[Last updated: January, 2020]
This website is operated by Stage One II Capital Management Ltd. and StageOne 3 Capital Management Ltd., and their affiliated companies as well as funds under “StageOne” operation, including any future, or under formation, funds and companies (collectively, “StageOne”, “we” or “us”).
- The Cayman Islands Data Protection Law, 2017 (“DPL”), which shall apply to Investors of our Cayman Islands’ funds.
- The EU General Data Protection Regulation (“GDPR”), which shall apply to you in the event you are a resident of the European Economic Area (“EEA”); and
- The California Consumer Privacy Act of 2018 (“CCPA“) which shall apply to you in the event you are a “California resident”, as defined under the CCPA.
Lawful Basis for Processing Personal Data
Subject to applicable laws (such as the DPL and GDPR), our lawful basis for processing Personal Data is as follows:
- We process Visitors’ online identifiers subject to our legitimate interest;
- We process and share Investors’ Personal Data subject to either the Investors’ consent or on the basis of performing our contract with them. Please note that as an investor additional provisions may apply to you with respect to privacy and data protection, including any privacy notices which were incorporated in your subscription agreement or other agreements you have with StageOne;
- When we send you marketing emails, we process data which we have a legitimate interest in processing or based on your consent; and
- In the event you contact us, we will process your contact details and other information you choose to provide us in order to perform our contract with you.
Our website is a general audience website, which is not directed to persons under 18 years old. We do not knowingly collect or solicit Personal Data from people under 18 years old. If we become aware that a person under 18 years old has provided us with Personal Data, we will delete such data from our databases.
TYPES OF DATA WE COLLECT
- Non-Personal Data. We may collect aggregated, non-personal and non-identifiable information which may be made available or gathered via your use of our website (“Non-Personal Data”). We are not aware of the identity of the individual from which the Non-Personal Data is collected.
- Personal Data. We collect personal data (as defined in the DPL and GDPR) and also personal information (as defined in the CCPA). Both, personal data and personal information about you, will be collected by us, specifically through your interaction with us, the Investor forms you provide us offline, or through other agreements you may have with us. This information include your contact details, banking details, investment amounts, etc. (“Personal Data” or “Personal Information”). The types of data that we collect as well as the purpose for processing such data are specified in the table below.
PERSONAL DATA COLLECTED AND PROCESSED
Type of Data
Contact information, including name, address, email, phone number, title, position, country, origin, job, etc.
How Do We Use It?
Your contact details will be used in order to send you required information related to StageOne’s activities and services, our engagement with you and additional occasional communications and updates. We may also use the information in order to verify your identity. Depending on your interaction with us we may share this information with third parties as described below.
Type of Data
Financial information, including, net income, transactions, account balances, banking details, investment amounts etc.
How Do We Use It?
We will collect this information from investor questionnaire, tax and anti-money laundry forms, or similar forms. We will use this information to subscribe and validate you as an Investor and will share this information with third party processors, such as banks and third parties (e.g., administrator that assist us in onboarding Investors and managing their documents). We may also use this information in accordance with applicable law requirements (e.g., register the partnership in the relevant registrar).
Type of Data
Social security number
How Do We Use It?
We require use of a Social Security Number (or other I.D. number) as an identification number or for any type of investment-related activity.
Type of Data
Contact us information, such as name and email address.
How Do We Use It?
We will use this data solely for the purpose of responding to your inquiries and provide you with the support or information you have requested.
Type of Data
How Do We Use It?
Public personal data is data that has been made public as a result of steps taken by you or by legal authorities, we may use such information in order to validate your subscription agreement or any financial commitment that you make (in the event you are an Investor).
Type of Data
How Do We Use It?
We may collect certain identifiers such as your IP addresses when using or interacting with our website. We use this data for our legitimate interests of operating, providing, maintaining, protecting, managing, customizing and improving our website auditing and tracking usage statistics and traffic flow via cookies; and protecting the security of the website.
Type of Data
Career and CVs
How Do We Use It?
In the event you are interested one of the jobs we offer or publish, and wish to submit your CV, you will be required to provide us with your contact details and submit your CV. We collect and use this data solely in order to process your job application, including assessing suitability, eligibility and/or fitness to work.
CCPA Special Notice
Under the CCPA Personal Information does not include: publicly available information from government records; de-identified or aggregated consumer information.
As required under the CCPA, please see below a table specifying the categories of Personal Information we collect:
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Some personal information included in this category may overlap with other categories.
C. Protected classification characteristics under California or federal law.
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
D. Commercial information.
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric information.
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, face prints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data.
F. Internet or other similar network activity.
Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.
G. Geolocation data.
Physical location or movements.
H. Sensory data.
Audio, electronic, visual, thermal, olfactory, or similar information.
I. Professional or employment-related information.
Current or past job history or performance evaluations.
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)).
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records.
K. Inferences drawn from other personal information.
Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Disclosures of Personal Information for a business purpose:
In the preceding twelve (12) months, we disclosed the following categories of Personal Information for a business purpose: (A) Identifiers; (B) Personal information categories listed in the California Customer Records statute; (C) Protected classification characteristics under California or federal law. (D) D. Commercial information; and (I) Professional or employment-related information.
We disclose your Personal Information for a business purpose as explained below.
Sale of Personal Information
IN THE PRECEDING TWELVE (12) MONTHS WE DID NOT SELL ANY OF YOUR PERSONAL INFORMATION.
HOW WE COLLECT DATA
Depending on the nature of your interaction with us, including via website, the above detailed information is collected as follows:
- In the event you voluntarily choose to provide us with information, e.g., when you contact us or when you fill out any forms related to investments you intend to make in StageOne, or if you are already an Investor we will collect information about as specified herein and as explained broadly in the privacy notice attached to your subscription agreement.
- Through publicly available database.
- Through third parties (such as, banks).
We will ask for your consent to collect Personal Data and offer you the choice to opt-out of such collection if we are required to do so in accordance with applicable laws.
SHARING DATA WITH THIRD PARTIES
We may share Personal Data solely as follows:
- Our affiliates and service providers (e.g., our attorneys, lenders, fund management services, administrators and accountants).
- To complete certain transactions or account changes that you request, it may be necessary to provide identifying information to non-affiliated third party service providers.
- In certain instances, we may contract with nonaffiliated third parties (such as brokers, banks, custodians, tax accountants and others) to perform services for us and, where necessary, disclose your information (described above) to them. In all such cases, we provide the third party with only the information necessary to carry out its assigned responsibilities and only for that purpose. Further, we require these third parties to treat your Personal Data confidentially; however, it should be noted that certain third parties may be required under law to disclose such information to tax and other governmental authorities in varying jurisdictions.
- If you direct us to do so, if you consent and if we are required by law to do so or in other limited circumstances permitted by law – for example, to protect you from fraud.
- In order to comply with applicable laws, we may disclose your nonpublic information to tax and other governmental authorities in varying jurisdictions.
- Business Purpose – we may disclose your Personal Information to a third party for a “Business Purpose” (as defined under the CCPA). When we disclose Personal Information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract.
Privacy laws differ from jurisdiction to jurisdictions, each of which may provide you with different rights regarding your Personal Data, such as the right to access your Personal Data; the right to erase Personal Data; the right to opt out of Personal Data processing, etc.
Particularly, (i) if you are investor in our Cayman Islands’ funds then you are entitled to exercise certain data subject rights under the DPL; or (ii) if you are a resident of the EEA or California you can exercise your rights under GDPR and the CCPA, as explained below.
- The right to access data: you have the right to request a confirmation from us that we process your Personal Data, and in some cases, be provided with a copy of the Personal Data we process.
- The right to be forgotten: you have the right to require us to erase certain Personal Data, if particular conditions are satisfied (if the Personal Data is no longer needed for the original purpose and there is no new lawful basis for continued processing; if you have exercised your right to withdrawn consent (if applicable), or to object to the processing and we have no overriding grounds for the continued processing; the Personal Data is processed unlawfully; or erasure of Personal Data is necessary to comply with applicable legislation. This right is not absolute. We may reject your request in some circumstances, including where we must retain the data in order to comply with legal obligations or defend against legal claims, etc.
- The right to object: you have the right to object to processing of Personal Data, in the event the basis for processing is our legitimate interests, however, we will be permitted to continue the processing if our legitimate interests override your rights, or when processing is necessary to establish, exercise or defend a legal claim or right, etc.;
- The right to restrict processing: you may be entitled to limit the purposes for which we process your Personal Data, when: the accuracy of the data is contested; processing is unlawful and you requests restriction instead of erasure; the Personal Data is no longer needed for the original purpose it was collected, however the data is still required to establish, exercise or defend legal rights; or there are overriding grounds in the context of an erasure request;
- Rectification (to the extent GDPR or DPL apply): you have the right to require to update Personal Data which is not correct;
- Portability: you have the right to have your Personal Data “port” to a third-party, however note, the GDPR/DPL and CCPA apply differently to this right, thus, we will handle this according to the jurisdiction you are subject to;
- The Right to Non-Discrimination (in the event you are California resident): you have the right not to be discriminated against for having exercised your rights under the applicable laws. In particular, we may not: deny the consumer goods or services, charge the consumer different prices for goods or services, whether through denying benefits or imposing penalties provide the consumer with a different level or quality of goods or services to the consumer.
- Lodge a complaint: You may also be entitled to file a complaint with the appropriate supervisory authority in connection with concerns you may have with regards to your privacy.
If you wish to exercise any right regarding your Personal Data, or you wish to be provided with more information in this regard, or if you have any concerns or complaints regarding your privacy rights, please contact us at: firstname.lastname@example.org.
How to exercise any rights applicable to you?
If you wish to submit a request to exercise any of your rights, please fill in the form available here, and send it to the aforesaid email address. In case you ask us an action regarding your rights, we will require certain information from you in order to verify your identity and locate your data. Such process may take reasonable time, however not more than one (1) month in the event you are entitled to exercise you rights under the GDPR or DPL; or ten (10) – forty five (45) days in the event you are California resident, unless otherwise required or permitted under applicable law. At any time, you have the right to contact your local data protection authority. If we require more time, we will inform you of the reason and extension period in writing. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. Further, note, under the CCPA your rights only apply to the Personal Information collected 12 months prior to the request and you are not entitled to submit more than 2 requests in a 12 months period.
If you would like to receive more information you may also send us a message to: email@example.com.
Unless you instruct us otherwise and subject to applicable laws, we retain the information we collect for as long as needed to provide our services, to conduct our business, and to comply with our legal obligations, resolve disputes and enforce our agreements if applicable.
We use physical, technical and administrative security measures for the services that we believe are in compliance with applicable laws and industry standards in order to prevent your information from being accessed without the proper authorization, improperly used or disclosed, unlawfully destructed or accidentally lost. It is important for you to remember however, that unfortunately, the transmission of information via the internet cannot be 100% secure. As such, although we will do our best to protect your Personal Data, we cannot guarantee the security of data transmitted via our website or our services.
TRANSFER OF YOUR DATA
We are a global fund with offices around the world. Our databases are located currently in Israel. Some of our processing activities are made in Israel and in Bulgaria (i.e. in the EU). The European Commission has decided that Israel ensures an adequate level of privacy and data protection, therefore, in accordance with the GDPR, the transfer of Personal Data to Israel is lawful and does not require any specific authorization. Any future transfer of Personal Data outside the EU to a third country (other than Israel) shall be made in accordance with applicable law, including by providing adequate protections, or otherwise implementing appropriate safeguards to ensure the protection of our users’ rights.
P.O. Box 12944
SeaView Towers Building A
Herzliya Pituach, Israel