At Social and Sustainable Capital (SASC), we are committed to protecting your privacy and to ensuring that we are in line with the requirements of the General Data Protection Regulation (GDPR). This Privacy Policy explains:

  1. what personal data we collect about you;
  2. why we collect that personal data;
  3. who we share your personal data with;
  4. the rights you have in relation to your personal data;
  5. how we keep your personal data secure.


Personal Data
When we talk about "Personal Data" in this policy, we mean any information which could be used to identify you, either directly or indirectly.  It can include your name, email address, contact details.

This privacy policy covers our use of your Personal Data which we collect about you during any interaction you may have with us. It covers the collection of Personal Data via the SASC website ( (the "Website"), and from our pages on third party social media channels such as Linkedin and Twitter.

In this privacy policy, when we refer to "we", "us" or "our", we mean Social and Sustainable Capital, (SASC), which is based at Room 208a, 2nd Floor, Euston House, 24 Eversholt Street, London NW1 1AD. We are a data controller for the purposes of the GDPR, registered with the Information Commissioner’s Office (ICO).

Please read this privacy policy carefully to understand our practices regarding your Personal Data. If you have any questions, comments or concerns about any aspect of this privacy policy, please contact

  1. What Personal Data we collect about you

We may collect, store and use the following kinds of Personal Data:

1.1 Information about your computer and about your visits to and use of this website;

1.2 Information that you provide to us for the purpose of registering with us;  making contact with us and/or applying to us for investment;

1.3 Information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters.

  1. Why we collect Personal Data

We may collect your Personal Data in order to:

2.1 Assess your enquiry or application for social investment

2.2 Send you email notifications or updates, which you have specifically requested;

2.3 Send you marketing communications relating to SASC which we think may be of interest to you by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications);

2.4 Deal with enquiries and complaints made by you relating to the website.

How to stop notifications or marketing messages from SASC

You can stop receiving marketing messages from us at any time.

You can do this:

Once you do this, we will update your profile to ensure that you do not receive further marketing messages.

Please note it might take a few days for all our systems to be updated, so you might get messages from us while we process your request.

  1. Who we share your Personal Data with

We may share your Personal data only as described below:

3.1 Third Parties Working For Us

We use certain trusted third parties to help us carry out our work as a social investor. For example, we may use third parties to undertake due diligence, provide support to our investees, keep you updated with our progress through newsletters or email alerts, or assist with data storage. These third parties may access, process or store your information to perform tasks only for the purposes we’ve authorized, and we require them to provide at least the same level of protection for your information as described in this Privacy Policy. We also may share with third parties aggregated or anonymised information that does not directly identify you.

3.2 Following the Law

We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to comply with the law or to protect our rights. When we receive law enforcement or national security requests for information, we strongly believe in privacy and transparency. We scrutinise such requests carefully and challenge vague, overbroad or otherwise unlawful requests. And when legally permitted, we provide our users with notice that their information is being requested. This notice is provided so that you have the opportunity to challenge such requests.

3.3 Business Transfers

If we're involved in a reorganisation, merger or acquisition, your information may be transferred as part of that deal.


  1. The rights you have in relation to your Personal Data

Where we are holding your Personal Data, you have the following rights relating to this information:

  1. The right to be informed about how we are using your personal information.
  2. The right to access the personal information that we hold about you.
  3. The right to request the correction of inaccurate personal information we hold about you.
  4. The right to request that we delete your data, or stop processing it or collecting it, unless required for statutory purposes.
  5. The right to stop direct marketing messages, and to withdraw consent for other consent-based processing at any time.
  6. The right to request that we transfer elements of your data either to you or another service provider.
  7. The right to complain to the Information Commissioner’s Office in the UK if you believe that your personal information is compromised in any way.

If you want to exercise any of your rights, have a complaint, or just have questions, please contact

In some circumstances, where your request is found to be “excessive” we can deny your request or charge for your request.


  1. How we keep your Personal Data secure

5.1 SASC commits to holding your data securely and we have various security measures in place to protect all Personal Data that we hold.  Internally, access to Personal Data is restricted so that staff only have access to data required in order to carry out their duties. We deliver regular staff training on data protection.

5.2 To protect ourselves from external threats, we maintain active cyber security management and password protection on all SASC computers. Hard copies are stored in locked cabinets.

5.3 As part of our ongoing contractual agreements with third-party processors, we work to strict rules and policies. We hold specific GDPR-compliant contractual agreements with our external data processors. We apply certain selection criteria to third-party providers who maintain an off-shore presence. These third-party companies ensure that they adhere to a Privacy Shield Agreement (US-EU, Swiss Shield) and comply with the GDPR List of compliant countries. Any transfers to non-adequate countries are forbidden.

5.4 We have varied retention periods for each type of data we process but will always try to limit the length of time we hold your data. We keep data that does not have to be retained for statutory reasons no longer than necessary for the purposes we obtained it for.

5.5 We currently provide social investment only to organisations established in the UK and therefore have a general policy of not transferring any personal data outside of the UK.

Want to find out more?

If you would like to contact us about any of the above information, please write to us at or call us on 020 3 874 3332 and we will be happy to answer any queries.