At Rising Tide Europe, we are fully committed to protecting our customers’ information and we take this responsibility very seriously. This Privacy Notice document provides full clarity and transparency about:
- what personal data we collect and process about you through your use of our online platform and mobile application, or with respect to your relationship with us as a customer;
- why we need to collect this information from you;
- how and where we obtain information from you;
- where and how we will store your information, and for how long we will keep it;
- what we will do with that information;
- what data we transfer and/or disclose, and to whom;
- how we deal with you data protection rights, and how we comply with data protection rules.
Who the Data Controller is
“Go Beyond” (referred to herein as “Go Beyond”) in this Notice, primarily refers to Go Beyond Limited, the main operating company of the Go Beyond Investing group, and, where appropriate, to other companies in the Go Beyond Investing group or other entities over which Go Beyond Investing exercises management control.
“Rising Tide Europe” (referred to herein as “we”, “us”, “our” or “RTE”) in this Notice, primarily refers to each special limited partnership (referred to herein as “SLP” registered in Luxembourg (sociétée en commandite spéciale) and managed by Go Beyond Ventures Sarl, a registered alternative investment fund manager under article 3 (2) of the Law of 12 July 2013 on alternative investment fund managers, with registration number B200917 and whose registered office is 10A, rue Henri M. Schnadt, L-2350, Luxembourg (referred to herein as “GBV”). Each RTE SLP is the “data controller” of all personal information that is collected from and used about the respective limited partners of each RTE SLP, for the purposes of regulation (EU) 2016/6791, the European Union’s (‘EU’) new General Data Protection Regulation (‘GDPR’).
What data we collect
According the European Commission, “personal data is any information relating to an individual, whether it relates to his or her private, professional or public life. It can be anything from a name, a photo, an email address, bank details, your posts on social networking websites, your medical information, or your computer’s IP address” – click here to read full press release.
We will collect personal data about you through your use of our online platform and mobile application, or with respect to your relationship with us as a customer, whether directly or indirectly via one of our trusted third party partners. We may also collect data from you when you contact us yourself directly or when you participate in a questionnaire or survey.
Below is a list of specific data groups that we may collect about you:
- Name, home address, e-mail address, telephone number, social media profiles, other electronic means of communication (such as Skype name), nationality, date of birth, gender;
- Investor Due Diligence information and documentation that includes Proof of Identity (such as passports or national ID cards & pertaining details), Proof of Address (such as utility bills and bank statements), Source of Funds Declarations and Client Profiles, as well as business data where applicable;
- Investment history, including information related to your investments;
- Information you provide about your investor profile in our periodical questionnaires;
- Information about your purchases of our products and services;
- Information about your use of our website and mobile app;
- The communications you exchange with us or direct to us via letters, emails, chat service, calls, and social media.
- Location, including real-time geographic location of your computer or device through GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, if you use location-based features and turn on the Location Services settings on your device and computer.
Personal information is collected with your permission when a request is submitted online or via email to RTE.
Why we collect your data
Your personal data is processed by Go Beyond Ventures Sarl, located in Luxembourg and Go Beyond Limited, located in Malta. We guarantee to use the data collected online in a correct manner and to only process your personal data where we have a legal basis to do so. The legal basis will depend on the reasons we have collected and need to use your personal data for.
In most cases we will need to collect process your personal data so we can enter into our contractual obligations with you. We may also use your personal data in any of the following manner:
- setup a user for you to access Go Beyond’s online platform;
- process purchases that you make on the Go Beyond platform or offline – we use your payment information for accounting, billing and audit purposes and to detect and / or prevent any fraudulent activities;
- provide you with the products and services you request of us:
- as an entrepreneur and startup owner, we provide you with access to a deal room, for you to populate it with information about your startup, for us to screen accordingly;
- as a RTE member, and if the product you purchased provides for this, we provide you with:
- access to our deal flow, and the respective deal rooms on our platform, and to update you with investment opportunities that are currently ready to invest in;
- access to our events, both physical and virtual, and our training webinars, if the product you purchased provides for this;
- access information about our events and webinars, and updates to notify you of any changes/updates that may happen – these communications are not made for marketing purposes and cannot be opted-out of;
- processing and monitoring on your behalf of investments you make via our platform;
- carry out due diligence on you as an investor, as is required of us by international laws and standards for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) – we may pass your information to government authorities or enforcement bodies for compliance with legal requirements;
- manage our relationship with you as our customer and to improve our services and enhance your customer experience with us;
- for statistical and marketing analysis, systems testing, customer surveys, maintenance and development, or in order to deal with a dispute or claim:
- note that we may perform data profiling based on the data we collect from you for statistical and marketing analysis purposes;
- any profiling activity will be carried out with your prior consent only and by making best endeavours to ensure that all data it is based on is accurate;
- by providing any personal data you explicitly agree that we may use it to perform profiling activities in accordance with this Privacy Notice.
- to electronically provide you with personalised and/or special offers, that we believe would be of interest to you:
- you will, at the time of first contact with us, have the opportunity to provide us your consent, or not, to do so, by opting in or out of receiving such communications;
- furthermore, on every electronic communication that we send to you, you will have the opportunity to instruct us that you no longer wish to receive our direct marketing material.
Only adults aged 18 or over can provide their own consent. For children under this age, consent of the children’s’ parents or legal guardians is required.
How we store your data
We follow strict security procedures in the storage and disclosure of your data, and appropriate measures and procedures are applied in order to maintain the level of personal data protection to prevent unauthorized access, accidental loss and damage. The data you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting information so that it can be securely transferred over the Internet.
RTE operates businesses in multiple jurisdictions, some of which are not located in the European Economic Area (EEA). We demand that all services providers we utilize to conduct our business, process your information in a secure manner and in accordance with EU and Malta law on data protection. We utilise standard means under EU law to legitimise data transfers outside the EEA.
How we share and transmit your data
The data you provided us may be transmitted to our related companies and/or trusted third parties for the purposes set out in this Privacy Notice. In such cases, we shall ensure that our partners and/or related companies take over the responsibility to protect personal data to an extent equal to that guaranteed in this Privacy Notice.
The data you provided us may also be transmitted to our related companies and/or partners when this is deemed necessary for the following purposes:
- To government authorities to comply with licensing and regulatory reporting requirements as are applicable to RTE.
- Carry out due diligence on you as an investor, as is required of us by international laws and standards for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT).
- Online payment processing companies and credit/debit card companies, to process your payment for purchases you make of our products and services, to ensure the security of your transaction as well as for anti-fraud screening.
- To trusted service providers we are using to conduct our business, specifically to process and monitor on your behalf, the investments you make via our platform.
- Legal and other professional advisers, law courts and law enforcement bodies in all countries we operate in, to enforce our legal rights in relation to our contract with you.
Your personal data shall not be disclosed to third parties without your express consent, except under legal obligation. More specifically, your personal data shall not be transmitted or provided to third parties outside the European Union without your express consent, except under legal obligation.
Your personal data (including your email) will never be shared with any third parties for marketing purposes.
How long we keep your data
We will only retain your data for as long as it is necessary to fulfil the purpose it is being collected and processed for. To determine the appropriate retention period, we take into consideration the nature and sensitivity of the personal data, as well as the purposes for which we will process it and whether we can achieve those purposes through other means.
We will also take into consideration legal obligations (such as AML-CFT) and customer service circumstances (such as handling queries, complaints and legal claims) that will require us to retain data for longer periods.
Any personal data held by us for marketing and service update notifications, as requested by you, will be kept by us until such time that you notify us that you no longer wish to receive this information.
When we no longer need your personal data, we will securely and irreversibly delete or destroy it. We will also consider if and how we can minimise over time the personal data that we use, and if we can anonymise your personal data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.
What are your rights?
You may, at any time, request us to confirm whether we hold any personal data about you, and if so, what information it is we are holding/processing and why we are doing so.
As a user of the platform www.go-beyond.biz, you may log in to the platform to access your My GoBeyond section, to view the information we hold on you. All clients of RTE, past and present, have a user account on this platform.
From within your My GoBeyond section, you will have the ability to
- view the data we hold about you, and the legitimate reason why we are holding it;
- rectify your data, where you find it to be incorrect or incomplete;
- request to have your data deleted – you may only request us to delete your data that we do not have good reason to continue to hold and process, or that we are not required to retain by law;
- object to processing of your data where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation that makes you want to object to processing on this ground;
- object to processing of your data where we are doing so for direct marketing purposes;
- request restriction/suspension of processing of your data, for example when you want to establish its correctness and the reason for why we are processing it;
- request your data to be ported to or from us – this entails us providing you your data in an electronically usable format for you to transfer to a third party;
- withdraw consent where you have previously provided us with your explicit consent to the collection, processing and transfer of your data for a specific purpose – upon receipt of your withdrawal of consent we will stop processing your data for the purpose you originally provided consent to, unless otherwise requested of us by law.
In the event that you wish to complain about how we have handled your personal data, please contact our Data Protection Officer (DPO) by email at firstname.lastname@example.org, or in writing at Go Beyond Limited, 93, Mill Street, Qormi QRM 3102 Malta. Our DPO will then look into your complaint and may request more specific information from you to help us confirm your identity and ensure your right access to information. This will empower our DPO to work with you to resolve the matter.
If you still feel that your personal data has not been handled appropriately according to the law, you can contact Data Protection Commissioner and file a complaint with them.
Changes to this Privacy Notice
This version of our Privacy Notice comes into force on 25 May 2018. We may occasionally make changes to this Privacy Notice, and will notify you by email or via a notice on our website/App.