Last date of revision: 29/01/2022
As a company “Investor Access” (also referred in this text as “we”) is committed to protect your privacy and to process your personal data in an open and transparent manner, in particular with respect of the General Data Protection Regulation 2016/679 of 27th of April 2016 (“GDPR”).
What is covered by this GDPR privacy statement?
With this Privacy Statement we would like to inform you about why and how we process your personal data, which you may provide directly to us or via third parties, when we perform our business activities, organize our “Events”, or when you use our website (“the Site”) and any of the services we offer through the Sites, who we give that information to, what your rights are and who you can contact for more information or queries.
The Sites may link to other sites provided by other affiliated companies entities or by third parties. Whilst we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content or the privacy practices of other websites.
When linking to any such sites, we strongly recommend you to review the Privacy Statements on these sites, before disclosing any personal information.
When we refer to “the Events”, we mean any conferences, roadshows, meetings, forum-type events we organize online and physically as part of our business activities.
Personal data will be collected and processed by us when you or a company with which you are connected engage with us and/or avail of our services and also for legitimate business reasons.
Why do we process your personal data?
We only process your personal data for legitimate business reasons.
Investor Access collects your personal data to:
- provide you with information about our activities that are directly linked to your business activity;
- execute our contractual obligation to you or to provide you with pre-contractual information;
- take care of the provision and good organization of our (online & on-site) services;
- provide the participants and partners of our Events information about you for the legitimate interest of the involved parties ;
- improve the Site’s performance and design ;
- perform general branding communications (including invitations for events);
- provide sales and direct marketing communications such as messages about the services and products we offer ;
- deal with inquiries, requests and complaints;
- gather statistics about these communications.
We may also collect personal data for:
- invoicing and accounting;
- visitor management;
- access control;
How and on what legal grounds do we process your data?
When you submit a request with your personal or professional information or contact details on our Sites, via email or phone or when your information is publicly available through third party data services, and/or from publicly available resources (e.g. registration offices, newspapers, your employer’s website, your public social media profile and other publications) your personal data will in principle be processed for the purposes of our legitimate interests (namely the interest to handle all inquiries, requests and complaints sent in the best possible way).
In this respect, we will always determine case by case whether our interests are not overridden by your interests, fundamental rights and freedoms.
The legal ground which we rely on to contact you and for the sending of electronic communications depends on the purpose of the communications concerned:
- General branding communications: your personal data will be processed to strengthen our image as a brand, which is in our legitimate interest. In this respect, we will always determine case by case whether our interests are not overridden by your interests, fundamental rights and freedoms.
- Sales and direct marketing communications: your personal data will be processed with your explicit consent, unless we have obtained your contact details in the context of the sale of similar products or services. In the latter case, we will rely on legitimate interests, more specifically the interest to advertise our products and services to existing customers.
- Legitimate interests of the Company and/or of a third party, including (but not limited to) our business activities, Event organization, customer and supplier management etc. In this respect, we will always determine case by case whether our interests are not overridden by your interests, fundamental rights and freedoms.
If we have the legal obligation to obtain your free, informed, specific and unambiguous consent to process your personal data for certain purposes (e.g. specific direct marketing or market research activities), we will only process your data for such purposes to the extent that we have obtained such consent from you.
Data we collect
The personal data we hold in our database may consist of:
- Identification data (e.g. name, surname, phone number (private / work), e-mail address (private / work), country of residence, photo) ;
- The company you work for ;
- Your job title, bio, Linkedin, investment universe, information on the managed funds ;
- personal characteristics (e.g. gender, language, bio, Linkedin…) ;
- employment data (e.g. organization you work for, job title, current responsibilities) ;
- data about which products and services you order;
- data about how you interact with us (e.g. which Events you joined, which companies or investors you met) and other similar information
shareholder information etc.
Disclosure of your personal data
We employ strict technical and organizational (security) measures to protect your information from access by unauthorized persons and against unlawful processing, accidental loss, destruction and damage both online and offline.
These measures include:
- training to relevant staff to ensure they are aware of our privacy obligations when handling personal data;
- administrative and technical controls to restrict access to personal data on a ‘need to know’ basis;
- machine-generated password access for the user (you) to the personal data on our online platform, which can be modified by the user (you) – we do not store these passwords ;
- physical security measures, such as identification badges to access the premises of our Events.
Although we use appropriate security measures once we have received your personal data, the transmission of data – especially over the internet (including by e-mail) – is never completely secure. We endeavor to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.
We limit access to your personal information to those who we believe reasonably need to come into contact with that information in order to carry out their jobs.
Your personal data will not be retained longer than necessary for the purposes described above.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
As a general rule, personal data obtained through our Site, via direct contact, through legitimate third parties, public sources or in the framework of a contractual relationship is stored for a period of 10 years.
Depending on the specific situation and the applicable national legislation, we may however retain your personal data for a longer period. This will in particular be the case if any of the following periods is longer:
- as long as is necessary for our daily business and as long as we have any legitimate interest in contacting you;
- any retention period that is required by law;
- or the end of the period in which litigation or investigations might arise.
You have several rights concerning the information we hold about you. We would like to inform you that you have the right to:
- obtain confirmation that we are processing your personal data and request a copy of the personal data we hold about you for portability purposes;
- ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete either through us or by using your direct personal access (if available) to our online platform ;
- ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data if you believe that there is no (longer a) lawful ground for us to process it;
- withdraw consent to our processing of your personal data (to the extent such processing is based on consent);
- object to our processing of your personal data for which we use legitimate interest as a legal basis, in which case we will cease the processing unless we have compelling legitimate grounds for the processing.
You have also the right to object at any time to the processing of personal data for direct marketing. If you do not want to continue receiving any direct marketing from us, you can contact us (see below) or click on the unsubscribe function in any such communication. In that event, the personal data shall no longer be processed for such purposes.
In order to exercise any of your rights, you can send us a request, indicating the right you wish to exercise:
- by e-mailing us at firstname.lastname@example.org; or
- by addressing your query to Investor Access SAS 128, rue de la Boétie 75008 Paris, France
You may also use these contact details if you wish to make a complaint to us relating to your privacy.
Change to this privacy statement
We may modify or amend this Privacy Statement from time to time. Any changes we may make to this Privacy Statement in the future will be posted on this page. To let you know when we make changes to this Privacy Statement, we will amend the revision date at the top of this page. The new modified or amended Privacy Statement will apply from that revision date. Please check back periodically to see changes and additions.