Privacy policy.

Nanook Energy Advisors LLP (“Nanook” or the “Firm”) is a Limited Liability Partnership registered in England and Wales with company number OC377859. Nanook is authorised and regulated by the Financial Conduct Authority (“FCA”) with Firm Reference Number 616885.

For the purposes of the General Data Protection Regulation (EU) 2016/679 (“EU GDPR”) and the EU GDPR as it forms part of United Kingdom (“UK”) domestic law by virtue of section 3 of the European Union (Withdrawal) Act 2018, and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (“UK GDPR”, and, together with the EU GDPR, the “GDPR”), Nanook will be the ‘controller’ of the personal data you provide.

Please read the following information carefully in order to understand the Firm’s practices in relation to the treatment of your personal data, including how we handle your personal data on our website. Should you have any questions, please email us at investor.relations@nanookadvisors.com.

What data privacy principles does the Firm adhere to?

  • The Firm will process all personal data in a lawfully, fair and transparent manner.

  • The Firm will only collect personal data where it is necessary:

- for the Firm to provide a service to you;

- for you to provide a service to the Firm;

- for the Firm to keep you informed of its products and services; or

- for the Firm to comply with its legal and regulatory obligations.

  • The personal data collected by the Firm will be adequate, relevant and limited to what is necessary in relation to the specific purpose for which your data will be processed.

  • The Firm will take all reasonable steps to ensure that personal data is accurate and, where necessary, kept up-to-date.

  • The Firm will maintain personal data in a form that permits identification no longer than is necessary for the purposes for which the personal data has been collected for processing, in accordance with the Firm’s record retention requirements as mandated by the FCA.

  • The Firm will hold and process person data in a manner that ensures appropriate security.

  • The Firm will only share personal data where it is necessary to provide the agreed service or where it is necessary for the Firm to comply with its legal and regulatory requirements.

  • The Firm may utilise a service provider based outside of the European Economic Area (“EEA”) and/or the UK for the processing of personal data where this is strictly necessary to facilitate our services to you. In all cases, we will seek to ensure a similar degree of protection is afforded to it by ensuring that personal data is generally transferred onto persons (including service providers) in countries outside the EEA or the UK in a manner consistent with the GDPR. This can be done in a number of ways, including, for instance: (i) the country of the recipient that we send your personal data to may be approved by the European Commission or the UK Secretary of State as ensuring an adequate level of protection; (ii) the recipient may have signed a contract based on the ‘EU Standard Contractual Clauses’ approved by the European Commission, or the UK addendum to such ‘EU Standard Contractual Clauses’ or the UK’s International Data Transfer Agreement, in each case as approved by the UK’s Secretary of State; or (iii) the law may otherwise permit us to transfer your personal data outside the EEA or the UK under the terms of the GDPR.

What personal data does the Firm collect and why?

In the course of providing products/services to you, the Firm may collect information that is considered personal information (e.g. name, contact details, address, passport number, driving licence).

As a client, contact or employee of Nanook, we will require some personal information in order to verify your identity and have the applicable relationship with you. Some of this information may be required to satisfy legal obligations (e.g. to comply with obligations arising under the money laundering regulations whereas other information may be required in connection with the provision of services to you).

The information collected will vary depending on the service the Firm provides to you or you provide to the Firm, but typically may include:

  • Identification information: Such as your name, date of birth, passport number or national insurance number.

  • Contact information: Including your address, telephone number and email address.

  • Professional or employment-related information: Such as your occupation, your job title and the name of your employer.

  • Internet or other electronic network activity information: Including username and interactions with our website or use of certain online tools.

What sources does the Firm collect personal data from?

We may collect personal data directly from you and/or your intermediaries through sources that may include: (i) account applications, subscription agreements, and other forms or related documentation; (ii) written, electronic, or verbal correspondence with us or our service providers; (iii) investor transactions; (iv) an investor’s brokerage or financial advisory firm, financial advisor, or consultant; and/or (v) from information captured on our website and other applicable websites, fund data rooms and/or investor reporting portals (as applicable). 

We may also collect personal data from other sources, such as: (i) our service providers; (ii) public websites or other publicly accessible directories and sources, including bankruptcy registers, tax authorities, governmental agencies and departments, and regulatory authorities; and/or (iii) from credit reporting agencies, sanctions screening databases, or from sources designed to detect and prevent fraud.

In certain circumstances, we may be provided with your personal data in the context of our operations, including  due diligence we may perform on an investment. 

 

Where does the Firm store my personal data?

The Firm has comprehensive policies and procedures in place to ensure your personal data is kept safe and secure, with these including:

  • data encryption;

  • firewalls;

  • intrusion detection;

  • 24/7 physical protection of the facilities where your data is stored (i.e. Microsoft’s UK data centres);

  • background checks for personnel that access physical facilities; and

  • security procedures across all service operations.

How long does the Firm retain personal data?

As an FCA regulated entity, the Firm is required to maintain its books and records for a prescribed period (five years from either the ceasing of a business relationship, or, in the case of non-clients, from the making of a record – or alternatively, for seven years, where specifically requested to do so by the FCA). As such, information that falls in scope of either of these requirements is retained in line with the mandated timeframe.

The retention period for any information that is outside the scope of this requirement will be determined by various criteria, including the purposes for which we are using the information (where we may need to keep such data for as long as is necessary for those purposes). In general, we will retain your personal data for as long as we require it to perform our contractual rights and obligations, and we will delete it where this ceases to be the case or where the data subject specifically requests this.

What does the Firm use my personal data for, and on what basis?

The GDPR requires the Firm to inform you of the legal basis on which we maintain your personal data. Typically, the Firm will reach out to you personally to confirm this; however, as a general rule the following is applicable:

Clients – Information is maintained on the basis of contractual obligation, legitimate interests (where relevant), regulatory or legal obligations, and/or consent:

For example, we are unable to provide services to you unless you disclose certain personal data to us. That may include the services set out in our terms of engagement with you or our response to any enquiry you have submitted, as well as maintaining or servicing accounts, providing investor relations services, processing subscriptions, withdrawals and redemptions (as applicable), verifying information, processing payments, enabling or effecting commercial transactions, or providing similar services.

As such, your disclosure of personal data to us is on the legal basis of our performance of our contract with you or our legitimate interest in so doing.

Exceptionally we may be requested or required to disclose to (for example) the FCA details about you and the services we provide. As such, we will process your personal data to us is on the legal basis of our performance of our compliance with a legal obligation or regulatory requirements, or our legitimate interest in so doing.

We may also use your personal data in order to keep you informed of any activities undertaken by us which we believe may be of interest to you (please see below).

We may process your personal data in order to administer and improve our website, detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity, including preventing fraud and conducting “Know Your Client,” anti-money laundering, terrorist financing, and conflict checks, as well as for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.

We may also process your personal data when establishing, exercising or defending legal claims and in order to protect and enforce our (or another person’s) rights, property, or safety, or to assist others to do the same. We may also process your personal data when you provide your consent.

Service providers – Information is maintained on the basis of contractual obligation:

We may use your personal data for the purposes of performing a contract, including receiving services under such contracts.

Database/marketing contacts – Information is maintained on the basis of legitimate interest:

We may use your personal data in order to keep you informed of any activities undertaken by us which we believe may be of interest to you. This use may include sending you marketing or promotional materials, where permitted by applicable law and regulations, on the basis of our legitimate interest. Any person who does not wish their personal data to be processed for marketing purposes may opt out of such processing by contacting us on the details set out above, or by electing to unsubscribe from any marketing communications you receive from us.

Who do you share my personal information with?

We may share personal data with certain third parties for the purposes set out above, including as listed below.

We share your personal data with our service providers to perform the functions for which we engage them. For example, we may share your personal data with professional service providers such as banks, auditors, law firms, tax advisors, consultants and other third parties. We may also use third parties to host our website or assist us in providing functionality on our website, provide data analysis and research as regards our website, to send out email updates about our website or remove repetitive information from our user lists, or otherwise provide marketing automation services.

We may share your personal data with regulatory, legal and tax authorities, including for example to respond to an enforceable request by a regulatory body, subpoena or other legal or regulatory process. We may also share personal information as required in connection with legal proceedings or in order to exercise or defend legal rights, to pursue available remedies or limit damages we may sustain. We also may share your personal data with third parties (including, but not limited to, governmental organisations and self-regulatory organizations) to enforce our rights, protect our property or protect the rights, property or safety of others, to prevent fraud, unauthorised transactions or liability; or as needed to support external auditing, compliance and corporate governance functions.

We may transfer information, including your personal data, in connection with a change of ownership or control by or of us or any affiliated entity (in each case whether in whole or in part) and where we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation).

What are my rights?

Once you have provided your details to the Firm, you have certain rights which apply, depending on your relationship with the Firm, to the information you have shared with us and the Firm’s legal and regulatory obligations.

You have the right to request a copy of the information that we hold about you. If you would like a copy of some, or all, of your personal information, please email the Firm at investor.relations@nanookadvisors.com.

The Firm will provide this information to you within one month (with the ability to extend this by an additional two months where necessary), free of charge, unless otherwise permitted by applicable law.

  • You have the right to request that the information the Firm holds about you is erased under certain circumstances including where there is no additional legal and/or regulatory requirement for the Firm to retain this information.

  • As a client, you have the right to request that any information the Firm holds about you be provided to another company in a commonly used and machine-readable format, otherwise known as ‘data portability’.

  • You have the right to ensure that your personal information is accurate and up to date, or where necessary rectified. Where you feel that your personal data is incorrect or inaccurate and should therefore be updated, please contact investor.relations@nanookadvisors.com.

  • You have the right to object to your information being processed, for example for direct marketing purposes.

  • You have the right to restrict the processing of your information, for example limiting the material that you receive or where your information is transferred.

  • You have the right to object to any decisions based on the automated processing of your personal data, including profiling.

  • You have the right to lodge a complaint with the relevant data protection authority, which in the UK, is the Information Commissioner’s Office (https://ico.org.uk/concerns/) if you are not happy with the way that we manage or process personal data.

Will I be notified of changes to this policy?

The Firm may, from time to time, review and update this policy. The Firm will maintain the latest version of this policy on its website, and where the changes are deemed material, it will use reasonable efforts to make you are aware of these.

Who should I direct questions to?

If you have any questions, concerns or complaints about the practices contained within this document or how the Firm has handled your data, please contact investor.relations@nanookadvisors.com. Alternatively, you may write to: Typeworks, 25 Bowling Green Lane, EC1R 0BF.