Tribeca Capital Partners
Scope and content
Table of Contents
- Scope and content
- Third party links and the Investor Platform
- Information we collect and use
- Where we collect personal data
- Why we collect and use personal data
- Who we share personal data with
- Where personal data is processed
- How we protect your information
- How long we keep personal data
- Your rights and how to exercise them
- How to contact us
- How to make a complaint
Third party links and the Investor Platform
Information we collect and use
We collect and use your personal data to the extent necessary in the framework of our activities. Depending among other things on the type of products or services we provide to you, we may collect various types of personal data, such as:
- Information about who you are e.g. your name, date of birth, address and contact details
- Information connected to the service or product we provide to you e.g. your bank account details and copy of ID card or passport
- Information connected to your investment in one of our funds e.g. source of revenue or invested sums
- Information about your contact with us e.g. meetings, phone calls, emails / letters
- Information that is automatically collected e.g. via cookies when you visit one of our websites
- If you apply for a job with us, information such as your CV, diplomas and the outcome of personal assessments and other personal data
Where we collect and use sensitive personal information, this information will only be collected and used (i) where it is needed to provide the product or service you have requested or to comply with our legal obligations, and (ii) where we have obtained your explicit consent to process such information.
Where we collect personal data
We may receive and/or collect your personal data directly from you or from other sources, including:
- Agreements entered into by us (on our own behalf or on behalf of one of our clients/funds)
- Subscription or other forms
- Questionnaires filled in by you or one of the investors in our funds
- Phone conversations with us
- Emails or letters you send to us
- Meetings with one of our staff members
- Your advisers or other intermediaries
- Clients/funds managed by us or investors in one of our funds, at which you are a legal representative, an employee or a staff member (or similar), ultimate beneficial owner, or a shareholder
Why we collect and use personal data
We take your privacy serious and we will only collect and use your personal data where it is necessary, fair and lawful to do so. We will only collect and use your personal data if we are able to satisfy one of the lawful processing conditions set out in the data protection laws.
This will be the case where:
- It is necessary to provide the product or service you have requested e.g. if you wish to invest in one of our funds;
- It is necessary to provide products or services to our clients/funds/investors of whom you are a representative, staff member, ultimate beneficial owner, shareholder or similar position;
- it is necessary for us to meet our legal and/or regulatory obligations e.g. for AML/KYC checks and for the detection and prevention of fraud;
- it is necessary for us to meet our contractual or other obligations towards you, e.g. provide you with information you have the right to receive as a representative of an investor in one of our funds or as a board member of one of the funds;
- it is in the legitimate interests of Tribeca AIFM SA/NV and/or Tribeca Capital Partners SA/NV, e.g. when we investigate suspected fraud. Where the processing is in our legitimate interests, we will always conduct an assessment to ensure that this use of your personal data is not excessive or unnecessary or otherwise more intrusive than it needs to be; or
- you have given us your permission [consent] to use your personal data in a certain way. For the avoidance of doubt, if we process your personal data on the basis of your consent, you may withdraw your consent at any time by contacting us (see section 12, ‘How to contact us’).
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our products or services.
Who we share personal data with
We do not sell your personal data to any third parties or otherwise share your information with third parties for marketing purposes. However, for the purposes mentioned under section 6, ‘Why we collect and use personal data’, we may disclose personal data to third parties (i) if we believe it is necessary for the conduct of our business, (ii) when directed by the client to do so, or (iii) where disclosure is required by law.
For example, personal data may be disclosed to others to enable them to provide business services for us such as, performing general administrative activities for us and assisting us in processing a transaction on behalf of a client. Personal data may also be disclosed for audit or research purposes.
We may disclose personal data to the following third parties in the following circumstances:
- Our affiliates, to the extent they support us in providing you with products or services
- Your adviser, trustee, business associate, professional advisor where this is required as part of the product or service you have agreed with us
- Investors in our funds, to the extent we are legally or contractually obliged to share such information with them (e.g. your name and address if you are a board member of a fund)
- Third parties we have chosen to support us in the delivery of the products and services we offer to you and other customers. For example, legal consultants, technology companies, real estate managers, surveyors, notaries, maintenance or repair companies, or banking and other commercial partners
- Third parties who can help us in our contact with you, for example an internet service provider (e.g. Intralinks)
- Third parties, if we believe disclosure is necessary to (i) investigate, prevent, or respond to suspected illegal or fraudulent activity, (ii) protect the safety, rights, or property of our company, clients or investors, or others, or (iii) exercise or protect legal rights or defend against legal claims
- In the event of a change of control in Tribeca AIFM SA/NV and/or Tribeca Capital Partners SA/NV resulting from, for example a sale to, or merger with, another entity, or if all or a portion of our assets are sold, we reserve the right to transfer your personal data to the new party in control or the party acquiring assets
- Our regulators; including the Financial Services and Markets Authority in Belgium
- Governmental authorities, to the extent we in good faith believe to have a legal obligation to share such personal data or otherwise pursuant to a legal or regulatory request, subpoena, or other legal process
- Law enforcement and other appointed agencies who support us (or where they request the information) in the prevention and detection of crime
If personal data is disclosed to any third party mentioned above (save for to the regulator, governmental authorities or law enforcement), we will require such third party to treat the information as confidential and not to use it for any other purpose than to carry out the services they have been contracted to perform.
In addition, we have engaged an IT service provider to arrange for maintenance and support functions. This IT service provider shall not be deemed to be a data processor since they do not have independent control of the personal data that is provided by us. Thus, we remain responsible for the due processing of your data in this regard.
Where personal data is processed
Our processing of your personal data is done in Belgium. However, some of your personal data may be processed by the third parties we work with (please refer to section 7, ‘Who we share personal data with’) in other countries, including outside of the EEA.
Where your personal data is being processed outside of the EEA, we take additional steps to ensure that your personal data is protected to at least an equivalent level as would be applied by EEA data privacy laws e.g. we will put in place legal agreements with our third party suppliers and do regular checks to ensure they meet these obligations.
How we protect your information
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal data which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
Your information is protected by controls designed to minimise loss and/or damage through accident, negligence or deliberate actions. We use industry standard measures to protect personal data provided to us. While we strive to ensure the security of your personal data when storing, using and sharing the information you give us, no service is one hundred percent secure, and thus we encourage you to take appropriate measures to protect yourself, including, for example, keeping all user names and passwords confidential.
In case of a data leak the responsible person will notify the regulator and the person involved (owner of the personal data) within 48h.
How long we keep personal data
We do not retain your personal data any longer than necessary. In general, this means that we do not retain it for a longer period than required in order to comply with our operational requirements, such as proper account maintenance, facilitating client relationship management, and responding to legal claims or regulatory requests.
In some cases, we are required to keep certain personal data for a longer period for legal and regulatory reasons. The length of time will vary, and we regularly review our retention periods to make sure that they comply with all laws and regulations. For example, we have the legal obligation to store your information (specific parts of it) up until 10 years after our professional relation ends.
Your rights and how to exercise them
You have a number of rights under data protection laws which may be exercised in certain circumstances. These are:
- the right to be informed about how and why we are processing your personal data
- the right of access to personal data relating to you
- the right to rectification of inaccurate or incomplete personal data
- the right to request erasure of your personal data
- the right to restrict processing of your personal data
- the right to data portability
- the right to object to processing of your personal data (e.g. profiling or direct marketing)
- the right not to be subject to automated decision making (including profiling) which significantly or legally affects you
(ii) - (iii), Access and rectify your personal data
You have the right to ask us what personal data of yours we process and to request that incorrect data is rectified or removed.
(iv), Right to erasure (‘right to be forgotten’)
In a number of cases and subject to conditions, you have the right to have your personal data that we hold erased. This is the case when:
- The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- You have withdrawn your consent for processing;
- You make a reasoned objection to the processing;
- Your personal data has been unlawfully processed by us;
- The personal data has to be erased for compliance with a legal obligation;
The right to be forgotten is not an absolute right. We can decide to reject your request and not to erase your data if your request is not based on one of the aforementioned reasons, or (i) in order to exercise
the right to freedom of expression and information; (ii) in order to comply with a statutory obligation; or (iii) to establish, exercise or defend a legal claim.
If we reject your request to erase your personal data, we will inform you of the reasons why we are unable to honour your request.
(v), Restriction of processing
If you believe that we are processing your information unlawfully or that the data processed by us is incorrect, you can request that the processing be restricted. This means that we may no longer process the data.
(vi), Data transfers (data portability)
You have the right to obtain a copy of the personal data that you have provided to us for the performance of the agreement that you have concluded with us or based on your consent. This only concerns personal data that we have received from you and not data that we have received from third parties. The aim of this right is to enable you to easily transfer this data to another party.
(vii), Right to object
You always have the right to object to the processing of your personal data that takes place based on our legitimate interest or the legitimate interest of a third party. In that case, we will no longer process your data unless there are compelling legitimate grounds for processing that take precedence, or that relate to the establishment, exercise or defence of legal claims.
If you wish to receive more information about your rights or wish to exercise them, please contact us using the contact information in section 12, ‘How to contact us’. We may ask security questions or ask for a copy of your ID in order to verify your identity. You will receive our reply within four weeks.
How to contact us
Via email to: firstname.lastname@example.org or email@example.com
Via post to: Tribeca
att. Yves Grauls
Boulevard du Roi Albert-II 7
Tribeca AIFM SA/NV and Tribeca Capital Partners SA/NV have not appointed a data protection officer, as it is legally not obliged to do so. However, Mr. Yves Grauls is the person internally responsible and coordinates user inquires (on this subject), internal awareness and follow-up of data leaks.
How to make a complaint
While we hope that we can resolve any complaints for you, you do have the option to complain to your local data protection authority. This is available to you whether or not you have exhausted our complaints procedure.