Updated: 1 September 2021

Privacy Policy

Introduction

Bowmark Capital LLP and such other companies forming part of the Bowmark group of companies (collectively “Bowmark”, “we” or “us”) are committed to protecting the privacy and security of your personal information in accordance with applicable data protection laws, including the Data Protection Act 2018 and the General Data Protection Regulation 2016/679 as it forms part of domestic law of the United Kingdom by virtue of the European Union (Withdrawal) Act 2018 (“UK GDPR”), as the same may be amended from time to time. We are authorised and regulated by the Financial Conduct Authority (Registration number: 473422) and registered with the Information Commissioner’s Office (Registration number: Z8474461).

Purpose of this Privacy Policy and contact details

This Privacy Policy describes how Bowmark collects and uses your personal data, with whom Bowmark shares it and the choices available to you regarding the use of such information. We also describe the measures we take to protect the security of the information and how you can contact us about our privacy practices. As a "controller" under applicable data protection laws, we are responsible for deciding how we collect and use personal information about you and for the information contained in this Privacy Policy.

We may process your personal data in the course of our relationship with you in a number of ways, including but not limited to:

  • when you use our website (www.bowmark.com);
  • when you contact or request information from us;
  • when you are seeking to engage our services or solicit our business as a customer of ours;
  • when you are a manager, adviser or shareholder of one of our portfolio companies (or of a prospective portfolio company); and/or
  • when you contact us directly via one of our members of staff or via an introduction from anyone with whom we have an existing business relationship.

It is important that you read this notice so that you are fully aware of how and why we are using your data. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact our Finance Partner as indicated below:

Contact:Finance Partner
Email:gdpr@bowmark.com
Telephone:+44 20 7189 9000
Address:Bowmark Capital LLP
One Eagle Place
London
SW1Y 6AF

If you are based in the European Union or the European Economic Area and have any questions about this Privacy Policy, including any requests to exercise your legal rights, you may contact DataRep at datarequest@datarep.com quoting “Bowmark Capital LLP” in the subject line. DataRep has been appointed as Bowmark’s data protection representative in the European Union.

The data we collect about you

Personal data means any information from which a person can be identified. We collect, use, store and transfer different kinds of personal data about you, depending on the nature of our relationship with you, including:

  • basic information: such as your name (including name prefix or title), the company you work for, your title or position and your relationship to our other contacts (if applicable) that you provide to us;
  • contact information: such as your postal address, email address and phone number(s) that you provide to us;
  • information collected about you or that you give us when you contact us, including via our website: such as information from your visits to our website including your internet protocol (IP) address, your login data, and any information you provide when you register or contact us via our website. Without prejudice to the generality of the foregoing, we use Google Analytics to learn how visitors are using our website and how we could improve it and Google Analytics Demographics and Interest Reporting to learn about the age and gender of the website’s users along with the interests they express through their online travel and purchasing activities. You can read more in Google Analytics’ Privacy Policy;
  • financial information collected from investors and prospective investors: such as bank account details necessary to process payments;
  • identification and background information: such as information provided by you or collected by us as part of our due diligence and business acceptance processes, in order to comply with our regulatory requirements;
  • marketing and communications information collected about you or that you provide to us: such as your preferences in receiving marketing information from us and our third parties and your communication preferences; and
  • any other information: including information relating to you that you may provide to us.

In certain circumstances, we may be required to carry out enhanced due diligence checks to comply with our obligations under the Money Laundering Regulations 2017 (MLR 2017), the Money Laundering and Terrorist Financing (Amendment) Regulations 2019 (MLR 2019) and any future directives which will be transposed to UK law. These enhanced checks may reveal information about criminal convictions or information about an individual’s political opinions and associations and/or other sensitive personal data (also referred to as special categories of personal data). We will only collect and process such information to the extent necessary to comply with our regulatory obligations and in accordance with the applicable data protection laws.

You are not obliged to provide us with your personal data but where we request certain personal data from you, it may be necessary in order to provide you with the services. Therefore, failure to provide this personal data may mean that we cannot provide our services to you.

What lawful bases do we rely on to process your personal data?

We are permitted to collect and process the above information by relying on one or more of the following lawful bases:

  • to perform our contractual obligations towards you or to take steps before entering into a contract with you or the organisation that you work for;
  • for our legitimate interests (or those of a third-party) and where your interests and fundamental rights do not override those interests. Our legitimate interests are: (i) to conduct our business in an efficient, compliant and profitable manner; (ii) detect and prevent fraud; (iii) to promote and market our services; (iv) keep in touch with you as part of our professional network; (v) notify you about changes to our services or our website; and (vi) to analyse the use of our website and services in order to continually improve our services; and/or
  • to comply with our legal or regulatory obligations.

Whilst Bowmark does not routinely obtain consent as the legal basis upon which it stores and processes personal data, it will, if necessary, and to the extent required by data protection laws, obtain the consent of the data subject to hold and process personal information. If consent is provided, it can be withdrawn by the data subject at any time.

Purposes for which we will use your personal data

We collect information about you so that we can:

  • identify you;
  • detect and prevent fraud;
  • conduct “Know Your Customer” checks;
  • liaise with portfolio companies, suppliers and group companies;
  • administer our contract with you and/or our portfolio companies (if applicable);
  • improve our services;
  • keep in touch with you as part of our professional network;
  • provide you with access to the relevant parts of the website (e.g. password protected sign-in facility);
  • where necessary, notify you about changes to our services or our website;
  • manage our business, including for accounting and auditing purposes;
  • conduct our regular reporting activities on the performance of our business;
  • maintain our IT systems and manage hosting of our data;
  • deal with any legal disputes which may involve you;
  • process any request you may have made; and
  • comply with our regulatory reporting obligations.

Where you have consented at the time that we collected your data or where we otherwise have a right to do so, we may use your information to let you know about our services that may be of interest to you and/or inform you about important changes or developments to the website or our services, by email.

We will only use your personal information for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Marketing

As part of our marketing activities, Bowmark collects and uses personal information to provide updates on our activities, products, services and to issue invitations to events and activities we host. We don’t rent or trade email lists with other organisations and businesses. Bowmark will take all reasonable steps to maintain the accuracy of your personal information. Where necessary, it will keep it up to date. You can request that Bowmark update or correct any information by contacting us at any time by emailing gdpr@bowmark.com.

We will only contact you for such purposes if we have the legal right to do so under the applicable data protection laws or where you have consented, at the time we collected your data, to do so.

Opting out

You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at gdpr@bowmark.com.

Cookies

We will collect certain personal data when you are a visitor to our website. We use “cookies” or other tracking technologies to identify your device or IP address and to enable us to remember your log-in details, to understand our website users and to improve the website experience for you and/or other users. Please refer to our Cookie Policy for details on how and why we use this data, and your rights in relation to the cookies we collect.

Sharing your information

We may have to share your personal data with third parties. When we do, we require them to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We do not authorise these third-party service providers to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements.

We may also disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government entities based on a lawful disclosure request or (iii) when we believe disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity. We reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganisation, spin-off, dissolution or liquidation).

In addition, we may share anonymous/aggregate information with third parties, such as third-party service providers, for any purpose.

International transfers

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) or the United Kingdom (“UK”). It may also be processed by staff operating outside the EEA or the UK who work for us or third parties engaged in, among other things, the provision of support services to us. By submitting your personal data, you acknowledge this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy and the data protection laws. This means that we will only transfer your information to third parties that (a) are in countries that have been confirmed by the European Commission to provide adequate protection to personal information or (b) have agreed to provide all protections to your personal information as set out in data protection laws.

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, members, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Officer (ICO), the UK supervisory authority for data protection issues, of a breach where we are legally required to do so. While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred via the internet. If you have any particular concerns about your information, please contact us.

Other sites and social media

Our sites may provide links to other websites for your convenience and information. These websites may operate independently from us. Linked sites may have their own privacy notices or policies, which we strongly suggest that you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for their content, any use of the websites, or the privacy practices of the websites.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once our processing of your personal data is no longer necessary, we will securely destroy your personal information in accordance with applicable laws and regulations.

Your legal rights

You have a right of access to the personal information that we hold about you and to some related information. You have the right to ask us to correct inaccurate personal information and to complete incomplete personal information we hold about you. You have the right to ask us to delete your personal information in certain circumstances. You have the right to object to our processing of some or all your personal information in certain circumstances. You have the right to ask that we transfer the personal information you gave us to another organisation or to you, in certain circumstances. You may withdraw any consent you previously provided to us or object at any time on legitimate grounds to the processing of your personal information and we will apply your preferences going forward.

Please contact us if you wish to exercise any of the rights set out above. In the event you do contact us, we may need to verify your identity to allow us to prevent disclosure of your information to an unauthorised person. Please note that if you request erasure, object to our processing of your personal data or request the restriction of our processing of your personal data we may not be able to provide our services.

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may not be able to comply with the request.

We normally respond to requests within one month. Occasionally it may take us longer, if your request is particularly complex or if you have made a number of requests. In this case, we will notify you and keep you updated.

Right to complain

You have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. Please visit our website occasionally to ensure you are aware of our most up-to-date policy.