Information we collect from you
Whether you are an individual or a company, or someone from within our network who wishes to have a relationship with us, we may collect and process different kinds of personal data about you, which we have grouped together as follows:
- Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call us.
- Profile Data includes your username and password, your interests, preferences, feedback and survey responses.
Usage Data includes information about how you use our website.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
How we collect your personal data
Personal data you give us. This may include Identity Data, Contact Data and Financial Data about you that you give us by filling in forms on our site vc (our site) or by corresponding with us by phone, e-mail or otherwise. It includes personal data you provide when you register to receive Future VC’s news and updates, subscribe to any of our services, participate in discussion boards or other social media functions on our site and when you report a problem with our site.
Personal data we collect about you. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. We may also collect your Identity Data and Contact Data from publicly available sources, to send you communications which make suggestions and recommendations to you about services that may be of interest to you. You will always be provided with the opportunity to opt-out of receiving these communications (see “Marketing” below).
Personal data we receive from other sources. This is personal data we receive about you if you use any of the other websites we operate or the other services we provide. In this case, we will have informed you when we collected that data if we intend to share that data internally and combine it with data collected on this site. We will also have told you for what purpose we will share and combine your data. We are working closely with third parties (including, for example: (i) business partners such as accountants and lawyers, located both inside and outside the EU; (ii) partners, partner funds and suppliers, located both inside and outside the EU; (iii) analytics providers such as Google based outside the EU; and (iv) publicly available sources such as Companies House and the Electoral Register based inside the EU).
Uses made of the personal data
We use personal data held about you in the following ways: We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your personal data, other than in relation to sending third party direct marketing communications to you via email or text message.
Purposes for which we will use your personal data
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). If you are an individual, you will receive marketing communications from us because you have requested to receive them or previously entered into a contract with us and, in each case, you have not opted out of receiving marketing.
If we are contacting you as a business then we are entitled to contact you on the basis of our legitimate interests (to develop and grow our business) with marketing information provided that you have not previously opted out of receiving such communications. In some circumstances you may receive marketing communications from us if we have collected your Identity Data and Contact Data from a publicly available source, however you will always be provided with the opportunity to opt-out of receiving these communications.
We will get your express opt-in consent before we share your personal data with any company outside Future VC or diversity VC for marketing purposes. Opting out You can ask us or third parties to stop sending you marketing messages at any time by contacting the DPO, St Cloud Gate, St Cloud Way, Maidenhead, Berkshire, SL6 8XD or email@example.com at any time.
Disclosure of your personal data
We may have to share your personal data with the parties set out below for the purposes set out above:
Any member of Future VC, which includes any Future VC and Diversity VC entity that directly or indirectly controls, is controlled by, or is under common control with another Future VC or Diversity VC entity acting as both controllers and processors based inside and outside the EU.
Selected third parties including:
- Business partners, including partner funds, partners, sponsors, acting as processors or joint controllers based inside and outside the EU.
- Suppliers and sub-contractors acting as processors based inside and outside the EU who provide IT and systems and administration services.
- Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the UK, the US and other jurisdictions outside the EEA who provide consultancy, banking, legal, insurance and accounting services.
- Regulators and other authorities, including HMRC acting as processors or joint controllers based in the UK who require reporting of processing activities in certain circumstances.
- Analytics and search engine providers based in jurisdictions both inside and outside of Europe that assist us in the improvement and optimisation of our site.
Please contact the St Cloud Gate, St Cloud Way, Maidenhead, Berkshire, SL6 8XD or firstname.lastname@example.org if you want further information on Future VC or any third party with whom we share your personal data.
We will disclose your personal data to third parties:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If Future VC or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We share your personal data within Future VC. This may involve transferring your data outside the European Economic Area (EEA). Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
Please contact the St Cloud Gate, St Cloud Way, Maidenhead, Berkshire, SL6 8XD or email@example.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available in our Document Retention & Management Policy which you can request by contacting us.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. You have the right to ask us not to process your personal data for direct marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting the St Cloud Gate, St Cloud Way, Maidenhead, Berkshire, SL6 8XD or firstname.lastname@example.org. Under certain circumstances, by law you have the right to:
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate personal data we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal data to another party. If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us.
No fee usually required
You will not have to pay a fee to exercise any of your rights as set out above. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity to ensure that you do have a right to exercise any of your rights as set out above. This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Right to withdraw consent
We will not usually rely on your consent as the legal basis for processing your personal data. In the limited circumstances where we have requested you to consent to the processing of your personal data for a specific purpose, and you have provided such consent, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact the St Cloud Gate, St Cloud Way, Maidenhead, Berkshire, SL6 8XD or email@example.com. Once we have received notification that you have withdrawn your consent, we will no longer process your personal data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
Third party sites
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
This version was last updated on 5th November 2020