November 23, 2023
The way in which personal data of individual investors in investment programmes is currently collected and stored is messy. This makes it virtually impossible for private equity firms, their portfolio companies and advisers to comply with their obligations under GDPR.
The way in which personal data of individual investors in investment programmes is currently collected and stored is messy. This makes it virtually impossible for private equity firms, their portfolio companies and advisers to comply with their obligations under GDPR.
In most cases, personal data is collected and shared over email, copying large groups of internal and external people. The personal data therefore ends up scattered across inboxes, file folders and spreadsheets in multiple organisations. It is highly likely that this procedure is in breach of Article 5 of the GDPR, at least the principles of (i) storage limitation, and (ii) integrity and confidentiality. Handling data in this way also makes it difficult, costly, and disruptive for companies (as data processors) to comply with the rights of the data subject. This includes both the right of access and the right to be forgotten.
The solution to these GDPR challenges is to collect, store and process personal data in one place, on one platform. Dealstack’s workflows and data handling are designed to achieve exactly that. It brings a big improvement when compared to the common work practices today. Join Dealstack and make your investment programmes GDPR compliant now!
Schedule a demo and we can tell you more.