Privacy Policy
CCAT will not request and you should not send personal identification information such as a social security or passport number, bank or other investment account numbers, or any other specific personal financial information through our website. We do not solicit investment business or sell investment products via our website, the internet, email, or in a non-personal manner. We further do not conduct investment business directly with individual retail investors or non-professional investors. We do not take custody of client cash or assets and would never request that you send funds in any form directly to the firm or to a retail bank account we designate for investment. Should you receive any contact from anyone purporting to represent CCAT with any direction to the contrary please do not invest any funds and first call us at 617-850-3500 and request to speak with a compliance officer.
CCAT may collect information about you when you access the website if you voluntarily choose to send CCAT electronic mail, request information, or ask to be contacted. CCAT may use this information to provide you with updated information about the products and services we offer. Certain employees of CCAT and our wholly owned affiliates may be given the information you provide to respond to your requests. Employees of CCAT and its affiliates are instructed to handle any information you provide confidentially. Our full Privacy and Data Protection Policy is provided as part of the website.
Our website uses "cookies" and "web beacons" (such as Google Analytics) to collect, store and aggregate data about usage and browsing patterns. As it relates to web analytics, we use cookies and web beacons for session management and to analyze site usage; we do not use cookies and web beacons to store any personally identifiable information about you. A "cookie" is a small text file containing a random and unique alphanumeric identifier that we transfer to your computer's hard drive through your web browser (unless you set your browser to reject cookies) that enables our systems to recognize your browser. A "web beacon" (also known as a "page tag," "data tag" or "image tag") is a mechanism by which a small section of code that is embedded in our website pages allows us to check that a user has viewed the page. These technologies can help us analyze and better understand how our website is being used and improve the user experience.
Our website also uses "cookies" and "web beacons" that are able to collect, store, and aggregate personally identifiable information about usage and browsing patterns relating to users that have opted into our email marketing program. These specific "cookies" and "web beacons" will not collect any data if you are not part of our email marketing activities.
Privacy Policy
CCAT Partnership Capital INC is committed to maintaining the trust and confidence of our clients and keeping any personal information or other non-public information we may collect from you confidential and secure. We want you to understand how we protect your privacy when we collect and use information about you, and the measures we take to safeguard that information. Keeping client information secure and private is a priority for us. The following describes our Privacy Policy. Please review this information and feel free to contact us with any questions.
Sources and types of non-public personal information that we may collect about you:
In the course of providing investment services to you, we may collect non-public personal information about you from the following sources:
- Information from you during the account opening process (for example, name, address, social security number, passport number, assets, types and amounts of investments, transactions, and income);
- Information obtained from third-parties verifying the information that you provided during the account opening process or on subsequent account related documents (for example, from other institutions where you conduct financial transactions);
- Information about your CCAT transactions from our wholly-owned affiliates or other parties including those companies that work closely with us to provide you with investment services (e.g. your custodian) (for example, your account balance, payment history, parties to transactions, types and amounts of investments, etc.).
How we protect the confidentiality and security of your non-public personal information:
Keeping your information confidential and secure is a priority. We maintain physical, electronic, and procedural safeguards that guard your non-public personal information.
Disclosure of non-public personal information to affiliated companies:
In the course of providing services to you, we are permitted by law to share with our affiliated companies’ information about you.
Disclosure of non-public personal information to non-affiliated third parties:
We do not sell, share or disclose your non-public personal information to any non-affiliated third-party marketing companies.
We may disclose information we collect on you to non-affiliated companies that provide services to us on your behalf to enable us to fulfill our contractual obligations to you. All of these companies are contractually obligated to keep the information that we provide to them confidential and use the information only for the services required and as allowed by applicable law or regulation, and are not permitted to share or use the information for any other purpose.
We may also disclose non-public personal information about you under circumstances permitted or required by law. These disclosures typically include information to process transactions on your behalf, to conduct our operations, to follow your instructions as you authorize, or to protect the security of our financial records.
What is our policy relating to former clients?
If you decide to close your account(s) or become an inactive client, we will adhere to the privacy policies and practices as described in this notice.
We reserve the right to change this policy at any time and you will be notified if any material changes occur.
Any questions regarding CCAT’s Privacy Policy should be addressed to CCAT Partnership Capital INC, 260 Franklin Street, Boston, MA 02110 or by email at compliance-reporting@CCAT-asset.com.
GLOBAL DATA PROTECTION REGULATIONS
CCAT Asset Management (“CCAT”) takes data privacy seriously and we are committed to protecting it. We take the appropriate steps to ensure any personal information or data collected from any of our clients or prospective clients is protected in compliance with applicable data protection laws in the jurisdictions in which we operate or where our clients or prospective clients are located.
This Data Protection Notice (“Notice”) is intended to comply with our notice requirements related to the Personal Data1 of citizens of the United Kingdom and Europe under the Global Data Protection Regulations (“GDPR”). It explains what we collect, how this information is used, the conditions under which it may be disclosed to others, and how it is kept secure.
The content of this Notice may change from time to time. Please check the Notice posted on our website at CCAT-asset.com periodically to ensure that you have access to the current version and contact us should you have any questions.
This Notice is effective as of May 15, 2018.
DATA CONTROLLER
CCAT is the data controller in relation to the processing activities described below. This means that CCAT decides why and how Personal Data is utilized.
HOW WE COLLECT PERSONAL DATA
CCAT only provides investment management services to institutional clients. As a result, the vast majority of the information which CCAT receives from and about our clients is not deemed to be Personal Data as it does not relate to individuals. Any Personal Data that we obtain from employees of our clients is collected as follows:
- Voluntarily via correspondence by phone, email or otherwise (e.g. the employee’s company telephone number or email address). This includes information provided at the time the account is being established, as well as information provided during our subsequent our subsequent relationship with you (including where you engage in correspondence with us by phone, email or otherwise).
- As part of due diligence documentation received during the initial account set up process. This process includes information required as part of the “Know Your Customer” process including the prevention of money laundering.
The information includes employee identity information (i.e passport details and/or date of birth in accordance with applicable law) that may be collected.
HOW WE USE PERSONAL DATA
Personal Data may be collected, used, disclosed and/or processed by CCAT for the following purposes (the “Purposes”):
Where it is necessary to perform the contract
- Considering whether to provide the services, products, or facilities that you are interested in receiving (hereafter “Services”);
- Opening, processing, administering, managing, providing and/or maintaining the Services.
Where there is a LEGAL REQUIREMENT
We will use Personal Data to comply with our legal obligations such as:
- to carry out due diligence or other screening activities on employees or directors of our clients that are involved in administering the relationship with CCAT (including background checks and those designed to “Know Your Client” or to combat financial crime);
- to create and maintain books and records required by applicable law and regulation related to our business activities in any relevant jurisdiction;
- to respond to requests for information from the Financial Conduct Authority or other regulators;
- to identify the person contacting us; and
- to verify the accuracy of the Personal Data we hold.
Where there is a LEGITIMATE INTEREST
We may use and process Personal Data (i.e. email address) where it is necessary for us to pursue our legitimate interests as a business for the following purposes:
- for marketing activities;
- for prevention of fraud and other criminal activities (including financial crime); and
- to correspond or communicate with our clients.
OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO PERSONAL DATA
Group companies
We may share your Personal Data with other companies within our group. They may use Personal Data in the ways set out in How we use your Personal Data.
Our suppliers and service providers
We may disclose Personal Data to our third party service providers, agents, subcontractors and other organisations in order to enable them to provide services to us, or directly to you, on our behalf in satisfaction of the requirement of our agreement with you. Such third parties may include cloud service providers (such as hosting and email management), and providers of operational and administrative services.
When we use third party service providers, we only disclose to them such Personal Data as is necessary for them to provide the services necessary for us to meet our contractual requirements with you. We ensure that any agreement in place between us and such service provider ensures that your information is maintained confidential and not used for any other purposes other than as instructed.
Other ways we may share Personal Data
We may transfer Personal Data if we are under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts, or to protect the rights, property or safety of our visitors and clients. We will always take steps with the aim of ensuring that privacy rights continue to be protected.
WHERE WE STORE PERSONAL DATA
All Personal Data provided to us by clients or prospective clients located within the European Economic Area (EEA) may be retained in the United States and may be transferred to other countries outside the EEA. Not all countries have similar data protection laws to those of the EEA.
We take appropriate security measures with the aim of ensuring that privacy rights continue to be protected as outlined in this Notice each time Personal Data is transferred. These steps include imposing contractual obligations on the recipients of Personal Data or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Please contact us as instructed below should you require further information.
HOW LONG WE KEEP PERSONAL DATA
The length of time we retain Personal Data is determined by a number of factors including the reasons why we collected the information, its use, and our obligations under relevant laws. We will only retain Personal Data in an identifiable format for as long as is necessary.
For example, we may need Personal Data to provide ongoing services, to meet book and recordkeeping obligations imposed upon us by relevant law and regulation, or to establish, bring or defend legal claims. As such, we retain Personal Data for a period of seven (7) years after the date a client terminates their agreement with us. The only exceptions to this are where:
- contractual requirements with our client, or where the relevant laws or regulations, require us to hold Personal Data for a longer period, or delete it sooner;
- we receive a request from you to have the Personal Data related to you erased (where it applies) and we are not legally, or for other business reasons, required to retain it for a longer period (see further Erasing your Personal Data or restricting its processing below); or
- in limited cases, we are permitted by law to retain Personal Data indefinitely provided certain protections are in place.
SECURITY AND LINKS TO OTHER SITES
We have put in place reasonable and appropriate controls to ensure that Personal Data we receive remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access. Unfortunately, the transmission of Personal Data via the internet is not completely secure. Although we will do our best to protect it, we cannot guarantee its security.
Should any sensitive Personal Data be obtained, such as that related to ethnic background, personal circumstance, political opinion, religion, trade union membership, or criminal record, we will apply additional security controls to protect that data.
This Notice only applies to CCAT. We assume no responsibility for the data protection policies and practices of other companies or third parties including those to whom we may link on our website or to whom may link to us. We recommend that you check the data protection policy of each of these parties.
COOKIES
Like many other websites, our website uses cookies. 'Cookies' are small pieces of information sent to your computer or device and stored on its hard drive to allow our websites to recognise you when you visit.
It is possible to switch off cookies by setting your browser preferences. For more information on how we use cookies and how to switch them off on your device, please contact us as instructed below.
MARKETING
CCAT identifies prospective clients in a number of ways, including but not limited to the following:
- where an investment strategy may be of interest to existing clients;
- where a prospective client attends a conference, seminar or other event organised by CCAT;
- using other publicly available means, including social media (e.g. LinkedIn).
CCAT may send marketing material to prospective clients via email or other electronic means. We will only do so if you have not objected to receiving such marketing material via the ‘OptOut’ process included with the communication.
We may also provide you with marketing material by post or with targeted advertising delivered online through social media and platforms operated by other companies.
YOUR RIGHTS
You have the following rights as it pertains the Personal Data we may have collected.
- To tell us to cease sending marketing materials
You have the right to tell us to stop using your Personal Data for marketing purposes and to ‘OptOut’ to the receipt of future marketing materials. Please see Objecting to our use of your Personal Data below for further details along with information on how to ‘OptOut.’
- To access Personal Data
You have the right to ask for a copy of the Personal Data that we hold about you by emailing us at the address at the end of this Notice. We will evaluate your request and may reject it if the request pertains to, or would reveal, the identity of others or we have another lawful reason to withhold that information.
- To correct and update Personal Data
If you change your name or mailing/email address, or become aware that any of the other information you provided to us is inaccurate or out of date, please let us know by contacting us using the email address at the end of this Notice. We may contact you periodically to confirm the Personal Data we have on file related to you is accurate.
- To object to or restrict our use of Personal Data
You may object to us using Personal Data. Please email us at the address at the end of this policy with the specific use(s) that you want us to stop and the reasons why. Unless we can confirm that we are legally required to continue to use the Personal Data for these purposes we will temporarily stop using the Personal Data while we investigate your objection. If our investigation reveals that your objection is supported by relevant data protection laws, we will stop using the Personal Data for the purposes that were underlying your objection. Otherwise we will provide you with our justification as to why we need to continue using the Personal Data.
- To request we erase Personal Data or restrict its processing
In certain circumstances, you may ask for Personal Data to be removed from our systems by emailing us at the address at the end of this policy. As noted above, we may not adhere to it if we are legally, or for other business reasons, required to retain it for a longer period.
- To transfer Personal Data to you in a structured data file
Where we need to process Personal Data in connection with a contract, as set out under How we use Personal Data, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
You can ask us to send Personal Data directly to another service provider, and we will do so if this is technically possible. We will not accommodate your request if it would reveal the identity of others or we have another lawful reason to withhold that information.
- To complain to the UK data protection regulator
You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed Personal Data. Please visit the ICO’s website for further details.
Prior to responding to any request to access, cease using, change or erase your Personal Data we may ask you for information to confirm your identity and/or to help us to help us identify the Personal Data we retain that is specific to you. Except in rare cases, we will respond to a request within one (1) month from either (i) the date that we have confirmed your identity or (ii) should your identity be known, from the date we received your request.
CHANGES TO THIS NOTICE
We will review the content of this Notice from time to time and will post any amended versions to our website. Any changes will take effect seven (7) days after the date we post. We recommend that you regularly check for amendments and review this Notice whenever you visit our website. If you do not agree with any aspect of an updated Notice you should notify us of your specific concerns immediately or cease using our services.
CONTACT US
Please direct any queries about this Notice or requests for, or updates to, your Personal Data at compliance-reporting@CCAT-asset.com. Should you no longer wish to receive marketing related materials from CCAT please email OptOut@CCAT-asset.com.
SINGAPORE PERSONAL DATA PROTECTION ACT 2012
The Personal Data Protection Act 2012 (PDPA) governs the collection, use, and disclosure of personal data by Singapore organizations. It consists of two sets of requirements, covering personal data protection and the Do Not Call (DNC) registry
CCAT aims to comply with the requirements set forth in the Act, and respects your personal data held or controlled by us. Should you have any feedback or inquiries pertaining to your personal data, please contact the Data Protection Officer via email at dpo@CCAT-asset.com.sg or in writing to the Singapore office address.