top of page
Privacy Policy

Introduction

EST Partners Limited (“EST”, “we” or “us”) is committed to protecting the privacy and security of your personal information in accordance with applicable UK data protection laws, including the General Data Protection Regulation (“GDPR").  

​

Purpose of this Privacy Policy and Contact Details

This privacy policy describes how EST collects and uses your personal data.  As a "data controller", we are responsible for deciding how we collect and use personal information about you and for the information contained in this privacy policy.

​

We may process your personal data in the course of our relationship with you in a number of ways, including:

  • when you use our website (www.est-partners.com);

  • when you contact or request information from us;

  • when you are seeking to engage our services or solicit our business as a customer of yours;

  • when you are a manager, advisor or shareholder of one of our portfolio companies (or of a prospective portfolio company); and/or

  • when you contact us directly via one of our members of staff, or via an introduction from anyone with whom we have an existing business relationship.

​

It is important that you read this notice so that you are fully aware of how and why we are using your data.  If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact our Finance Partner as indicated below:

​

Contact:            Compliance Partner
Email:               gdpr@est-partners.com
Address:           EST Partners Limited

                73 Cornhill
                London
                EC3V 3QQ

​

The data we collect about you

Personal data means any information from which a person can be identified.  We collect, use, store and transfer different kinds of personal data about you, depending on the nature of our relationship with you, including:

  • basic information: such as your name (including name prefix or title), the company you work for, your title or position and your relationship to our other contacts (if applicable);

  • contact information: such as your postal address, email address and phone number(s);

  • information collected about you, including via our website: such as information from your visits to our website including your internet protocol (IP) address, your login data, and any information you provide when you register or contact us via our website;

  • financial information collected from investors and prospective investors: such as bank account details necessary to process payments;

  • identification and background information: such as information provided by you or collected by us as part of our due diligence and business acceptance processes, in order to comply with our regulatory requirements;

  • marketing and communications information: such as your preferences in receiving marketing information from us and our third parties and your communication preferences; and

  • any other information: including information relating to you which you may provide to us.

 

In certain circumstances, we may be required to carry out enhanced due diligence checks to comply with our obligations under the Money Laundering Regulations 2017.  These enhanced checks may reveal information about criminal convictions or information about an individual’s political opinions and associations and/or other sensitive personal data (also referred to as special categories of personal data).  We will only collect and process such information to the extent necessary to comply with our regulatory obligations and in accordance with the applicable data protection laws.

​

What lawful bases do we rely on to use your personal data?

We will only use your personal data when the law allows us to, including:

  • to perform our contractual obligations towards you or to take steps before entering into a contract with you or the organisation you work for;

  • for our legitimate interests (or those of a third-party) and where your interests and fundamental rights do not override those interests.  Our legitimate interests are to conduct our business in an efficient, compliant and profitable manner; and/or

  • to comply with our legal or regulatory obligations.

 

Purposes for which we will use your Personal Data

We collect information about you so that we can:

  • identify you;

  • detect and prevent fraud;

  • conduct “Know Your Customer” checks;

  • liaise with portfolio companies, suppliers and group companies;

  • administer our contract with you and/or our portfolio companies (if applicable);

  • improve our services;

  • manage our business, including for accounting and auditing purposes;

  • conduct our regular reporting activities on the performance of our business;

  • maintain our IT systems and manage hosting of our data;

  • deal with any legal disputes which may involve you; and

  • comply with our regulatory reporting obligations.

 

We will only use your personal information for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.  If we need to use your personal information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.  Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

​

Marketing

We may contact you by telephone and/or e-mail to let you know about our products, services, events and activities, which we feel may be of interest to you.  We will only contact you for such purposes if we have the legal right to do so under the applicable data protection laws.

 

Opting Out

You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.

 

Cookies

We will collect certain personal data when you are a visitor to our website.  We use “cookies” or other tracking technologies to identify you and to enable us to remember your log-in details.  Amongst other things, this helps us to understand our website users and enables us to improve the website experience for you and/or other users.  Please refer to our Cookies Policy for details on how and why we use this data.

 

Disclosures of your Personal Data

We may have to share your personal data with third parties.  When we do, we require them to respect the security of your personal data and to treat it in accordance with the law.  We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

 

International Transfers

If we need to transfer your personal data outside the European Economic Area (EEA), we will ensure that any transfer of your data will be subject to appropriate safeguards and remedies in the unlikely event of a security breach.

 

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed or accessed in an unauthorised way.  In addition, we limit access to your personal data to those employees, members, agents, contractors and other third parties who have a business need to know.  They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

 

We have in place procedures to deal with any suspected personal data breach and will notify you and the Information Commissioner’s Officer (ICO), the UK supervisory authority for data protection issues, of a breach where we are legally required to do so.  While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred via the internet.  If you have any particular concerns about your information, please contact us.

 

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including satisfying any legal, accounting or reporting requirements.

 

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.  Once our processing of your personal data is no longer necessary, we will securely destroy your personal information in accordance with applicable laws and regulations.

 

Your Legal Rights

Under certain circumstances, by law, you have the right to:

 

Request access to your personal information - (commonly known as a "data subject access request").  This enables you to receive a confirmation from us as to whether we process any of your personal information or not, and if this is the case, to receive a copy of such personal information and to check that we are lawfully processing it.

 

Request correction of the personal information that we hold about you.  This enables you to have any incomplete or inaccurate information we hold about you corrected.

 

Request erasure of your personal information.  This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it.  You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with applicable laws.  Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

 

Object to processing of your personal information.  Where we are relying on a legitimate interest (or those of a third-party) but you to feel such processing of your personal data impacts on your fundamental rights and freedoms, you may object.  You also have the right to object where we are processing your personal information for direct marketing purposes.  In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

 

Request the restriction of processing of your personal information.  This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it, or if you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.

 

Request the transfer of your personal information to another party.  This right applies if data is supplied by a data subject and the processing is carried out by automated means.  We will not process any of the personal data provided by you by automated means, but in the event you submit a request to transfer your personal information to another party, we will consider your request and let you know whether your request can be fulfilled.

​

--

​

Please contact us if you wish to exercise any of the rights set out above.  In the event you do contact us, we may need to verify your identity to allow us to prevent disclosure of your information to an unauthorised person.  Please note that if you request erasure, object to our processing of your personal data or request the restriction of our processing of your personal data we may not be able to provide our services.

 

You will not have to pay a fee to access your personal information (or to exercise any of the other rights).  However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.  Alternatively, we may not be able to comply with the request.

 

We try to respond to all legitimate requests within one month. Occasionally it may take us longer, if your request is particularly complex or if you have made a number of requests.  In this case, we will notify you and keep you updated.

 

Right to Complain

You have the right to make a complaint at any time to the ICO (www.ico.org.uk).  We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

 

Changes to this Privacy Policy

We may change this privacy policy from time to time.  Please visit our website occasionally to ensure you are aware of the most recent version.

​

​

​

bottom of page