Last Updated March 03, 2021
I. Personal information we collect
“Personal information” is any kind of information that allows us to identify you or your household, directly or indirectly, such as your name, contact details, or address. We may collect and process the following personal information about you when you visit the NDVR Portal or when you engage with us as an advisory client:
- Contact information, such as your name, mailing address, email addresses, and telephone numbers;
- Identifiers, such as your signature, date of birth, gender, driver’s license, passport, or other government identification and numbers;
- Professional or employment information, such as your job title, employment status, and place of work;
- Background information, such as information revealed in know-your-customer (KYC) and anti-money laundering (AML) due diligence, investor accreditation and consents;
- Financial information, such as information relating to your assets, income, net worth, amounts and types of investments, capital account balances, capital commitments, capital contributions, account data, other investment participation information, funds transfer information, beneficiaries, positions, percentages of fund, share or option numbers and values, vesting information, investment history, transaction information, tax information, or billing information;
- Internet or other electronic network activity information, such as your internet protocol (IP) address, login data, unique device identifiers, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, mobile device carrier and other technology on the devices you use to access the NDVR Portal; as well as usage information, such as information about how you use the NDVR Portal and our products and services, referring/exit web pages, date/time stamps, error logs, and the frequency of your use of the NDVR Portal; and
- Marketing and communications information, such as your preferences in receiving marketing communications from us, or information that we exchange when you contact us with questions, feedback or otherwise.
II. How we collect personal information
We collect personal information from you via the following:
A. Personal information you provide to us
- Forms that you complete (or which are completed by your authorized representatives on your behalf) on the NDVR Portal or otherwise;
- Your transactions with us or others; and
- Your correspondence and interactions with us, including by letter, email and telephone.
B. Personal information collected from third parties and service providers
We may collect personal information about you from third parties and service providers, such as business partners or vendors, or from publicly available information. The conditions under which we may obtain such information are governed by the third-party source.
C. Information collected automatically
We may automatically collect certain information about the devices you use to access the NDVR Portal, and/or information on how you interact with the NDVR Portal, through tools, scripts, software, cookies, web server logs, utilities and other similar tracking technologies. This information may include the IP address used to connect your computer to the Internet; computer and connection information such as your browser type and version; operating system and platform; screen resolution; confirmation when you open email that we send you; and the URLs which lead you to and around the NDVR Portal including the pages you viewed, how long you spent on a page, navigation paths between pages, information about your activity on a page, and the date, time and duration of access. We may use third-party service providers, such as FullStory, Inc., HubSpot, Inc., and Segment.io, Inc., to help collect this information. We reserve the right, but are not obligated to access, collect, and archive this information.
1. Cookies and other data collection technologies
“Cookies” are a feature of web browser software that allows web servers to recognize the computer used to access a website. They are small text files that are stored by a user’s web browser on the user’s hard drive. Cookies can remember what information a user accesses on one website to simplify subsequent interactions with that site by the same user or to use the information to streamline the user’s transactions on related websites. A number of cookies we use last only for the duration of your web session and expire when you close your browser. Other cookies last longer and are used to recognize your computer when you return to the NDVR Portal. Cookies are designed to make your online experience easier and more personalized. They can only be read by the server that placed them, and are unable to execute any code or virus.
“Software Development Kits” or “SDKs,” are used to incorporate third-party computer code into our NDVR Portal and allows our third-party service providers or advertising partners to collect data directly from our NDVR Portal for a variety of purposes, including to provide us with analytics regarding the use of the NDVR Portal, to integrate with social media, add features or functionality to our NDVR Portal, or to facilitate online advertising of our services and products to you at our direction.
Web server logs are files that store the activity on a certain website.
Most web browsers automatically accept cookies. You can change your browser settings to notify you of the cookies being set or updated, and to block cookies. Please note that if you have turned off all cookies, some features of the NDVR Portal may not be available to you or otherwise function as intended. To learn more about how to manage cookies on different types of browsers, you can visit the website www.allaboutcookies.org.
A web beacon is a web page element (such as a clear gif, pixel tag or single-pixel gif) that may be embedded into our NDVR Portal or email messages, newsletters, and other electronic communication. They help us to determine whether a message has been opened and to analyze and personalize our interactions with you. Instructions on how to unsubscribe are included in each email.
We use, or may use, the following categories of cookies on the NDVR Portal:
- Essential cookies: These cookies are necessary to provide you with the services available through our NDVR Portal and to use its some of its features. Without these cookies, the use of the NDVR Portal is impacted and certain functions might not be available.
- Performance, functionality and customization cookies: These cookies improve the performance and functionality of the NDVR Portal but are not essential to its use. Without these cookies, the NDVR Portal and its functions might be more cumbersome to load or navigate but are still available.
- Analytics cookies: These cookies collect information that helps us understand how you use our services, and to customize the NDVR Portal and our services for you. The functionality of the NDVR Portal is not impacted by the rejection of such cookies.
- Targeting cookies: These cookies record your visit to the NDVR Portal, the pages you have visited and the links you have followed. They recognize you as a previous visitor and track your activity on the NDVR Portal as well as other websites you visit. The functionality of the NDVR Portal is not impacted by the rejection of such cookies.
2. “Do Not Track” Browser Settings
We do not currently use technology that recognizes “do not track” signals from your web browser. To find out more about “do no track,” please visit https://allaboutdnt.com/.
III. How we use your personal information
We will only use your personal information when and how the law allows. Any of the personal information we collect about you may be used in one of the following ways:
- Where the processing is necessary for us to enter into or to perform a contract with you, or to take steps at your request prior to entering into a contract – for example, to provide information you have requested or to respond to your questions;
- For our everyday business purposes, such as to process your transactions, maintain or service your account(s), communicate with you, pay funds, manage records, respond to court orders and legal investigations, and administer and provide services to you, including onboarding, marketing, research and due diligence;
- Where necessary for the purposes of the Company’s legitimate interests, including to operate and facilitate our business and services, communicate with you, undertake business management, planning, statistical analysis, market research and marketing activities, administer and maintain the Company’s core records, protect the Company’s rights and interests, ensure the security of the Company’s assets, systems and networks, prevent, detect and investigate fraud, unlawful or criminal activities in relation to our services, and enforce our terms and conditions;
- Where required by applicable laws and regulations, including laws relating to know-your-client requirements, tax, the prevention of money laundering, fraud, terrorist financing and sanctions; and
- Where the processing is necessary for the establishment, exercise or defense of legal claims.
In some circumstances, we may also process your personal information where we have received your consent—for example, depending where you are located, in order to send you marketing materials or to place cookies or similar tracking technologies on your devices. Where processing is based on your consent, you have the right to withdraw that consent at any time.
IV. How we protect your personal information
We are committed to maintaining the confidentiality, integrity and security of your personal information and take precautions to protect such information. These precautions include the adoption of certain physical, electronic, and procedural safeguards and procedures designed to maintain and secure your personal information from inappropriate disclosure in accordance with applicable laws and regulations.
Our policies require that access to personal information be restricted to those employees and agents of the Company who need to know that information to provide the Company’s products or services. We may disclose such information to our service providers (including financial, technical, marketing and professional service providers and consultants) and financial institutions that provide services to the Company. We require such third-party service providers and financial institutions to protect the confidentiality of your personal information and to use the information only for purposes for which it is disclosed to them.
V. When we disclose your personal information
We do not sell personal information obtained about you to any third parties, and have not done so in the twelve (12) months preceding the effective date of this policy.
We do not disclose any personal information to anyone other than our affiliates, service providers and relevant counterparties without your consent, or as required by applicable law or regulation. This means that we may disclose your personal information to other third parties, including:
- Any governmental agency, regulatory authority or self-regulatory organization having jurisdiction over the Company or its affiliates, if (i) the Company determines that such disclosure is necessary or advisable pursuant to or in connection with any U.S. federal, state or local, or non-U.S., law, rule, regulation, executive order or policy, including without limitation any anti-money laundering law and the USA PATRIOT Act and (ii) such disclosure is not otherwise prohibited by law, rule, regulation, executive order or policy;
- Service providers who, on our behalf or for your benefit, provide services to NDVR;
- Employees and service providers who have a reasonable need to know the information in connection with the conduct of NDVR’s business;
- Persons acting in a fiduciary or representative capacity on behalf of an investor, such as an IRA custodian or Trustee of a grantor trust; and
- Certain other persons to the extent authorized by you.
On all occasions when it is necessary for us to share your personal information with other parties, we will require that such information only be used for the limited purpose for which it is shared and will advise such third parties not to further share your information with others except to fulfill that limited purpose.
We do not disclose personal information except as may be required or permitted by law, rule or regulation. We may disclose for a business purpose, and have disclosed in the preceding twelve (12) months, personal information, including contact information, employment information, identification information, background information and financial information to third parties, as listed above.
We may aggregate survey responses for publication. However, this will not include any non-public personal information or any information identifiable to a particular NDVR Portal user.
If NDVR sells all or part of its business or makes a sale or transfer of assets or is otherwise involved in a merger, restructuring or business transfer, you agree that NDVR may transfer your personal information to a third party as part of that due diligence and transaction process.
Please see our Privacy Notice for more information about how your information may be shared.
VI. E-Mail Communications and Marketing
We may send you e-mail communications from time to time with information that may be useful to you, including information about our products and services. Our email communications will include instructions on how to unsubscribe and inform us of your preferences if you decide you do not want to receive any future marketing or promotional e-mails from us.
VII. Social Media
VIII. Retention of your personal information
We will retain your personal information only for as long as we deem it necessary for the purposes set out in this Privacy Notice, or as long as we are legally required or permitted to do so. Under certain circumstances, you may have the right to have your personal information erased.
When deciding how long to retain your personal information, we take into account our legal and regulatory obligations, the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, and the purposes for which we process your personal information described above. We may also retain your personal information to investigate or defend against potential legal claims in accordance with the limitation periods of countries where legal action may be brought.
IX. Third-party links
The NDVR Portal may contain links to third-party websites, products and services. These third-party websites and services have separate and independent privacy policies, which we encourage you to read. We have no responsibility or liability for the content and activities of such linked sites. However, we want to protect the integrity of our NDVR Portal and thus welcome any feedback you may have about third-party sites we link to.
X. Children’s privacy
The NDVR Portal is not directed toward children under the age of 18. We do not promote our products or services online to minors, and we do not intentionally collect any personally identifiable information from any person under 18. If we become aware of having collected personal information from children under the age of 18 without valid consent from their respective parents or guardians, we will delete is as soon as practicable.
XI. Changes to your personal information
You are not required to supply any of the personal information that we may request, except where such information is necessary for the performance of (or to enter into) a contract with you or is otherwise required by applicable law. However, failure to do so may result in our being unable to accept your business or provide services to you. We will make reasonable efforts to ensure that all information that we hold about you is accurate, complete and up to date. You can help in this regard by promptly notifying us or logging into your account and updating your personal information if it changes.
XIII. Information for California Residents
Individuals in California and certain other jurisdictions may have certain data subject rights. These rights vary, but they may include the right to: (i) request access to and rectification or erasure of their personal information; (ii) restrict or object to the processing of their personal information; (iii) obtain a copy of their personal information in a portable format; and (iv) opt-out of the sale of their personal information. We are open to dialogue to resolve issues short of formal disputes. If your concerns cannot be resolved, we can enter into appropriate third-party neutral dispute resolution. If you need to reach us about a privacy or data protection issue, please contact us using the details below.
If you wish to exercise any of these rights please email email@example.com or call us at 857-326-6992. The rights described herein are not absolute and we reserve all of our rights available to us at law in this regard. Additionally, if we retain your personal information only in de-identified form, we will not attempt to re-identify your data in response to a Data Subject Rights request.
The California Consumer Privacy Act (“CCPA”) prohibits covered businesses from discriminating against you for exercising applicable CCPA rights.
If you make a request related to personal information about you, we will need to verify your identity and California residency. To do so, we will request that you match specific pieces of information you have provided us previously, as well as, in some instances, provide a signed declaration under penalty of perjury that you are the individual whose personal information is the subject of the request. If it is necessary to collect additional information from you, we will use the information only for verification purposes and will delete it as soon as practicable after complying with the request. For requests related to particularly sensitive information, we may require additional proof of identification. If you make a request through an authorized agent, we will require written proof that the agent is authorized to act on your behalf. We will process your request within the time provided by applicable law.
XIV. California Shine the Light Law
If you are a California resident, you have the right to request information about how we share certain categories of personal information with third parties. California law gives you the right to send us a request at a designated address to receive the following information:
- Categories of information we disclose to third parties for their direct marketing purposes during the preceding calendar year; and
- Names and addresses of the third parties that received that information; and, if the nature of the third party’s business cannot be determined from their name, examples of the products or services marketed.
XV. Contact Us
24 Federal Street
Boston, MA 02110 United States