Grosvenor Diversified Property Investments – Privacy Notice


Introduction

This Privacy Notice sets out how we obtain, use and protect your personal information when carrying out our business activities. For the purpose of this Privacy Notice, ‘we’, ‘us’ and ‘our’ refers to Grosvenor International Investments Limited (which is the legal name for Grosvenor Diversified Property Investments) and ‘you’ refers to you (the data subject).

Our use of personal data

How do we collect personal information about you?

We collect information about the employees, representatives and other key personnel, advisers and agents of our business partners (e.g. our co-investors and suppliers). 

This information is primarily received directly from you, your organisation or its advisers. This may include: (ii) information provided in correspondence (e.g. by email); (ii) information provided to us prior to or at an event/meeting (e.g. on a business card or when replying to one of our event invitations); and (iii) when you or your organisation provides information for our business partner and supplier onboarding/set up process and due diligence.

We may collect information from background or risk screening companies and public sources when conducting due diligence on executives, shareholders, beneficiaries and other key persons relating to our co-investors, vendors, suppliers and other business partners as part of our due diligence/KYC processes. 

We may also access contact information that is in the public domain, such as from an organisation’s website or publications or other resources in which companies choose to publish their business contact information.

What personal information may we process about you?

Contact details including some or all of the following:

  1. forename and surname;
  2. business email address;
  3. business phone number (mobile and landline);
  4. job title;
  5. employing organisation;
  6. office address; and
  7. where relevant, the name, email address and phone number of the data subject's personal assistant;
  • In the case of key individuals involved in the management of potential co-investors and suppliers, details including:
    1. name, address, country of residence;
    2. signatures and other information contained in contracts;
    3. photographs and other biographical details contained in pitch documents;
    4. investment activity;
    5. event attendance details (including dietary requirements);
    6. current and past employment history (including directorships and shareholdings and other information contained in CVs and references);
    7. public profile information (including relevant details, opinions, preferences and areas of interest expressed on LinkedIn and corporate biographies); and
    8. any sensitive associations, adverse media, sanctions and political exposure; and
  • If you attend one of our events, your biography and photograph (if you agree to provide it).

What we may process your personal information for

  • We may use the information we collect about you to:
  • initiate, negotiate and maintain efficient contact/communication and manage our relationship with business partners and suppliers;
  • identify key individuals involved in potential investment opportunities;
  • properly identify individuals and form a view on the degree to which they are an appropriate counterparty for Grosvenor;
  • organise and manage our events (if you attend); and
  • inform you about Grosvenor news and activities and/or invite you to events which we think will be of interest to you (if you have requested this, we are permitted by law or you have provided consent).

Who we may share your personal information with

We may share your personal information with:

  • our service providers (for example, those who provide or help us to manage our IT systems, business communications, background/risk screening companies and our events); and
  • other Grosvenor organisations and their respective employees,

as may be necessary or desirable for the purposes described above. They will be under an obligation to protect the confidentiality and security of that personal information (unless otherwise required or permitted by law).

In addition, we may also share your personal information with the following recipients:

  • if you attend one of our events and agree to provide your biography and photo, this may be shared with other participants of the event;
  • our banks, investors, insurers, auditors and advisors for financial, audit and professional services; and
  • local and foreign regulators, governments and law enforcement authorities, local and foreign courts, tribunals, arbitrators, other judicial committees and enactments of laws for a legal, regulatory or law enforcement matters.

Retention of your personal data

Your personal data is retained for the duration of our relationship with you as a contact or with your organisation and for up to 6 years following the end of that relationship (unless an alternative date is agreed). However, we may continue to hold your personal information for longer periods in accordance with our IT backup procedures or for legal, accounting or financial reasons. 

Anonymised Data

We (or our third party service providers on our behalf) may process your personal information in order to generate anonymous statistical information and we may use this for any purpose (including strategic business planning or management decisions).

We also generally allow our third party service providers (such as those providing cloud IT services to us) to process your personal information to generate anonymous statistical information to improve their products and services.

We may also receive anonymous reports and analysis from third party service providers that have been prepared using personal information that they or their business partners collect about you (for example, footfall analysis). Those third parties are responsible for providing notice and obtaining consent where required by applicable data protection laws.

Your rights regarding the personal information you provide to us

European data protection laws provide you with rights concerning your personal information. These may include:

  • A right to receive information about our processing of your personal information, such as what is collected, where it is obtained from, what it is used for, whether it is disclosed and to whom.
  • A right to receive or port a copy of the personal information we hold on you in a structured, commonly-used and machine-readable format.
  • A right to correct inaccurate or incomplete personal information we hold on you.
  • A right to require us to stop or to restrict our processing (including transfer to third parties) of your personal information (particularly where unlawfully used or obtained).
  • A right to require the erasure of personal information we hold on you once it is no longer necessary in relation to the purposes for which the personal information was collected or is being processed.

If you wish to exercise any of these rights, or if you have a complaint about how we manage your personal information, please contact us using the details in the Contact section below.

Legal grounds for processing personal data

We process personal information if at least one of the following bases applies:

  • to comply with our legal obligations to you;
  • to comply with contractual obligations; and
  • to meet our legitimate interests, for example to inform you of our services, or providing new services. We must ensure that if we process personal data to meet our legitimate interests, we have ensured that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.

We may ask for your consent to processing personal data as required by law, in relation to direct marketing and in relation to processing sensitive data. If you provide your consent, you can withdraw that consent at any time by contacting us using the details in the Contact section below. In the case of direct marketing, you can also use the unsubscribe link in the footer of the email to opt-out of receiving that communication.

Data Transfers

We (or third parties working for us) may store your personal data on systems anywhere in the world, including in particular the UK, Europe and the US. Where your personal data is transferred outside of the UK to a country that the UK does not consider to have laws providing adequate safeguards for your personal information, we (or third parties working for us) will ensure there are adequate safeguards through the data importer’s agreement to transfer terms approved by the Information Commission’s Office (unless an exemption applies under applicable data protection laws).

Security Warnings

Please note that messages you send to us by e-mail or via any internet connection may not be secure. If you choose to send any confidential information to us by such means you do so at your own risk with the knowledge that a third party may intercept this information and we do not accept any responsibility for the security or integrity of such information.

Please also take time to consider the legitimacy of any communications purporting to be from us or third parties working on our behalf. Do not respond to requests for payment or click on links unless you know they are not malicious. If in doubt, please contact us via other means.

Contact

If you have any questions, comments or requests regarding any aspect of these privacy notices, please contact us by email at: dataprotectionGGL@grosvenor.com or post at: Head of Legal, Grosvenor International Investments Limited, 70 Grosvenor Street, London, W1K 3JP.

Should you not be satisfied with our response and remain concerned your personal data is not being processed in accordance with UK data protection law, you also have the option of raising the matter with the UK Information Commissioner’s Office (https://ico.org.uk).

March 2022

Group 2