Effective date: 21 May 2018
● What information we collect and why we collect it.
● How we use that information.
● The choices we offer, including how to access and update information.
Information that we collect
We collect information to provide better services to all those with whom we deal. We collect information in the following ways:
● Information you give us. For example, information that you provide to us when contacting us for inquiries about potential investment or other commercial opportunities, employment details if you send us a CV, resumé or other details of your employment history in connection with an advertised job vacancy or a general enquiry regarding employment opportunities with us. When you do, we may ask for personal information like your name, email address, telephone number and other details.
● Information we collect or receive in the course of our investment business. We may receive or collect personal information in the course of our investment activities, such as when researching potential investment opportunities or in conducting our legal and commercial due diligence. This could include, for example, information about the management and other personnel at a company we may be assessing an investment in.
● Information we get from your use of our Site. We may collect information about the parts of the Site that you use and how you use it. This information includes:
○ Device information
We may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number).
○ Log information
When you use our Site, we may automatically collect and store certain
information in server logs. This may include:
● details of how you used our Site
● Internet protocol address
● device event information, such as crashes, system activity, hardware
settings, browser type, browser language, the date and time of your
request and referral URL
● cookies that may uniquely identify your browser
○ Location information
We may collect and process information about your actual location and use
various technologies to determine location, including IP address.
○ Local storage
We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
○ Cookies and similar technologies
We may use various technologies to collect and store information when you visit our Site, and this may include using cookies or similar technologies to identify your browser or device. You may set your browser to block all cookies, including cookies associated with this Site or to indicate when a cookie is being set by us.
How we use information that we collect
We use personal information to manage and operate our business, including to explore new investment opportunities, manage our existing portfolio, develop and maintain our contacts and recruit staff. Where necessary, we may also use personal information to protect the interests of GV, our employees and affiliates (for example in the event of a legal claim).
When you contact us, we keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our business, such as letting you know about upcoming events or changes to our business.
We use the information we collect from our Site to provide, maintain, protect and improve it and to protect our users. We may use information collected from cookies and other technologies to improve your user experience and the overall quality of our Site.
Our legal basis for processing your personal information
If EU data protection law applies to our processing of your personal information, it is important that you know the lawful basis on which we process your personal information.
We rely on the following legal basis, under EU data protection law, to process your personal data:
● Where we have obtained your consent, for example to action a request from you or respond to your specific query. You can withdraw your consent at any time, but we may still need to retain a record of your correspondence with us.
● Where it is necessary for the purposes of our legitimate interests to manage our existing investments and explore new investment opportunities, including conducting legal and commercial due diligence.
● Where it is necessary to comply with a legal obligation, for example under anti-money laundering or anti-bribery legislation.
Transfer of personal information
Adhesion to the Privacy Shield Frameworks
GV Management Company, L.L.C. has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. We comply with the EU-U.S and Swiss-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection,
Accountability for onward transfers
We are responsible and remain liable for the processing of personal information we receive, under the Privacy Shield Frameworks, including if we subsequently transfer to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal information from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Resolution of Privacy Shield queries and complaint mechanism
In compliance with the Privacy Shield Principles, We commit to resolve complaints about our collection or use of your personal information. European Economic Area and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us.
We have further committed to refer unresolved Privacy Shield complaints to JAMS. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield or to file a complaint visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. The services of JAMS are provided at no cost to you. As further explained in the Privacy Shield Principles, a binding arbitration option may also be made available to you in order to address residual complaints not resolved by any other means.
We commit to cooperate with the EU DPA panel established by the EU data protection authorities ("EU DPA panel") and the Swiss Federal Data Protection and Information Commissioner (as applicable) and to comply with the advice given such EU DPA panel and/or the Swiss Commissioner (as applicable) with regard to human resources data transferred from the EU DPA and/or Switzerland to GV Management Company, L.L.C. in the context of the employment relationship.
GV is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. GV may be required to share your personal information, including the disclosure of EU and Swiss personal information, to public authorities and law enforcement agencies in response to lawful requests, including requests to meet national security and law enforcement requirements.
Accessing and updating your personal information
If you are resident in the European Economic Area and/or your personal information is processed in the context of our UK office, you have certain legal rights in respect of the personal information about you held by us. This includes the right to obtain a copy of this information on request, and the right to correct, amend or delete such personal information or object to it being used for certain purposes (including marketing). We may ask you to verify your identity before we can act on your request.
We will comply with any requests to exercise your rights in accordance with applicable law, and so there may be circumstances where we are entitled to refuse your request. For example, where permitted to by law, we may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, developing a new system or fundamentally changing an existing practice), risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems).
Where we can provide information access and correction, we will do so free of charge, except where it would require a disproportionate effort (where we are permitted to charge a fee under applicable law). We aim to maintain any information we hold and our Site in a manner that protects information from accidental or malicious destruction.
To make any requests regarding your personal information, or if you have any questions or concerns regarding your personal information, you should contact us using the details below. You are also entitled to contact your local supervisory authority for data protection. In the UK, the data protection authority is the Information Commissioner’s Office.
Information that we share
We share personal information with companies, organisations and individuals outside of GV in the following circumstances:
With your consent
We may share personal information with companies, organisations or individuals outside
GV when we have your consent to do so.
For external processing
With our legal and professional advisors
We share information with our legal and other professional advisors, for example if they are advising us on an investment transaction or where otherwise necessary to obtain their advice.
For legal reasons
We may share personal information with companies, organisations or individuals outside GV if we have a belief in good faith that access, use, preservation or disclosure of the information is reasonably necessary to:
● meet any applicable law, regulation, legal process or enforceable governmental request.
● enforce applicable terms of service, including investigation of potential violations.
● detect, prevent or otherwise address fraud, security or technical issues.
● protect against harm to the rights, property or safety of GV, our users or
the public, as required or permitted by law.
is involved in a merger, acquisition or asset sale of GV, we will use reasonable
We work hard to protect our Site and any information that we hold from unauthorized access or unauthorized alteration, disclosure or destruction. In particular:
● We review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
● We restrict access to personal information to GV employees, contractors, service providers and agents who need to know that information in order to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined or their contract terminated if they fail to meet these obligations.
For the purposes of EU data protection law, GV UK Management Limited is the data controller of your personal information. Our address in the UK is 146-148 Clerkenwell Road, London, EC1R 5DG.