November 23, 2023

Become GDPR compliant

The way in which personal data of individual investors in investment programmes is currently collected and stored is messy. This makes it virtually impossible for private equity firms, their portfolio companies and advisers to comply with their obligations under GDPR.

Authored by:

Joel Arnell
CEO & co-founder, Dealstack Former Partner at Kirkland & Ellis, ex. Linklaters, Triton Partners

The way in which personal data of individual investors in investment programmes is currently collected and stored is messy. This makes it virtually impossible for private equity firms, their portfolio companies and advisers to comply with their obligations under GDPR.

In most cases, personal data is collected and shared over email, copying large groups of internal and external people. The personal data therefore ends up scattered across inboxes, file folders and spreadsheets in multiple organisations. It is highly likely that this procedure is in breach of Article 5 of the GDPR, at least the principles of (i) storage limitation, and (ii) integrity and confidentiality. Handling data in this way also makes it difficult, costly, and disruptive for companies (as data processors) to comply with the rights of the data subject. This includes both the right of access and the right to be forgotten.

The solution to these GDPR challenges is to collect, store and process personal data in one place, on one platform. Dealstack’s workflows and data handling are designed to achieve exactly that. It brings a big improvement when compared to the common work practices today. Join Dealstack and make your investment programmes GDPR compliant now!

Schedule a demo and we can tell you more.

Schedule a demo and we can tell you more.

Fill in the form and we will be in touch very soon.

In this article

Let us show you more