Privacy Policy

Letterone Investment Holdings S.A. and Letterone Holdings S.A. and their affiliated companies (together, “LetterOne”, “we”, “our” or “us”) are committed to protecting and respecting your privacy. This Privacy Policy (the “Policy”) applies to personal data that we collect regarding individuals who visit our website and otherwise interact with us. It also explains who we are and how we collect, use, disclose, share and protect the personal data that we process and how you can exercise your privacy rights. 

We are subject to laws that govern the privacy of the information we may collect. This Policy contains information on our use of your personal data as a data controller, in accordance with relevant laws and regulations, including, where applicable, the EU General Data Protection Regulation (2016/679) (“EU GDPR”), the EU GDPR as it forms part of the laws of the United Kingdom by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (the “UK GDPR”), the DIFC Data Protection Law, DIFC Law No. 5 of 2020 and the ADGM Data Protection Regulations 2021, all as amended and restated from time to time.

Please read the following carefully to understand our practices regarding your personal data and how we will treat it. Please note that the rights discussed in certain sections of this Policy may be subject to exemptions or other limitations under applicable law. You may use the contact details provided below to contact us if you have any questions concerning this Policy.

What personal data we collect and how

Depending on how you interact with us, including whether you are a business partner, supplier or service provider, job applicant or general website visitor, we may collect personal data from or about you. When we use the term “personal data”, we mean information that can help us directly or indirectly identify you. 

The categories of personal data which we may collect include:

We may collect this information, from other third-party sources, and automatically from your use of our website. 

We may collect personal data through a range of means. These may include sources such as: (i) directly from you, where you interact with us via our website or otherwise, for example where you sent us a job application or fill in relevant forms and questionnaires); (ii) third-party sources, such as service providers (for example financial advisory firms, consultants, legal professionals) and other third parties; or (iii) publicly available sources, where we receive personal data through a publicly available source such as a website or publicly-available registry, including bankruptcy registers, sanctions screening databases, tax authorities, governmental agencies and departments, and regulatory authorities, and other sources such as credit reporting agencies or sources designed to detect and prevent fraud.

We may collect information about you automatically through your use of our website, for example your IP address, operating system and browser type, and how you navigate our website, for the purposes of system administration and to help improve our website. We may collect information about you by using cookies, tracking pixels and other technologies (collectively, “Cookies”). Please see further details in the Cookies section of this Policy. 

How we use your personal data and on what basis

Depending on how you interact with us, we may use your information for the following purposes:

We process personal data in circumstances where the processing relates to a legitimate interest and where that processing is necessary for the relevant purpose and not inconsistent with the interests, rights or freedoms of a relevant individual. Our legitimate interests include carrying out any and all functions necessary to enable us and to carry out investment activities and related functions. We may also process personal data where necessary to comply with legal obligations. Depending on the circumstances, we may also need to process your personal data for the performance of a contract to which you are a party, or related pre-contractual steps; or with your consent.

We may need to process certain personal data in order to be able to perform business operations or to comply with contractual requirements. If you choose not to provide us with the necessary personal data, we may not be able to meet our obligations or deliver the services or products requested. This may lead to cancellation of contracts; if this is the case, we will endeavour to contact you to discuss this.

We may from time to time process personal data for the purposes of marketing and advertising. Under certain data protection laws, an individual who does not wish their personal data to be processed for such purposes may request an opt out from such processing by contacting us at the contact details below.

Disclosure of your information

We may share personal data with certain third parties for the purposes set out above, including as follows:

Transfers of personal data outside certain jurisdictions

Our activities are such that it may be necessary for personal data to be transferred and/or processed outside the European Economic Area (“EEA”), the United Kingdom (“UK”), the Dubai International Financial Centre (“DIFC”) or the Abu Dhabi Global Market (“ADGM”). The countries to which your personal data may be transferred may not afford the same protections as the country your personal data is transferred from. Nonetheless, we will seek to ensure appropriate safeguards are in place so that a similar degree of protection is afforded to your personal data, including by transferring personal data in the following circumstances:

Further information on specific mechanisms utilised by LetterOne for transferring personal data outside the EEA, the UK, DIFC or ADGM and the countries to which such transfer may be made (which may include, but are not limited to the United States) may be obtained upon request via the contact details set out below.

Data Security and Retention 

We take reasonable steps to use physical, organisational, technical and administrative safeguards to protect personal data from unauthorised access and use. Given the nature of information security, there is no guarantee that such safeguards will always be successful.

We will retain personal data for as long as necessary to fulfil the purposes for which it has been collected. This will include any period of retention required to satisfy any applicable legal, taxation, accounting or reporting requirement. In determining the appropriate retention period for any personal data, we will endeavour to take into account relevant criteria such as the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of the data, the purpose for which the relevant data is being processed, the extent to which the purposes for which the relevant data is being processed can be achieved by other means and any applicable legal requirements. 

Further, in some circumstances, we may anonymise personal data for research or statistical purposes, in which case such information will no longer be linked to an individual and will not constitute personal data and may be retained and utilised indefinitely without further notice.

Your rights

You have the right to ask us not to process your personal data, in certain circumstances. You also have rights to request us to review the information held by us about you and to require us to update and correct your personal data, to provide you with details and copy of the information held by us about you and under certain circumstances you may have rights to request us to provide your details to others (known as portability rights), to obtain a restriction on processing of your personal data, the right to require erasure of your data and, where applicable, the right to withdraw your consent to the processing of your personal data at any time. The lawfulness of any processing based on consent prior to that withdrawal will not be affected by the subsequent withdrawal of such consent. 

You also have a right to lodge a complaint about the processing of your personal data with a data protection authority. We particularly appreciate it when you make your question, problem or complaint known to us in the first instance, via the contact details set out below. 

If you wish to lodge an external complaint, however, you may file one with any of the following data protection authorities, depending on the location: 

Cookies

Cookies are small text files that are stored in your computer’s memory and hard drive, in your mobile device or tablet when you visit certain web pages. They are used to enable websites to function or to provide information to the owners of a website, or other third parties which receive data obtained from that website. 

Currently, our website uses:

Changes to this Policy

Any changes we may make to this Policy will be posted on this website, and we may notify you by updating it with a “Last Updated” date at the top. The most current version of this Policy will be available on our website.

Contact us

If you have any questions, comments or requests regarding this Policy, please contact us at Compliance@letterone.com.

To exercise your data rights with LetterOne, please contact the following: 

Ratul Sood
Group Compliance Director
Email: rsood@letterone.com
Phone: +44 (0) 7762 02 5310

Ivie Igbinosun
Compliance Manager
Email: iigbinosun@letterone.com
Phone: +44 (0) 739 323 1291