The EU General Data Protection Regulation (Regulation (EU) 2016/679) (together with applicable implementing laws) and the Cayman Islands Data Protection Law, 2017 (together with any associated regulations and guidance) are applicable to undertakings which process personal data in certain circumstances. GDPR and the DPL (together, the Data Protection Laws, as applicable) are applicable to the processing of personal data by Marble Bar Asset Management LLP. These notices set out information relating to those activities.
In certain circumstances, MBAM may be engaged in controlling and/or processing personal data for the purposes of the Data Protection Laws. Details of the policies, procedures and purposes applicable to such activities are set out in this section.
MBAM will oversee its own policies and procedures for the purposes of compliance with the Data Protection Laws, where applicable. Any person seeking information with respect to control or processing of personal data by MBAM or seeking to exercise any rights afforded to them under the Data Protection Laws should contact MBAM Compliance Officer at firstname.lastname@example.org.
Under the Data Protection Laws, any person wishing to is entitled to make a complaint with respect to control or processing of personal data. Under GDPR, such a complaint may be made to the Information Commissioner’s Office. The ICO is the UK supervisory authority for data protection issues. Contact details for the ICO may be found at www.ico.org.uk. Under DPL, such a complaint may be made to the Cayman Islands Ombudsman (“Ombudsman”). The Ombudsman is the Cayman Islands supervisory authority for data protection issues. Contact details for the Ombudsman may be found at www.ombudsman.ky.
The policies and procedures adopted by MBAM with respect to the control or processing of personal data may be amended from time to time. Similarly, the purposes for which MBAM may control or process personal data may change from time to time. If any changes would require amendment to the information set out herein, details of such changes will be made available in the current version of this document from time to time.
Summary of Personal Data
For the purposes of the Data Protection Laws, personal data means any information about an individual from which that person can be identified. MBAM may collect, use, store and transfer personal information comprising identity data, contact data, financial data, transaction data, technical data related to internet protocol addresses, usage data and information about marketing and communication preferences. MBAM does not anticipate that it will process special categories of personal data (which may include details about people’s race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about people’s health, genetic and biometric data and information about criminal convictions and offences).
Collection of Personal Data
MBAM may collect personal data through a range of means. These may include direct interactions (where a person provides personal data to MBAM through correspondence or other direct methods of communication, third-party or publicly available sources (where MBAM receives personal data through a publicly available source such as a website or publicly-available registry).
Use of Personal Data
MBAM will only use personal data in circumstances permitted under the Data Protection Laws. These circumstances include those circumstances where the relevant processing relates to a legitimate interest of MBAM and where that processing is necessary for the relevant purpose and not inconsistent with the interests, rights or freedoms of a relevant data subject. MBAM has determined that the relevant processing of personal data that they undertake relates to the legitimate interest of MBAM carrying out any and all functions necessary to enable MBAM to carry on an investment management business and related functions described in this document. The circumstances will include those where the relevant control or processing is necessary for the purposes of MBAM carrying out its activities relating to any fund, vehicle or account in respect of which MBAM acts as manager, investment manager, sub- investment manager, investment adviser or sub-investment adviser, the administration of the Funds, the investment activities of the Funds, or otherwise in furtherance of any contract entered into with respect to the activities of the Funds. In addition, MBAM may also control or process personal data where necessary to comply with legal or regulatory obligations applicable to it.
MBAM may from time to time control or process personal data for the purposes of marketing and advertising the Fund and/or other investment vehicles and/or services related to MBAM and/or the Alternative Investment Fund Manager. Any person who does not wish their personal data to be processed for such purposes may opt out of such processing by notifying email@example.com.
MBAM will only use personal data for the purposes of operating their business, entering into contractual arrangements in the context of their investment management business, including in respect of marketing and advertising the Funds and/or other investment vehicles and/or services related to MBAM. Any person requiring information with respect to any additional purpose for which personal data may be controlled or processed may obtain such information from firstname.lastname@example.org. If MBAM needs to control or process personal data for an unrelated purpose, MBAM will use its reasonable endeavours to notify affected persons and to explain the basis on which they are permitted to undertake the same.
MBAM may control and process personal data without the knowledge or consent of data subjects to whom such personal data relates in compliance with their policies and procedures from time to time where this is permitted by law.
Disclosure of Personal Data
MBAM may share personal data with certain third parties for the purposes set out above. The relevant third parties with whom such personal data may be shared include entities appointed to provide services to the Funds, MBAM and their affiliates, and regulatory, legal and tax authorities. Details of the third parties with whom personal data may be shared are available on request from email@example.com. Wherever possible, personal data will only be disclosed by MBAM to a third party in circumstances where that third party has agreed to respect the security of personal data and treat it in accordance with applicable law. Third parties to whom any personal data may be disclosed will not be permitted to use personal data for their own purposes and they will only be permitted to process personal data for specified purposes and otherwise in accordance with the instructions of MBAM.
Transfer of Personal Data outside the European Economic Area or the Cayman Islands
The activities of MBAM and its control or processing of personal data is such that it may be necessary for personal data to be transferred and/or processed outside the European Economic Area or the Cayman Islands.
In circumstances where MBAM transfers personal data outside the EEA or the Cayman Islands, it will seek to ensure a similar degree of protection is afforded to it by ensuring that personal data is transferred only to persons in countries outside the EEA or the Cayman Islands in one of the following circumstances.
To persons and undertakings in countries that have been deemed to provide an adequate level of protection for personal data by the European Commission, or the Ombudsman, as applicable.
To persons and undertakings to whom the transfer of such personal data is made pursuant to a contract that is compliant with the model contracts for the transfer of personal data to third countries from time to time approved by the European Commission, or the Ombudsman, as applicable.
In the case of the GDPR, to persons and undertakings based in the United States if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the United States.
Further information on specific mechanisms utilised by MBAM transferring personal data outside the EEA or the Cayman Islands and the countries to which such transfer may be made (which may include, but are not limited to the Cayman Islands, EEA member states and the United States) may be obtained from firstname.lastname@example.org.
MBAM will retain personal data for as long as necessary to fulfil the purposes for which it has been collected. This will include any period of retention required to satisfy any legal, regulatory, taxation, accounting or reporting requirement applicable to MBAM.
In determining the appropriate retention period for any personal data, MBAM will consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of the data, the purpose for which the relevant data is being processed, the extent to which the purposes for which the relevant data is being processed can be achieved by other means and any applicable legal requirements. Without prejudice to the generality of the foregoing, MBAM has determined that it will retain records for at least five years, in accordance with the rules, requirements and guidance of the UK Financial Conduct Authority and with the DPL.
Details of retention periods applicable to personal data under the Data Protection Laws are available upon request from email@example.com. In some circumstances, a person may request that MBAM delete any personal data retained by it. Further, in some circumstances, MBAM may anonymize personal data for research or statistical purposes, in which case such information may be retained and utilised indefinitely without further notice.
Rights of Persons
Under the Data Protection Laws, persons whose data is processed and/or retained by MBAM will have certain rights. These rights may include the right to access personal data, the right to require correction of personal data, the right to require erasure of personal data, the right to object to processing of personal data, the right to restrict processing of personal data, the right to require a transfer of personal data and the right to withdraw any consents provided to the use of personal data. Any person seeking to exercise any such right should contact firstname.lastname@example.org. In certain circumstances, MBAM may charge reasonable fees if any such request is clearly unfounded, repetitive or excessive.
Additional Notice For California Resident Investors
The California Consumer Privacy Act
California enacted the California Consumer Privacy Actin 2018 and it is effective as of January 1, 2020. The CCPA imposes certain obligations on MBAM and grants certain rights to California resident investors with regard to personal information. If you are a California Resident, please review the following information about your potential rights under the CCPA. The rights described herein are subject to exemptions and other limitations under applicable law.
Terms used herein have the meaning ascribed to them in the CCPA. We are a business. Personal information means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a California Resident or a household. It does not include de-identified information, aggregate consumer information or publicly available information (as defined in the CCPA).
Purposes for Collecting and Using Personal Information
We may collect or use your personal information for the following business or commercial purposes: (i) performing services on our behalf, including maintaining or servicing accounts, providing customer service, processing transactions, verifying information, processing payments, or providing similar services; (ii) performing our contractual obligations to a California Resident, including processing initial subscriptions and providing updates on our performance and other operational matters; (iii) detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, including preventing fraud and conducting Know Your Client, anti-money laundering, terrorist financing, and conflict checks; or (iv) enabling or effecting commercial transactions, including using bank account details to remit funds and process distributions.
Personal Information We Collect
We may collect the following categories of personal information from or about a California Resident: (i) identifiers and similar information such as, name, address, date of birth, email address, social security number, drivers license number, or passport number; (ii) certain information protected under state law, including California Civil Code Section 1798.80(e), such as a signature or bank account or other financial information; (iii) characteristics of protected classifications under California or federal law, including gender, national origin, or marital status; (iv) commercial information, including records of products or services purchased or other purchasing histories or tendencies, including funds invested, investments considered, or sources of wealth; (v) internet or other electronic network activity information, including interactions with our website or use of certain online tools; (vi) professional or employment-related information, including occupation, compensation, employer, and title; and (vii) inferences drawn from any of the information identified above to create a profile reflecting your preferences or similar information, including your potential interest in investing in new funds. We may disclose for a business purpose all or just a few of these types of personal information.
Sources of Personal Information
We may collect personal information about you directly from you and/or your intermediaries through sources such as: (i) account applications, subscription agreements, and other forms; (ii) written, electronic, or verbal correspondence; (iii) investor transactions; (iv) an investors brokerage or financial advisory firm, financial advisor, or consultant; and/or (v) from information captured on applicable websites. In addition, we may collect personal information from different sources, such as: (i) our affiliates, our service providers, or our affiliate service providers; (ii) public websites or other publicly accessible directories and sources, including bankruptcy registers, tax authorities, governmental agencies and departments, and regulatory authorities; and/or (iii) from credit reporting agencies, sanctions screening databases, or from sources designed to detect and prevent fraud.
Sharing Personal Information with Third Parties
We do not sell your personal information except as permitted by the CCPA or other laws. We may disclose personal information to third parties in circumstances where we believe in good faith that disclosure is required or permitted under law, to cooperate with regulators or law enforcement authorities, to protect our rights or property, or upon reasonable request by the fund in which you have invested. We also may disclose personal information about you or your accounts to a third party at your request or direction or with your consent.
We may disclose to our service providers or other entities that have agreed to limitations on the use of your personal information or that fit within other exemptions or exceptions in or as otherwise permitted by the CCPA or other applicable laws.
California Residents’ Rights Under the CCPA
If your personal information is subject to the CCPA, you may have certain rights concerning that information, subject to applicable exemptions and limitations, including the right to: (i) be informed, at or before the point of collection, of the categories of personal information to be collected and the purposes for which the categories of personal information shall be used; (ii) not be discriminated against because you exercised any of your rights under the CCPA; (iii) request that we delete any personal information about you that we have collected or maintained, subject to certain exemptions or exceptions (request to delete); and (iv) request that we, as a business that collects personal information about you and that discloses your personal information for a business purpose, disclose to you (request to know): (a) the categories of personal information we have collected about you; (b) the categories of sources from which we have collected the personal information; (c) the business or commercial purpose for collecting or selling the personal information; (d) the categories of third parties with whom we share personal information; (e) the specific pieces of personal information we have collected about you; and (f) the categories of personal information we have disclosed about you for a business purpose.
The CCPA does not restrict our ability to do certain things like comply with other laws or comply with regulatory investigations. In addition, the CCPA does not apply to certain information, including, generally, personal information collected, processed, sold or disclosed pursuant to the Gramm-Leach- Bliley Act and its implementing regulations. We also reserve the right to retain, and not to delete, certain personal information after receipt of a request to delete from you where permitted by the CCPA or another law or regulation.
How to Submit a Request Under the CCPA
You may submit requests to know or requests to delete by contacting email@example.com
We are required to provide certain information or to delete personal information only in response to verifiable requests made by you or your legally authorized agent. Any information gathered as part of the verification process will be used for verification purposes only.
Contact for More Information
If you have any questions or concerns about this notice please contact firstname.lastname@example.org