Privacy Policy

1. Controller

The status of Personal Data controller within the meaning of the General Data Protection Regulation ("GDPR") is held by us, i.e., FSV SCA RAIF with its registered office at 12 rue des Mérovingiens, L-8070 Bertrange, Luxembourg. In the remainder of this Privacy Policy, we refer to ourselves in the first person (“we”, “us”) or as the "Controller" or “Blue Gravity Capital”.

As the controller of your Personal Data, Blue Gravity Capital is therefore responsible for any collection, processing, use and disclosure that may be carried out in relation to your Personal Data.

We have not appointed a data protection officer, as the processing of Personal Data carried out by the Controller does not meet the criteria set out in Article 37(1) GDPR. For any data protection queries, you may contact us at: .

2. Categories of Data Subjects and Personal Data

We may process Personal Data relating to:

• visitors of our website,
• business partners and service providers (including their representatives, employees, and contact persons),
• individuals contacting us.

The categories of Personal Data we may process include:

• identification data (name, surname),
• contact details (email, phone number),
• professional information,
• technical data (IP address, browser type),
• correspondence data.

We collect Personal Data directly from you. However, we may also collect data from third parties, such as your employer or engaging entity, publicly available registries or specialized providers in the context of our AML/KYC legal obligations.

3. Purposes and Legal Basis of Processing

We process your Personal Data for the following purposes and on the following legal bases:

• To respond to enquiries and communicate with you (legal basis: Article 6(1)(f) GDPR – legitimate interest in communication, i.e. maintaining business relationships or responding to business enquiries),
• To take steps prior to entering into a contract or to perform a contract (legal basis: Article 6(1)(b) GDPR – necessity for the performance of a contract to which you are a party or to take pre-contractual steps at your request),
• To comply with legal and regulatory obligations, including AML/KYC obligations (legal basis: Article 6(1)(c) GDPR – necessity for compliance with legal obligations to which Blue Gravity Capital is subject under Luxembourg and EU law),
• To ensure IT security and prevent fraud (legal basis: Article 6(1)(f) GDPR – legitimate interest in ensuring the security of our systems, protecting data, and preventing unauthorized access or fraudulent activities),
• To establish, exercise, or defend legal claims (legal basis: Article 6(1)(f) GDPR – legitimate interest in protecting our legal position and interests in the event of potential disputes or litigation),
• To optimize our website and enhance user experience (legal basis: Article 6(1)(f) GDPR – legitimate interest in ensuring our website remains functional, relevant, and easy to navigate).

Where processing is based on legitimate interest, we ensure that such interests are not overridden by your rights and freedoms.

Providing your data is generally voluntary, but may be necessary to enter into a contract, receive a response to an enquiry, or for us to comply with statutory AML/KYC requirements.

4. Personal Data Processing Rules and Retention

We process Personal Data in accordance with the principles set out in the GDPR, including lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation and integrity and confidentiality.

We process your Personal Data in a manner ensuring its adequate safety. We do not use your Personal Data for automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you.

We retain Personal Data only for as long as necessary for the purposes for which it was collected, including:

• as long as necessary to manage our relationship with you or your organization, which includes evaluating potential business opportunities, maintaining a record of our professional interactions and retaining information to assess the project’s future alignment with our investment mandate,
• for the duration of any contractual relationship,
• as required by applicable laws (e.g. regulatory or AML obligations),
• until withdrawal of consent (where processing is based on consent),
• as necessary to establish, exercise or defend legal claims.

5. Your Data Protection Rights

You have the following data protection rights:

• To access, update, or delete your Personal Data,
• To have your Personal Data rectified if such information is inaccurate or incomplete,
• To object to our processing of your Personal Data,
• To request that we restrict the processing of your Personal Data,
• To receive your Personal Data in a structured, commonly used and machine-readable format and to transmit it to another controller, where processing is based on consent or a contract and is carried out by automated means.

You have the right to object, on grounds relating to your particular situation, to processing of your Personal Data based on our legitimate interests. You also have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

You have the right to lodge a complaint with a supervisory authority in your country of residence or with the Luxembourg supervisory authority, Commission Nationale pour la Protection des Données (CNPD).

6. Who May Receive Your Personal Data

We may share your Personal Data with a third party where this is required by law, where it is necessary to progress the proposed investment with which you are connected or perform our contract in respect of it, or where we have another legitimate interest in doing so. We may need to share your Personal Data with:

• Other entities within our group (as part of our regular reporting activities in company performance, in the context of a business reorganization or group restructuring exercise, for assistance in relation to marketing and business development or in connection with the operation of group-wide functions and services),
• Professional advisers (including lawyers, financial advisers, auditors, insurers) to the extent such information is relevant to their performance of services,
• Supervisory/regulatory authorities and government bodies,
• IT service providers,
• Other service providers (e.g. couriers, security companies) where such information is relevant to their performance of such services.

7. Where Can Your Personal Data Be Transferred

Blue Gravity Capital is based in the European Economic Area ("EEA"). If we transfer Personal Data to our group or affiliate entities or to third parties outside of the EEA, we will ensure that appropriate safeguards are in place in accordance with applicable data protection law. Such transfers will be made on the basis of: (i) an adequacy decision by the European Commission; (ii) standard contractual clauses adopted by the European Commission (SCC); or (iii) other appropriate safeguards pursuant to Article 46 GDPR. Specifically, our use of Google Analytics involves a transfer to Google Ireland Limited, with onward transfers to the United States based on standard contractual clauses.

8. Cookies

Our website uses cookies. Cookies are small text files placed on your end-device when you visit our website. They allow us to collect information regarding your use of the website and other technical data, such as your IP address, browser type and version, time zone setting, and location.

To the extent that cookies contain your personal data, Blue Gravity Capital is the data controller for such processing. The legal basis varies depending on the type of cookie: (i) strictly necessary cookies are processed on the basis of Article 6(1)(f) GDPR (legitimate interest in ensuring the technical operation of the website); (ii) analytics cookies are processed on the basis of Article 6(1)(a) GDPR (your consent, which you may provide or withdraw via our cookie consent tool). We do not use analytics cookies prior to obtaining your consent.

Our website makes use of two main types of cookies: "session cookies" and "persistent cookies". Session cookies are temporary files stored on your end-device until you leave the website or close your web browser. Persistent cookies remain stored in your end device for a time specified in cookie parameters or until you delete them.

Cookies are used within the website for the following purposes:

• maintaining the proper operation and functionality of the website,
• adjusting the display of the website to your device and preferences to ensure an optimal user experience,
• presenting multimedia content regarding our team and investment portfolio,
• creating anonymous, aggregated statistics to analyze how visitors interact with our content, which allows us to improve the website’s structure and information flow,
• promoting our brand and activities through social media integration and informational marketing,
• ensuring the security, integrity, and reliability of the website.

Please be informed that in addition to the Controller's own cookies, we also use third-party cookies placed by our partners via the website, in particular for statistical purposes. In this regard, we use the Google Analytics tool (cookies administrator: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, with onward transfers to Google LLC in the United States pursuant to standard contractual clauses).

Our website makes use of the following types of cookies:

• strictly necessary cookies (do not require consent),
• analytics cookies (require consent).

In many cases web browsers allow storing cookies in your end device by default. You can change your cookie settings at any time. These settings can in particular be changed to disable automatic support of cookies in the web browser settings or to display information every time they are placed in your device. For detailed information on options and methods of supporting cookies see your software (web browser) settings.

We inform you that the limitation of the use of cookies can affect some functionalities of our website.

Cookies stored on your end-device may be accessed by our trusted partners, in particular providers of analytical tools and social media plugins, to the extent necessary to provide their services and for statistical purposes.

9. Updates to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The current version of this Privacy Policy will always be available on our website. Where we make material changes, we will take reasonable steps to notify you.

10. Contact

If you have any questions regarding this Privacy Policy or the processing of your Personal Data, please contact us to the email address indicated above.