Privacy
Policy
Updated July 1, 2024
Mars Growth Capital Pte. Ltd.
PRIVACY POLICY
Mars Growth Capital Pte. Ltd., (“Mars”, and together with Liquidity (as defined below), “we”, “our” or “us”), takes our responsibilities under Singapore’s Personal Data Protection Act 2012 (the “PDPA”) seriously. We recognize the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
This privacy policy ("Privacy Policy") explains our practices regarding the collection, processing, usage and transfer of Personal Data, that are applicable to any visitor of our website ("Visitor"), as well as upon registration, access and use of Liquidity’s Platform (as defined under Liquidity’s Terms & Conditions) by any third party engaged with us for such purpose and any individual on its behalf ("Platform Users") as well as collection of certain data from our investors and their affiliated entities and individuals (“Investors”). Visitors, Platform Users and Investors will be further referred to as "you" or "user".
This Personal Data Protection Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your personal data.
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process your personal data, please do not hesitate to contact our Data Protection Officer at the email address set out in Section 11.3.
- INTRODUCTION TO THE PDPA
- “Personal Data” is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data could include names, identification numbers, contact information, account information, photographs and video images.
- "Non-Personal Data" meaning, information which does not identify a specific natural person and cannot reasonably be used for such identification. We collect Non-Personal Data regarding use of the website and of Liquidity’s Platform, such as the scope, frequency, latency, pages accessed and viewed, time and date stamp, interactions with content and materials displayed through our website, language preference, and other technical information regarding the device used to access the website, for example type of device, type of browser, operating system, etc. This data is considered as Non-Personal Data when collected on an aggregate basis, or otherwise not combined with online identifiers.
- We will collect your personal data in accordance with the PDPA. We will notify you of the purposes for which your personal data may be collected, used, disclosed and/or processed, as well as obtain your consent for the collection, use, disclosure and/or processing of your personal data for the intended purposes, unless there are exceptions under the law that permit us to collect, process, and disclose your personal data without your consent or where you are deemed to have given us your consent under the PDPA.
- This privacy policy also provides the required information regarding your rights related to your Personal Data processed by us, under other applicable privacy and data protection legislation and including under the EU and the UK General Data Protection Regulation (collectively "GDPR") and various US states, as further detailed below.
- PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA
- The personal data which we collect from you may be collected, used, disclosed and/or processed for various purposes, depending on the circumstances for which we may/will need to process your personal data, including (to the extent applicable):
- carrying out your instructions or responding to any enquiry given by (or purported to be given by) you or on your behalf;
- communicating with you via phone/voice call, text message, fax message, email and/or postal mail;
- performing verification of your financial standing through credit reference checks (including through our affiliate, Liquidity Capital M.C. Ltd. together with its subsidiaries and affiliated companies (collectively, “Liquidity”); managing Mars’s infrastructure and business operations and/or to carry out or perform administrative, operational and technology tasks (including technology infrastructure maintenance and support, application maintenance and support, risk management, systems development and testing), and business continuity management as well as complying with policies and procedures including those related to auditing, finance and accounting, billing and collections;
- to detect, prevent and investigate any fraud, bribery, corruption or any act or omission which constitutes violation of any law, to carry out due diligence or other screening activities as required by law or regulations or our risk management procedures in order to meet Mars’s compliance obligations;
- to comply with any applicable law, governmental or regulatory requirements including meeting the requirements of any guidelines by regulatory authorities (in Singapore or elsewhere), requests or order by any governmental authorities, public agencies, ministries, statutory bodies including but not limited to defending and/or enforcing Mars’s rights and remedies under the law; and
- storing, hosting, backing up (whether for disaster recovery or otherwise) of your personal data, whether within or outside Singapore; and any other purposes which we notify you of at the time of obtaining your consent.
(collectively, the “Purposes”)
- In order to conduct our business operations more smoothly, we may also be disclosing the personal data you have provided to us to Liquidity and to our third-party service providers, agents and/or our affiliates or related corporations, and/or other third parties whether situated in Singapore or outside of Singapore, for one or more of the above-stated Purposes. Such third-party service providers, agents and/or affiliates or related corporations and/or other third parties would be processing your personal data either on our behalf or otherwise, for one or more of the above-stated Purposes.
- You are not required by law to provide us with any Personal Data, however, please note, that some of our services require the processing of certain Personal Data and without such data we may not be able to provide you with all or part of the services.
- Also, we may sometimes process and anonymize or aggregate Personal Data and identifiable information in a manner that shall create a new set of data that will be Non-Personal Data. Such a new data set can no longer be associated with any identified natural person.
- Non-Personal Data may be used by us without limitation and for any purpose, including for commercial, research, or statistical purposes, in order to maintain and develop our website, including among others, for ensuring the technical functioning of our website, to help prevent fraudulent use of the website, etc.
- If we combine Personal Data with Non-Personal Data, we will treat the combined data as Personal Data.
- We have included in the table below information about the types of Personal Data processed, how we process and use Personal Data, the lawful basis for which we do so subject to the GDPR and processing operations:
- The personal data which we collect from you may be collected, used, disclosed and/or processed for various purposes, depending on the circumstances for which we may/will need to process your personal data, including (to the extent applicable):
If you choose to use Liquidity’s Platform you will be required to provide us with your full name and email address (for signing-up), as well as information related to the entity you sign up on its behalf (e.g., company name, your position, etc.). In addition, we will process email address of additional users, where provided by the Platform Users, for example, where using the “invite a friend” feature, adding authorized users, etc. If you choose to sign in through your social media accounts (e.g., LinkedIn, Facebook or Google account), we will be provided with your email address related to such account as well as information you have made public (such as profile picture, etc.).
Liquidity will further use your contact details in order to send you the required information related to the services (i.e., operational messages) as well as marketing materials related to our services (i.e., direct marketing).
Processing for direct marketing purposes is based on our legitimate interest.
You may opt-out at any time through the “unsubscribe” link within the email or by contacting us directly. Please note that if you opt-out we will not send you our marketing materials however we will continue to send you operational related communications.
In the course of a due diligence, in the event initiated by you, and solely where explicitly requested by you, Platform Users may share Personal Data related to the assessed entity’s shareholders, clients, employees, agents, suppliers or other stakeholders, as follows:
Information related to the assessed entity’s shareholders, directors and officers: this may include name, address, email, phone number, title, position, date of birth, governmental identification number, ownership and interests in the assessed entity or other related entities, financial information (such as salary, compensation, dividends, etc.), as well as supporting documentation such as identification documents and utility bill (including in certain cases copies of such documents including IDs and passports), and information related to legal proceedings or administrative proceedings against the aforesaid individuals (in their capacity as such).
Information related to the assessed entity’s employees, contractors and agents: this mainly includes employment related terms such as salary, social benefits, allocated options, etc., as well as position and job title.
Information related to the assessed entity’s suppliers: this mainly includes information referenced in agreements or other engagements and transactions related documentations (e.g., invoices) and for example, name, contact details (e.g., email and phone number), bank account details, transactions made, etc.
Public information: we may collect and use Personal Data that has been made public as a result of steps taken by the assessed entity’s related individuals or by legal authorities for validation and qualification purposes, subject to applicable laws.
Each Platform User hereby represents and warrants that: (i) it will not provide Personal Data in excess of the information requested by us (if any); (ii) subject to law’s requirements, it provided the applicable individuals with the required notices, and where needed, obtained consent, for sharing the Personal Data with us for the purposes described herein.
If we engage in a transaction agreement, we will further use this information where this is necessary for compliance with a legal or regulatory obligation to which we are subject (such as anti-money laundering and know your client obligations) and retain copies of materials in respect thereof.
Some information might be provided where a Platform User enables the integration to third party platforms, such as platforms enabling ongoing connection to bank accounts and other financial accounts. Any information transferred to us is subject to your consent, according to the privacy settings you choose to apply on such third-party platforms. You should review the privacy policies or terms of service for those third-party platforms for information about their practices, which is not under our control or responsibility.
When you interact with the website and use Liquidity’s Platform, we will collect online identifiers such as your Internet Protocol address (“IP”), Cookie-ID, etc., as well as other information that relates to your activity through the website and Liquidity’s Platform, such as pages viewed, click stream data, login time and date stamp, etc. This data might be collected directly by us or by through our use of third parties' cookies.
(i) Website and the Liquidity’s Platform’s operation, security and fraud detection purposes, and for example, when you login to Liquidity’s Platform, in order to detect and prevent fraudulent access;
(ii) Internal statistics and analysis, for which device identifiers might be combined with usage data, for example, to analyze how many users have accessed certain content and from which country (where the country is extracted from the IP address) in order to enhance and improve our website and its content;
(iii) Marketing and advertising purposes.
Where required under applicable laws, we will obtain your consent for the purpose of data collection through our use of third-party cookies for analytics and advertising purposes. In any such case, you may withdraw consent or change your preferences at any time by using the cookie settings tool available on our website.
As part of any Investment process, we may collect and process certain information pertaining to the investing entity, investment target, or individual, including, solely where explicitly requested by us, Users may share Personal Data related to the Investor’s or target investment’s shareholders, clients, employees, agents, suppliers or other stakeholders, as follows:
Information related to the Investor shareholders, directors and officers: this may include name, address, email, phone number, title, position, date of birth, governmental identification number, ownership and interests in the assessed entity or other related entities, financial information (such as salary, compensation, dividends, etc.), as well as supporting documentation such as identification documents and utility bill (including in certain cases copies of such documents including IDs and passports), and information related to legal proceedings or administrative proceedings against the aforesaid individuals (in their capacity as such).
Public information: we may collect and use Personal Data that has been made public as a result of steps taken by the Investor’s or target investment’s related individuals or by legal authorities for validation and qualification purposes, subject to applicable laws.
We will further use this information where this is necessary for compliance with a legal or regulatory obligation to which we are subject (such as our anti-money laundering and know your client obligations) and retain copies of materials in respect thereof.
*** Please note that if you provide information related to another individual, you hereby warrant and acknowledge that you are authorized under applicable law to share such information with is for the purposes herein.
If you voluntarily contact us through any means of communications, we make available (e.g., send us an email, or use any other online form available on our website or on Liquidity’s Platform), you will be requested to provide us with your contact information such as your name, phone number and email address.
The correspondence with you may be processed and stored by us in order to improve our internal operation, as well as in the event we reasonably determine it is needed for future assistance or to handle any dispute you might have with us.
In the event you sign up to receive our newsletter or other promotional materials, you will be requested to provide your contact details, such as email address.
If you wish to apply for any position posted on our website, you will be requested to provide certain information such as your name, e-mail address, phone number, and your CV. You may also choose to provide us additional information such as recommendations from previous employers, your LinkedIn profile, etc.
In addition, we will use such information to demonstrate compliance with corporate governance and legal and regulatory requirements.
Please note, in the event, you send us your CV, your provision of Personal Data in connection with recruiting is voluntary, and you determine the extent of information you provide us. We do not request or require sensitive personal information concerning religion, health, sexual orientation, or political affiliation in connection with recruiting.
If you are hired, the information may be used in connection with employment and corporate management.
- Notice to California Residents: In the event you are a California resident – please review our CCPA Privacy Notice to learn more about our privacy practices with respect to the California Consumer Privacy Act.
- Additional Notice to Colorado, Virginia, Connecticut or Utah Residents: In the event you are a resident of one of these US states – please also review Section 16 below “Jurisdiction-Specific Notices” to learn more about our privacy practices and your rights under the privacy and data protection legislation which applies in these states.
- COLLECTION, USE OR SPECIFIC ISSUES FOR THE DISCLOSURE OF PERSONAL DATA WITHOUT CONSENT
- Please note that under the PDPA we may collect, use or disclose your personal data without your consent under certain prescribed situations. These include, but is not limited to, the collection, use or disclosure (as the case may be) of your personal data:
- for any purpose which is clearly in your interest, and your consent for the collection, use or disclosure (as the case may be) cannot be obtained in a timely way or where you would not reasonably be expected to withhold consent;
- to respond to an emergency that threatens your life, health or safety or that of another individual;
- for our or another person’s legitimate interests and such legitimate interests outweighs any adverse effect on you;
- for business improvement purposes such as for operational efficiency, service improvements, and developing or enhancing our products/services; or
- The instances listed above at paragraph 3.1 are not intended to be exhaustive. For more information on the exceptions, you are encouraged to peruse the First and Second Schedules of the PDPA which is publicly available at http://statutes.agc.gov.sg.
- Please note that we may collect information as follows:
- Automatically – we may use cookies (as elaborated in the section below) or similar tracking technologies (such as pixels, tags, agent, etc.) to gather some information automatically.
- Provided by you or about you voluntarily – we will collect information if and when you choose to provide us with the information, such as through online registration, contact us communications, etc. all as detailed in this Privacy Policy.
- Collected from authorized third parties and public sources – such as open online databases, social media networks, credit bodies, etc
- Please note that under the PDPA we may collect, use or disclose your personal data without your consent under certain prescribed situations. These include, but is not limited to, the collection, use or disclosure (as the case may be) of your personal data:
- COOKIE
- When you access or use the website, we use “cookies” or similar tracking technologies, which store certain information on your device (i.e., locally stored). The use of cookies is a standard industry-wide practice. A “cookie” is a small piece of information that a website assigns and stores on your computer while you are viewing a website. Cookies are used by us for various purposes, including allowing you to navigate between pages efficiently, as well as for statistical purposes, analytic purposes and advertising. You can find more information about our use of cookies here: www.allaboutcookies.org.
- There are several types of cookies, and among others:
- Essential, Functionality, Operation & Security Cookies. These cookies are essential for enabling user movement around the website, for the website to function properly, and for security purposes (i.e., used to authenticate users, prevent fraudulent use, and protect user data from unauthorized parties). This category of cookies either cannot be disabled, or if disabled, certain features of the website may not work.
- Analytic, Measurement & Performance Cookies. These cookies are used to collect information about how users use our website, in order to improve our website, content, and the way we offer them, as well assess performance of the content and marketing campaigns. These cookies enable us, for example, to assess the number of users who have viewed a certain age as well as their country of origin. It enables our website to remember information that changes the way it behaves or looks, such as your preferred language.
- Preference, Targeting & Advertising Cookies. These cookies are used to advertise across the internet and to display relevant ads tailored to users based on the parts of the website they have (e.g., the cookie will indicate you have visited a certain webpage and will show you ads relating to that webpage)
- The third-party cookies we currently use, and their category are listed under the Cookie List.
- You may opt-out of cookies or change your preferences ant any time by using the cookies setting tool available on our website.
- Also note that, most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may set your browser to block all cookies, including cookies associated with our website, or to indicate when a cookie is being used by us, by adjusting the privacy and security settings of your web browser. Please refer to the support page of your browser to learn more about how you can adjust your privacy and security settings. Please note that once you choose to opt out or disable cookies, some features of the website may not operate properly and your online experience may be limited.
- Where we use third-party advertising cookies, such third-party may independently collect, through the use of such tracking technologies, some or all types of Personal Data detailed above, as well as additional data sets, including to combine such information with other information they have independently collected relating to your online activities across their network of websites, for the purpose of enhanced targeting functionality and delivering personalized ads, as well as providing aggregated analytics related to the performance of our advertising campaign you interacted with. These third parties collect and use this information under their own privacy policies, and are responsible for their practices.
- DATA SHARING – CATEGORIES OF RECIPIENTS WE SHARE PERSONAL DATA WITH
We share your Personal Data with third parties, including with trusted partners or service providers that help us to manage our business operation, website, etc. You can find here information about the categories of such third-party recipients.
Where we share Personal Data with services providers and partners, we ensure they only have access to such information that is strictly necessary in order for us to provide the services of fulfil the purpose for which data was shared. These parties are required to secure the Personal Data they receive and to use the data for pre-agreed purposes only, while ensuring compliance with applicable data protection regulations (note that, such service providers may use other Non-Personal Data for their own benefit).
- TRANSFER OF PERSONAL DATA OUT OF SINGAPORE
- We may be required to transfer your personal data to our offices located in other jurisdictions, in particular, Japan and Israel. If we transfer your personal data to other countries outside of Singapore, we will obtain your consent for the transfer to be made and will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA. This will include taking steps to ensure that reasonable security arrangements are put in place to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data.
- Where we disclose your personal data to third parties located outside Singapore, we will also employ our best efforts to require such third parties to provide a standard of protection to your personal data that is comparable under the PDPA. This will include taking steps to ensure that reasonable security arrangements are put in place to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data.
- In addition, we may store or process your Personal Data in several territories, including, for example in Israel, the UK, EU, US or in other countries. Thus, your Personal Data may be transferred to and processed in countries other than the country from which you accessed our websites or otherwise the country of your jurisdiction. We will take appropriate measures to ensure that your Personal Data receives an adequate level of data protection upon its transfer. Where Personal Data collected from within the EU or UK, is being transferred outside such territories to countries which didn’t receive an adequacy decision on behalf of an authorized authority (such as the EU Commission), we will take necessary steps in order to ensure that sufficient safeguards are provided during the transferring of such Personal Data, in accordance with the provision of the standard contractual clauses approved by the European Union or the UK Information Commissioner’s Office. Thus, we will obtain contractual commitments or assurances from the data importer to protect your Personal Data, using contractual protections that EEA and UK regulators have pre-approved to ensure your data is protected (known as standard contract clauses), or rely on adequacy decisions issued by the European Commission. Some of these assurances are well-recognized certification schemes.
- DATA RETENTION
- We retain the Personal Data we collect as long as it remains necessary for the purposes set forth above, all in accordance with applicable laws, or until an individual expresses a preference to opt-out.
- In certain circumstances, we will retain your Personal Data for longer periods of time and mainly:
- Where we are required to retain Personal Data in accordance with legal, regulatory, tax, or accounting requirements;
- Where we deem retention is necessary to obtain an accurate record of your dealings with us in the event of any complaints or challenges; or
- If we reasonably believe there is a prospect of litigation relating to your Personal Data.
- We may at our sole discretion, delete or amend information from our systems, without notice to you, once we deem it is no longer necessary for such purposes.
- REQUEST FOR ACCESS AND/OR CORRECTION OF PERSONAL DATA
- You may request to access and/or correct the personal data currently in our possession by submitting your request to the email address set out in Section 8.2.
- For a request to access personal data, we will provide you with the relevant personal data within 30 days from receiving your request being made as long as it is within our possession our under our control. If we are unable to respond to your access request within 30 days after receiving your request, we will inform you within 30 days of the time by which we will be able to respond to your request.
- For a request to correct personal data, we will correct your personal data as soon as practicable after the request has been made unless we have reasonable grounds not to do so.
- We may charge you a reasonable fee for the handling and processing of your requests to access and/or correct your personal data.
- Additional Privacy Rights. We acknowledge that different people have different privacy concerns and preferences. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used. We provide you with the ability to exercise certain choices, rights and controls in connection with your Personal Data. Depending on your relationship with us (e.g., if you are a Visitor of our website or a Platform User), your jurisdiction and the applicable data protection laws that apply to you, you have the right to control and request certain limitations or rights to be executed. The table below details some of the principal rights that may apply to (subject to your jurisdiction and additional conditions), how you can exercise them and appeal a decision we take in this regard:
-
- For additional information on your rights and how to exercise your rights, please see the Data Subject Request (“DSR”) form available HERE, and send it to our privacy team at: personal_data_protection@dragonfunds.com.
- If you are an EU resident, you may also submit the request to exercise your right to our EU Data Protection Representative, Prighter Group, at https://prighter.com/q/13356608436.
- Where we are not able to provide you with the information for which you have asked, we will endeavor to explain the reasoning for this and inform you of your rights, including the right to complain to the supervisor authority (in the event you are EEA resident). We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any such information in accordance with applicable law.
- REQUEST TO WITHDRAW CONSENT
- You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control by submitting your request to the email address set out in Section 8.2.
- We will process your request within 10 days from such a request for withdrawal of consent being made, and will thereafter not collect, use and/or disclose your personal data in the manner stated in your request.
- However, your withdrawal of consent could result in certain legal consequences arising from such withdrawal. In this regard, depending on the extent of your withdrawal of consent for us to process your personal data, it may mean that we will not be able to continue with your existing relationship with us.
- ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA
- We will take reasonable efforts to ensure that your personal data is accurate and complete, if your personal data is likely to be used by Mars to make a decision that affects you or disclosed to another organisation. However, this means that you must also update us of any changes in your personal data that you had initially provided us with. We will not be responsible for relying on inaccurate or incomplete personal data arising from you not updating us of any changes in your personal data that you had initially provided us with.
- We will also put in place reasonable security arrangements to ensure that your personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data and the loss of any storage medium or device on which personal data is stored.
- You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures. We also cannot assume responsibility for any unauthorized use of your personal data by third parties which are wholly attributable to factors beyond our control.
- We will also put in place measures such that your personal data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any other legal or business purposes
- COMPLAINT PROCESS
- Mars, together with its subsidiaries and affiliated companies is the “Data Controller” (as such term is defined under the GDPR or equivalent privacy legislation) of the Personal Data collected from visitors and platform users with regards to their registration and use of the services.
- If you have any complaint or grievance regarding about how we are handling your personal data or about how we are complying with the PDPA or GDPR, we welcome you to contact us with your complaint or grievance.
- Please contact us through the following method with your complaint or grievance:
E-mail: personal_data_protection@marsgrowth.com
To the attention of the ‘Data Protection Officer’. - Your indication at the subject header that it is a PDPA complaint would assist us in attending to your complaint speedily by passing it on to the relevant staff in our organisation to handle. For example, you could insert the subject header as “PDPA Complaint”.
- We will certainly strive to deal with any complaint or grievance that you may have speedily and fairly.
EU Data Protection Representative - We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase Personal Data). If you want to contact us via our representative- Prighter, or make use of your data subject rights, please visit the following website: https://prighter.com/q/13356608436.
UK Data Protection Representative - Liquidity Capital UK Limited, which you may contact at: privacy@liquidity-capital.com.
- SECURITY
- We take great care in implementing and maintaining the security of our website, Liquidity’s Platform, users’ Personal Data. We employ industry standard procedures and policies to ensure the safety of individuals’ information and prevent unauthorized use of any such.
- We have implemented technical, physical and administrative security measures to protect the Personal Data we process. In addition, we limit access to Personal Data stored by us.
- Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our website and Liquidity’s Platform, and we make no warranty, express, implied or otherwise, that we will always be able to prevent such access.
- Please contact if you feel that your privacy was not dealt with properly, in a way that was in breach of our Privacy Policy, or if you become aware of a third party's attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
- THIRD PARTY WEBSITES
- Our Privacy Policy only addresses the use and disclosure of Personal Data we collect from you. To the extent that you disclose your Personal Data to other parties via the website (e.g., by clicking on a link to any other website or location), different rules may apply to their use or disclosure of the Personal Data you disclose to them, and this Privacy Policy does not apply to any such third-party products and services. You agree that we shall have no liability whatsoever with respect to such third-party sites and your usage of them.
- CHILDERN’S DATA
- The website and Liquidity’s Platform are not intended for individuals under the age of eighteen (18). Accordingly, we do not knowingly solicit Personal Data from or market to children as defined under applicable law. We request that such individuals do not provide Personal Data. If you become aware or have any reason to believe that a child has shared any Personal Data with us or with Liquidity, please contact us through the means of contact detailed herein.
- UPDATES ON PERSONAL DATA PROTECTION POLICY
- As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.
- We reserve the right to amend the terms of this Personal Data Protection Policy at our absolute discretion. You may determine if any such revision has taken place by referring to the date on which this policy was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
- Please contact us if you require an update on this policy by emailing to us at the email address set out in Section 11.3.
- JURISDICTION-SPECIFIC NOTICES
- “Personal Data” as defined in the CPA means information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CPA scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.
- “Personal Data” as defined in the CPA means information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CPA scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.
- “Sensitive Data” under the CPA means: racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life or sexual orientation; genetic or biometric data that can be processed to uniquely identify an individual; or child data. We do not process Sensitive Data.
- In Section 2 of this Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy details and discloses your rights, including where shared or sold for targeted advertising.
- Only you, or someone legally authorized to act on your behalf, may make a request to know or delete your Personal Data. If the request is submitted by someone other than you, proof of authorization (such as power of attorney or probate documents) will be required.
- We will respond to a verifiable request within 45 days after receipt (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and we will provide a notification of the extension within the first 45 days. If we refuse to take action, you may appeal our decision within a reasonable period time by sending us an applicable notice at: personal_data_protection@marsgrowth.com. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decisions. If the appeal is denied, you may submit a complaint as follows: Colorado AG at https://coag.gov/file-complaint/.
- If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.
- Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
- Additional Information for Colorado Residents. Under the Connecticut Data Privacy Act, Public Act. No. 22-14 (the “CDPA”) if you are a resident of Connecticut, acting in an individual or household context (and not in a commercial or employment context or as a representative of business, non-profit or governmental entity), your rights with respect to your Personal Data are described below:
- "Personal Data" means any information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver's Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.
- “Sensitive Data” means data revealing racial or ethnic origin, religious beliefs, mental or physical health condition or diagnosis, sex life, sexual orientation, citizenship, or immigration status; The processing of genetic or biometric data for the purpose of uniquely identifying an individual; Personal Data collected from a known child; Precise geolocation data. We do not process Sensitive Data.
- Under CDPA, we are required to provide you with a clear and accessible privacy notice that includes: categories of Personal Data processed, purpose of processing, instructions for exercising consumer rights and appealing decisions, categories of Personal Data shared with third parties, categories of third parties with whom data is shared, and any sale of data or targeted advertising.
- In Section 2 of this Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy details and discloses your rights, including where shared or sold for targeted advertising. Note, under the CDPA consent can be withdrawn within 15-days of notice at any time.
- We shall respond to your request within 45 days of receipt. The response period may be extended once by 45 additional days when reasonably necessary, taking into account the complexity and number of requests and we inform you of such extension within the initial 45-day response period, together with the reason for the extension.
- If we decline to take action on your request, we shall so inform you without undue delay, within 45 days of receipt of your request. Our notification will include a justification for declining to take action and instructions on how you may appeal. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you may submit a complaint to the Connecticut Attorney General at link: https://www.dir.ct.gov/ag/complaint/ or (860) 808-5318.
- We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.
- Additional Information for Virginia Residents. Under the Virginia Consumer Data Protection Act, as amended (“VCDPA”) if you are a resident of Virginia acting in an individual or household context (and not in an employment or commercial context), you have certain rights with respect to your Personal Data, as described below:
- "Personal Data" means any information that is linked or reasonably linkable to an identified or identifiable natural person, and does not include publicly available information that is lawfully made available from government records, that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; Information excluded from the VCDPA scope, such as: HIPAA, GBPA, non-profit entities, higher education, employment data and FCRA, Driver's Privacy Protection Act of 1994, Family Educational Rights and Privacy Act, Farm Credit Act.
- “Sensitive Data” under the VCDPA means data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, or citizenship or immigration status; the processing of genetic or biometric data for the purpose of uniquely identifying a natural person; Personal Data collected from a known child; and precise geolocation data. We do not process Sensitive Data
- The VCDPA requires us to disclose the categories of Personal Data processed, purpose of processing, how you can exercise your rights, including how a you may appeal our decision with regard to the consumer request, the categories of Personal Data shared with third parties and with whom, and if we sell Personal Data to third parties or processes Personal Data for targeted advertising.
- In Section 2 of this Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy details and discloses your rights, including where shared or sold for targeted advertising. Note, under CDPA consent can be withdrawn within 15-days of notice at any time.
- We will respond to a verifiable request within 45 days after receipt (no more than twice in a twelve-month period). We reserve the right to extend the response time by an additional 45 days when reasonably necessary and we will provide a notification of the extension within the first 45 days. If we refuse to take action on a request, you may appeal our decision within a reasonable period time by sending us an applicable notice at: personal_data_protection@marsgrowth.com. Within 60 days of our receipt of your appeal, we will inform you in writing of any action taken or not taken in response to your appeal, including a written explanation of the reasons for our decisions. If the appeal is denied, you may submit a complaint to the Virginia Attorney General at https://www.oag.state.va.us/consumercomplaintform.
- If you have an account with us, we may deliver our written response to that account or via email at our sole discretion. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option. You do not need to create an account for submitting a request.
- Any disclosures we provide will only cover the 12-months period preceding our receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
- We shall provide information in response to your request free of charge, up to twice annually, unless requests are manifestly unfounded, excessive or repetitive. If we are unable to authenticate your request using commercially reasonable efforts, we may request additional information reasonably necessary to authenticate you and your request. If we cannot authenticate you and your request, we will not be able to grant your request.
- Additional Information for Utah Residents. Under the Utah Consumer Data Protection Act, as amended (“UCPA”) if you are a resident of Utah, acting in an individual or household context (and not in a commercial or employment context) your rights with respect to your Personal Data are described below:
- “Personal Data" means data which is linked or reasonably linkable to an identifiable individual, and does not include de-identified data and publicly available data or data that is processed not within the scope of UCPA.
- In Section 2 of this Privacy Policy, we describe our collection and processing of Personal Data, the categories of Personal Data that are collecting and processing, and the purposes for which Personal Data is processed, stored or used. We will not collect additional categories of Personal Data or use the Personal Data we collected for a materially different, unrelated, or incompatible purpose without obtaining your consent. Additionally, Section 5 of this Privacy Policy details and discloses the categories of third-parties we share Personal Data with for business purposes. Section 8 of this Privacy Policy details and discloses your rights, including where shared or sold for targeted advertising. Note, under CDPA consent can be withdrawn within 15-days of notice at any time.
- “Personal Data” as defined in the CPA means information that is linked or reasonably linkable to an identified or identifiable individual and does not include publicly available information that is lawfully made available from government records, or that a consumer has otherwise made available to the public; de-identified or aggregated consumer information; or information excluded from the CPA scope, such as: Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPPA) or 42 CFR Part 2- “Confidentiality Of Substance Use Disorder Patient Records”, personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or and the Driver’s Privacy Protection Act of 1994, Children’s Online Policy Protection Act of 1998 (COPPA), Family Educational Rights and Privacy Act of 1974, national Security Exchange Act of 1934, higher education data and employment data.