LAST UPDATED: 13 June 2023
Seedcamp is committed to protecting your personal data. We want you to be familiar with how we collect, process, use and disclose your personal data. This notice (the “Privacy Policy”) describes our practices in connection with any personal data we collect from you, or that you provide to us.
By visiting www.Seedcamp.com or making use of any of the services listed in the “Our Services” section below, you are accepting and consenting to this Privacy Policy.
- IMPORTANT INFORMATION
- OUR SERVICES
- HOW WE PROCESS AND USE YOUR DATA
- General
- Investors
- Portfolio companies
- Others
- HOW IS YOUR PERSONAL DATA COLLECTED
- DISCLOSURES OF YOUR PERSONAL DATA
- DATA SECURITY
- DATA RETENTION
- YOUR LEGAL RIGHTS
- CONTACT DETAILS
1 – Important information
Controller
Seedcamp is made up of different legal entities (the “Seedcamp Group”). This privacy policy is issued on behalf of the Seedcamp Group. References to the terms “Seedcamp”, “we”, “us” and “our” in this Privacy Policy are to Seedcamp Investment Management LLP a limited liability partnership incorporated in England and Wales with registered number OC391626 as authorised and regulated by the Financial Conduct Authority with FCA number 628313 including its affiliates and Seedcamp Services Limited, a private limited company incorporated in England and Wales with registered number 11050531or the relevant company in the Seedcamp Group responsible for processing your data.
Seedcamp Investment Management LLP will be the controller of your personal data, and is responsible for any collection, processing, use and disclosure that may be carried out in relation to your personal data.
Purpose of this Privacy Policy It is important that you read this Privacy Policy together with any other privacy policy update or fair processing notice that we may provide on specific occasions when we are collecting or processing personal data about you.
Updates to this privacy policy This Privacy Policy may be updated from time to time. The “Last Updated” section at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes that we make to this
Privacy Policy will be published on the website and is effective from the date specified at the top of the revised privacy policy. If we make any significant changes, we will take additional steps to inform you of these. Your use of our services following any such changes indicates that you have accepted them.
Duty to inform us of changes It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Third-party links Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
2 – Our services
Seedcamp is an early stage investment firm. In order to provide our services, we may collect personal data through a number of sources. Please see the ‘How is your personal data collected’ section for more information.
Where we need to collect personal data by law, or under the terms of a contract we have (or are negotiating) with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our services). In this case, we may have to cancel all or part of the services you have with us, but we will notify you if this is the case at the time.
Our website and services are intended for adults only. We do not knowingly collect, use, process, or disclose personal data relating to children.
3 – How we process and use your data
“Personal data” is information that identifies you as an individual or relates to an identifiable individual.
We will only use your personal data when the law allows us to and we will not sell, trade or otherwise deal with your personal data in any way that contravenes this Privacy Policy (as may be updated from time to time).
Depending on our purpose for collecting your information, we rely on one of the following legal bases:
- Contract – we require certain personal data in order to provide the services you purchase or request from us;
- Consent – in certain circumstances, we may ask for your consent (separately from any contract between us) before we collect, use, or disclose your personal data, in which case you can voluntarily choose to give or deny your consent without any negative consequences to you;
- Legitimate interests – we will use or disclose your personal data for the legitimate business interests of either Seedcamp or a third party, but only when we are confident that your privacy rights will remain appropriately protected. If we rely on our (or a third party’s) legitimate interests, these interests will be to: operate, provide and improve our business; to develop and grow our services; to communicate with you and respond to your questions; improve or develop marketing activities and promote our services; detect or prevent illegal activities (for example, fraud); and/or to manage the security of our IT infrastructure, and the safety and security of our employees, customers, vendors and visitors. Where we require your data to pursue our legitimate interests or the legitimate interests of a third party, it will be in a way which is reasonable for you to expect as part of the running of our business and which does not materially affect your rights and freedoms. We have identified below what our legitimate interests are.
-
Legal obligation – there be instances where we must process and retain your personal data to comply with laws or to fulfil certain legal obligations.
We have set out below a description of the ways we plan to use your personal data, and on which legal basis we do so. Where we rely on our legitimate interests as a legal basis for processing, we have identified the nature of those legitimate interests.
We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. Such may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.
Unless we request it, we ask that you not send us, and you do not disclose, any sensitive personal data (e.g. information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the services or otherwise.
The provision of the personal data categories above is necessary for the performance of our contract/relationship with you and/or to enter into a contract/agreement with you. If you do not provide this data, then we will not be able to perform a contract/agreement with you. The provisions related to KYC/AML data categories are required by Money Laundering Regulations. If you do not provide this data, then we will not be able to perform an agreement with you.
4 – How is your personal data collected?
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- request for our products or services;
- complete an online submission form;
- request marketing to be sent to you;
- employment applications;
- submitting funding applications and any related materials including slide decks, presentations and web submissions;
- give us some feedback;
- use of our website (seedcamp.com); or
- use of our social media pages including Twitter (twitter.com/seedcamp), Facebook (www.facebook.com/seedcamp), LinkedIn (www.linkedin.com/company/seedcamp_2/), Instagram (www.instagram.com/seedcamp/), Angel List (www.angel.co/seedcamp/) and SoundCloud (www.soundcloud.com/seedcamp).
- Automated technologies or interactions. As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. This information does not reveal your specific identity. We collect this personal data by using server logs and other similar technologies such as IP address identification and logging.
- Seedcamp may also use cookies to collect information on you such as your browser type, time spent on the services, pages visited, language preferences, and other traffic data. For more information on our use of cookies, please see our Cookie Policy here. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. If, however, you do not accept cookies, you may experience some inconvenience in your use of the services.
- Third parties or publicly available sources. We may receive personal data about you from various third parties including analytics providers, advertising networks and search information providers. We require third parties to have lawful rights to collect, use and share your data before providing any data to us.
- Identity data from data brokers or aggregators.
- Public sources. Identity data from publicly availably sources such as Companies House and theElectoral Register based inside the EU.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us using the contact details provided in the “Contact Details” section.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
5 – Disclosures of your personal data
Seedcamp will only disclose personal data in accordance with this Privacy Policy (as may be updated from time to time).
We may disclose personal data to the following categories of recipients:
- Seedcamp Group companies, who provide data processing services necessary to provide you with our services (for example, financing), or who otherwise process personal data for purposes described in this Privacy Policy.
- third party service providers (including IT system administrators, professional advisers, providers of finance) to facilitate services they provide to us. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. In such circumstances, we do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
- any competent law enforcement body, regulatory, government agency, court or other third party (such as our professional advisers) where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
- a buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal data only for the purposes disclosed in this Privacy Policy; or
- any other person with your consent to the disclosure (obtained separately from any contract between us).
6 – International transfers
Seedcamp Investment Management LLP operates in the United Kingdom. Specifically, our website servers are located in the United Kingdom, and our group companies are located in the United Kingdom and United States. Our third party service providers and partners operate around the world. This means that when we collect your personal data we will process it in any of these countries.
If we transfer personal data to our group or affiliate entities or to third parties outside of the UK or European Economic Area (“EEA”), we will ensure your personal data is protected, for example by ensuring one or more of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission and “adequacy regulations” (data bridges) from the Secretary of State in the UK. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
the European Commission’s Standard Contractual Clauses as issued on 4 June 2021 under Article 46(2) using modules 1 and 2 for controller to controller and controller to processor transfers, including the UK Addendum.
Please contact us using the contact details provided in the “Contact Details” section if you want further information on the specific mechanism used by us when transferring your personal data out of the UK / EEA.
7 – Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. We cannot guarantee the security of any personal data that you disclose online, for example when it is sent by email. You accept the inherent security risks of providing information online over the internet and will not hold Seedcamp responsible for any breach of security unless this is due to Seedcamp’s negligence or willful default.
8 – Data retention
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You can request details of retention periods for specific categories of your personal data by contacting us using the details provided in the “Contact Details” section.
9 – Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. Such rights include your right to:
- request access to your personal data;
- request correction of your personal data;
- request erasure of your personal data;
- object to processing of your personal data;
- request restriction of processing your personal data;
- request transfer of your personal data; and
- right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us using the details provided in the “Contact Details” section.
We give you choices regarding our use and disclosure of your personal data for marketing purposes. You may opt-out from receiving electronic communications from us by following the ‘Unsubscribe’ link provided at the footer of any marketing materials that you may have received from Seedcamp by email or by contacting us using the details provided in the “Contact Details” section.
Complaints You have the right to lodge a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so we would encourage you to contact us in the first instance.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
10 – Contact Details If you have any questions about this Privacy Policy, please contact our data privacy representative using the details set out below. There may be instances where will request additional information in order to identify you and assess your request. If you do not provide the requested information and, as a result we are not in a position to identify you, we may refuse to action your request. We will not charge you for such communications or actions we take, unless:
- you request additional copies of your Personal Information undergoing processing, in which case we may charge for our reasonable administrative costs, or
- you submit excessive requests, in which case we may either: (a) charge for our reasonable administrative costs; or (b) refuse to act on the request.
We may be contacted at: Seedcamp Investment Management LLP, 16 Great Queen Street, London, England, WC2B 5AH
Email: privacy@seedcamp.com
PLEASE NOTE: Seedcamp uses privacy@seedcamp.com solely for privacy related matters. All unrelated matters sent to this email address (e.g. unsolicited requests for funding) will not be considered or responded to.