Privacy Notice for SurgoCap
Effective Date: February 28, 2022
This Privacy Notice (“Notice”) describes the practices of SurgoCap Partners LP (“SurgoCap” or “we”) as they pertain to information collected through our websites that link to this Notice (collectively, “Sites”) or in connection with SurgoCap-sponsored events, conferences and related activities (collectively, “Events”). If you are located in the European Economic Area (“EEA”) or United Kingdom, SurgoCap is the data controller with respect to the processing of your personal data pursuant to GDPR. Please note that this notice does not apply to information collected from our investors in connection with our financial products and services. We address such practices in separate notices as required by applicable law and regulation.
Please read this Notice carefully to understand our information practices with respect to our Sites and Events. If you do not agree to this Notice, then you should not use the Sites or participate in Events.
SurgoCap may change this Notice from time to time, and any modifications will be effective immediately upon posting, unless indicated otherwise.
Information We Collect
We collect information in multiple ways, including when you provide information directly to us and when we passively collect information from or about you, such as from your browser or device. We may combine all of the information we collect from or about you from these various sources.
Information You Provide to Us
We collect any information that you provide to us, including, but not limited to, when you (1) register for Events; (2) inquire about Events or otherwise contact us through our Sites; (2) sign up to receive information about Events or related activities; (3) participate in Events; (4) provide feedback in online surveys; and (5) submit other content and suggestions. Such information may include:
On occasion, we may ask for additional information to enable us to provide you with access to and use of certain other information, materials and services.
Information Collected from Third Parties
We may collect or receive information about you from other sources, including publicly-available websites and resources. We may add this information to the information we have already collected from you through our Sites or Events in order to enhance and improve the services we provide to you, or use such information for our and/or our affiliates', subsidiaries' and portfolio companies' business and operational purposes, such as recruiting.
Information Collected from Social Media and Other Content Platforms
In some cases, you may be able to access Sites via social media or other third-party platforms (such as LinkedIn, Facebook, Google and Twitter). By using these services to connect with us, you may allow us to access information from your social media profile, such as name, gender, and profile picture, consistent with your privacy settings or as allowed by you on that service. If you do not wish to have this information shared, do not use such third-party platforms to access our Sites or Events. Please note that your use of such third-party platforms is governed by those services’ privacy policies. We have no control of, and assume no liability for, the privacy practices of third-party services.
Information We Collect Through Automated Means
We also collect information through automated and technical means as you browse our Sites.
Use of Personal Information
We may use the Personal Information we collect from and about you through the Sites and in connection with Events for the following business and commercial purposes:
Please note that we may combine information that we collect from or about you (including automatically collected information) with information we obtain about you from our affiliates, subsidiaries, and/or non-affiliated third parties, and use such combined information in accordance with this Privacy Notice.
We may aggregate and/or de-identify information collected through the Sites or in connection with Events. We may use aggregate or de-identified information for any purpose, including without limitation for research and analytics, and may also share such data with any third parties, including partners, affiliates, subsidiaries, services providers, and others.
Legal Bases for Use of Your Information
The legal bases for using your information as set out in this Notice are as follows:
Sharing of Personal Information
We may disclose and/or share your information as described below and elsewhere in this Notice, including with:
We will retain your information for the period necessary to fulfill the purposes outlined in this Notice unless a longer retention period is required or permitted by law.
Website Analytics and Do-Not-Track
Additional Information for California Consumers
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and share your “personal information” (as defined in the California Consumer Privacy Act (“CCPA”)).
Categories of personal information we collect and how we use them. We collect and disclose the following categories of personal information for the business purposes described in our main Notice, above: identifiers (such as name, address, email address); commercial information (such as purchase information); financial data (when you pay for an Event via our payment processor); internet or other network or device activity (such as browsing history or Site usage); audio or visual information (such as CCTV video or call recordings); gender; physical characteristics or description (such as your photo or height/weight/clothing size to provide you with appropriate-sized apparel for Events); professional or employment related data (such as information about your type of work, title, or profession); general geolocation information (e.g., your city and state based on IP address, contact information including your physical address, or precise location, with your consent); and other categories of information, with your consent.
Categories of parties to which information is disclosed. We disclose the above categories of personal information to our SurgoCap affiliates, subsidiaries, portfolio companies, our service providers, resellers, and entities for legal purposes.
California Consumer Privacy Act Rights. The CCPA provides certain rights to California residents in connection with personal information that is collected and sold, as defined under the statute. For instance, if you are a California resident, you may request that we:
You also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights. These rights are subject to certain exceptions or qualifications, including Personal Information provided in connection with our financial services that is subject to the Gramm-Leach-Bliley Act.
If you have questions about SurgoCap’s practices in connection with the Sites or Events, or want to exercise any of these rights, then please contact SurgoCap at [email protected]. Note that you will be required to verify your identity before we fulfill your request. To do so, we will request certain information that you have provided to us. You can also designate an authorized agent to make a request on your behalf. To do so, you must provide us with written authorization or a power of attorney, signed by you, for the agent to act on your behalf. You will still need to verify your identity directly with us.
California Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.
Do Not Sell Notice. CCPA sets forth certain obligations for businesses that “sell” personal information. We do not “sell” personal information and have not engaged in such activity in the past twelve months.
Additional Information for Residents Outside of the United States
Transfers. SurgoCap is a United States company, but operates Events globally. As such, we may store your information in the United States, and transfer your information to service providers and other parties (as described in “Sharing of Information” above) located outside of your country of residence, including in the United States. This is necessary to provide the Sites and Events, and for the purposes outlined in this Notice. Data privacy laws vary from country to country and may not be equivalent to, or as protective as, the laws in your home country. We take steps to ensure that reasonable safeguards are in place to provide an appropriate level of protection for your information, in accordance with applicable law. These measures include data transfer agreements. By providing us with your information, you acknowledge any such transfer, storage or use.
Your rights. Local legal requirements, such as those in the EEA, may afford you additional rights. Your local laws (such as those in the EU) may permit you to request that we:
We will consider all requests and provide our response within the time period required under applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances such as if we need to continue processing your information for our legitimate interests or to comply with a legal obligation. We may request that you provide us with information necessary to confirm your identity before responding to your request.
If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us at [email protected].