Privacy statement
1. Introduction and Scope
This is the Privacy Statement of Equus Ferus B.V. (“Equus Ferus”). This Statement describes how Equus Ferus collects, processes, and protects personal data in accordance with applicable laws and regulations, in particular the General Data Protection Regulation (GDPR). Equus Ferus considers the protection of personal data essential. The management board of Equus Ferus holds ultimate responsibility for data protection. However, all employees and consultants (defined below) are also expected to handle personal data appropriately. For the purposes of this Statement, Equus Ferus distinguishes the following groups of individuals (“Data Subjects”):
- • employees of Equus Ferus (“Employees”);
- • candidates for roles at Equus Ferus or at Equus Ferus portfolio companies (“Candidates”);
- • senior employees of Equus Ferus portfolio companies (“Managers”);
- • consultants under contract with Equus Ferus who have access to Equus Ferus systems (“Consultants”);
- • and other individuals whose personal data Equus Ferus may collect in the course of its investment activities (“Others”).
2. Confidentiality and security
Equus Ferus processes personal data with care and is committed to safeguarding the privacy of all Data Subjects. Appropriate technical and organizational measures are in place to prevent unauthorized access, misuse, loss, or disclosure of personal data. Equus Ferus applies data protection principles proportionally based on the nature of the relationship with each Data Subject and the type of data involved. Equus Ferus’s internal policies, IT systems, and security protocols – including its Information Security Policies – are designed to uphold confidentiality and ensure data security.
3. Purpose and Legal Basis for Processing Personal Data
Equus Ferus only collects and processes personal data when necessary for the purposes of its activities as a long-term investment company, always in accordance
with applicable laws and regulations.
The legal bases for processing personal data include:
- • the necessity of processing for the performance of a contract;
- • compliance with legal obligations;
- • the legitimate interests of Equus Ferus, where these are not overridden by the interests or rights of the Data Subject;
- • and, where applicable, the explicit consent of the Data Subject.
4. Sharing of Personal Data with Third Parties
Equus Ferus only shares personal data with third parties when necessary in connection with its business operations. Any such sharing is subject to strict conditions, and where applicable, Equus Ferus will enter into a data processing agreement with the third party. These agreements ensure that personal data is handled in a secure and lawful manner. Personal data will not be processed or transferred outside the EU / EEA. When feasible, Equus Ferus provides data to third parties in pseudonymised form. Equus Ferus remains responsible for the appropriate handling of personal data, even when processing is performed by a third party.
5. Rights of Data Subjects
Under the GDPR, each Data Subject has the right to:
- • access their personal data;
- • request rectification or erasure;
- • object to or restrict processing;
- • and request data portability, where applicable.
6. Data Retention
Equus Ferus retains personal data only for as long as necessary for the purposes for which it was collected, in line with the principles stated above. Data Subjects may request the earlier deletion of their data unless this would conflict with Equus Ferus’s legal obligations or legitimate interests.
7. Use of Cookies
Equus Ferus uses only strictly necessary cookies on its website. These include:
- • session cookies, to enable website functionality;
- • and CSRF protection cookies, to secure forms and prevent unauthorized requests.