
    • Activities related to client management, financial management and administration;
    • Creating, improving and developing our products and services;
    • Conducting market research, surveys and similar surveys to help us understand trends, client and site visitor needs;
    • Investigation and resolution of disputes and security issues and enforcement Terms of Use and other agreements;
    • Monitoring and auditing compliance with internal policies and procedures, legal obligations and compliance with regulatory requirements and regulations; and
    • Processing and considering applications for employment, including assessing and confirming your suitability for the position and accuracy of any information submitted.

We will not use your Personal Data for any purpose contrary to this Privacy Notice without your permission.

We do not sell any personal data or have sold any personal data in the past.

Who do we share your personal data with?

Within Mgrcp.  We share your Personal Data with Mgrcp entities for the purposes set out above. In general, our group entities, in turn, are not allowed to share your information with other non-affiliate entities, except as described herein or as otherwise permitted by applicable laws.

To Third Parties.  In certain circumstances, we share your Personal Data with third parties, including the following:

  • Service Providers.  We share Personal Data with service providers performing services on our behalf (e.g., third-party service providers to operate the Site). These companies may have access to your Personal Data but may use the information solely for the purpose of providing a specific service or as otherwise permitted by law. In general, we require these providers to keep the information confidential by contract. 
     
  • Transaction or Other Corporate Event.  Your Personal Data may be disclosed as part of a corporate transaction, such as a merger, acquisition, joint venture or financing or sale of company assets, including bankruptcy proceedings, and may be transferred to a third party as one of the business assets in such a transaction. It may also be disclosed in the event of insolvency, bankruptcy or incurrence. In such a case, we will post a prominent notice of the change in ownership.
     
  • As Required by Law.  We also disclose your Personal Data if we are required to make disclosures by applicable law or by government or private parties in connection with a lawsuit, subpoena, investigation or similar proceeding, or as part of our legislative or regulatory reporting requirements.

How do we protect your Personal Data?

We take seriously the obligation to protect your personal data. Your Personal Data held by us shall be kept confidential in accordance with applicable Mgrcp policies and procedures. We will make every reasonable effort to ensure that all Personal Data is kept secure and safe from any loss or unauthorized disclosure or use. All reasonable efforts are made to ensure that any Personal Data held by us is stored in a secure and secure place and accessed only by our authorized employees and transferees.

Keeping your Personal Data current

In general, we seek to ensure that your Personal Data is kept accurate and up to date. However you are responsible for and we kindly ask you to inform us of any changes to your Personal Data (such as a change in your contact details). To update or modify your Personal Data that we have on file, including your communication preferences, please contact us using the contact details set out in the "Contact and Complaints" section below or by sending an e-mail to [email protected]

How long do we keep your Personal Data?

In general, we will process and store your Personal Data for at least as long as it is necessary to fulfill our contractual, regulatory and statutory obligations. Subject to these qualifications, our objective is to retain such data for no longer than is necessary in relation to the purposes for which we collect and use personal data (we refer to the purposes as set forth above). Mgrcp will retain your Personal Data in accordance with our Books & Records Policy. If you have any specific questions in this regard, please feel free to contact us.

Contact and Complaints

Mgrcp takes any complaints we receive about our use of your Personal Data very seriously.  Questions, comments, requests or complaints regarding the Site, this Privacy Notice, the User Agreement and/or our use of your Personal Data should be addressed to [email protected]. 

Any Personal Data that we receive from you when you make a complaint will be treated in accordance with this Privacy Notice and will only be used to process the complaint and to check the level of service we provide. In the same way, if the enquiries are submitted to us, we will only use the information provided to us to deal with the enquiry and any subsequent issues and to check the level of service we provide.

The Mgrcp.vc Site

Mgrcp.vc (“the Site”) is operated from servers in the United States.  BY USING THE SITE AND PROVIDING INFORMATION TO US, YOU CONSENT TO THE TRANSFER AND PROCESSING OF YOUR PERSONAL DATA IN THE UNITED STATES.

Please be aware that the Site may contain links to other sites hosted by third parties. Mgrcp does not control and is not responsible for the content or privacy practices and policies of such third-party websites. We encourage you to be aware when you leave the Site and to read the privacy policies of each third party website, especially if the Site collects Personal Data from you.

Additional Information for Job Applicants

This Applicant Privacy Notice pertains to certain individuals applying to become employees or members associated with The Mgrcp Group.  Questions, comments, requests or complaints regarding this Privacy Notice and/or our use of your Personal Data should be addressed to [email protected].

Additional Information for Residents of the European Economic Area (the “EEA”)

The following information applies to any data subject resident in the EEA. For the purposes of the European Parliament's General Data Protection Regulation (EU) 2016/679 and of the Council of 27th April 2016 (the “GDPR”), we act as a “data controller” and our headquarters is located in the United States at 1001 Pennsylvania Avenue, NW, Washington, DC 20004.  As a data controller, we are responsible for deciding how we hold and use Personal Data about you.   

GDPR Data Protection Principles

In relation to the collection, retention, storage, use and processing of your personal data:

  • We will process the data lawfully, fairly and transparently.
  • We will only obtain the data for valid purposes that we have clearly explained to you and do not use in any way that is incompatible with those purposes.
  • The data we collect will be relevant to the purposes we have told you about and limited only to those purposes.
  • We will take reasonable steps to ensure that the data are accurate and up to date.
  • Subject to applicable legal or other requirements, the data will only be kept for as long as necessary.
  • Appropriate technical and/or organizational measures will be used to ensure the appropriate security of the data.

Transfer of Personal Data Outside of the EEA

The transfer of Personal Data from the United Kingdom/EEA to Mgrcp entities outside the EEA shall be governed by data transfer agreements in the form of standard contractual clauses approved by the European Commission (a copy of which can be obtained from us via the contact details below).

If your Personal Data is processed by third parties outside the EEA, we shall ensure that appropriate safeguards are in place to ensure that it is adequately protected, as required by applicable law, including the implementation of standard contractual clauses (referred to above where the recipients are not located in a country with adequate data protection legislation (as determined by the European Commission) or are certified in accordance with the relevant provisions of the EEA.

GDPR Data Subject Rights

Under the GDPR, in certain circumstances, the EEA-resident data subject has certain individual rights with respect to the personal data we hold about it. In particular, you may be entitled to:

  • Request access to any data held about you
  • Ask to have inaccurate data amended
  • Request the data held by you to be deleted, provided that the data are not required by Mgrcp to perform a contract, to defend a legal claim or to comply with applicable laws or regulations
  • Prevent or restrict the processing of data that is no longer required
  • Request the transfer of the relevant data to a third party where this is technically feasible

In addition, in circumstances where you may have given your consent to the collection, processing and transfer of your Personal Data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes for which you originally agreed, unless we have another legitimate basis for doing so in law.

To exercise any of these rights, please contact us using the contact details set out in the "Contact and Complaints" section above.

Automated Decision Making

We respect your legal rights not to be subject to decisions based solely on automated processing of your Personal Data, including profiling, in particular where such processing has legal or other significant effects on you. In general, we do not use any automated decision-making under the GDPR to establish and conduct a business relationship. We may process some of your Personal Data automatically, with the aim of assessing certain personal aspects (profiling) such as compliance with legal or regulatory obligations to combat money laundering, terrorist financing and offenses that pose a risk to assets. [We also use assessment tools to enable communications and marketing to be tailored as necessary.]

Complaints to Local Authorities

As a resident of the EEA, you are also entitled to forward any complaint regarding our processing of your Personal Data to your national or local data protection supervisory authority.

You will not have to pay a fee for accessing your Personal Data (or to exercise any of the other rights). However if your request for access is clearly unfounded or excessive, we may charge a reasonable fee.

Additional Information for Residents of California

The information below may apply to Data Subjects who are residents of California.    

California Data Subject Rights

California's "Shine the Light" law allows California residents to request and obtain information free of charge on what Personal Information is disclosed to third parties for direct marketing purposes in the preceding calendar year. For more information on these disclosures, please contact us using the contact details set out in the "Contact and Complaints" section above.

In addition, Data Subjects in California may have a right under the California Consumer Privacy Act (“CCPA”) to request erasure of their personal data or access to personal data that we have collected in the last twelve (12) months.

You may submit requests for access or erasure of your personal information by calling 1-855-283-9736 (Domestic US only) or contacting us at [email protected].

Individuals who submit requests for access to or deletion of personal information will be required to verify their identity by answering certain questions. We will not disclose or delete any information until the identity has been verified.

If you make a request for access, we may not be able to provide specific pieces of personal information if disclosure creates a substantial, articulable and undue risk to the security of your personal information, your account with us or our systems or networks.

If you make a request for deletion, we will ask you to confirm that you would like us to delete your personal information again before your request is made.

You may appoint an authorized agent to submit an application on your behalf by giving your written permission to that agent. If an agent makes a request on your behalf, we may still ask you to verify your identity directly with us before we can comply with the request.

Agents making requests on behalf of individuals will be required to verify the request by submitting written permission from the individual. We will not comply with any requests from agents until the authorisation has been verified.

Under the CCPA, you cannot be discriminated against for the exercise of your rights of access or for the deletion of your personal data.