Sapphire Capital Partners LLP is committed to the privacy and security of any personal information that we may collect. Should you provide any personal information by which you can be identified, we assure you that it will only be used in accordance with this privacy statement.
In this policy, "we", "us" and "our" refer to Sapphire Capital Partners LLP. For more information about us, see Section seven.
For the purposes of the General Data Protection Regulation and the Data Protection Act 2018 (Data Protection Legislation), we act as the data controller.
This policy sets out how we use and protect any personal data collected or provided through this website.
This policy may be updated and should be checked regularly to ensure that you are happy with any implemented changes. We will notify you of significant changes to this policy by email.
How we use your personal data
This section sets out:
(a) the general categories of personal data that we may process;
(b) the source and specific categories of any data that is not obtained from you;
(c) the purposes for which we may process personal data; and
(d) the legal bases of the processing.
We may collect, process, store and transfer different categories of personal data which we have grouped together below. We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out.
- Service Data (General data)
Type of data: Full name, email address, home address, phone number, work number, date of birth, bank details, investment history, national insurance number, appropriate credit checks, police reports, photographic I.D, tax information, nationality and place of birth.
Purpose: Providing and ensuring the security of our services, maintaining backups of our databases, obtaining tax reliefs such as SEIS, EIS and R&D tax credits, the vetting process to be an investor in which we act as an investment manager, the creation of an EPUT or data relating to the start-up and/or innovator visa program.
- Performance of Contract;
- Legitimate Interests, namely the proper administration of our business or the performance of a contract between you and us and at your request to enter into such a contract.
- Enquiry Data (Data contained in any enquiry you submit to us)
We may process information contained in any enquiry you submit to us regarding our services.
Purpose: Offering, marketing and advising on relative services to you.
- Legitimate Interests, as above;
- Where we wish to process ‘enquiry data’ for the purposes of offering or marketing, we will obtain explicit consent from you.
- Customer Relationship Data (Data relating to our customer relationships)
Type of Data: Full name, Company name, your role in the company, contact details and information contained in communications with us. We may obtain this personal information from yourself, the custodian, the investment advisor, the investment provider or the fund mentor.
Purpose: Managing relationships and communications with customers, keeping records of these communications and promoting our products and services.
- Performance of contract;
- To comply with legal obligations;
- Legitimate Interests, where appropriate.
- Customer Website Data (Data we collect from our website)
Type of Data: Name, company name, address, contact number, email address, business information and any other relative information relating to a query.
Purposes: Marketing purposes which include industry news, blog articles, E-Book updates, newsletters and other relative information.
- A tick box is present at every data entering a location on our website;
- Legitimate Interests;
- Performance of Contract, where appropriate.
- Third-Party Data (Data from third parties or publicly available sources)
Type of Data: Name, company name, role, contact details and information contained in communications between us.
Purpose: To verify the information for the purposes of due diligence and ensure compliance with Financial Regulations as an FCA authorised firm.
- Legitimate Interests, where appropriate.
- Transaction Data (Data relating to transactions between us)
Type of Data: Contact details, card details and the specific transaction details.
Purpose: Supplying the purchased goods and services and keeping a sufficient record of any transactions.
- Performance of Contract. Taking steps, at your request, to enter into a contract;
- Legitimate Interests, namely the appropriate administration of our business.
We may also process any of your personal data:
- where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
- where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
- where such processing is necessary for compliance with a legal obligation to which we are subject, or to protect your vital interests or the vital interests of another natural person.
Please do not supply any other person's personal data to us, unless we prompt you to do so.
In order for us to provide our services, we may be required to share your personal data. We may disclose your personal data to our insurers and/or professional advisors, such as the custodians, the nominee, the investment advisor and the fund mentor. We may also be required to disclose your personal data to the Financial Conduct Authority or Financial Ombudsman.
We will only disclose your personal information to these parties where it is reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims.
We may also disclose your personal data where it is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Personal data that we process for any purpose shall not be kept for longer than is necessary for that purpose. We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
We will retain your personal data as follows:
(a) All data relating to funds will be retained for a period of six years following the end of the investment.
(b) Where applicable to funds some data may be held for a period longer than six years if HMRC or the Finance Act 2007 requires so.
(c) All data relating to client work such as SEIS/ EIS/ VCT or R&D tax credit engagements will be retained for a period of six years following the end of the engagement.
In cases where it is not possible for us to specify the periods for which your personal data will be retained, we will determine the period of retention based on ‘any requirement or investigation by HMRC.’
Your Legal Rights
Under certain circumstances, you have rights under the current Data Protection Legislation in relation to your personal data. We advise that you read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
In summary, your principal rights under Data Protection Legislation are:
(a) the right to access: provided that other individuals’ rights and freedoms are not affected, you have the right to access any of your personal information that we may hold. We will supply this information to you along with details of the purposes of the processing, the categories of the personal data concerned and the recipients of the personal data. The first copy will be provided free of charge; additional copies may be subject to a reasonable fee.
You can access your personal data by emailing firstname.lastname@example.org
(b) the right to rectification: You have the right to rectify any of your personal data that is inaccurate, taking into account the purposes of the processing, to have any incomplete personal data completed.
(c) the right to erasure: In some circumstances, you have the right to erase your personal data without undue delay. These circumstances include: where the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct The general exclusions to this right include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
(d) the right to restrict processing: In some circumstances, you have the right to restrict the processing of your personal data. These circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; or you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. We will only process it, with your consent, for the establishment, exercise or defence of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest.
(e) the right to object to processing: You have the right to object to the processing of your personal data on grounds relating to your own circumstances, but only to the extent that the legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
(f) the right to data portability: You have the right to obtain and re-use any of your personal information that we may hold for your own purposes, provided that it was supplied to us by you.
(g) the right to complain to a supervisory authority: If you consider that our processing of your personal information infringes the Data Protection Legislation, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. However, we would appreciate the opportunity to resolve your concerns prior to you making a complaint.
Please do not hesitate to contact us directly by email at email@example.com to discuss any concerns you may have.
(h) the right to withdraw consent: Where the lawful basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
Your personal data that we obtain and the process is stored on Google drive which encrypts documents and attachments, storing them securely in encrypted folders. Google Drive uses a ‘Perfect Forward Secrecy’ encryption which ensures the security of documents when they are moving through the web. More information can be found on Google’s security page: https://support.google.com/googlecloud.
All computer devices that have access to any data is password protected and encrypted to ensure data security. Any printed data is locked away in a secured room and filing system. Any data stored on paper is disposed of via shredder. It is noted that Sapphire Capital Partners LLP rarely use printed data.
Sapphire Capital Partners LLP is regulated by the Financial Conduct Authority (FCA number: 565716).
We are registered in the United Kingdom under registration number NC000562 and our registered office is at 28 Deramore Park, Malone, Belfast, BT9 5JU.
Our principal place of business is at our Belfast office: 28 Deramore Park, Malone, Belfast, BT9 5JU.
You can contact us:
(a) by post, to our Belfast office given above.
(b) by telephone, on +44 (0) 2890 597213
(c) by email, firstname.lastname@example.org
Data Protection Manager
Name: Johnathan Graham
Phone Number: +44 (0) 78 3308 5164
Office Number: +44 (0) 28 9059 7213