“Vespa Capital”, “we”, “us” and “our” means Vespa Capital LLP and we are committed to respecting your privacy in line with the applicable data protection legislation and in particular with the EU General Data Protection Legislation (EU 2016/679).
We are registered in the UK and our registered address is at North Cottage, Langton Road, Tunbridge Wells, Kent, TN3 0BB and our company registration number is OC337717.
About this privacy notice
For the purposes of data protection law, we are a data controller in respect of your personal data. Vespa Capital is responsible for ensuring that it uses your personal data in compliance with data protection law.
This privacy notice applies to any natural person of whom we process personal information collected by us when you visit this website and any other personal information you may provide to Vespa or which we acquire through our day-to-day business The privacy notice sets out the basis on which any personal data about you that you provide to us, that we create, or that we obtain about you from other sources, will be processed by us. Please take the time to read and understand this privacy notice.
Personal data that we collect about you
We will collect and process the following personal data about you:
- Information that you provide to us or one of our portfolio companies. This includes information about you that you give us by communicating with us, whether face-to-face, by phone, e-mail or otherwise. This information may include, but may not be limited to, your name, address, date of birth, gender, contact telephone number, email address, personal identification documentation, tax identification details and bank account details.
- Information we collect or generate about you. We may also collect certain information about you automatically when you use our website (using cookies or similar technologies), including information about your computer, software and IP address. This information enables us to estimate our audience size and usage patterns and store information about your preferences, and so allow us to customise the website according to your individual interests and recognise you when you return to the website. This information may be stored and used for administrative and monitoring purposes, or to gather statistical data about our users’ browsing actions and patterns.
We may use third-party web analytics on this website, including through our use of Google Analytics and services provided by Lead Forensics. These service providers help us analyse how you and other visitors use the website. Information obtained for this purpose and collected by automated means will be disclosed to or collected directly by these service providers).
We may also collect information from other sources when conducting our day-to-day business such: as those publicly available; external websites; from recruitment agents of potential job candidates or other information you choose to provide us with.
Uses of your personal data
Your personal data may be stored and processed by Vespa for the following purposes:
- to identify and contact you;
- to verify your information;
- to assess and respond to your enquiries and requests (if any);
- to prevent and detect crime;
- to process and administer details associated with your investment and service your requests from time to time;
- to provide you with information about our funds and our other services from time to time;
- to conduct market research and to understand how our service may be improved for you (including through our use of Google Analytics and services provided by Lead Forensics);
- to keep you up to date with the operation and development of our website;
- to offer and improve our services;
- to perform our contract with you
- to carry out our legitimate business interests (as described below)
- to prevent imminent and serious harm to a person or property, and;
- to comply with any relevant law, regulation or other requirements.
We are entitled to use your personal data on the following basis:
- for the legitimate business interests of Vespa and others, and in particular: for fund related activities for investors or potential investors; when reviewing a potential fund portfolio company acquisition; monitoring portfolio companies; working with management teams; maintaining existing (or potential) business relationships with external parties; to administer a contractual relationship with us; or when considering job candidates;
- to comply with certain legal and regulatory obligations (such as anti-money laundering obligations and know your customer due diligence); or
- you have consented to the processing of your personal information.
Disclosure of your information to third parties
- We may disclose your personal data:
- to our group companies and affiliates;
- with third party processors acting on our behalf such as those providing IT, web-design, technical, HR, marketing and analytical services (including, through our use of Google Analytics, and services provided by Lead Forensics
- with other third parties (e.g. regulators, law enforcement) acting as controllers;
- with advisers, service providers and agents acting for us in the course of our day-to-day business subject to agreement by them of confidentiality and security provisions; and
- with such other parties and in any other way which does not identify you individually (including as part of an aggregated or anonymised dataset).
Our website contains links to other websites which are not hosted or operated by us. These websites may use automated means to collect information regarding your use of the websites. This information is subject to the privacy policies or notices of the providers website.
See the ‘Protecting your personal information’ section for information on how we keep your personal information secure when sharing it with others.
Transfers of personal data outside the European Economic Area
Once we have received your information, we may store it in hard copy paper form and/or electronically. Your personal information may be transferred to, and stored at, a destination outside the European Economic Area which may not always have data protection laws providing equivalent protection. In such case, we will take steps to ensure that your information is protected by appropriate organisational and security measures.
Protecting your personal information
We will use a variety of security measures and technologies to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction, consistent with applicable privacy and data security laws. For example, when we transfer personal information to a third-party service provider, that provider will be carefully selected in accordance with our policies and procedures and which commits the third-party service provider to use appropriate safeguards in relation to the handling of your personal information. These safeguards include maintaining confidentiality of your personal information and implementing appropriate technical and organisational security measures.
Although we exercise adequate care and security, there remains a risk that information transmitted over the internet and stored digitally may be intercepted or accessed by an unauthorised third party.
Retention of personal data
How long we hold your personal data for will vary. The retention period will be determined by various criteria including:
- the purpose for which we are using it – we will need to keep the data for as long as is necessary for that purpose; and
- legal obligations – laws or regulation may set a minimum period for which we have to keep your personal data.
- we will actively review the information we hold and delete it when there is no longer a purpose for holding the data(s)
You have a number of legal rights in relation to the personal data that we hold about you. These rights include:
- the right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you;
- the right to withdraw your consent to our processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so.
- in some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;
- the right to request that we rectify your personal data if it is inaccurate or incomplete;
- the right to request that we erase your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal data, but we are legally entitled to retain it;
- the right to request that we restrict our processing of your personal data in certain circumstances. Again, there may be circumstances where you ask us to restrict our processing of your personal data, but we are legally entitled to refuse that request; and
- the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.
You can exercise your rights by contacting us using the details set out in the “Contacting us” section below.
You can find out more information about your rights by contacting the Information Commissioner, or by searching their website at https://ico.org.uk