Privacy Policy
Last updated: [01/07/2026]
This Privacy Policy governs the processing of personal data collected through the website [www.jcmarlincap.com] and any forms, communications, documents, restricted areas, contact processes, recruitment processes, requests for information, data rooms, KYC/AML processes or other digital channels associated with such website.
This Privacy Policy is provided in accordance with Regulation (EU) 2016/679, the General Data Protection Regulation; Organic Law 3/2018 on the Protection of Personal Data and the Guarantee of Digital Rights; and any other applicable legislation.
Data Controller
The data controller responsible for the processing of your personal data is:
Corporate name: [EXACT CORPORATE NAME], SGEIC, S.L. Tax Identification Number (NIF): [●] Registered office: [●] Privacy contact email address: [●] General email address: [●] Registration details: registered with the Commercial Registry of [●], in volume [●], folio [●], sheet [●], entry [●].
Hereinafter, the “Company”, the “Entity” or the “Controller”.
Data Protection Officer
The Company is not currently required to appoint a Data Protection Officer. However, you may address any query relating to personal data protection to:
Email address: cfcorp@jcmarlin.com
Personal data processed
The Company may process the following categories of personal data, depending on the relationship maintained with the user:
a) Identification data: name, surname(s), DNI/NIE/passport, signature, image, voice, position, professional role.
b) Contact details: postal address, email address, telephone number, company or organisation.
c) Professional data: position, entity, sector, professional experience, status as a professional, semi-professional, institutional or retail investor, or representative of an entity.
d) Financial or asset-related data: information necessary to analyse a potential investment, contractual or pre-contractual relationship with the Company or with managed vehicles.
e) KYC/AML data: information necessary to comply with obligations relating to the prevention of money laundering and terrorist financing, including beneficial ownership, source of funds, corporate structure, powers of representation, sanctions, PEPs and supporting documentation.
f) Browsing data: IP address, online identifiers, device data, browser, operating system, language, date and time of access, pages visited and other data derived from the use of cookies or similar technologies.
g) Data included in communications: information provided through forms, email, requests for information, meetings, videoconferences, events, webinars or other channels.
h) Candidate data: CV, cover letter, professional experience, education and training, references, employment information, availability, professional expectations and any other information voluntarily included by the candidate.
The Company does not request special categories of personal data. The user must refrain from including health data, ideology, trade union membership, religion, sexual orientation, criminal records or other specially protected data unless expressly requested and where an appropriate legal basis exists.
Purposes and legal bases
The Company shall process your personal data for the following purposes:
Purpose: To respond to enquiries received through forms, email or other channels.
Data processed: Identification data, contact details and content of the enquiry.
Legal basis: Legitimate interest and/or implementation of pre-contractual measures.Purpose: To manage professional, commercial or institutional relationships.
Data processed: Identification data, contact details, position and entity.
Legal basis: Legitimate interest.Purpose: To provide corporate information about the Company.
Data processed: Identification data and contact details.
Legal basis: Legitimate interest or consent.Purpose: To send newsletters, event invitations, publications or commercial communications.
Data processed: Identification data and contact details.
Legal basis: Consent or legitimate interest, as applicable.Purpose: To manage requests for information regarding track record, strategies or vehicles.
Data processed: Identification data, contact details, professional profile, country and represented entity.
Legal basis: Pre-contractual measures, legitimate interest and compliance with legal obligations.Purpose: To verify investor classification and eligibility.
Data processed: Identification, professional and financial data, and investor profile.
Legal basis: Compliance with legal obligations and pre-contractual measures.Purpose: To manage access to restricted documentation, data rooms, presentations, reports or investment materials.
Data processed: Identification data, contact details, entity, investor profile and access logs.
Legal basis: Pre-contractual measures, legitimate interest and compliance with legal obligations.Purpose: To comply with KYC/AML obligations.
Data processed: Identification, financial and corporate data, beneficial ownership, source of funds, PEPs and sanctions.
Legal basis: Compliance with legal obligations.Purpose: To manage investment, subscription, document signing or onboarding processes.
Data processed: Identification data, contact details, financial, asset-related, professional and KYC data.
Legal basis: Legal compliance, performance of a contract and pre-contractual measures.Purpose: To manage applications and recruitment processes.
Data processed: Identification data, contact details, CV, experience and education/training.
Legal basis: Pre-contractual measures at the candidate’s request.Purpose: To retain CVs for future vacancies.
Data processed: Candidate data.
Legal basis: Consent.Purpose: To manage website security and prevent abusive use.
Data processed: IP address, logs, technical and browsing data.
Legal basis: Legitimate interest.Purpose: To analyse website use through analytical cookies.
Data processed: Browsing data and online identifiers.
Legal basis: Consent.Purpose: To comply with legal, regulatory, accounting, tax, corporate and supervisory obligations.
Data processed: Data necessary in each case.
Legal basis: Compliance with legal obligations.Purpose: To address rights, claims, and administrative, judicial or regulatory requests.
Data processed: Identification data, contact details and related documentation.
Legal basis: Compliance with legal obligations and legitimate interest.Information on products, managed vehicles and investors
The information contained on the Website is purely corporate and informational in nature and does not constitute financial advice, a personalised recommendation, an offer to subscribe, an invitation to invest, active marketing or investor solicitation, unless expressly stated otherwise and provided that the applicable legal requirements are met.
If the user requests access to information relating to investment vehicles managed, advised or promoted by the Company, the Company may process additional data in order to verify:
a) identity; b) represented entity; c) jurisdiction or country of residence; d) status as a professional, semi-professional, institutional, retail or other applicable category of investor; e) eligibility to receive certain information; f) compliance with legal marketing restrictions.
Access to certain documentation may be conditional upon prior acceptance of disclaimers, investor representations, confidentiality agreements, KYC/AML procedures or other legal or contractual requirements.
Contact forms and file uploads
The Website forms may allow the user to submit enquiries, request information, send documentation or contact the Company.
The user must refrain from sending confidential information, specially protected data, KYC documentation, third-party information or investment documentation unless expressly requested by the Company and a secure channel is provided.
Where the form allows files to be uploaded, the user shall be responsible for ensuring that the documents sent do not infringe third-party rights and do not include unnecessary personal data.
Recruitment processes and applications
Where the user submits their CV, cover letter or other professional documentation, the Company shall process their data in order to manage their application in current recruitment processes.
If the candidate gives their consent, the Company may retain their CV for future recruitment processes for a maximum period of 24 months.
The candidate may withdraw their consent at any time by writing to cfcorp@jcmarlin.com.
Commercial communications
The Company may send corporate communications, publications, event invitations, newsletters or information about its activity where an appropriate legal basis exists.
Where the user’s consent is required, it shall be requested expressly, separately, freely and unequivocally, by means of an unticked box or equivalent mechanism.
The user may object to or withdraw their consent at any time by writing to cfcorp@jcmarlin.com or by using the unsubscribe mechanism included in each electronic communication.
Prevention of money laundering
Where applicable, the Company may process personal data in order to comply with obligations relating to the prevention of money laundering and terrorist financing, international sanctions, identification of beneficial owners, analysis of the source of funds, PEPs and other applicable legal or regulatory obligations.
Such processing may include consulting external databases, sanctions lists, PEP lists, commercial registries, public information, specialised verification providers, digital identification providers or electronic signature providers.
Refusal to provide the required information may prevent the commencement or continuation of the relevant legal, contractual or investment relationship.
Recipients
Your personal data may be disclosed to:a) group companies or related entities, where necessary; b) vehicles managed, advised or administered by the Company, where applicable; c) depositary entities, administrators, auditors, legal, tax, financial, accounting or technical advisers; d) technology providers, hosting providers, CRM providers, email providers, data room providers, videoconferencing providers, electronic signature providers, digital identification providers, cybersecurity providers, cloud storage providers or web form providers; e) financial institutions, payment platforms or intermediaries, where necessary; f) judicial, administrative, tax, supervisory or regulatory authorities, including the CNMV, SEPBLAC, the AEPD or other competent bodies; g) third parties to whom the Company is legally required to disclose data.
The Company shall require its providers to process the data in accordance with its instructions and with the required contractual and technical safeguards.
Processors and technology providers
The Company may use technology providers to host the Website, manage forms, store documentation, process applications, manage communications, administer data rooms, conduct videoconferences, provide cloud services, maintain security or analyse Website use.
In particular, providers such as the following may be involved:
a) Squarespace or other hosting and web providers; b) Microsoft 365, SharePoint, OneDrive or other cloud solutions; c) CRM providers; d) web analytics providers; e) email marketing providers; f) electronic signature providers; g) digital identification or KYC providers; h) cybersecurity providers; i) data room providers.
International transfers
The Company may use technology providers located outside the European Economic Area or providing services from third countries.
Where this occurs, the Company shall adopt the appropriate safeguards required by data protection legislation, including adequacy decisions, standard contractual clauses approved by the European Commission, binding corporate rules, supplementary measures or other valid mechanisms.
The user may request additional information on the safeguards applied by writing to cfcorp@jcmarlin.com.
Retention periods
The Company shall retain personal data for the time necessary to fulfil the purpose for which they were collected and, thereafter, for the applicable legal retention periods or limitation periods for potential liabilities.
By way of guidance:
a) general enquiries: for the time necessary to respond to them and, thereafter, for the limitation period for potential liabilities; b) commercial communications: until the user withdraws their consent or objects to the processing; c) contractual or pre-contractual relationships: for the duration of the relationship and the subsequent legal periods; d) KYC/AML data: for the periods required by anti-money laundering legislation; e) applications: during the recruitment process and, where consent exists, for 24 months for future vacancies; f) cookie data: for the periods indicated in the Cookie Policy; g) regulatory, tax, accounting or corporate obligations: for the legally applicable periods.
Rights of data subjects
The user may exercise the following rights:
a) access; b) rectification; c) erasure; d) objection; e) restriction of processing; f) portability; g) withdrawal of consent; h) the right not to be subject to decisions based solely on automated processing, including profiling, where such decisions produce legal effects concerning them or similarly significantly affect them.
To exercise these rights, the user may send a communication to:
Email address: cfcorp@jcmarlin.com
Postal address: Calle Gran Vía, 40, 2nd floor, suite 410, 28004 Madrid, SpainThe request must clearly identify the data subject and the right they wish to exercise. The Company may request additional information to verify the applicant’s identity.
The user has the right to lodge a complaint with the Spanish Data Protection Agency.
Automated decision-making and profiling
The Company does not make decisions based solely on automated processing that produce legal effects concerning the user or similarly significantly affect them.
If, in the future, classification, scoring, segmentation, investor profile analysis, KYC verification, fraud prevention, digital onboarding, artificial intelligence or automation tools are used, the Company shall specifically inform the user of the logic involved, as well as the significance and envisaged consequences, where legally required.
Security
The Company shall implement appropriate technical and organisational measures to protect personal data against destruction, loss, alteration, unauthorised access, improper disclosure or unauthorised processing.
These measures may include access controls, encryption, multi-factor authentication, activity logging, backups, permission management, internal policies, confidentiality agreements, provider reviews and incident response procedures.
Minors
The Website is not directed at minors. The Company does not knowingly collect personal data from minors.
If a minor has provided personal data through the Website, their parents, guardians or legal representatives may request its erasure by writing to cfcorp@jcmarlin.com.
Updating of the Privacy Policy
The Company may amend this Privacy Policy in order to adapt it to legal, regulatory, technical, operational or processing changes.
The version in force shall be the one published on the Website at any given time.