Last updated: January 2024
1. What information do we collect and how do we use it?
1.1 Visitors to our Website
When you visit our Website, we, or third parties on our behalf, will collect and use the following information about you:
(a) information related to identification (including your name and email address);
(b) information related to your business (including company name and the department you work in);
(c) information provided when you correspond with us;
(d)any updates to information provided to us; and
(e)the following information created and recorded automatically when you visit our Website:
(i) Technical information. Information such as the Internet Protocol (IP) address used to connect your computer to the internet address; the website address and country from which you access information; the files requested; browser type and version; browser plug-in types and versions; operating system; and platform.
(ii) Usage information. Information about how you use our Website, such as the website you visit before and after visiting our website (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting further service or downloads.
We will process, store and use your personal data for the purposes set out below:
(a) to allow you to access and use our Website;
(b) to receive and respond to enquiries from you through the Website about our businesses, projects and investments;
(c) for improvement and maintenance of our Website and to provide technical support for our Website;
(d) to ensure the security of our Website;
(e) to recognise you when you return to our Website; and
(f) to evaluate your visit to the Website and prepare reports or compile statistics to understand the type of people who use our Website, how they use our Website and to make our website more intuitive. Such details will be anonymised as far as reasonably possible.
1.2 Clients, investors and business contacts
We collect, and process personal data relating to and provided by existing, potential and former clients, investors and business contacts.
We, or third parties on our behalf, will collect and use any of the following information about you:
(a) information related to identification including name, gender, marital status, signature, nationality, place and date of birth, passport number, residential address, email address, dependants, next of kin, emergency contacts and other contact details;
(b) financial information including bank account details, pension details, tax status and tax identification numbers;
(c) correspondence records;
(d) where necessary, information regarding your investment activity;
(e) images (whether captured on CCTV, by photograph or video); and
(f) personal data relating to criminal convictions and offences, which may be processed by us to comply with a legal or statutory obligation, or where we believe it is in our legitimate interests to make a criminal records check.
We process, store and use your personal data for the purposes set out below:
(a) to manage any funds in which you are an investor or potential investor, and to enter into and honour our contractual obligations to you;
(b) to make sure you have access to the relevant sections of our Website, depending on whether you are a professional or non-professional investor;
(c) to detect and prevent crime such as fraud, money laundering, terrorist financing, bribery, corruption, tax evasion and to prevent the provision of financial and other services to persons who may be subject to economic or trade sanction on an ongoing basis (“Regulatory Assessments”);
(d) to retain your personal data as part of our Regulatory Assessments;
(e) to liaise with or report to any regulatory authority (including tax authorities) with whom we are either required to cooperate or report to, or with whom we decide or deem it appropriate to cooperate, in relation to an investment;
(f) to disclose your personal data to any bank, financial institution or other third party lender providing any form of facility, loan, finance or other form of credit or guarantee to Bluefield;
(g) to communicate with our professional advisers for the purposes of obtaining professional advice;
(h) to conduct business analytics and diagnostics;
(i) for service, training and related purposes;
(j) to send marketing communications (including by telephone and e-mail) to you and to conduct market research and business development; and
(k) to monitor and record electronic communications and transactions:
(i) for investigation and fraud prevention purposes, for crime detection, prevention, investigation and prosecution of any unlawful act (or omission to act); and
(ii) to enforce or defend Bluefield’s rights, or through third parties to whom we may delegate such responsibilities or rights in order to comply with a legal or regulatory obligations imposed on us.
We collect your personal data from the following sources:
(a) from information which you, your authorised representative or our service providers give to us, including but not limited to:
(i) information set out in any application or other forms or documents we may request that you complete as a client, investor, business partner or intermediary;
(ii) any documentation that we may obtain as part of our regulatory requirements; and
(iii) any personal data provided by you by way of correspondence with us by phone, e-mail or otherwise;
(b) personal data we receive from third party sources, including:
(i) entities in which you or someone connected to you has an interest;
(ii) your legal and/or financial advisers;
(iii) your relatives, trustees, personal representatives or shareholders;
(iv) other financial institutions who hold and process your personal data to satisfy their own regulatory requirements; and
(v) credit reference agencies and financial crime databases for the purposes of complying with our regulatory requirements.
2. Lawful ground for use of your personal data
2.1 We are entitled to hold and process your personal data on the following lawful grounds:
(a) our use of your personal data is necessary to perform our obligations under any contract with you (for example, to comply with our contract to provide services to you or your employer); or
(b) our use of your personal data is necessary for complying with our legal, regulatory and statutory obligations; or
(c) where neither (a) nor (b) apply, use of your personal data is necessary for our legitimate interests or the legitimate interests of others (for example, to ensure the security of our website). Our legitimate interests are to:
(i) run, grow and develop our business;
(ii) ensure effective business administration;
(iii) to operate, control, monitor and analyse systems, resource and productivity;
(iv) maintain records;
(v) manage business relationships;
(vi) carry out marketing (including by telephone and e-mail), market research and business development; or
(d) (in certain circumstances) where we have obtained your consent, which you may withdraw at any time after giving it, as described below.
(e) If we rely on your consent as a lawful ground for us to use your personal data in a particular way, but you later change your mind, you may withdraw your consent by contacting us using the contact details provided at section 8 below and we will stop doing so.
3. Sharing personal data
3.1 Personal data may be shared internally within the Bluefield group of companies, as necessary for personnel to carry out their roles or for the conduct of our business.
3.2 We also share data with certain third parties or categories of third parties for the following reasons:
(a) as required by law, with statutory bodies such as, but not limited to, HMRC, and when requested to do so with the police, court services, foreign authorities and similar bodies;
(b)providers of legal services or other professional services;
(c) providers of financial services, such as banks, financial institutions or other third party lenders;
(d) providers of services which host, maintain, service, develop and secure IT domains, websites platforms and software;
(e) parties who assist us with auditing, compliance monitoring and corporate functions;
(f) providers of goods and services to the company who require personal data in the provision of such; and
(g) providers of security services at and for our corporate premises.
In the event that our business is sold or integrated with another business, your details may be disclosed to our advisers and any prospective purchaser and/or advisers and will be passed to the new owners of the business. In addition, in an acquisition in which our business is the purchaser, your details may be shared with the seller and/or its advisors.
4. Where personal data is transferred outside of the UK
4.1 Your personal data may be used, stored and/or accessed outside of the United Kingdom or the European Economic Area (“EEA“) by staff operating outside of the UK or the EEA who work for us, or other third parties who we contract with and who may be engaged in, among other things, processing of personal data (as described in 3 above).
4.2 When we transfer your data outside of the UK or the EEA, we will:
(a) ensure that the country in which your personal data will be processed has been deemed “adequate” by the relevant UK or EEA authorities as required by applicable data protection laws; and
(b) include the standard contractual data protection clauses approved by relevant authorities in the UK or the EEA, into our contracts with those third parties.
4.3 For further information, including how to obtain a copy of the documents used to protect your information when it is transferred outside of the UK or the EEA, please contact us using the details set out in the Contact Us section below.
5. Retention of personal data
5.1 We will hold personal data only for so long as it is appropriate to do so. This period will vary depending upon the reason for retention. Data will be periodically assessed to determine whether a cull or edit of information is necessary.
5.2 Your personal data will generally be retained for the longest of the following periods:
(a) for Bluefield or any authorised third parties to carry out the purposes for which the data was collected or as long as is set out in any relevant agreement you enter into with us;
(b) in order to establish or defend legal rights or obligations or to satisfy any reporting or accounting obligations;
(c) seven years following the point from when your business relationship with Bluefield or BSIF has ceased; or
(d) any retention period that is required by data protection laws and any applicable laws or regulatory requirements.
6. How do we protect data?
6.1 We will take appropriate administrative, physical, and technical measures to protect personal data consistent with applicable privacy and data security laws and regulations. When we retain a third-party service provider to store or process personal information, that provider will be assessed for their ability to meet industry standard security measures to ensure the confidentiality and integrity of the personal data.
6.2 Although we make every effort to protect the personal information which you provide to us, the transmission of information over the internet is not completely secure. As such, you acknowledge that we cannot guarantee the security of your personal information transmitted to us over the internet that any such transmission is at your own risk. Once we have received your personal information, we will use strict procedures and security features to prevent unauthorised access.
7. Your rights
7.1 You have the right to ask us for a copy of your personal data; to correct, delete or restrict processing of your personal data; and to obtain the personal data you provide in a structured, machine readable format. In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement). Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to our processing your data, this will not affect any processing which has already taken place at that time.
7.2 You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
7.3 These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. If you have unresolved concerns, you have the right to complain to the Information Commissioner’s Office in the UK; the Garante per la protezione dei dati personali in Italy; the Agencia Española de Protección de Datos in Spain; or the Comissão Nacional de Protecção de Dados in Portugal.
7.4 If you would like further information in relation to your rights or would like to exercise any of them, please contact us using the contact details provided at section 8 below.
8. How to contact us
Company Name: Bluefield Partners LLP: registered number: OC348071
Company Address: 40 Queen Anne Street, London, W1G 9EL
Data Privacy Officer: Kevin O’Connor, Group General Counsel, Bluefield Partners LLP
Contact Details: 6 New Street Square, New Fetter Lane, London, EC4A 3BF Telephone: 0207 078 0023 Email: firstname.lastname@example.org
9. Keeping us updated
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data (for example, your contact details) changes at any point.