Privacy Policy

Last updated on: 04th Jan 2022

Who We Are

Oxane Partners is a technology-driven solutions provider that supports private market investment firms across the investment lifecycle. We support investment teams through all the phases of an investment including pre-screening, investment analysis, portfolio monitoring, loan servicing, and valuations. Oxane Partners provide portfolio management, transaction support services, technology solutions, and independent valuation services among others. You can find more about us at About Us.

This Policy explains how we at Oxane Partners collect, use, retain and disclose Personal Information, and what choices you have with respect to the information.

Services

We are committed to your privacy regarding any information that we collect while you use our website, products, platforms, and services - collectively called as Products and Services. This Privacy Policy applies when you use our Products and Services.

Our Commitment

Our information handling practices are continually reviewed to ensure that they comply with the data protection regulation (such as EU’s GDPR 2018, UK Protection Laws and others), as well as "Reasonable Security Practices and Procedures and Sensitive Personal Data or Information Rules, 2011" under Section 43A of the Indian Information Technology (Amendment) Act, 2008.

Information We Collect

We process two main types of personal information.

  1. Customer Data - Personal information that forms part of data that is processed on behalf of our customers and their end-user.
  2. Other Data - Personal information about our customers, visitors, and other individuals that is collected and processed directly by us.

Our customers are the controller of Customer Data. Oxane is the processor (or sub-processor) of Customer Data and the controller of Other Data.

How we collect your Personal Information?

Customer Data

As customers, you provide data to us for processing as part of the usage of Oxane's services and platforms.

Customer Data may be processed by us as a result of customer's use of the Services when our customers, or their end-users, provide us the information or upload the information in our platforms including Personal Information that Customers hold and are authorized or entitled to disclose. For example, customers who use our platforms may upload Customer Data about their customers. Customer Data (i.e., device-related information) is also automatically collected when our customers or their end-users use our products and services.

This data includes name, email address, phone number, financial information, technical or device information (i.e., IP address, app usage & performance data, system health & compliance data, battery usage & details, etc). We collect billing details for invoice purposes.

Other Data

  1. Through information provided by you when
    • You submit your resume by mailing it to the specified Email ID
    • You fill up our Contact Us form and submit your Full Name, Email and Contact Number
    • You give us your Email ID for our newsletter subscription
    • You provide your contact details to us in a marketing event
  2. Through cookies on our website. The cookies collect information about you when you visit our website. For more information about cookies, please refer to the "Do we use cookies?" section on this Policy.
  3. Log Data – Our servers automatically collect information when you access or use our services. This data is recorded in log files. Examples of such data include IP addresses.
  4. Other Data – Apart from data that you provide us directly, we also may collect information about you from publicly available sources and third-party sources like professional network sites.
How we use your Personal Information?

How we use your personal data will depend on which Services you use and how you use those Services.

Customer Data will be used by Oxane in accordance with Customer's instructions, including any applicable terms in the Customer Agreement and as required by applicable law. Oxane is a processor (or sub-processor) of Customer Data and the Customer is the controller.

We use the data that we have about you to provide our products and services and provide support to you. In each case, we collect such information only in so far as is necessary or appropriate to fulfil the purpose of the interaction with our products and services.

Uses of Your Information:
  • To deliver our products and services. We process Customer Data as a Data Processor to provide our products and services to our customers.
  • To send administrative emails and other communications. We may send you service, technical, and other administrative emails, messages, and other types of communications. We may contact you to inform you about changes in our Services and our Services offerings.
  • To provide Customer support. If you send us a request (for example via a support email or one of our feedback mechanisms), we respond to your request or help your issues.
  • Security purposes: To investigate, prevent, or take action regarding illegal activities, suspected fraud, and situations involving potential threats to the safety of any person
  • Other purposes: For any other purpose as provided for in the Services Agreement between us and the Customer, or as otherwise authorized by the Customer;
  • In accordance with or as may be required by law.
How We Use Other Data?

We may send you service-related messages or marketing / promotional materials. You may choose to restrict the collection or use of your personal information.

We will update you with improvements in our services, new features and from time to time also carry out direct marketing of our services.

Other Data is used by us to for:

  1. Contacting you for providing our solutions and/or services
  2. Recruitment purposes
  3. Newsletter subscriptions

Lawful basis for processing

We establish lawful basis to process your personal data. We also use your consent as basis for lawfully processing your personal data.

We process your personal data only when we have a lawful basis. Presently, we use the Performance of Contract (i.e. to deliver the services to our customers) and consent as the lawful basis for processing. For certain processing, we may also use legitimate interests as provided under the Data Protection Regulations.

In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

Where you have consented to a particular processing, you have a right to withdraw the consent at any time.

Data Retention Policy

We will retain your personal information for as long as is needed to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements).

Oxane will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and as required by applicable law. When you decide to close your account, we delete all personal information about you.

Other Data - We retain your information for as long as necessary for the purposes that we have described in this privacy policy

How we give you choice & take your consent?

On our website, every page that collects Personal Information from you, states the purpose of the collection of information. If you agree to the purpose, you can provide your information and thus give your consent to us to use the information provided for the stated purpose.

If, at any point, we decide to use your Personal Information for a different purpose, we will notify you and obtain your consent.

You can withdraw your consent at any point in time by reaching out to us as at details mentioned in the "Contact Us" section. Consequences of withdrawal will be communicated to you and, on your agreement, your request for withdrawal will be processed.

Do we use cookies?

Yes. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the website.

Cookies on our website collect information about how you use our website, for example which pages are visited most often. These cookies don't gather the information that identifies you. All information the cookies collect is anonymous and is primarily used to analyse how you interact with the website and improve your website experience.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the Website.

You can find more detailed information about cookies and adjusting your browser settings to refuse the use of cookies by visiting http://www.allaboutcookies.org/manage-cookies/ .

Do we share your Personal Information?

While we aim to limit the sharing of your data, at times, it is necessary to share your data with certain third parties.

We may share Personal information if sharing of such information is necessary:

  • to comply with legal processes or governmental requests;
  • to enforce the Terms of Service and this Privacy Policy;
  • for prevention of fraud;
  • for issues involving information security, or
  • to protect your rights;
  • rights of us; and
  • rights of the general public.

Recipients of your data

We may share your information with the following categories of third parties:

  • Third-party vendors and other service providers that perform services on our behalf, as needed to carry out their work for us, which may include data center services, SMTP services, Cloud computing services, web-based collaborative platform and analytics services.

  • We have appropriate contracts in place with all such service providers. This means that they are not permitted to do anything with your personal information that is outside of the scope specified by us. We share your personal information with such service providers subject to obligations consistent with this Privacy Policy and our contracts with them.
    • For our newsletter subscriptions, we use a third party service – MailChimp and share your Email ID with them. Data shared with MailChimp is governed by the security practices as published by them as well as data processing addendum
    • We use CRM for lead management. We store your name, email, job title and name of your organization with them. Data shared with any external CRM like Salesforce is governed by the data processing addendum they have published.

  • Other parties in connection with a company transaction, such as a merger, sale of company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by another company or third party, or in the event of a bankruptcy or related or similar proceedings.

  • Third parties as required by law or court order, or if we reasonably believe that such action is necessary to (a) comply with the law and the reasonable requests of law enforcement; (b) to enforce our contract with the Customer or to protect the security or integrity of the Services; and/or (c) to exercise or protect the rights, property, or personal safety of Oxane, our customers, or others.

Personal Information collected from you will not be disclosed to any third parties without your consent. Exception to this is when such disclosure is necessary for compliance to any legal and/or law enforcement obligations. We will do so after following necessary due processes.

We will make every effort, where possible, that such mandated disclosures are communicated to you.

How can you access and correct your Personal Information?

When Personal Information is directly collected from you, you can communicate any update or correction to your Personal Information by reaching out to us as at details mentioned in the "Contact Us" section. We will verify your identity before we update or correct your Personal Information.

How do we protect your Personal Information?

We are committed to protecting your Personal Information in our custody.

We take reasonable steps to ensure appropriate physical, technical and managerial safeguards are in place to protect your Personal Information from unauthorized access, alteration, transmission and deletion.

Cross-Border Data Transfers

Your data will be stored and processed in countries including outside of the European Union (EU) Region

Oxane offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data. These clauses are contractual commitments between parties transferring personal data (for example, between Oxane and its customers, suppliers or data processors outside the EU), binding them to protect the privacy and security of the data.

Links to other websites:

Our website has links to third-party websites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. We will not be held responsible for compliance with data protection requirements or the content of such websites. This Privacy Policy does not cover how those organizations process your personal information. We encourage you to read the Privacy Policies on the other websites you visit.

Children’s Privacy:

Our products and services are not designed to be used by children aged below 16. Personal Information of children will not be knowingly collected by us.

If you are under the age of 16, you are not permitted to use the Sites and Services or to disclose Personal Information. If we learn we have collected or received Personal Information from a child under 16, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us.

Notification of Changes:

We reserve the right to amend this Privacy Policy at any time. We will update our Privacy Policy with a new effective date stated at the beginning of it. Our processing of your Personal Information will be governed by the practices set out in that new version of the Privacy Policy from its effective date onwards.

Rights provided to you under GDPR:

In case you are accessing our products and services from within the European Economic Area, we are committed to providing you with the following additional rights where you can:

Rights under GDPR How we facilitate your rights
Right to be informed

We aid this right to you through our Privacy Policy.

Our Privacy Policy communicates how we handle your Personal Information. For any further information, feel free to contact us

Right of access You can contact us to get access to your Personal Information along with information regarding its purpose, disclosure, categories of Personal Information, storage period, source of collection of Personal Information, confirmation whether or not they are being processed
Right to rectification You can contact us to get your Personal Information corrected or updated
Right to erasure You can contact us to get your Personal Information deleted or erased
Right to restriction of processing You can contact us and request restriction of further processing in case:
  1. You contest the accuracy of your Personal Information and you like to restrict its processing for a period enabling us to verify the Personal Information
  2. You think the processing of your Personal Information is unlawful and request restriction instead of deletion
Right to data portability You can contact us to get your Personal Information in a structured, machine-readable format and if you want, can have it transmitted to another organisation
Right to object You have a right to object to direct marketing.

You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation ("GDPR"), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation.
Right not to be subject to Automated individual decision-making, including profiling We do not process your Personal Information for automated decision-making including profiling
Right to lodge a complaint with the Supervisory Authority

You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of an alleged infringement of the General Data Protection Regulation

For the purposes of the UK, the supervisory authority is the Information Commissioner’s Office (ICO), the contact details of which are available at: https://ico.org.uk/global/contact-us/

We will verify your identity when you exercise these rights. For exercising your rights and getting information about any limitations which apply on them, you can reach out to us at the contact details given below.

You can opt-out of direct marketing communications sent from us by clicking on the ‘Unsubscribe’ link provided in the e-mail. Also, you can contact us and request an objection to such processing.

Security Measures

We implement security controls to prevent breaches and unauthorised access to your data.

We maintain reasonable and appropriate security measures to protect Customer Data from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

Examples of security measures include physical access controls, HTTPS, restricted access to data, monitoring for threats and vulnerabilities etc.

Protection of personal information

Our Sites and Services uses commercial efforts to maintain safeguards for protection of your Personal Information

Oxane takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.

Contact Us:

For any further queries and complaints related to privacy, or exercising your rights under GDPR, you could reach us at:

Name of Person: Santosh Satapathy

Contact No.: +44 (20) 7993-6893

Oxane Partners
Office 230, Regus Cavendish Square
33 Cavendish Square, Marylebone
London W1G 0PW
privacyofficer@oxanepartners.com

Your queries will be addressed within one month of receipt of such requests. In case of any delay in addressing such requests, the delay will be communicated to you within 30 days of receipt of request.