By “your information”, “personal data” or “personal information”, we mean information about you (or others acting on your behalf, such as your financial advisor or executor) from which you, or that individual, may be identified.

The categories of information we collect about you depend on the relationship you have with us. Please select your relevant category from the section “Specific information about your data” below.

We will let you know at the point of collecting your information whether this is optional, or whether it is necessary for you to provide this information to meet certain statutory or contractual requirements. If the latter, and you do not wish to provide us with this information, this may limit the services we are able to provide you.

We may collect, store or transfer a variety of personal information from you directly when you:

• communicate with us via email, phone, in person, or an online enquiry form;
• request or receive our Services; or
• access, subscribe to or interact with the Website.

We may also receive your personal information from other sources such as:

• your financial advisor or intermediary (if appointed)
• tracing companies (so that we can find a way to contact you to remind you about your investments, if we lose touch with you)
• fund marketplace platforms (which may send us breakdowns of the flows including names of Independent Financial Advisers)
• public searches (e.g. contact details of financial advisers from LinkedIn)
• credit reference agencies, the London Gazette or other solvency searches
• Mercia or other event attendance lists (if you have agreed to be contacted by us)
• business intelligence portals (this may cover contact details of employees of institutions we’d like to work with from portals we subscribe to providing information on industry trends, e.g. Meltwater)
• your employer (if you are the nominated contact for a corporate client)
• third party risk and compliance portals (for regulatory checks) and credit referencing agencies
• your profile on any external websites that you submit in connection with your job application (e.g. Linkedin profile, website, blog or portfolio)
• certain third party analytics cookies which collect information on how visitors use our website (see our Cookies policy here for further details).

We will only use your personal data if we have a permitted lawful basis to do so. Generally we collect your personal data because is it necessary for:

• Performing our contract for the Services with you. This means processing your personal data where it’s necessary to fulfil a contract with you or to take steps, at your request, before entering into such a contract.
• Pursuing our legitimate interests. This means processing your personal data as and, when necessary, to do so in order to conduct and manage our business and to provide you with the best service and experience. We make sure we consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests. We don’t use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
• Complying with our legal or regulatory obligations. We may also rely on your consent to use your personal data for marketing purposes (see “Marketing communications” below).

The purposes for which we use your personal data differ according to your reasons for engaging our services. Please select your relevant category from the section “Specific information about your data” below for further details of why and on what grounds we process your data.

Regardless of your status, we will generally process your information for:

• monitoring the use of our Website (for our legitimate interests in providing effective services to you)
• complying with our contractual obligations, such as requirement to appropriately apply regional funding

We may rely on your consent to use your personal data for marketing purposes. This means that:

• where you have subscribed to our emails or ‘opted in’ to receive marketing communications from us, you have agreed that we may use your information to contact you by email, post and occasionally by telephone about new developments, offers and events that you may find useful. This may also include other similar products and services offered by us or any of our related entities from time to time.
• where you have permitted us to use your personal details in connection with our promotional materials (e.g. to provide a quote from you in relation to a news update about our work with you), you have agreed that we may publish your name, company name, job title, comments about the services you received from us and any other reasonable personal information which may be relevant to the PR materials on our Website or other forms of media (e.g. published journals and newspaper articles).

You can withdraw your consent to marketing at any time by clicking the “unsubscribe” button at the bottom of each marketing email you get from us or contacting us using the details in the “Contact us” section below.

However, if we have collected your contact details in connection with another purpose or under another lawful basis (e.g. to provide certain contractual services to you), we may still be permitted to retain your data for those alternate purposes after you have withdrawn consent for marketing purposes. Additionally, withdrawing your consent may mean you are unable to receive certain further services from us and it may not always be possible to remove your personal details from existing promotional materials before you withdrew your consent (e.g. if the materials have already been distributed in hard copy).

When we communicate with you it will be from either or both of Mercia Asset Management PLC, or Mercia Asset Management, which is the collective brand name used for our group companies.

Please click the relevant headings below to see more specific information about the personal data that we collect about you, our purposes for collecting this data and our legal grounds.

Are you:

• an individual investor in one or more of our funds?
• an advisor, wealth manager, an employee of an existing or potential institutional client, or are exercising investment control for an institutional client?
• a potential investor in one of our funds?
• a director or a co-investor of a fund or company which we have looked to invest in/invested in?
• a co-investor in a company which we have provided equity/ loan funding to?
• a director or member of the management team of a company which we have provided equity/ loan funding to?
• an associate providing professional services to us (e.g. Mercia’s financial advisors, bankers, accountants, lawyers and network contacts) or a supplier of commercial services?
• applying for a job with us?
• a member of our Non-Executive Director Network?

Generally your information will only be used by Mercia and its group companies, and will not be shared with other third parties (particularly for marketing purposes) without your prior written consent, except where we are required to do so to meet legal or regulatory requirements. All Mercia group companies maintain the same levels of data protection, confidentiality and security.

• However, we might occasionally need to share this data with other parties to deliver the required service to you or to comply with our legal obligations. These include third parties who are providing goods or services to you in connection with our Services, including providers of our financial advisory, payment, IT hosting and support, communications, consultancy, PR, market research and recruitment services. These include, as at the date of this version of the policy; BambooHR LLC, Teamtailor, Project Affinity Inc and Hubspot Inc
• Authorised by you to receive information held by us, e.g. your appointed financial advisors
• Contacting you directly about their offers, promotions, goods or services (if you have requested to be contacted for such purposes)
• Fund administrators and custodians specifically for:
• EIS investors: Mainspring Fund Services Limited
• N2, N3 and NVT investors: The City Partnership (UK) Limited
• External debt/ equity approval committees (VCT and FDC transactions only)
• Purchasers or prospective purchasers of our business and/or assets (in whole or in part), in the event that we sell, trade or licence any part of our business and/or assets
• Our agents and associates, e.g. our financial advisors, bankers, auditors, accountants and lawyers
• Our business partners, joint venture entities or partners
• Necessary recipients of your data in order for us to comply with our legal obligations, enforce or apply our terms of use, or to protect the rights, property and safety of our customers or others. This may include the police, law enforcement bodies, regulators/supervisory bodies, credit reference agencies or other organisations involved in the provision of fraud protection and credit risk reduction purposes
• Debt collection agencies and related activities

In the majority of cases where we do share your personal data with third parties we will continue to act as controllers.  The third party will be required to follow our privacy policy to ensure your personal data is only used and processed for the specified purposes, to process your data in accordance with our instructions and to adhere to the appropriate technical requirements and other regulations required by law.

There are a number of situations where we do share your personal data with third parties. Examples of such times are:

• in debt collection cases, where third party debt collection organisations will act as controllers of your data
• in cases where third party investors, such as the British Business Bank, require your personal data for compliance with their legal obligations or for auditing purposes
• where your investment results in you being a named shareholder in a company, in cases where a request is made for a copy of the shareholder register in accordance with s116 Companies Act 2006

We keep your data for as long as it’s necessary to meet the relevant purposes for which we’ve collected your data, including for the purpose of satisfying any legal, accounting or reporting requirements.

To determine the appropriate length of time for holding your data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purpose for which we process your data and whether we can achieve those purposes through other means, along with the applicable legal requirements.

In cases where your data is transferred outside of the UK, we take steps to ensure that appropriate safeguards are in place to protect such data.

Such safeguards may include a data transfer agreement with the data recipient based on standard contractual clauses or other such mechanism as is approved by the European Commission for transfers of personal data to third countries.

For further details relating to the transfers described above and the adequate safeguards used with respect to such transfers, please contact us.

Under certain circumstances, you have rights under data protection laws in relation to the personal data we hold about you. You can request to:

• access information held about you. Please note that we reserve the right to request for proof of your ID to process the request, and to charge you a reasonable administrative fee for any repetitive, manifestly unfounded or excessive requests. If we refuse your request to exercise this right, we will give reasons for our refusal and allow you to challenge our decision
• rectify any incorrect or incomplete data we hold about you. It is both in our interest and yours that any personal information we hold about you is accurate, complete and current. If the data we hold about you is inaccurate in any way, please contact us to have your personal information corrected
• delete, restrict or remove the data we hold about you
• transfer the data we hold about you to another party
• object to any further processing of your data

You can make all such requests via emailing: data@mercia.co.uk

Please note that in respect of all these rights we reserve the right to refuse your request based on the exemptions set out in the applicable data protection laws.

If you have any concerns about how we handle your data, please contact us. If you are not satisfied after we’ve tried to resolve your issue, you’ll be entitled to lodge a complaint with our data protection regulator, the Information Commissioner’s Office (ICO). Please see the ICO website for further details, www.ico.org.uk

Our site may, from time to time, contain links to and from third party websites. Please note that if you follow a link to any of these websites these will have their own privacy policies which should be checked before you submit any personal information through them. We are not in control of, and do not accept any responsibility or liability for, these policies or any third party websites.

For further information about our Cookies policy, please click here.

We may from time to time review and amend this Privacy Policy to take into account changes in law, technology and our operations. We will post any changes to this Privacy Policy on the Website from time to time. Please periodically review this Privacy Policy before using the Website as continued use of the Website shall indicate your acceptance of any changes. All personal information held by us will be governed by the most recent Privacy Policy posted on the Website.

If you have any questions or comments about this Privacy Policy, including requests to access or modify the user of your personal data, you can contact us by calling us on 0330 223 1430.