Castelnau Group
Castelnau Group

Investor Privacy & Cookie Notice

How we collect, use and protect your personal information

Castelnau Group Limited ("CGL") recognises the importance of protecting your personal information. This Privacy and Cookie Notice is designed to help you understand what data CGL collects and what CGL does with that data.

This Privacy and Cookie Notice covers our privacy and cookie standards and processes and where relevant, should be read in conjunction with our website terms and conditions or other legal documents.

For the purposes of the Data Protection (Bailiwick of Guernsey) Law, 2017 (as amended) (the "Guernsey DP Law"), the General Data Protection Regulation ((EU) 2016/679) ("GDPR") and the Privacy and Electronic Communications Directive (2002/58/EC) (collectively, the "Data Protection Legislation"), CGL is the controller and is responsible for your personal data.

What is Personal Data?

Personal data is any information related to a person that can be used to directly or indirectly identify the person. It can include, but is not limited to, a name, an email address, posts on social media, date of birth, an IP address, residential address, contact details, corporate contact information, signature, nationality, tax identification, credit history, correspondence records, passport number, bank account details, source of funds details and details relating to an investor's investment activity.

Third Party Processors

CGL has appointed certain third party processors, namely:

  • Northern Trust International Fund Administration Services (Guernsey) Limited (the "Administrator") to provide administration services
  • Link Market Services (Guernsey) Limited (the "Registrar") to provide registrar services
  • Link Market Services Limited (the "Receiving Agent") to provide receiving agent services
  • Phoenix Asset Management Partners Limited (the "Investment Manager") to provide investment management services

When providing their respective services to CGL, each of the Administrator, the Registrar, the Receiving Agent and the Investment Manager will primarily be acting as a data processor for the purposes of the Data Protection Legislation.

CGL's Data Collection Processes

CGL's core data processing activities involve the processing of:

  1. Personal data of investors
  2. Personal data of potential investors

The type of personal data we will collect will vary depending on what category you fall into above.

Legal Basis for Processing

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract, we are about to enter into or have entered into with you
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation
  • (On exceptional occasions) where we have obtained your consent
  • (On rare occasions) where it is needed in the public interest

Sharing Your Information

We may be required to share your personal data with third parties including:

  • Professional advisers including lawyers, bankers, auditors and insurers
  • Regulators and other authorities who require reporting of processing activities in certain circumstances
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets
  • Fraud prevention agencies
  • Event organisation companies and venues for events

International Transfers

Many of our external third parties are based outside the Bailiwick of Guernsey and the UK. Whenever we transfer your personal data out of the Bailiwick of Guernsey and the UK, we will only transfer your personal data to countries that have been deemed to provide an adequate level of protection.

Data Retention

We will only retain your personal information for as long as is necessary to carry out the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Your Rights

The Data Protection Legislation provides the following rights for individuals:

1. The right to be informed

Individuals have the right to be informed about the collection and use of their personal data.

2. The right of access

Under the Data Protection Legislation, individuals have the right to obtain confirmation that their data is being processed and to access their personal data.

3. The right to rectification

The Data Protection Legislation includes a right for individuals to have inaccurate personal data rectified, or completed if it is incomplete.

4. The right to erasure

The right to erasure is also known as 'the right to be forgotten'. Individuals can make a request for erasure verbally or in writing.

5. The right to restrict processing

Individuals have the right to request the restriction or suppression of their personal data in certain circumstances.

6. The right to data portability

The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services.

7. The right to object

Individuals have the right in certain circumstances to object to processing based on legitimate interests.

8. Rights in relation to automated decision making and profiling

Individuals have the right not to be subject to automated decision-making, including profiling, which has legal or other significant effects.

9. Right to withdraw consent

If applicable, individuals have the right to withdraw their consent.

Cookies

Cookies are small files which are stored on a user's computer. When you visit a site for the first time, a cookie is downloaded onto your PC. When you subsequently visit the same site, the cookie will then 'remember' that you have visited the site before and may customise your experience appropriately.

CGL's Use Of Cookies

We may use cookies for the following purposes:

  • Usage preferences - some cookies 'remember' the settings preferences of the user concerned or whether they have already seen a 'pop up' message in a previous session

Where our use of cookies involves the processing of personal data, such personal data will be processed by us in accordance with this Privacy and Cookie Notice.

Email Interaction Tracking

We may collect and process information about your interactions with the emails we send, including whether you open the email and click on any links contained within it. This information is linked to your email address and allows us to identify you as the recipient.

We use this data to:

  • Understand your interests and preferences
  • Improve the relevance and effectiveness of our communications
  • Enhance our marketing and investor relations efforts

Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. However, the transmission of information via the internet is never completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk.

Contact

Questions, comments and requests regarding this Privacy and Cookie Notice should be addressed to Castelnau Group Limited, registered office: PO Box 255, Trafalgar Court, Les Banques, St Peter Port, Guernsey GY1 3QL

You also have the right to make a complaint to us or your local supervisory authority:

  • In the Bailiwick of Guernsey: Office of the Data Protection Authority - www.odpa.gg
  • In the UK: Information Commissioner's Office (ICO) - www.ico.org.uk
  • If you are an EU data subject, you may lodge the complaint with the supervisory authority in the EU member state of your residence