Privacy Policy

1. Data Controller

The data controller for personal data processed in connection with our services is Run Capital Partners, registered in England and Wales at [REGISTERED OFFICE ADDRESS], company number [COMPANY NUMBER].

Group entities, including Run Asset Management (Luxembourg), RCP SRL (Milan), 3DOTS UK, Polaris Italia, and the yooro platform, may act as separate or joint controllers depending on the service. Where another group entity is the controller, this will be made clear in the relevant client documentation.

2. Data We Collect

We collect personal data when you interact with us as a website visitor, prospective client, client, or counterparty. This may include:

• Identification data: name, date of birth, nationality, government-issued ID.
• Contact data: email, phone, postal address, company.
• Financial data: source of wealth, source of funds, bank details, investment history, tax residency — collected where required for AML/KYC or for delivering the service.
• Website data: IP address, browser type, pages visited, cookie-derived analytics — see our Cookie Policy.
• Communications: records of emails, calls, and meetings with our team.

3. Lawful Basis for Processing

We process personal data under one or more of the following legal bases under UK GDPR and EU GDPR (Regulation 2016/679):

• Contract: processing necessary to enter into or perform a contract with you.
• Legal obligation: AML, KYC, tax reporting, CSSF, FCA, and other regulatory obligations.
• Legitimate interests: managing our business, improving our services, and protecting against fraud — balanced against your rights.
• Consent: where we rely on consent (e.g., marketing communications), you can withdraw it at any time.

4. How We Use Data

Personal data is used to:

• Deliver the services you have engaged us for.
• Meet anti-money-laundering and know-your-client obligations.
• Meet tax, regulatory, and audit reporting requirements.
• Communicate with you about your mandate and related matters.
• Improve our website and internal processes.
• Send you marketing communications — only where you have opted in.

5. Sharing & International Transfers

We share personal data with third parties only where necessary, including:

• Service providers: depositaries, administrators, auditors, legal counsel, and operational providers who support the delivery of our services. All are bound by confidentiality and data-processing agreements.
• Regulators: CSSF (Luxembourg), FCA (UK), Banca d’Italia, Consob, and other authorities where required by law.
• Group entities: within Run Capital Partners and its subsidiaries, where necessary for the service.

Where data is transferred outside the UK/EU, we rely on Standard Contractual Clauses, UK IDTA, or adequacy decisions to provide appropriate safeguards.

6. Data Retention

We retain personal data only for as long as necessary. Typical retention periods are:

• AML/KYC records: five years after the end of the business relationship, or longer where required by local law.
• Client records: the duration of the mandate plus [X YEARS].
• Marketing contacts: until you unsubscribe, then for [X MONTHS] for suppression.
• Website analytics: per our Cookie Policy.

7. Your Rights

Under UK GDPR and EU GDPR you have the right to:

• Access the personal data we hold about you.
• Request correction of inaccurate data.
• Request erasure, subject to legal and regulatory retention obligations.
• Object to or restrict certain processing.
• Request data portability.
• Withdraw consent where processing is based on consent.
• Lodge a complaint with a supervisory authority (ICO in the UK, CNPD in Luxembourg, Garante in Italy).

8. Contact

For privacy questions or to exercise any of your rights, contact us at info@runcapital.partners or by post at our registered office.