Updated: 1 September 2021
Bowmark Capital LLP and such other companies forming part of the Bowmark group of companies (collectively “Bowmark”, “we” or “us”) are committed to protecting the privacy and security of your personal information in accordance with applicable data protection laws, including the Data Protection Act 2018 and the General Data Protection Regulation 2016/679 as it forms part of domestic law of the United Kingdom by virtue of the European Union (Withdrawal) Act 2018 (“UK GDPR”), as the same may be amended from time to time. We are authorised and regulated by the Financial Conduct Authority (Registration number: 473422) and registered with the Information Commissioner’s Office (Registration number: Z8474461).
We may process your personal data in the course of our relationship with you in a number of ways, including but not limited to:
- when you use our website (www.bowmark.com);
- when you contact or request information from us;
- when you are seeking to engage our services or solicit our business as a customer of ours;
- when you are a manager, adviser or shareholder of one of our portfolio companies (or of a prospective portfolio company); and/or
- when you contact us directly via one of our members of staff or via an introduction from anyone with whom we have an existing business relationship.
|Telephone:||+44 20 7189 9000|
|Address:||Bowmark Capital LLP|
One Eagle Place
The data we collect about you
Personal data means any information from which a person can be identified. We collect, use, store and transfer different kinds of personal data about you, depending on the nature of our relationship with you, including:
- basic information: such as your name (including name prefix or title), the company you work for, your title or position and your relationship to our other contacts (if applicable) that you provide to us;
- contact information: such as your postal address, email address and phone number(s) that you provide to us;
- financial information collected from investors and prospective investors: such as bank account details necessary to process payments;
- identification and background information: such as information provided by you or collected by us as part of our due diligence and business acceptance processes, in order to comply with our regulatory requirements;
- marketing and communications information collected about you or that you provide to us: such as your preferences in receiving marketing information from us and our third parties and your communication preferences; and
- any other information: including information relating to you that you may provide to us.
In certain circumstances, we may be required to carry out enhanced due diligence checks to comply with our obligations under the Money Laundering Regulations 2017 (MLR 2017), the Money Laundering and Terrorist Financing (Amendment) Regulations 2019 (MLR 2019) and any future directives which will be transposed to UK law. These enhanced checks may reveal information about criminal convictions or information about an individual’s political opinions and associations and/or other sensitive personal data (also referred to as special categories of personal data). We will only collect and process such information to the extent necessary to comply with our regulatory obligations and in accordance with the applicable data protection laws.
You are not obliged to provide us with your personal data but where we request certain personal data from you, it may be necessary in order to provide you with the services. Therefore, failure to provide this personal data may mean that we cannot provide our services to you.
What lawful bases do we rely on to process your personal data?
We are permitted to collect and process the above information by relying on one or more of the following lawful bases:
- to perform our contractual obligations towards you or to take steps before entering into a contract with you or the organisation that you work for;
- for our legitimate interests (or those of a third-party) and where your interests and fundamental rights do not override those interests. Our legitimate interests are: (i) to conduct our business in an efficient, compliant and profitable manner; (ii) detect and prevent fraud; (iii) to promote and market our services; (iv) keep in touch with you as part of our professional network; (v) notify you about changes to our services or our website; and (vi) to analyse the use of our website and services in order to continually improve our services; and/or
- to comply with our legal or regulatory obligations.
Whilst Bowmark does not routinely obtain consent as the legal basis upon which it stores and processes personal data, it will, if necessary, and to the extent required by data protection laws, obtain the consent of the data subject to hold and process personal information. If consent is provided, it can be withdrawn by the data subject at any time.
Purposes for which we will use your personal data
We collect information about you so that we can:
- identify you;
- detect and prevent fraud;
- conduct “Know Your Customer” checks;
- liaise with portfolio companies, suppliers and group companies;
- administer our contract with you and/or our portfolio companies (if applicable);
- improve our services;
- keep in touch with you as part of our professional network;
- provide you with access to the relevant parts of the website (e.g. password protected sign-in facility);
- where necessary, notify you about changes to our services or our website;
- manage our business, including for accounting and auditing purposes;
- conduct our regular reporting activities on the performance of our business;
- maintain our IT systems and manage hosting of our data;
- deal with any legal disputes which may involve you;
- process any request you may have made; and
- comply with our regulatory reporting obligations.
Where you have consented at the time that we collected your data or where we otherwise have a right to do so, we may use your information to let you know about our services that may be of interest to you and/or inform you about important changes or developments to the website or our services, by email.
We will only use your personal information for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
As part of our marketing activities, Bowmark collects and uses personal information to provide updates on our activities, products, services and to issue invitations to events and activities we host. We don’t rent or trade email lists with other organisations and businesses. Bowmark will take all reasonable steps to maintain the accuracy of your personal information. Where necessary, it will keep it up to date. You can request that Bowmark update or correct any information by contacting us at any time by emailing firstname.lastname@example.org.
We will only contact you for such purposes if we have the legal right to do so under the applicable data protection laws or where you have consented, at the time we collected your data, to do so.
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at email@example.com.
Sharing your information
We may have to share your personal data with third parties. When we do, we require them to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We do not authorise these third-party service providers to use or disclose the information except as necessary to perform services on our behalf or comply with legal requirements.
We may also disclose information about you (i) if we are required to do so by law or legal process, (ii) to law enforcement authorities or other government entities based on a lawful disclosure request or (iii) when we believe disclosure is necessary or appropriate to prevent harm or financial loss, or in connection with an investigation of suspected or actual fraudulent or illegal activity. We reserve the right to transfer personal information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganisation, spin-off, dissolution or liquidation).
In addition, we may share anonymous/aggregate information with third parties, such as third-party service providers, for any purpose.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) or the United Kingdom (“UK”). It may also be processed by staff operating outside the EEA or the UK who work for us or third parties engaged in, among other things, the provision of support services to us. By submitting your personal data, you acknowledge this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy and the data protection laws. This means that we will only transfer your information to third parties that (a) are in countries that have been confirmed by the European Commission to provide adequate protection to personal information or (b) have agreed to provide all protections to your personal information as set out in data protection laws.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed in an unauthorised way. In addition, we limit access to your personal data to those employees, members, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Officer (ICO), the UK supervisory authority for data protection issues, of a breach where we are legally required to do so. While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred via the internet. If you have any particular concerns about your information, please contact us.
Other sites and social media
Our sites may provide links to other websites for your convenience and information. These websites may operate independently from us. Linked sites may have their own privacy notices or policies, which we strongly suggest that you review. To the extent any linked websites are not owned or controlled by us, we are not responsible for their content, any use of the websites, or the privacy practices of the websites.
We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once our processing of your personal data is no longer necessary, we will securely destroy your personal information in accordance with applicable laws and regulations.
Your legal rights
You have a right of access to the personal information that we hold about you and to some related information. You have the right to ask us to correct inaccurate personal information and to complete incomplete personal information we hold about you. You have the right to ask us to delete your personal information in certain circumstances. You have the right to object to our processing of some or all your personal information in certain circumstances. You have the right to ask that we transfer the personal information you gave us to another organisation or to you, in certain circumstances. You may withdraw any consent you previously provided to us or object at any time on legitimate grounds to the processing of your personal information and we will apply your preferences going forward.
Please contact us if you wish to exercise any of the rights set out above. In the event you do contact us, we may need to verify your identity to allow us to prevent disclosure of your information to an unauthorised person. Please note that if you request erasure, object to our processing of your personal data or request the restriction of our processing of your personal data we may not be able to provide our services.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may not be able to comply with the request.
We normally respond to requests within one month. Occasionally it may take us longer, if your request is particularly complex or if you have made a number of requests. In this case, we will notify you and keep you updated.
Right to complain
You have the right to make a complaint at any time to the ICO (www.ico.org.uk). We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO, so please contact us in the first instance.