Privacy Policy

Last Updated: November 22, 2023

Please see our Privacy Snapshot for a high-level overview of our privacy practices.

This Privacy Policy describes how Passthrough, Inc. and its related and/or affiliated companies (“Passthrough,” “us,” “our,” “its,” or “we”) collects, uses, discloses, and shares Personal Information that we collect through this website, passthrough.com (“Site”), through any other website that we own or control and which links to this Privacy Policy (collectively, “Service” or “Services”) and through our other interactions with you (such as customer service inquiries, user conferences, etc.). “Personal Information” here means any information that we process about you that relates to you or that can be used to identify you directly or indirectly, for example your name, email address, payment details or any user profile related content. Passthrough is the entity responsible for the processing of Personal Information under this Privacy Policy (as a controller or a business, where provided under applicable law).

Please note that when you are provided with access to our fund workflow automation platform by any of our customers for their investment purposes, Passthrough will be the processor (or service provider) in relation to the Personal Information you provide on the platform for that customer’s investment purposes and the customer will be the controller of (or a business for) your Personal Information. The customer’s privacy policy sets out how the customer processes your Personal Information and how you can exercise your rights.

Where you create an investor profile on our platform and choose to reuse this profile in connection with a new investment with another customer, we will be a controller of (or a business for) the Personal Information you have chosen to reuse and this Privacy Policy will apply to that information.

What Personal Information We Collect

Passthrough gets information about you in a range of ways.

Information You Give Us. We collect your name, postal address, email address, phone number, username, password, demographic information (such as your occupation), banking information, as well as other information you directly provide on our Site.

Investor Information. If you are an investor or potential investor, we collect certain information about you to allow you to participate in our customers’ fund closings. The information we collect varies based on the fund, but, in addition to the Information You Give Us, it may include your social security/insurance number or other tax identification numbers, government identification documents like passports and driver’s licenses, bank statements, proof of address, your accreditation/qualification status, the amount and source of the capital you intend to contribute to the fund, and contact information of third parties such as joint signers or partners.

Information We Get From Others. We may get information about you from partners and customers. We may add this information to the information you provide to us to make our own information better or more useful.

Information Automatically Collected. We and our service providers may automatically log information about you and your computer or mobile device, and your interaction over time with the Site, online resources, and our communications, such as:

  • Device data such as your computer’s or mobile device’s operating system type and version, manufacturer and model, browser type, screen resolution, device type (e.g., phone, tablet), IP address, unique identifiers (including identifiers used for advertising purposes), language settings. and general location information such as city, state, or geographic area.
  • Online activity data such as pages or screens you viewed, how long you spent on a page or screen, the website you visited before browsing to the Services, navigation paths between pages or screens, information about your activity on a page or screen, access times, duration of access, and whether you have opened or otherwise engage with our communications, such as our marketing emails or clicked links or files within them.

We use the following tools for automatic data collection:

  • Cookies, which are small data files stored on a visitor’s device by a website to uniquely identify the visitor’s browser or to store information or settings in the browser for the purpose of helping you navigate between pages efficiently, remembering your preferences, enabling functionality, and helping us understand user activity and patterns. Please see our Cookie Policy at https://passthrough.com/cookie-policy for more information on what cookies (and other similar technologies) are and how we use them.
  • Local storage technologies, like HTML5, that provide cookie-equivalent functionality but can store larger amounts of data, including on your device outside of your browser in connection with specific applications.
  • Web beacons, also known as pixel tags or clear GIFs, which are used to demonstrate that a webpage or email was accessed or opened, or that certain content was viewed or clicked.


Use of Personal Information

We use your Personal Information for the following purposes or as otherwise described at the time of collection:

  • Maintain user accounts and contact/send notifications.

We use Personal Information to maintain your account and provide you with related services in accordance with our terms and conditions or other agreement, and to send you information including confirmations, invoices and billing, technical notices, updates, security alerts, and support and administrative messages.

  • Provide you with support and respond to your requests.

If you reach out to us for support or other questions, it is in our legitimate business interests to use your Personal Information to respond and resolve your queries and facilitate support.

  • Create and maintain a reusable investor profile.

We use Personal Information to authenticate investors’ identities and permit investors to use their authenticated identities to participate in fund closings and other regulated activities, and as otherwise necessary to perform our contract with investors.

  • Operate, improve, monitor, personalize, and protect our Services.

It is in our legitimate business interests to operate, improve and keep our Services safe for our users, which includes: 

  • Understanding your needs and interests (e.g. by monitoring the number of your visits and the actions you take on the Services for analytical purposes), and personalizing your experience with the Services and our communications.
  • Troubleshooting, testing and research and to keep the Services secure.
  • Through cookies that are strictly necessary, recording your cookie consent preferences.
  • Investigating and protecting against fraudulent, harmful, unauthorized or illegal activity.
  • Manage supplier/customer relationship.

It is in our legitimate business interests to use your Personal Information to contact you and to manage our relationship with you and/or your company where you are a supplier/partner or the representative of a customer/supplier/partner with whom we have a business relationship.

  • Research and development.

We may use Personal Information for research and development purposes in our legitimate business interests, including to analyze and improve the Services and our business. As part of these activities, we may create or use aggregated, de-identified or other anonymized data from Personal Information we collect. We make Personal Information into anonymized data by removing information that makes the data personally identifiable to you. We may use this anonymized data and share it with third parties for our lawful business purposes, including to analyze and improve the Services and promote our business. 

  • Marketing and advertising.

We, our service providers, and our third-party advertising partners may collect and use Personal Information for the following marketing and advertising purposes:

  • Direct marketing. We may send you direct marketing communications as permitted by law, including by email (such as upcoming events, recommendations and introductions to new fund managers, and other news and promotional messages). You may opt out of our marketing communications as described in the “Opt-out of marketing communications” section below.
  • Interest-based advertising. We engage our advertising partners, including third party advertising companies and social media companies, to display ads around the web. These companies may use cookies and similar technologies to collect information (including the automatically-collected data described above) about your interactions over time across our Services, our communications, and other online services, and use that information to serve online ads that they think will interest you. For more details, please visit our Cookie Policy at https://passthrough.com/cookie-policy.

Except where consent is required, we undertake such marketing and advertising on the basis of our legitimate business interests. Where we seek your consent, you may withdraw your consent at any time. 

  • Compliance and protection.

We may use Personal Information to comply with legal obligations, and to defend us against legal claims or disputes, including to:

  • Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims).
  • Audit our internal processes for compliance with legal and contractual requirements and internal policies.
  • Enforce the terms and conditions that govern the Services.
  • Prevent, identify, investigate and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
  • Comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

Please note that if you choose not to provide Personal Information requested by us, or refuse our use of your Personal Information, we may not be able to provide you with the services you have requested where this Personal Information is necessary or these services may be delayed.

Disclosure of Personal Information

Passthrough may disclose Personal Information as follows:

  • Fund entities. Where you create an investor profile on our platform and choose to reuse this profile in connection with a new investment with another fund entity, you direct us to disclose your Investor Information to fund entities as needed to facilitate fund closings.
  • Service providers. We may share Personal Information with those who need it to perform work for us. This includes granting Passthrough’s employees and service providers (including providers of customer support, hosting, analytics, email delivery, marketing, database management, financial services software, communications channels) the necessary access in order to perform their duties.
  • Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
  • Business transferees. When we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding. The Personal Information shared may be shared with counterparties and others assisting with the deal.
  • Authorities and others. Law enforcement, government authorities and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above. 
  • Advertising partners. Third party advertising companies, including for the interest-based advertising purposes described above.

Privacy Rights and Choices 

Opt-out of marketing communications. You can opt out of receiving Passthrough’s marketing emails at any time by selecting the unsubscribe link in any marketing email we send you, or by contacting us. If you opt out, we may still send you non-marketing emails. Non-marketing emails are service focused and so will generally include emails about your accounts and our business dealings with you.

Online Tracking and Do Not Track Signals: Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Personal Information requests. We offer you choices that affect how we handle the Personal Information that we control. Depending on your location and the nature of your interactions with our Services, you may request the following in relation to Personal Information: 

  • Information about how we have collected and used Personal Information. We have made this information available to you without having to request it by including it in this Privacy Policy.
  • Access to a copy of the Personal Information that we have collected about you. Where applicable, we will provide the information in a portable, machine-readable, readily usable format.
  • Correction of Personal Information that is inaccurate or out of date.
  • Deletion of Personal Information that we no longer need to provide the Services or for other lawful purposes.
  • Opt out of the sharing or processing of your Personal Information for targeted advertising purposes. To exercise this right, you can visit the “Privacy Choices” link in the footer of the Site.
  • Not be subject to decisions based solely on automated processing (including profiling) which have a legal effect on you or a similarly significant effect on you. This is relevant where we decide to use automated systems to process your Personal Information with no real human involvement.
  • Appeal our denial of your Personal Information request by contacting us as set out in the “How to Contact Us” section below.  
  • Additional rights, such as to object to and request that we restrict our use of Personal Information, and where applicable, you may withdraw your consent at any time.

To make a request, please email us or write to us as provided in the “Contact Information” section below or use our webform available at https://forms.gle/L1U2z78dmNzUXzp76. We may ask for specific information from you to help us confirm your identity. Depending on where you reside, you may be entitled to empower an authorized agent to submit requests on your behalf. We will require authorized agents to confirm their identity and authority, in accordance with applicable laws. You are entitled to exercise the rights described above free from discrimination.

Limits on your privacy rights and choices. In some instances, your choices may be limited, such as where fulfilling your request would impair the rights of others, our ability to provide a service you have requested, or our ability to comply with our legal obligations and enforce our legal rights. If you are not satisfied with how we address your request, you may submit a complaint by contacting us as provided in the “Contact Information” section below. Depending on where you reside, you may have the right to complain to a data protection regulator where you live or work, or where you feel a violation has occurred. In the UK, this is the Information Commissioners Office (ICO) Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Phone number: 0303 123 1113. Website: https://ico.org.uk/make-a-complaint/. If you are based in the EEA, you can find the relevant EEA data protection regulator names and contact details under https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Children

Our Services are not directed to children who are under the age of 18. Passthrough does not knowingly collect information from children under the age of 18. If you have reason to believe that a child under the age of 18 has provided information to Passthrough please contact us and we will try to delete that information from our databases.

Security

We implement commercially reasonable technical, administrative, and organizational measures to protect information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no security measures are failsafe and we cannot guarantee the security of your Personal Information.

Data Retention

We generally retain your Personal Information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy. This will generally be for the duration of time you interact with us, however, there may be situations where we retain your Personal Information for a longer or shorter period. When determining the relevant retention periods for your Personal Information, we take into account the following factors: (a) any permissions you give us with regards to your Personal Information; (b) our contractual obligations and rights in relation to the Personal Information involved; (c) our legal obligation(s) under relevant laws to retain data for a certain period of time; (d) our legitimate business and commercial interests; (e) whether retention is advisable in light of our legal position (such as with regard to applicable statute of limitations, investigations, litigation, and other potential and actual disputes); and (f) any guidelines issued by relevant data protection authorities.

International Transfers and Personal Information Processing in the U.S.

Passthrough is based in the United States (US) and we use service providers in the US, which means Personal Information you provide to us will be processed and stored in the US. Please note that the US may have data protection laws less stringent than or otherwise different from the laws in effect in your country. 

We may share your Personal Information with parties in the US or any other countries that do not have equivalent privacy laws to those that apply in your country of residence. Where required under applicable law, we provide adequate protection for the transfer of Personal Information, including by obtaining your consent, or by putting in place contractual safeguards for the transfer of Personal Information, such as the UK government approved international data transfer agreement/addendum (for UK transfers) and Standard Contractual Clauses approved by the EU Commission (for EEA transfers). Please contact us for further details on the safeguards in place and how to obtain a copy.

Job Applicants

When you visit the Careers portion of our Site, we collect the information that you provide to us in connection with your job application. This includes but is not limited to business and personal contact information, professional credentials and skills, educational and work history and other information of the type that may be included in a resume. This may also include diversity information that you voluntarily provide. We use this information on the basis of our legitimate business interests to facilitate our recruitment activities and process employment applications, such as by evaluating a job candidate for an employment activity, to monitor recruitment statistics and to respond to surveys. We may also use this information to provide improved administration of the Services and as otherwise necessary (i) to comply with relevant laws or to respond to subpoenas or warrants served on us, (ii) to protect and defend our or others’ rights or property, (iii) in connection with a legal investigation, and (iv) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy or our terms and conditions.

Contact Information

If you wish to exercise any data subject rights or have any questions about this Privacy Policy or our information practices, please feel free to contact us at info@passthrough.com or by letter delivered first class mail to the following address: Passthrough, Inc., 228 Park Ave S, PMB 42032, New York, NY 10003-1502.

UK and EEA Data Protection Representative Contact Information. Please see details of our UK and EEA representatives:

  • UK Representative.

VeraSafe United Kingdom Ltd.

37 Albert Embankment

London SE1 7TL

United Kingdom

+44 (20) 4532 2003

https://verasafe.com/public-resources/contact-data-protection-representative

  • EEA Representative. 

VeraSafe Ireland Ltd.

Unit 3D North Point House

North Point Business Park

New Mallow Road

Cork T23AT2P

Ireland

+420 228 881 031.

https://verasafe.com/public-resources/contact-data-protection-representative

Changes to this Privacy Policy

We may periodically make changes to this Privacy Policy. We will notify you of any significant changes where we have a relationship with you and otherwise post updated versions here. We recommend that you revisit this Privacy Policy regularly.


Privacy Snapshot

The chart below provides a high-level snapshot of our privacy practices. You need to read the entire Privacy Policy for complete information.

Category
Do we collect?
How We Collect
Primary Purposes of Processing
Key Recipients / Disclosures
Can You Limit Sharing?
Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name
Yes
When you visit or use our Services; from third-party sites and services; when you apply for a job with us
To provide our Services; to improve, monitor, and personalize our Services; communicate with you; for marketing and advertising; to process your job application
Service providers
No
Advertising partners (except for job applicants)
Yes
Characteristics of protected classifications under CA or federal law
Yes
When you apply for a job with us
To process your job application
Service providers
No
Commercial information, including but not limited to records of personal property, products or services purchased, obtained or considered
Yes
When you visit or use our Services
To provide our Services; to improve, monitor, and personalize our Services; communicate with you; for marketing and advertising
Service providers
No
Advertising partners
Yes
Personal information categories listed in the CA Customer Records Statute (e.g., name, contact details)
Yes
When you visit or use our Services; from third-party sites and services; when you apply for a job with us
To provide our Services; to improve, monitor, and personalize our Services; communicate with you; for marketing and advertising; to process your job application
Service providers
No
Advertising partners (except for job applicants)
Yes
Biometric information
No
N/A
N/A
N/A
N/A
Internet or other electronic network activity information, including information regarding a consumer’s interaction with a website 
Yes
When you visit or use our Services
To provide our Services; to improve, monitor, and personalize our Services; for marketing and advertising
Service providers
No
Advertising partners
Yes
Geolocation data
Yes
When you visit or use our Services
To provide our Services; to improve, monitor, and personalize our Services; for marketing and advertising
Service providers
No
Advertising partners
Yes
Audio, electronic, visual, thermal, olfactory or similar information
No
N/A
N/A
N/A
N/A
Professional or employment-related information
Yes
When you visit or use our Services; when you apply for a job with us
To provide our Services; to improve, monitor, and personalize our Services; to process your job application
Service providers
No
Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act
No
N/A
N/A
N/A
N/A
Inferences drawn from information identified to create a profile about a consumer
Yes
When you visit or use our Services
To provide our Services; to improve, monitor, and personalize our Services; for marketing and advertising
Service providers
No
Advertising partners
Yes
Sensitive personal information (as defined in CA Civil Code 1798.140 (ae))
Yes
When you apply for a job with us; when you use our Services
To process your job application; to provide our Services
Service providers
No
*As described further in our Privacy Policy, we may share all categories of personal information with our service providers, affiliates, and professional advisors for the purposes described in the Privacy Policy. We also may share personal information with authorities and others for legal and compliance purposes, and with business transferees in the context of an acquisition or the sale of our business or another corporate transaction.