Privacy Policy

This privacy policy (“Privacy Policy”) provides you information on how we (B. ACADEMY GmbH, Baarerstrasse 10, 6300 Zug, Switzerland) process personal data when providing the Services (as defined below, see Art. 2 “Definitions”): which data are collected, why and how we process it, and with whom we share it. Please note that the Cookies and Analytics page is part of the Privacy Policy.

For the sake of clarity, B. ACADEMY will be referred in the present document as “B.”, “we”, and the associated pronouns. You, as well as the other users of the Services, are referred as “Users”, “you” and associated pronouns].

1. Scope

Your privacy matters to us, and the present document addresses the different aspects of data processing in connection with the use of the Services.

To provide the Services, B. needs to process certain Personal Data (as defined below), such as your e-mail address, your name, your IP address, etc. We are a Swiss company relying on international providers, which implies certain cross-border data transfers.

Please note that, we don’t use your Personal Data for any automated decision producing legal effects, and we don’t sell, in the meaning defined by the California Consumer Privacy Act (CCPA), Personal Data.

2. Definitions

Anonymization / Anonymized means the process according to which data are rendered not relatable to an individual anymore. Anonymization implies that no re-identification is possible, following techniques such as deidentification and k-anonymization.

Users means any person of full age and legally capable of entering into an agreement (according to applicable laws) using the Services. Should you be not, please refrain from using any of our Services. If you are acting on behalf of a company, we may assume that you are authorized to act on behalf of such company in connection with the acknowledgement and/or acceptance of this Privacy Policy, regardless of the internal regulations and/or circumstances of that company and entries in the commercial/trade register and without further verification of such authorization.

Personal Data means information that relates to an identified or identifiable individual. The information may be directly or indirectly identifiable (e.g., encrypted Personal Data remains Personal Data).

Processing means any operation on Personal Data, including but not limited to the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data.

Services means any service provided by B., including the website, as well its investment services, i.e. access to venture capital investments for professional and institutional investors.

3. Contact

Should you have any question about this policy, our processing, or if you want to exercise your rights (see article 4 “Your Rights” below), please contact us:

• By e-mail: B.s Data Protection Officer
• By post: B. ACADEMY GmbH, Data Protection Officer (confidential), Baarerstrasse 10, 6300 Zug, Switzerland.

4. Your Rights

To exercise your rights, please contact us according to the article 3 “Contact” above. Please note that, depending on the request, we may require additional information and/or a copy of an identification document (such information and document would only be processed for the purpose of establishing your identity and ensuring your data are sent only to you or your legal representative).

You are entitled to exercise your rights according to the applicable law, which may include (non-exhaustively):

• Access: you may receive a copy of your Personal Data, in a comprehensive language. If requested, you may also require a copy in a machine-readable format, allowing reusability (portability of data).
• Correction: you should be able to correct your Personal Data through your interface, nevertheless, feel free to contact us to get support. 
• Deletion: you may request the deletions of your Personal Data collected under consent or for the performance of a contract.
• Withdraw your consent: you may withdraw your consent, for certain purposes or the entire processing of your Personal Data. Nevertheless, be aware the consent withdrawal might limit your access to the Services.
• Information: you may request about whether or not Personal Data about you is processed by Serpentine, as well as more information about the way your Personal Data are processed, as such as the categories of recipients.

5. Processes 

Types of data collected (The types of data are for an illustrative purpose and not exhaustive. For an exhaustive list of all types of data collected, please contact us at the address indicated in the Art. 3 ”Contact”.)

• Identity data (such as a name)
• contact information (such as an  e-mail address)
• technical information (such as IP address, location)
• any data transmitted in the request à answering to any request including support.  
• Cookies to get technical information, location, settings preferences for marketing purposes 
• Analytics such as tracking technical information, historical information, ad consent data
  • Regarding Cookies and analytics, please refer to the Art. "Cookies and Analytics" below. 
• Identity and contact data for monitoring and technical maintenance, supplier management, customer management, member management and commercial prospecting

6. Retention

We store Personal Data for the time necessary to achieve the purpose of processing as well as a retention period of 12 months, unless otherwise provided by the applicable law, especially in the matter of archives. Please note that once the retention period is over, and except the case of our archives, Personal Data may be deleted or Anonymized, and as such, out of scope from data protection regulation and from the Privacy Policy. 

7. Locations of processing and data transfer

Your Personal Data may be processed in various locations, including but not limited to:

• Switzerland,
• EEA,
• USA.

We operate globally, as a consequence, cross-border transfers are necessary to provide you the Services. Nevertheless, we seek to protect your Personal Data, by applying security processes (see article 11 “Security” below) and requesting legal guarantees from our partners. By accepting the Privacy Policy, you are aware and consent to the transfer of your Personal Data.

8. Legal Disclosure

Be aware that we may disclose Personal Data, if needed to comply with legal proceedings, including court orders, subpoenas or warrants, or in response to a request from courts, law enforcement agencies, regulators, or other public agencies. This is our obligation to comply with the law and legal proceedings, and for EEA such a disclosure would be made under the basis of the article 6. (c) of GDPR.

9. Cookies and analytics

B. relies on cookies and analytics to know more about the interactions with our Services and improve them accordingly. Serpentine uses these technologies in particular for the following purposes:

• Obtain statistics and analysis on interactions with the Services, including details about how and where our Services are accessed from, when and how often Users use the Services, which areas of the Services keep the interest of our Users …
• Collect information on functionality and performance of our Services,
• Security, including fraud prevention,
• Know more about the audience of our Services,
• Subject to your consent: marketing and advertisements, which include advertising-related tracking.

In particular, we use Google Analytics. This service of Google LLC in Mountain View, USA or Google Ireland Limited in Dublin, Ireland, respectively ("Google") enables us to measure and evaluate the use of our Services (website) on a non-personal basis. The service uses permanent cookies, which are set by Google. Google does not receive any Personal Data from us (and does not retain any IP addresses), but may track your use of our Services (website), combine this information with data from other websites that you have visited and which are also tracked by Google, and use this information for its own purposes (e.g. management of advertising). If you have registered yourself with Google, Google also knows you. Google is responsible for the processing of your Personal Data in accordance with Google's privacy policy. Google merely informs us how our Services (website) are used without giving any personal information about you. Google has committed itself to ensuring adequate data protection in accordance with the U.S.-EU and the U.S.-Swiss Privacy Shield and to complying with the requirements of GDPR. For more information, please see Google's privacy policy.

10. Sharing Personal Data

10 a) Subprocessors

B. relies on different partners to provide you the Services, which may access certain Personal Data. This includes the following categories of partners:

• Technical services, such as hosting, or technical support.
• The companies of Phoenix Technologies AG, for the respective services provided.

These providers are acting as subprocessors of B. (for EEA, this corresponds to the article 28 of GDPR). B. strives to ensure that all service providers with access to Personal Data will only act within the framework we set through our legal framework, such as applicable law (under adequation decision), data processing agreement, standard contractual clauses, binding corporate rules, and / or privacy shield. We also put in place some security safeguards, such as data minimization, to ensure these subprocessors access your data on a need-to-know basis.

10 b) Exchanges between Controllers

If over your interactions with B., we identify a potential for another company of the Phoenix Technologies AG, we may refer you to this company with your consent. Personal Data may be exchanged with this company. In this context, the concerned company will then act as a data controller for the provision of their own services.

10c) External Links

When a reference is made to external contents, please note that B. has no control over the privacy policies, contents or security safeguards of the providers of these contents, and, as such, may not be held responsible in any way for the actions, as well as the privacy policy, content, and any other matter regarding these third parties. If you disagree with the privacy policy of these providers, please refrain to the use of these services. 

11. Security

Security matters to us, and we have put in place security safeguards to protect information submitted to us. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use reasonable efforts to prevent it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, and we cannot ensure or warrant the security of any information you provide to us.

When using the Services or providing Personal Data to us, unless your specific instruction of communicating through postal service, we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Services.

If we learn of an incident that may qualify as a breach under applicable law, when and to the extent required by law, we will attempt to notify you electronically, by posting a notice on the Services and/or by sending an e-mail to you.

12. Dispute Resolution and Governing Law

Subject to any mandatory provisions or requirements of other laws, these Privacy Policy shall be governed by and construed in accordance with the laws of Switzerland, without regard to its conflict of law principles, as well as without regard to the Convention on Contracts for the International Sale of Goods (CISG).

In the event of any dispute, controversy, disagreement or claim arising out of or relating to the Services, or any provision of the Terms or the breach thereof, the parties shall try to settle those conflicts amicably between themselves. If, within 30 days, the parties can’t reach an agreement despite good faith discussions, any party may submit the dispute to the competent courts.

Any dispute shall be subject to the exclusive jurisdiction of the courts of the canton of Zug, Switzerland, venue being Zug.

13. Further Provisions

Entire Agreement. The Privacy Policy constitutes the entire and exclusive understanding and agreement between you and us on the matter of privacy.

Severability. Should any part of the Privacy Policy be held to be invalid or unenforceable, the unenforceable part will be given effect to the greatest extent possible, or, if it cannot legally be given any effect, will be replaced by the valid provision the nearest to the intention of the parties, and the remaining parts will remain in full force and effect in their original version.

Interpretation. Use of section headers is made for convenience only and will not have any impact on the interpretation of any provision.

Update and Enforceability. The last version of the Privacy Policy is the enforceable version. We may modify this policy at any time, without prior notice, and such changes will be effective from the date of their publication (unless otherwise provided). In the case of material changes, the Privacy Policy will only become effective upon the notice provided in this version, no less than 30 days before its date of entry into force. Your use of any of the Services following an update is deemed acceptance of the last version.

Assignment. You may not assign or transfer your rights related to the Services, in whole or in part, by operation of law or otherwise, without our prior written consent.

Consent to electronic communications. You are aware and acknowledge that any communication by electronic means is associated with risks, in particular interceptions, corrupted or infected content, or misdirected, delayed, or never received communication. B. advises its customers to adopt sufficient security measures on its systems, data, and communications. Electronic communications (e.g. emails) and its attachments are confidential, if you receive messages in error, please inform the sender and delete any copy of the message. In addition, electronic communications do not constitute in itself financial advice. As a matter of principle, before acting on any information, you should consider its completeness and appropriateness having regard to the relevant matter and seek independent financial advice. In any case, B. shall not be liable for such inherent risks and any damages arising in connection. By using the Services, you consent to receive and engage electronic communications from/with us. You agree that any notices, agreements, disclosures, or other communications that we send to you electronically will satisfy any legal communication requirements, including that those communications be in writing.