Prism Investment Management Ltd Privacy Policy

This policy describes the principles followed by Prism Investment Management Ltd (“PRISM”) in implementing the applicable privacy and information security requirements under the General Data Protection Requirements, the Data Protection Act and any other relevant legislation and guidance including GCHQ’s 10 Steps to Cyber Security, the ISO27000 family of standards (ISO27K) and the relevant regulatory requirements set out by the Financial Conduct Authority in the Principles for Business, Systems and Controls and Conduct of Business handbooks as well as FG 16/5 Guidance for Firms Outsourcing to the ‘Cloud’ and Other Third-Party IT Services. It is the policy of PRISM to comply with any legislation concerning the protection and prevention of loss or theft of information retained and stored by PRISM.

Collection of Information

PRISM collects contact information from its investors and partners from time to time. Contact details are collected directly from individuals and corporations that PRISM meets.

The types of personal information and data may include, without limitation:

  • Basic personal information including name, address, date of birth, contact details
  • Identity documents such as passport copies
  • Education and employment history
  • Business activities
  • Financial information including investment track record

PRISM does not collect information via third parties. The firm is registered as a data controller with the Information Commissioner’s Office (“ICO”) under registration number ZB378022  as a data controller and complies with the relevant data protection principles.

Use of Information

Personal information and/or data may be used to:

  • Stay in touch with investors, investees and partners by post, telephone, electronic mail, etc., in connection with your relationship;
  • Facilitate and manage PRISM’s business relationships. This may include sharing information internally as well as disclosing it to PRISM’s professional advisor; and
  • Facilitate business operations, including conducting due diligence, making investment recommendations, assessing and managing risk and fulfilling legal and regulatory requirements (including KYC and AML requirements).

Sharing of Information outside of the EEA

The personal information held by PRISM may be shared with:

  • Professional advisers such as lawyers and fund administrators, with whom PRISM has a contractual relationship.
  • Cloud-based service providers who hold personal information on our behalf, such as file storage and CRM tools.

PRISM does not transfer personal information to parties outside of the EEA, although the personal information held on cloud-based tools may located on servers outside of the EEA. PRISM only works with firms adhering to data protection laws.

Data Retention Periods

Personal information is retained by PRISM only as long as it remains necessary to fulfil the purposes PRISM collected it for, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.

The appropriate retention period for personal data is determined on the basis of the quantity, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of such personal data, the purposes for which the personal data is processed and whether those purposes can be achieved through other means, and the applicable legal requirements.

PRISM is legally obliged to retain basic information about clients (including contact, identity, financial and transaction data) for six years for tax purposes and for at least five years after a client ceases to be a client under the UK money laundering regulations 2017.

In some circumstances personal data may be pseudonymised for statistical purposes in which case PRISM may use this information indefinitely without further notice.

Opt-Out

PRISM contacts can opt-out at any time, if they no longer wish to receive communication from PRISM or if they want PRISM to delete their data. Any request to opt-out of the communication or to delete the data should be directed to legal@prism.ventures.

Security

PRISM takes all steps reasonably necessary to ensure that information and/or data is treated securely and in accordance with this Privacy Policy. Data is stored electronically on cloud-based solutions that are password protected and fully compliant with data regulation.

Rights in Relation to Data

Under GDPR individuals and entities have the right to access information stored about them. They are entitled to ask PRISM about:

  • The nature of the personal data;
  • The purpose for processing this personal data; and
  • The existence of any third parties with whom personal data may be shared.
  • The right to access personal data, correct it, object or cancel the data kept by PRISM can be exercised by contacting PRISM’s Head of Legal.

If you have a complaint regarding any aspect of the personal data PRISM collects or this Privacy Notice, please contact us at the address listed below in ‘Contacting PRISM’.

Complaints may also be made to the ICO using their online form: https://ico.org.uk/make-a-complaint/. Alternatively, complaints can be sent to the ICO at the following address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire SK9 5AF

Contacting PRISM

The point of contact for matters relating to data and more generally this Privacy Notice shall be PRISM’s legal team. You may contact us via email (legal@prism.ventures) or you may send a letter to the following address:

Prism Investment Management Ltd

Thomas House, 84 Eccleston Square, Pimlico

London SW1V 1PX

Changes to PRISM‘s Privacy Notice

PRISM aims to meet high standards of compliance with applicable regulation, so our policies are under frequent review. From time to time this Privacy Notice may be changed. The page will be updated periodically to reflect the latest version of the Privacy Notice.

Cookies

  • Cookies are simple text files. They are needed to help navigate automatic logins, password authentication, shopping cart functions, personal preference settings and a variety of other functions. Cookies make these functions smooth and hassle-free to the user.
  • Cookies do not search your computer for information. Cookies register the information you provide through your browser. When you enter personal and/or financial information on a website, the cookies store your information, both for ease of use on your next visit, and for ad tracking.
  • Information stored by cookies is usually encoded; it is protected from potential computer hackers by security features (which you, the website owner, have put into place.)
  • Cookies are necessary and enhance your browsing experience. Without cookies, you would have to re-enter all of your information every time you revisited a site. A cookie will simply remember your information on the website to save you time.
  • Cookies only store the information you provide. A cookie cannot “grab” your email address. A cookie can store your email address on the website if you have typed in your email address; a cookie stores all information you voluntarily give when you visit a website.
  • Cookies themselves contain very little information other than the URL of the website that created the cookie. Because there is so little information, a cookie cannot be used to identify you by name or other personal information. However, advances in technology have seen an increase in how companies can manipulate cookie information to create a profile of your web surfing habits. Again, this is a profile of a particular consumer’s surfing habits and product preferences, there is no name (your name) attached to the profile.
  • Cookies are harmless. They cannot introduce viruses on your computer.
  • Cookies are not the same thing as Spyware. A cookie stores your website surfing information; Spyware stores your Internet surfing information (every site you visit).
  • PRISM uses anonymous analytics and performance cookies. Analytics service providers use cookies to provide PRISM with statistical information on its website, such as the number of visitors, the length of their visit and how often visitors return to the PRISM website. This helps PRISM improve the functionality of its website.

 

More information about cookies can be found by clicking on this link.