Privacy policy

V

1.1

-

Last edited on

Jul 23, 2022

Privacy Notice 



  1. Who are we and what do we offer? 

CEMI Services Ltd., operating under the name Chrysalix Venture Capital, is a global venture capital firm investing in start-ups developing intelligent systems for resource intensive industries and solutions to decarbonize hard-to-abate emissions from industrial sectors (our Services). 

Chrysalix Netherlands B.V. (Chrysalix Netherlands) is a 100% subsidiary of Chrysalix Venture Capital and manages its European investment fund: Chrysalix Carbon Neutrality Fund Coöperatief U.A. (the Chrysalix Fund). 

Our Website www.chrysalix.com offers more information about us and our Services.


  1. Privacy Notice

This is our Privacy Notice. In this document we explain what kind of Personal Data (defined below) we collect via our Services. We also explain what role we have in the processing of Personal Data, how long we retain them and what rights you have as a data subject.

This Privacy Notice is relevant for contact persons/authorized representatives/UBO’s of our (potential) investors and persons working for, or on behalf of the companies we invest in (Participations) or will potentially invest in. Next to that, this Privacy Notice is relevant for individuals that visit our Website, contact us or who want to be kept up-to-date of our Services, as well as for job applicants (Applicants). 

Please note: where you provide us with Personal Data regarding another individual than yourself (e.g. an authorized representative or UBO of the company you represent), please provide the concerned individual with a copy of this Privacy Notice, prior to providing the relevant Personal Data to us.



  1. Personal Data and (Joint) Controller(s)

Personal Data means all information by which a person can be directly or indirectly identified. 

In the processing of Personal Data, the Chrysalix entities act either as Controller or Joint Controller within the meaning of the General Data Protection Regulation (GDPR):

  • Where you are in contact with or apply for a job at Chrysalix Netherlands, Chrysalix Netherlands processes your Personal Data as the Controller. Chrysalix Netherlands is supported by Chrysalix Venture Capital in its processing activities, which makes Chrysalix Netherlands and Chrysalix Venture Capital Joint Controllers.

  • If you are a contact person/authorized representative/UBO of a (potential) investor of the Chrysalix Fund or a person working for, or on behalf of a (potential) Participation of the Chrysalix Fund, the Chrysalix Fund, Chrysalix Netherlands and Chrysalix Venture Capital process your Personal Data as Joint Controllers. 

  • The Website is managed by Chrysalix Venture Capital and Chrysalix Netherlands. They, therefore, act as Joint Controllers regarding the Personal Data processed through the Website. 

Chrysalix Venture Capital, Chrysalix Netherlands and the Chrysalix Fund have defined their respective responsibilities, roles, and relationships in a mutual joint controllership agreement within the meaning of Article 26 of the GDPR. In this agreement, parties agree, among other things, that each party will be responsible for complying with their obligations under the GDPR and other applicable privacy law, and that Chrysalix Venture Capital is the main contact point for all privacy and data protection related matters. 

The term ‘we’ or ‘us’ in this Privacy Notice means the relevant (Joint) Controllers as set out above. 

If you have questions about the processing of your Personal Data, you can always contact us through the contact details listed at the bottom of this Privacy Notice.



  1. What Personal Data do we collect as (Joint) Controller(s)? 

Personal Data of (contact persons/authorized representatives/UBO’s) of (potential) investors:

(Personal) Data:Purpose(s):Legal basis:Investor information:Name, job title, e-mail address, telephone number and other (contact) information of (the contact person/authorized representative/UBO of) the Investor. We use these data to contact our Investors regarding the Services we (will potentially) provide to them.We may process these Personal Data because: we need these Personal Data to perform our contract with the Investor or to take the necessary steps prior to entering into such contract; orwe have a legitimate interest to process these Personal Data, i.e. to perform the contract with the Investor or take the necessary steps prior to entering into such contract. Payment information:(Company) name, e-mail address, bank details (account number, IBAN and BIC-code) and a VAT identification number of (the contact person of) the Investor. We use these data to:handle, check, process and administer payments; andinclude in our administration on behalf of the (tax) authorities. We may process these Personal Data because: we need these Personal Data to perform our contract with the Investor; orwe have a legitimate interest to process these Personal Data, i.e. to perform the contract with the Investor.We are also legally obligated to share (some of) these data with the (tax) authorities.KYC-information:An identification document such as a passport, driver’s license, national identity card or resident permit of authorized representatives and UBO’s. Please note that you must cover the social security number on the ID document before providing it to us.Information we obtain about your background from public databases (e.g., sanction/blacklists and PEP databases). In this context we may process Personal Data related to criminal offences and/or Personal Data revealing political opinions. We use these data to comply with laws and regulations. Chrysalix must identify and verify (authorized representatives/UBO’s of) Investors and identify and manage the risks of money laundering and terrorist financing, to comply with anti-money laundering laws, such as the Dutch Money Laundering and Terrorist Financing (Prevention) Act (Wet witwassen en financieren terrorisme)We process these Personal Data because we are legally obliged to do so or because we have a legitimate interest to process these Personal Data, i.e. to identify and manage risks. 




Personal Data of (persons working for or on behalf of) (potential) Participations: 

(Personal) Data:Purpose(s):Legal basis:Information of (the contact person of) the Participant:Name, job title, email address, telephone number and other (contact) information.We use these data to contact (potential) Participations regarding the Services we (will potentially) provide to them.We may process these Personal Data: because we need these Personal Data to perform our contract with the Participants or to take the necessary steps prior to entering into such contract; andbecause we have a legitimate interest to process these Personal Data, i.e. to perform the contract with the Participations or take the necessary steps prior to entering into such contract.Information on other relevant persons working for the Participant (e.g. the management team):Curriculum vitaes, including details of previous employment history and professional activities. References provided by third parties, network information and results of other due diligence carried out. We use this information to:assess potential investments;maintain records of investments;communicate with our Investors;  identify and manage risks; safeguard our legal rights and interests;seek and receive advice from our professional advisors, including accountants, lawyers and other consultants.We may process these Personal Data because we have a legitimate interest to do so, i.e. assess potential investements and manage our Participations. 




Personal Data of visitors of the Website/our social media pages and business contacts:

(Personal) Data:Purpose(s):Legal basis:Via our social media pages:Information of visitors who leave a comment or otherwise post something on our social media pages, including the Personal Data within these comments and/or posts.We use these data to:contact the visitors in reply of their post and/or comment via our social media pages; andprocess the feedback left on our social media pages.We may process these Personal Data, because we have a legitimate interest to process these data and because the visitors voluntarily made public such information.Our social media pages are also controlled by the social medium itself. Please check their own privacy notices, to see how each social medium handles Personal Data:LinkedIn: Privacy PolicyTwitter: Privacy Policy
If you contact us:Your name, e-mail address, company name and the content of the correspondence.
We use these data to:answer your questions and/or handle any complaints;support you in using our Services; andimprove our Services because of questions and feedback from you.We may process these data, because we have a legitimate interest to contact and assist you based on your comment or question and to improve our Services because of the questions and feedback we receive.
If you subscribe to our newsletter:
Name, surname, company name and e-mail address
We use these data to:send you our newsletter and keep you informed on all our (future) Services. We may process these data, if you gave us your consent to do so (by subscribing via our Website). We may send Investors and Participants newsletters because we have a legitimate interest to do so.In every newsletter there is a link via which you can unsubscribe.Usage Data:Information on how the Platform is accessed and used, such as your IP-address, when and for how long you visit the Platform, which pages you visit on the Platform, on which links you click and technical information (e.g., type of browser and operating system) (“Usage Data”)We collect the Usage Data using cookies and/or similar techniques. 
Our Cookie Statement [include link] outlines the purposes for which Usage Data is processed and the principles underlying the processing of Usage Data. We may process these data because we have a legitimate interest to do so, namely, to analyse and improve the Platform, or because we have obtained your consent. 



Personal Data of Applicants:

(Personal) data:Purpose(s):Legal basis:Contact details:First name and surname, e-mail address, address, and telephone number.
We use these data to:contact the Applicant about the application.We may process these Personal Data because we have a legitimate interest in processing these data. We need the data to get (and keep) in touch with the Applicant and to process and review the application.Application information:Information provided by the Applicant, among others: Personal Data included in the Curriculum Vitae and motivation letter, qualifications, photo, gender, and day of birth.
We use these data to:assess whether the Applicant suits the job and Chrysalix; anddetermine which Applicant is the most suitable candidate.We may process these Personal Data because we have a legitimate interest in processing these data and because the Applicant provides this data itself and voluntarily. We need the data to get (and keep) in touch with the Applicant and to process and review the application. Information retained during application process:Notes from interviews.We use these data to:Assess whether the Applicant suits the job and Chrysalix; andDetermine which Applicant is the most suitable candidate.We may process these Personal Data because we have a legitimate interest in processing these data. We need the data to get (and keep) in touch with the Applicant and to process and review the application.Information from public sources:Information in public profiles, such as LinkedIn and other social networks (where applicable).We use these data to:Assess whether the Applicant suits the job and Chrysalix; andDetermine which Applicant is the most suitable candidate.We have a legitimate interest to process these Personal Data as we need them to process and assess the application. We only process information that is relevant for the application and the Applicant gets the opportunity to react to our findings.




  1. Mandatory information

When you engage our Services, it may be legally or contractually required that you provide us with certain Personal Data. For example, we may need your email address to be able to contact you. Where you do not provide us with such information, this will usually imply that we will not be able to provide you with specific Services or perform part of our agreement with you.


  1. How long do we keep the Personal Data?

We store Personal Data for as long as we need it for the above purposes. Please find more specific retention periods below: 

  • Personal Data received in the KYC-process and included in our records for the authorities | These data is stored for five (5) years after the end of the business relationship, unless we are legally obliged to retain the data for a longer period.

  • Newsletters | We retain the Personal Data used for sending newsletters until you unsubscribe from our newsletter. 

  • Personal Data in our correspondence | This data is stored as long as necessary to handle your message/question/complaint and for a period of one (1) year thereafter.

  • Personal Data in our records for the (tax) authorities | This data is stored for seven (7) years unless we are legally obliged to retain the data for a longer period.

  • Personal Data of job applicants | We store these Personal Data for a maximum of 4 weeks after the application process unless the Applicant has given us permission to store the Personal Data for (up to) 1 year.

After expiry of the above retention period(s), we may process and retain certain Personal Data to comply with legal retention obligations and/or for fraud/misuse investigations or to substantiate a (judicial) claim. In such events, we will retain the Personal Data separately and only use such Personal Data for the aforementioned purposes.



  1. Do we share your Personal Data with others?

Processors

We use third parties (Processors) who support us in providing our Services. Within this context these Processors receive Personal Data from us which they process on our behalf. For instance, we use, Processors for e-mail marketing, document storage, automation of workflows (including customer relationship management), hosting of our data, building and maintaining our Website and investment services (e.g. assistance in KYC-procedures and payment processing).

These Processors may only use or disclose the data collected and processed by us within the scope of our instructions to them and under no circumstances for other purposes. We enter into a data processing agreement with all our Processors.

Controllers
We may also share your Personal Data with external controllers:

  • Investors, to inform our Investors about our Participations.

  • Professional advisors, such as accountants, lawyers, advisers, or other consultants, to enable them to assist us properly in providing our Services.

  • External auditors, to enable them to perform audits of our (potential) Participations.

  • (Potential) buyers or merging parties and advisors of those parties, in the context of a proposed merger, acquisition; sale or divestiture of (a part) of our activities.

  • Supervisory authorities, such as the Tax Authority (Belastingdienst), the Dutch Central Bank (De Nederlandsche Bank), the Financial Markets Authority (Autoriteit Financiële Markten) and the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if we are legally required to do so. 

Apart from the above, we may share your Personal Data within the context of a (potential) acquisition, fusion or sell of (a part of) Chrysalix.



  1. Export of Personal Data outside the European Union

We may transmit Personal Data to parties outside the European Union, if one of our Processors or Controllers is established outside the European Union. The Personal Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the European standards. For example, for Canada, an adequacy decision of the European Commission applies. You may contact us if you wish to receive more information or a copy of the safeguards we take in this scope where necessary. 




  1. Third party websites

You may find advertising or other (hyper)links on our Website that link to the websites, products and services of partners, suppliers, advertisers, sponsors, licensors or other third parties. We do not control the content or the links that appear on these websites and we are not responsible for the practices employed by websites linked to or from our Website. In addition, these websites, products, and services, including their content and links, may be constantly changing. These websites, products and services may have their own privacy notices, user terms and customer service policies. Browsing and interaction on any other website, including websites that are linked to or from our Website, are subject to the terms and policies of that website.



  1. Changes of the Privacy Notice

The Privacy Notice may be changed from time to time. Please check our Privacy Notice frequently. The new Privacy Notice will be effective immediately upon posting on our Website. If we change our Privacy Notice significantly, then we will state so on our Website together with the revised Privacy Notice.


  1. Your rights as a data subject and our contact data


You are always entitled to file a complaint with a data protection supervisory authority if you believe that we are not processing your Personal Data in accordance with the GDPR. In the Netherlands, the supervisory authority for data protection is: 

Autoriteit Persoonsgegevens
Website: https://www.autoriteitpersoonsgegevens.nl 

If you have questions or concerns about this Privacy Notice or your privacy, you can contact us at privacy@chrysalix.com.


CEMI Services Ltd. 
111  West Hastings, Suite 333Vancouver, BC V6E 2J3 Canada]

E: privacy@chrysalix.com   W: www.chrysalix.comIncorporation number: BC0712083Chrysalix Netherlands B.V.
Julianalaan 67A2628 BC DelftThe Netherlands
E: privacy@chrysalix.com   W: www.chrysalix.comChamber of Commerce: 74526758



Chrysalix Carbon Neutrality Fund Coöperatief U.A. 
Julianalaan 67A2628 BC DelftThe Netherlands
E: privacy@chrysalix.com W: www.chrysalix.comChamber of commerce: 85638110