Prime Technology Investment Management B.V. is a limited liability company established under the laws of the Netherlands, registered in Dutch trade register at the Chamber of Commerce under number 818376399, hereinafter “Prime Ventures”. Prime Ventures is a leading venture capital and growth equity firm focused on investing in European companies in the technology and related industries.
The business of Prime Ventures focuses on legal entities. Prime Ventures collects only information from natural persons as described in this notice.
Information collected by Prime Ventures
Prime Ventures collects and processes information from natural persons (“Personal data”), when it regards:
- Its employees to execute the employment agreement with them;
- Candidates for an employment agreement;
- Information of natural persons who invest in Prime Ventures managed funds provided that they are qualified as a professional investor;
- If the investor is a legal entity: its legal representatives and ultimate beneficial owner;
- Natural persons with whom Prime Ventures is engaged in doing business.
Prime Ventures is data controller and therefore responsible for the collection, processing, storage and security of any data of Prime Ventures and Prime Ventures-managed funds as meant in the current privacy legislation.
Legal ground and purpose for processing of personal data
Prime Ventures processes Personal data for the following purposes:
- Human Resources Management;
- Investor and/or business relation administration;
- Fund and finance administration;
- For responding to queries and providing relevant information;
- For events and knowledge sharing purposes;
- To fulfil legal obligations such as tax obligations.
The legal ground for these processing activities is:
- To execute agreements (such as employment agreements) with those persons or with the vehicles in which they take part and for which they concluded an agreement with Prime Ventures or with Prime Ventures-managed funds;
- Prime Ventures’ legitimate interest as a professional venture capital and growth equity firm to communicate with business relations, to manage its funds and to operate as AFM-licensed institution. Prime Ventures processes Personal data when a natural person applies for a job (“Candidate”) and give thereby its consent for processing. In addition, Prime Ventures has a legitimate interest to process this information to process the job application and may disclose such information for example to take up a reference when Prime Ventures obtained consent of the Candidate.
The Personal data that are collected are adequate, relevant and limited to what is necessary in relation to the purposes.
Prime Ventures does not sell any information or Personal data, or offer any direct marketing services. Prime Ventures does not share any information or Personal data with third parties without prior written consent of the natural person involved, unless required by law and/or required by official Authorities such as the police and the Court of Justice.
Prime Ventures does not use technologies to collect, process, follow and store private information of natural persons. When private persons interact with the website, Prime Ventures does not use anonymous identifiers to identify the visitors of the website.
What kind of personal data are collected?
- Name, address, postal code, location;
- Other contact details such as telephone and e-mail address;
- When it regards Candidates: additional information for background checks and for assessment purposes such as but not limited to resume, diplomas/certificates and references;
- When it regards Employees: additional information necessary to employ persons such as but not limited to social security numbers and benefits;
- When it regards business relations: bank account numbers and skills/experience and when it regards a legal entity: its legal representatives;
- When it regards professional investors (name, address, e-mail, telephone number, KYC information as required by Anti-Money laundering directives and legislation such as for example whether the individual qualifies as PEP).
A total overview of data that are collected/processed is registered in the data register in which Prime Ventures records the processing of Personal data per business department. More detailed information can be provided on request.
Prime Ventures does not collect, process or store any sensitive personal information such as race, membership of a trade union, religion, sexual preferences, etc.
- All information within Prime Ventures is stored for a definite period of time (as long as necessary) or for a period of seven years after termination of an agreement as required by the Tax laws and regulations.
- Only Personal data necessary for the execution of agreements or to fulfil legal obligations or for which a legitimate interest of Prime Ventures exists is recorded and stored.
- Personal data will be destroyed or deleted if no longer necessary.
Third parties/data processors
Prime Ventures may use third parties for certain services that need the processing of Personal data, such as payroll processors and IT-providers. All data processors of Prime Ventures have to comply with the General Data Protection Regulation and additional rules and regulations concerning data protection and will only process Personal data when necessary to execute agreements.
Rights of data subjects and accuracy
The persons of whom Prime Ventures collected data (“Data subjects”) have certain rights, such as:
- the right to information and access their Personal data that Prime Ventures processed: a Data subject may request more information about processing activities of Prim Ventures.
- the right to ask for rectification of their Personal data or to delete their data: When requested Prime Ventures will complete or change inaccurate or incomplete Personal data. If processing of Personal data is no longer necessary for achieving the purposes for which they are collected or when processing is unlawfully or when consent is withdrawn, a Data subject may request to delete the Personal Data. By way of exception Prime Ventures may refuse the deletion of Personal Data for compliance reasons such as but not limited to compliance with tax legislation or KYC purposes.
- the right to ask for a copy of their Personal data that are recorded by Prime Ventures;
- the right to object or to complain about the collection, processing and storage of their Personal data;
How to exercise rights
Data subjects can exercise their rights by sending their personal written request to Prime Ventures.
Requests and complaints can be sent to: Prime Technology Investment Management B.V. Museumplein 5a 1071 DJ Amsterdam The Netherlands
Personal data will be deleted as soon as these are not needed anymore (as required by law or for tax purposes). Correction of data will be carried out for free. If access to Personal data is requested, Prime Ventures can give an overview of processed and stored data for free, except in those cases where it would require a disproportionate effort.
In case a Data subject is not satisfied with the complaint handling of Prime Ventures, the Data subject has the right to submit its complaint to the Data Protection Authority of the Netherlands.
Information security and protection of Personal data
Prime Ventures implemented the necessary administrative, technical and organisational measures in order to ensure a level of security, which is appropriate for the specific risks that Prime Ventures identified. Prime Ventures will thus protect Personal data against destruction, loss, unauthorised use, disclosure or access.
Prime Ventures applies the following information security measures to protect Personal data against unauthorized access by:
- physical access control;
- Logical access control;
- Financial/banking data are restricted to people who need to have access to this data to perform their jobs, and in order to access the application source code a user/password authentication is required;
- User records;
- Software protection and secured environments in which information is stored and shared/transmitted.
Prime Ventures has a data leakage protocol that will be followed in case any security incident is detected in the IT system and/or a data leakage is suspected.
This policy can be updated from time to time. v.25.5.2018