We are committed to protecting your privacy. Here’s how

Privacy and Cookie Policy

At Social and Sustainable Capital, we are committed to protecting your privacy and to ensuring that we are in line with the requirements of applicable law from time to time in respect of the processing of personal data and privacy, including the General Data Protection Regulation (GDPR), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and the UK Data Protection Act 2018 (“Data Protection Laws”). When we talk about “Personal Data” in this policy, we mean any information which could be used to identify any third party individuals (“you”), either directly or indirectly. It can include your name, email address, contact details.

In this privacy policy, when we refer to “we”, “us” or “our”, we mean Social and Sustainable Capital, (“SASC”), which is based at Euston House, 24 Eversholt Street, London NW1 1AD. For the purposes of the Data Protection Laws, SASC and any of our investment funds will be “data controllers” in respect of any Personal Data that you provide to us or we collect from you.

This privacy policy explains:

  1. what Personal Data we collect about you;
  2. why we collect that Personal Data;
  3. who we share your Personal Data with;
  4. the rights you have in relation to your Personal Data;
  5. how we keep your Personal Data secure.

This privacy policy covers our use of your Personal Data which we may collect or receive about you. It covers the collection of Personal Data via the SASC website (www.socialandsustainable.com) (the “Website”), and from our pages on third party social media channels such as Linkedin and Twitter. By visiting the Website or otherwise engaging with us, you acknowledge that we may collect, use and/or transfer your personal data as set out in this policy.

SASC is authorised and regulated by the Financial Conduct Authority (the “FCA”) and is registered on the financial services register maintained by the FCA (at www.register.fca.org.uk) with reference number 588445. SASC is registered with the information commissioner’s office as a data controller with registration number ZA267322.

Please read this privacy policy carefully to understand our practices regarding your Personal Data. If you have any questions, comments or concerns about any aspect of this privacy policy, please contact info@socialandsustainable.com.

1. What Personal Data we collect about you

When you engage with us, we may collect, store and use your Personal Data, for example:

1.1 Information about your computer and about your visits to and use of the Website (e.g. your IP address);

1.2 Information that you provide to us for the purpose of registering with us; making contact with us and/or applying to us for investment (e.g. your contact details, financial information and other necessary Personal Data);

1.3 Information that you provide to us for the purpose of subscribing to the Website services, email notifications and/or newsletters;

1.4 Information that provide to us (or we may collect from third parties where relevant) if you apply for a job with us.

 

2. Why we collect Personal Data and what we do with it

We may collect your Personal Data when you communicate with us and we will only use your Personal Data in order to:

2.1 Assess your enquiry or application for social investment;

2.2 Send you email notifications or updates, which you have specifically requested;

2.3 Send you marketing communications relating to SASC which we think may be of interest to you by post or, where you have specifically agreed to this or where we otherwise have the right to do so, by email or similar technology (you can inform us at any time if you no longer require marketing communications);

2.4 Deal with enquiries and complaints made by you relating to the Website or improve our Website; and

2.5 For our internal business processes including staff support.

We may process this Personal Data so that we can perform a contract with you, for the purpose of legal compliance and/or for the purposes of our legitimate business interests.

 

3. Information that we receive from other sources

We may receive information from third parties who hold Personal Data about you and pass it onto us, for example:

3.1 when we are deciding whether to make a social investment we may receive the Personal Data of key personnel;

3.2 our staff may give us emergency contact information as a part of our emergency scenario planning;

3.3 we may receive Personal Data from past employers and others concerning your employment history when you apply for a job with us.

When we collect your Personal Data from third parties, that third party is responsible for informing you that they have shared your Personal Data with us, directing you to this policy and obtaining any relevant consents from you to ensure you are happy with the ways in which your Personal Data will be used. However, once we are holding your Personal Data, we will only handle any person’s Personal Data in accordance with this policy and Data Protection Laws.

 

4. Who we share your Personal Data with

We may share your Personal data as described below:

4.1 Third Parties Working For Us

We use certain trusted third parties to help us carry out our work as a social investor. For example, we may use third parties to undertake due diligence, provide support to our investees, keep you updated with our progress through newsletters or email alerts, or assist with data storage. These third parties may access, process or store your information to perform tasks only for the purposes we’ve authorized, and we require them to provide at least the same level of protection for your information as described in this privacy policy. We also may share with third parties aggregated or anonymised information that does not directly identify you.

4.2 Following the Law

We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to comply with the law or to protect or enforce our rights. When we receive law enforcement or national security requests for information, we strongly believe in privacy and transparency. We aim to scrutinise such requests carefully and challenge vague, overbroad or otherwise unlawful requests. When legally permitted, we provide our users with notice that their information is being requested. This notice is provided so that you have the opportunity to challenge such requests.

4.3 Business Transfers

If we’re involved in a reorganisation, merger or acquisition, your Personal Data may be disclosed to potential buyers and your Personal Data may be transferred as part of such a deal.

 

5. Use of third-party social media channels

When you engage with us through third-party social media channels/platform such as LinkedIn or Twitter, any Personal Data that you share with us will also be processed by that social media channel in accordance with its own privacy policy. You should ensure that you are happy with such privacy policy before engaging with us via such third-party social channel or platform and if not, opt to use another method to communicate and/or engage with us.

 

6. How to stop notifications or marketing messages from SASC

You can stop receiving marketing messages from us at any time.

You can do this:

Once you do this, we will update your profile to ensure that you do not receive further marketing messages.

Please note it might take a few days for all our systems to be updated, so you might get messages from us while we process your request.

 

7. How we keep your Personal Data secure and information about deletion of Personal Data

7.1 SASC commits to holding your data securely and we have various security measures in place to protect all Personal Data that we hold. Internally, access to Personal Data is restricted so that staff only have access to data required in order to carry out their duties. We deliver regular staff training on data protection.

7.2 To protect ourselves from external threats, we maintain active cyber security management and password protection on all SASC computers. Hard copies are stored in locked cabinets.

7.3 As part of our ongoing contractual agreements with third-party processors, we work to strict rules and policies. We hold specific GDPR-compliant contractual agreements with our external data processors. We apply certain selection criteria to third-party providers who maintain an offshore presence i.e. are located outside of the European Economic Area or the UK. We mainly transfer Personal Data to countries that have been deemed “adequate” jurisdictions for the protection of Personal Data by the European Commission. Where such countries do not have an adequacy decision (or other permitted mechanisms do not exist), we have put in place standard contractual clauses in order to transfer this Personal Data in accordance with the GDPR.

7.4 We have varied retention periods for each type of data we process but will always try to limit the length of time we hold your data. We keep data that does not have to be retained for statutory reasons no longer than necessary for the purposes we obtained it for.

7.5 We currently provide social investment only to organisations established in the UK and therefore have a general policy of not transferring any Personal Data in respect of any social investments outside of the UK.

 

8. The rights you have in relation to your Personal Data

Where we are holding your Personal Data, you have the following rights relating to this information:

  1. The right to be informed about how we are using your Personal Data.
  2. The right to access the Personal Data that we hold about you.
  3. The right to request the correction of inaccurate Personal Data we hold about you.
  4. The right to request that we delete your data, or stop processing it or collecting it, unless required for statutory purposes.
  5. The right to stop direct marketing messages, and to withdraw consent for other consent-based processing at any time.
  6. The right to request that we transfer elements of your data either to you or another service provider.
  7. Rights in relation to automated decision-making and profiling.
  8. The right to complain to the Information Commissioner’s Office in the UK if you believe that your Personal Data is compromised in any way.

Under the Data Protection laws, in some circumstances, we can deny your request or charge a reasonable fee for your request, for example, where your request is found to be “excessive”.

If you want to exercise any of your rights, have a complaint, or just have questions in respect of the information contained in this policy, please contact info@socialandsustainable.com.

 

9. Cookies Policy

A cookie is a small file that is sent to your browser from a web server and is stored on your computer. Cookies help us to analyse web traffic and identify which pages of our Website are being used. Our Website also uses cookies to respond to you as an individual so that it can tailor its operations to your needs by gathering and remembering information about your preferences. We only use this information for statistical analysis purposes and then it is removed from our systems.

A cookie in no way gives us access to your computer or any information about you, other than information about how you use the Website and the Personal Data you choose to share with us (including Personal Data you automatically share with us by way of your browser settings).

We will not use cookies to collect personally identifiable information about you as our cookies are there to simply help with your overall experience on our website. Our cookies help us to analyse how our customers use our website and enables basic personalisation of our site, which further improves your experience. We use several different types of cookies:

  • Session cookies: temporary cookies which remain in your cookie file until you leave our Website
  • Persistent cookies: these remain in place across multiple visits to our Website
  • Third party cookies: these are created by a third party to provide us with statistics. An example of this is Google analytics

You can also manage cookie use via your browser settings (this will allow you to refuse the setting of all or some cookies) and your browser provider may ask you to confirm your settings. Note however that if you block all cookies via your browser settings you may not be able to access all or parts of our Website.

 

10. Changes to this privacy policy

SASC may amend this privacy policy at any time without notice. By continuing to use the Website and making use of our services, you acknowledge that we shall process your Personal Data in accordance with the updated policy. If you are not happy with any changes that we make, you should not use or access (or continue to use or access) the Website and/or our services. Any changes to this policy will be posted on the Website.