- Why does Square Peg collect personal information?
- What personal information does Square Peg collect?
- How does Square Peg collect personal information?
- How does Square Peg store personal information?
- How does Square Peg use your personal information?
- When is personal information disclosed to others?
- How can I access or correct my personal information?
- How you can complain if you have concerns about how Square Peg has managed your personal information?
- Definitions used in this policy
In short, we collect personal information from you if you interact with Square Peg, whether you’re a founder, investor, supplier or something else entirely.
We only collect, use or disclose personal information where we think it’s necessary to run our business, or in circumstances that you would reasonably expect. For founders, this includes information like your background and details of your business, so we can evaluate whether to invest in you. For investors, we’ll collect more identification and financial information, so we can comply with our AML/CTF obligations.
About this policy
Why do we collect personal information?
When you visit our Website or interact with Square Peg, we collect your personal information so that we can provide you with products and services, and improve or customise your experience with us.
The purposes for which we collect, hold and use your Personal Information include:
- to deliver one or more of our products and services to you; managing and administering the Square Peg funds and other investment products and financial services offered by Square Peg;
- providing you with one of more of our financial products or services or products including to assess your application for a financial product or service;
- providing information and reports to investors;
- to confirm your identity in compliance with AML/CTF Laws;
- to provide you with information about our products, services, functions, events or activities;
- in connection with your attendance or participation in functions, events or activities conducted by us or our partners;
- to manage our relationship with you, evaluate our business performance and build our customer database;
- to enable to subscribe to mailing lists or newsletters and interact or follow our social media pages, including but not limited to, Twitter, LinkedIn, and Crunchbase;
- to respond to your requests and seek your feedback;
- to conduct research, compare information for accuracy and verification purposes, compile or analyse statistics relevant to the operations of our business;
- to facilitate our internal business operations, including fulfilment of any legal and regulatory requirements and monitoring, analysing and improving the performance and functionality of our Website and investigating breaches of or enforcement of any legal terms applicable to our services;
- to protect our property, the Website or our legal rights including to create backups of our business records;
- to manage risk and protect Square Peg from fraud by verifying your identity and helping to detect and prevent fraudulent use of our services; and
- to manage our business, including analysing data collected from our Website concerning visits and activities of users on our Website. This analysis helps us run our Website more efficiently. We use information from third party services such as Google Analytics to help further improve your experience in using our Website.
We will also use or disclose your personal information if you consent, if it is for something that you would reasonably expect us to use your personal information for, or if we are required or authorised to do so by law.
If you do not disclose information to us as and when requested, we may not be able to provide our services to you, or we may otherwise not be able to respond to your request or do business with you.
What types of personal information do we collect?
So that we can provide our products and services, we collect information that is reasonably necessary for us to carry out our business activities. For almost everyone we interact with, this will include:
- your name, address (postal and residential), email address, telephone number, date of birth and gender;
- information from third party sources such as regulators, fund administrators, data providers and credit organisations, where permitted by law;
- details of the device you have used to access any part of our Website, including carrier/operating system, connection type, IP address, which information may be collected and used by us automatically if you use our Website, through the browser on your device or otherwise; and
- demographic information.
In addition to the above, we will collect additional personal information from you depending on your relationship with Square Peg, which generally includes one or more of the following:
If you are a founder seeking investment or an existing member of our portfolio, we may collect and hold personal information including:
- your employment history, professional and personal references, resume and qualifications; and
- details of your business or prospective business, including registration details, financial information and pitch decks;
If you are or may become an investor in Square Peg, or you represent a person who is or may become investor in Square Peg, we (either directly or through a third party fund administrator) may collect and hold personal information including;
- financial information, including bank account details
- information about the funds in which the investor invests and the investment products and financial services supplied to the investor;
- data required for Square Peg to comply with AML/CTF Laws, including any information required to verify your identity;
- your nationality and country of birth; and
- government identifiers, including your tax file number (TFN).
This type of information is generally collected and maintained by Square Peg’s external fund administrator.
What about sensitive information?
We also collect sensitive information about you, with your consent. Sensitive information is a subset of personal information that is given a higher level of protection under the Australian Privacy Principles. Sensitive information means information relating to your racial or ethnic origin, health, political opinions, religion, trade union or other professional associates or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
Provided that you consent, your sensitive information may only be used and disclosed for purposes you have consented to, or which are directly related to the primary purpose for which the sensitive information was collected, including:
- for the purpose of us maintaining a comprehensive company file;
- for the purpose of data compilation or analysis for internal purposes (for example, as part of our ESG framework); and
- in an anonymised format for the purpose of data compilation or analysis to share with third parties.
Sensitive information may also be used or disclosed if required or authorised by law.
How we collect your personal information
How we collect your personal information depends on whose information we are collecting. However, Square Peg ordinarily collects personal information in the following ways:
- through application or subscription forms for investment;
- by email or other written mechanisms;
- over a telephone call;
- in person;
- through transactions;
- through your use of our Website;
- by technology that is used to support communications between us;
- through publicly available information sources (which may include telephone directories, the internet and social media sites);
- direct marketing database providers.
If it is reasonable and practical to do so, we collect personal information directly from you. We may also collect personal information from third parties or independent sources. However, we will only do so where it is not reasonable and practical to collect the information from you directly.
How we hold your personal information
We hold your personal information in a variety of formats including on databases, in hard copy files and on computer devices. We only hold your personal information for as long as is reasonably necessary for the purpose for which it was collected, or to comply with our regulatory obligations.
We will endeavour to take all reasonable steps to keep secure and protect any Personal Information which we hold about you, including:
- securing our physical premises and digital storage media;
- placing password protection and access control over our information technology systems and databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and
- taking regular back-ups of our electronic systems.
Even though we will take all reasonable steps to keep your personal information safe, data transmission over the internet is never guaranteed to be completely secure. We do not warrant the security of any information you transmit to us or from any online services.
When we disclose your personal information
We do not routinely disclose personal information to third parties unless:
- you have consented; or
- you would reasonably expect us to use or disclose your personal information in this way (for example, if the disclosure is incidental to services being provided to our business or for the resolution of any dispute that arises between you and us); or
- we are authorised or required to do so by law; or
- we may also share non-personal, de-identified and aggregated information for research or promotional purposes.
For clarity, we do not sell, trade or rent your personal information to third parties without your consent.
This may include disclosing personal information to our employees, contractors and related entities, as well as third parties who supply services to us to assist us in performing our administration functions and in fulfilling our legal and regulatory obligations (e.g. legal and accounting firms, data storage systems and certain SaaS providers). We will take reasonable steps to ensure that they handle your personal information in the same way that we do and in accordance with the Privacy Act and the APPs.
Sharing personal information outside of Australia
Square Peg operates primarily in Australia, Singapore and Israel, but may also operate in various other countries from time to time. So that we can provide our services effectively, we may need to share some of your information with organisations outside Australia. Sometimes, we may need to ask you before this happens. Our current list of overseas countries includes Singapore, Israel, New Zealand, the Philippines, Hong Kong, India, Vietnam, Germany and the United States of America.
We may store your information in a cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it’s not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed.
In certain circumstances, your personal information may be shared with the ATO, and / or ASIC which will then exchange this information with similar overseas regulatory bodies as a result of Australia’s participation in the Common Reporting Standard and Foreign Account Tax Compliance Act.
Links to Third Party Sites
Your rights and controlling your personal information
We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information (for example, where granting access would infringe another person’s privacy). You may request access to the personal information we hold about you, or request that we change the personal information, by contacting us in the manner outlined below.
You may also contact us if any of the details you have provided change or if you believe that the information we have about you is not accurate, complete or up to date.
When you make a request to access personal information, we will require you to provide some form of identification (eg driver’s licence or passport) so that we can verify that you are the person with the right to access that information.
If we do not agree to provide you with access or to correct your personal information you will be notified accordingly. Where appropriate we will provide you with the reasons for our decision and you may seek a review of our decision. If the rejection relates to a request to change your personal information you may make a statement about the requested change and we will attach this to your record.
You may also request that we restrict the use of your personal information for direct marketing purposes by contacting us using the contact details below. Alternatively, to unsubscribe from our email database or opt-out of communication including marketing communication) you may use the opt-out facilities provided in the communication or email us using the contact details below.
How to access or correct your personal information, or make an enquiry or complaint
If you have any questions in relation to this policy, you wish to access or correct the personal information we hold about you, or make a complaint, please contact us by email, letter or personal delivery to any one of our contact details below.
We will respond to your complaint in writing within a reasonable time (usually no longer than 30 days) and we may seek further information from you in order to provide a full and complete response. Where we cannot resolve a complaint within that period, we will notify you of the reason for the delay as well as advising the time by which we expect to resolve the complaint.
If you are not satisfied with our response to a complaint, you may lodge a complaint with the Office of the Australian Information Commissioner, or the Privacy Commissioner in your State or Territory.
How to contact us
Writing to our Privacy Officer at 4/44a Foveaux Street, Surry Hills, 2010
Changes to our privacy and information handling practices
In this policy, the terms below have the following meanings:
AML/CTF Laws means any applicable anti-money laundering or counter-terrorism financing laws including, without limitation, any applicable laws imposing "know your customer" or other identification checks or procedures on Square Peg or its affiliates.
ASIC means the Australian Securities and Investments Commission.
ATO means the Australian Taxation Office.
Australian Privacy Principles or APPs means the principles set out in Schedule 1 to the Privacy Act.
ESG means environmental, social and corporate governance.
IP address means a number automatically assigned to your computer which is required when you are using the internet and which may be able to be used to identify you.
personal information has the meaning set out in the Privacy Act.
Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.
Privacy Legislation means such laws as may place requirements on the handling of Personal Information under the Privacy Act and the Australian Privacy Principles. sensitive information has the meaning set out in the Privacy Act.
Third Party Sites means online websites or services that we do not own or control, including websites of our portfolio companies, affiliated investors and service providers.
Website means https://www.squarepegcap.com/ and any other website we may operate from time to time.
we, our, us and similar terms means Square Peg Capital Pty Ltd (ACN 164 352 229) and our related entities.
you, your and similar terms means, as the context requires:
- you, when you use our Website;
- you, during your dealings with us in any capacity;
- any agent providing your Personal information to us; or
- any agent dealing with us on your behalf.
Effective: 23 November 2020