Last updated: 25th March 2020
In the context of our activities, we collect, hold, use and further process personal data of various individuals who are involved with our business activities. Pursuant to applicable data protection and privacy legislation, we qualify as the controller with respect to such personal data.
This policy is intended to ensure compliance with Dutch privacy regulations, including without limitation the General Data Protection Regulation.
2. We highly value data protection and privacy
We recognize the importance of data protection and privacy and, hence, strive to protect the personal data we process in accordance with applicable data protection legislation and more specifically with the Dutch Data Protection Act (Wet bescherming persoonsgegevens) and as per 25 May 2018, the General Data Protection Regulation and relevant national (implementing) legislation.
3. Whose personal data do we collect and how?
In the context of our activities, we may collect and process personal data of the following data subjects:
contact persons of our current, prospective and former clients and (co-)investors.
directors, officers, proxy holders and other authorized representatives of current, former and prospective institutional investors and their ultimate beneficial owners
current and prospective private clients and investors, also referred to as High Net Worth Individuals
directors, officers, employees and other representatives of private equity fund managers and portfolio companies in which Assiduity Capital has made an investment or is considering making an investment
directors, officers, authorized representatives of related general partners and co-investors
representatives of third party sellers, placement agents, finders, investment bankers, consultants, lawyers, accountants, advisers, and other service providers, whether or not engaged by Assiduity Capital
We may collect personal data relating to these data subjects in various ways:
directly from the data subject (e.g. pursuant to a subscription agreement or by receipt of an email or business card);
indirectly from other sources (e.g. from public records or from a counterparty in possession of the data).
4. Personal data
Personal data is information that can be used to identify you, such as your name, address, email address, telephone number, and date of birth. Personal data also includes your bank account details, IP address, and IDs.
Other data, including your religion, ethnicity, or membership in a trade union, is considered special data. We may only use categories of special data if permitted by law or if consent for this specific processing is obtained. In all other situations, we are prohibited from using this special personal data.
5. Legal basis for processing
Processing of personal data is only allowed when it is based on one of the “grounds” permitted by law. We only use your personal data when it is necessary for one or more of the following reasons:
To perform a contract with you
To comply with a legal obligation
For a legitimate interest of Assiduity Capital
Because you give your consent for a specific purpose
6. Purposes for which we use your personal data
We use your personal data for the legitimate interests of Assiduity Capital or a third party (such as our affiliates), to help make our operations, business development and services as effective, reliable and efficient as possible as well as to comply with our legal and regulatory requirements. This is done for one or more of the following purposes, depending on the nature of your relationship with us:
to evaluate potential investment opportunities or potential employees or interns or business partners or service providers.
to evaluate new clients and (co-)investors and to investigate, assess and advise on the feasibility of our clients’ objectives.
to handle complaints and queries relating to our services and to handle any disputes that may arise.
to negotiate and execute agreements, carry out the agreement entered into by and between Assiduity Capital and our contracting party and to contact and communicate with our contracting parties.
to maintain a database in which all service providers engaged by Assiduity Capital are recorded in order to create a network and to know whom to contact in a certain situation.
to comply with legal obligations, for example, to comply with our obligations regarding know-your-client and anti-money laundering.
for marketing purposes, to inform our clients and (co-)investors about Assiduity Capital and our services, to invite persons to attend events and meetings (and keep a record of attendees) and for general communication purposes.
to negotiate and execute agreements with our clients and (co-) investors, for example, to provide the requested services to our clients and (co-)investors, in order to contact our clients and (co-)investors for updates on matters regarding to the investments of our clients and (co-)investors (for example to send our clients and (co-)investors reports regarding returns on investments) and other activities relating to client management, financial management, and administration
7. With whom do we share your personal data?
Assiduity Capital may share certain of the aforementioned personal data with third parties, such as group companies of Assiduity Capital, investment vehicles to which Assiduity Capital (envisages to) makes any capital commitment, our clients and (co-)investors, (regulatory) authorities (such as tax authorities, financial intelligence units, and supervisory authorities), and third parties that provide services to Assiduity Capital (such as trusted advisors, consultants and other service providers that may require personal data to render their services to Assiduity Capital). We will only share your personal data with these parties if such is necessary for the purposes listed above.
In the context of the processing activities as described above, we may also engage third parties to process the personal data on our behalf (for example providers of certain IT applications that we use in the context of our activities). We will enter into the required contractual arrangements with those parties to ensure lawful and fair processing of your personal data on our behalf.
Some of the parties with whom we may share your personal data will be located in countries outside the European Economic Area, which countries may offer a lower level of data protection than the Netherlands. In such a case, Assiduity Capital shall ensure that the international transfer of your personal data shall comply with the applicable data protection laws.
8. How do we protect your personal data?
We have implemented the necessary administrative, technical and organizational measures to ensure a level of security appropriate to the specific risks that we have identified in relation to the processing of personal data. We protect your personal data against destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.
Further, we seek to ensure that we keep your personal data accurate and up to date. However, you are responsible for this and we kindly request that you inform us of any changes to your personal data (such as a change in your contact details).
9. How long do we keep your personal data?
Your personal data will not be kept by Assiduity Capital for longer than necessary in relation to the purposes for which we collect and use the personal data (we refer to the purposes as set forth above). Assiduity Capital will retain your personal data in accordance with its Records Policy. If you have any specific questions in this respect, please feel free to contact us.
10. What are your rights and whom may you contact if you have further questions?
Under certain circumstances, you have the right to ask us to (i) be informed on the personal data we have about you, and/or to (ii) access, rectify, erase, restrict the use of your personal data. Further, you may have the right to object to the use of your personal data by us and/or to ask us to provide the relevant personal data to another party.
To exercise these rights, or in case of questions on how we collect and use personal data, please contact firstname.lastname@example.org. In case of complaints about the way in which we process personal data, you may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).