Data protection notice

This data protection notice applies to the data processing activities by Golding Capital Partners GmbH, Einsteinstrasse 172, D-81677 Munich, E-mail: info@goldingcapital.com as the controller as stipulated in the EU General Data Protection Regulation (GDPR).

We are pleased that you are visiting our website. We attach great importance to data protection and data security in the use of our website. We therefore undertake to protect your privacy and treat your data in confidence. In the following, we would like to tell you which of your personal data we record during your visit to our website and for what purposes they are used. As changes in legislation or our internal processes may make it necessary to modify this data protection statement we would ask you to read its contents regularly.

What are personal data?

Personal data are items of information that can be used to find out about your personal or factual circumstances. Information that does not allow us to make a connection to you (or only with a disproportionate effort) is not personal data.

Collection and storage of personal data, types of data and purpose for which they are used

When you visit our website

When you visit our website, your browser automatically sends information to our website's server. Such information includes without limitation your IP address, the website from which you came to our website (the so-called referrer) and the browser you use (the so-called user agent), as well as user data such as date and time of your visit, the pages you opened, logs, status codes, data quantities and the host name you called. Such information will be stored in a so-called “logfile”. The IP addresses are anonymised by removing the last three digits before they are stored.

This information will be processed by third parties, including without limitation by our third-party hosting and website management service providers, in order to facilitate the use of the website and to ensure system security and stability. The processing of data to this extent is required in order to protect our legitimate interests. The stored information will be erased after 60 days at the latest.

If you use our application form

You may send an online application to our company, either in response to one of our vacancies or unsolicited. In this case, only those of your personal data you provide in connection with your application will be collected, including without limitation your name and address, telephone number, e-mail address and the data contained in your CV.

Your personal data and information will be collected and stored with utmost care and integrity and will not be used except for the processing of your application. The processing of your data is required for the decision on your employment. To the extent your application concerns our sites in Luxembourg or New York, we transmit your data to the relevant group companies of Golding Capital Partners.

Should we be unable to offer you a position and inform you thereof, we will erase your personal data 6 months after such information unless you give your express consent to keep the data in case any future vacancies arise. You shall be entitled to revoke such consent at any time. In this case, we will erase your personal data without delay.

Sending your application means consent to the processing and transmission of your data solely for the application procedure. These data are processed based on your voluntarily given prior consent.

If you subscribe to our newsletter “Jobalert”

You may choose to receive information on new vacancies. In order to be able to receive our newsletter, you must provide an e-mail address and search criteria relating to your location, career level and qualification. These data are processed based on your voluntarily given prior consent. Your email address will be used exclusively for this service and will not be given to any third parties. You may unsubscribe from our newsletter at any time, using the link provided at the bottom of each newsletter. In this case, we will erase your personal data without delay.

If you use our reporting portal as an investor

You may use our reporting portal (the so-called investor portal), if you were appointed contact person for an investor investing in one of our investment programmes and you disclosed to us your personal data together with the subscription documents. This includes without limitation your name and work address, telephone number, e-mail address and selection criteria for any desired correspondence. As part of the registration process, we will send you a user name and temporary password. Your registration is completed the first time you log onto the portal.

When you visit our reporting portal, the user data automatically transmitted based on your visit and other user data, such as the date and time of your visit and the documents you download, will be stored.

The processing of your personal data is required as part of the management of the investment programme to fulfil contractual and legal obligations. Your personal data are stored based on the statutory retention period for at least five years from the end of the investment programme and will be erased thereafter.

If you use our due diligence portal as a potential investor

You may use our due diligence portal (the so-called “virtual data room”), if you were appointed contact person for a potential investor investing in one of our investment programmes and your personal data were disclosed to us by you or in connection with such potential investor. These data may include without limitation your name and work e-mail address as well as the investment programme on which you request information. As part of the registration process, we will send you a user name and temporary password. Your registration is completed the first time you log onto the portal.

When you visit our due diligence portal, the user data automatically transmitted based on your visit and other user data, such as the date and time of your visit and the documents you download, will be stored.

The processing of your personal data is required as part of the sale of the investment programme to fulfil (pre-)contractual and legal obligations. Your personal data are stored based on the statutory retention period for at least five years after the end of the investment programme and will be erased thereafter. Should the institutional investor for which you were appointed contact person decide not to invest in our investment programme, we will erase your personal data (based on statutory retention periods) 6 years after the virtual data room was closed for the relevant investment programme.

The virtual data rooms for our investment programmes are provided by a third-party service provider. That third-party service provider will process your personal data to the extent necessary for the management and use of these virtual data rooms. When you visit the due diligence portal, you will be redirected to the service provider’s website. Please note our information on the use of hyperlinks. 

If you send a complaint

You may send us a complaint at any time.  In this case, only those of your personal data you voluntarily provide in connection with your complaint will be collected. This includes your name and address, telephone number and e-mail address, as well as any information you voluntarily provide as part of the complaints process.

The processing of your personal data is required as part of the complaint management process to fulfil legal obligations. On the basis of the statutory retention period, your personal data will be stored for at least 6 years and erased thereafter.

If you send a request for information

Additional personal data such as name, address, telephone number or e-mail address will not be collected unless you provide this information voluntarily, including without limitation in connection with a request for information.

We use your personal data for statistical purposes and for pseudonymised analyses. We will only use these data for product-related surveys or for marketing purposes with your prior consent and only to the extent specifically required for the relevant purpose. We will not disclose your personal data to public authorities unless this is provided for by law. Our employees are bound by confidentiality agreements. Personal data will be erased after they are no longer necessary for the purpose for which they were collected and stored, unless they must be stored for a longer period of time based on statutory retention periods.

If you use hyperlinks

Our website contains hyperlinks to websites of other providers. By clicking on them you are transferred directly from our website to the other provider's website. This is visible by the change of URL. We accept no responsibility for the handling of your data on these external websites, because we have no control over whether these companies comply with data protection regulations. Please find out how these companies handle your personal data directly by looking at their websites.

Disclosure of personal data

In addition to the purposes specifically stipulated, we disclose your personal data to third parties based on your prior consent, based on a statutory obligation, if this is necessary in order to fulfil a contract we concluded with you or in order to assert, exercise or defend legal claims, and always to the extent there is no reason to believe that you have a compelling legitimate interest.

Data security

To the extent that we gather personal data we store it on specially protected servers. Access to it is restricted to a few, specially authorised individuals who are involved with technical, commercial or editorial aspects of the website.

To prevent the loss or misuse of data stored at GCP we take extensive technical and operating precautions, which are regularly reviewed and updated in line with technological developments.

We must nonetheless point out that the structure of the internet means that data protection regulations and the security measures described above may not be respected by third parties outside our control. In particular data transmitted in unencrypted form – even by email – can be read by third parties. This is something over which we have no technical control. It is your responsibility to protect the data you provide against misuse, by means of encryption or otherwise.

Information about /deletion of your personal data stored at GCP

We will be happy to tell you on request at any time whether your personal data is stored with us and if so, which data. If despite our efforts to ensure that the data are correct and up to date we should have stored any false data, we will rectify them without delay on request. If you ask us to delete the stored data we will comply with this request within the framework of statutory provisions. If they cannot be deleted for legal reasons, it may be possible to block the data instead. You have the right to data portability.

Right to object

To the extent we process your personal data based on legitimate interests, you have the right to object to the processing of your personal data on grounds relating to your particular situation.

Should you have any questions regarding information, rectification and erasure or should you wish to object to the processing of your personal data, please contact our

Data protection officer

Dr. Volker Wodianka LL.M.
Wodianka privacy legal GmbH
Dockenhudener Straße 12a
22587 Hamburg, Germany
Phone: +49 40 211 0786-0
www.privacy-legal.de

Right to lodge a complaint

You are entitled to lodge a complaint with the competent supervisory authority.