PRIVACY POLICY

1.- Data Controller

MERIDIA CAPITAL PARTNERS SGEIC, S.A.

2.- Purposse of processing

Provide information, services or purchase management, business management and other administrative tasks.

3.- Legal basis for processing

Consent of the data subject, compliance with legal obligations, performance of a contract or pre-contract or legitimate interest.

4.- Data retention:

As long as you do not withdraw your consent, the contractual relationship lasts or for the time required by a legal obligation.

5.- Data Recipients:

The data you provide will be incorporated into a database belonging to MERIDIA CAPITAL PARTNERS SGEIC, S.A., but they shall be available, for operational reasons, to other Meridia Companies, but will not be transferred to third parties, except those who must necessarily intervene to our internal management or the provision of our services.

6.- Rights:

Access, rectify and erasure your data, as well as other rights provided by current regulations.

7.- Supervisory Authority:

You can direct claims arising from the processing of your personal data to the Spanish Agency for Data Protection (www.aepd.es)

8.- Governing law & Jurisdiction

This privacy policy is governed in each one of its extremes by the General Data Protection Regulation of the European Union and other related Spanish regulations.

9.- DPO

Our Company has appointed a Data Protection Officer.

10.- Additional Information:

Additional information on safety and other aspects.

11.- Update:

This privacy policy may be updated at any time.

WHO IS THE DATA CONTROLLER OF YOUR DATA PROCESSING?

The Data Controller and the owner of the website www.meridiacapital.com is MERIDIA CAPITAL PARTNERS SGEIC, S.A. whose registered office at Avenida Diagonal, 640, 5th Floor 08017 -BARCELONA, with tax identification number A-64214240, registered at the Commercial Registry of Barcelona in page B-329676 and at the official registry of the Spanish Securities Market Commission (Comisión Nacional del Mercado de Valores) as of 15th January 2016 under registration number 112. (hereinafter MERIDIA CAPITAL PARTNERS SGEIC, S.A, or Data Controller)

phone  +34 93 484 15 00

datos   protecciondedatos@meridiacapital.com

WHICH IS THE PURPOSE OF YOUR PERSONAL DATA PROCESSING?

In MERIDIA CAPITAL PARTNERS SGEIC, S.A. we use your personal data collected when you contact us to request for information, to provide you information about our services or products, manage, internally and externally, the services or purchases you make to us, as well as comply with the mandatory legal provisions derived from these activities.

Likewise, the data collected during your browsing are precessed to providing access to the online contents of the web, as well as attending to the requests of the users of the web, keeping a record of Users statistics (IP addresses, data of the browser, country, accessed page, etc.) for statistical purposes or apply measures aimed at improving web security.

DATA RETENTION. How long shall we keep your personal data?

The personal data you provide us shall be kept for the time necessary to manage the information you request, or as long as there are contractual obligations deriving from services or content requested by Users and subsequently until the expiration of legal, contractual or professional responsibilities that require its retention.

Once the data has met the needs for which it was collected, we will delete it permanently. However, we will keep your data longer if necessary, to comply with legal obligations. Likewise, it may be necessary to keep them for the time necessary until the prescription of the legal responsibilities that are generated.

DATA RECIPIENTS

Your Personal Data will be processed by duly authorized personnel, and, if necessary or practical to fulfill the purposes indicated above, they may be precessed, in certain cases, by third parties.

The categories of recipients to whom your Personal Data may be communicated are the following:
a. Data processors, such as IT providers, consultants and other companies.
b. Public entities and Authorities, exclusively for the purpose of complying with legal and regulatory obligations, as well as the requirements of the police authorities if is requested.
c. Other suppliers to whom, where appropriate, your personal data may be transferred, when is necessary for our normal operation, as financial institutions and insurers, among others.
d. Investee Companies managed or advised by Meridia Capital or with its same control partner, for operational reasons.

All of them are subject to the duty of professional secrecy.

RIGHTS what are your rights when you provide us with your data?

If you wish to exercise the rights that the data protection regulations grant you, please send us an e-mail to the following address protecciondedatos@meridiacapital.com putting in the subject the right you want to exercise and attaching a copy of your national identity document or passport or by sending the same content by postal mail to MERIDIA CAPITAL PARTNERS SGEIC, S.A, Avenida Diagonal, 640, 5th Floor 08017 – BARCELONA.

The Rights that the current regulations recognize and that, where appropriate, may be exercised are:

Right of access to data:

You have the right to be informed by the Data Controller if your personal data is being processed or not, and if the process is confirmed, you shall be able to access it by providing the following information:
-The purposes of processing.
-The categories of data.
-The term or criteria for data retention.

Right to rectification:

You will have the right to order the Data Controller to rectify your data when they are inaccurate or incomplete by means of an additional rectifying statement.

Right of Erasure:

The data subject shall have the right to Data Controller erasing their data, when:
-The processing is illegal.
-The data subject has withdrawn their consent.
-They are no longer necessary in relation to the purposes for which they were collected or processed.
-The data subject has exercised the right of opposition and other legitimate reasons for the precessing do not prevail.
-The data must be erased to fulfill a legal obligation of the Data Controller.

The data subject shall not have the right for the Data Controller to erase their data when the processing is necessary:

-To exercise the right to freedom of expression and information.
-To fulfill a legal obligation of the Data Controller.
-For the preparation, exercise or defense of claims.
-For public interest based on current legislation for public health reasons or for historical, statistical or scientific research purposes.

Right to data portability:

You have the right for the Data Controller to transmit your data to another Data Controller or to the same data subject, through a structured format of habitual use and mechanical reading, when the precessing is carried out by automated means and is based on:
-The consent of the data subject for specific purposes.
-The execution of a contract or pre-contract with the data subject.

The right to data portability will not apply when:
-The transmission is technically impossible.
-It can negatively affect the rights and freedoms of third parties.
-The processing has a public interest mission based on current legislation.

Right to restriction of processing:

1.The data subject shall have the right to obtain from the Data Controller restriction of processing where one of the following applies:
– the accuracy of the personal data is contested by the data subject, for a period enabling the Data controller to verify the accuracy of the personal data;
– the processing is unlawful, and the data subject opposes the erase of the personal data and requests the restriction of their use instead;
– the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
– the data subject has objected to processing, pending the verification whether the legitimate grounds of the controller override those of the data subject.

2. Where processing has been restricted under paragraph 1, such personal data shall, with the exception of storage, only be processed with the data subject’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

3. A data subject who has obtained restriction of processing pursuant to paragraph 1 shall be informed by the controller before the restriction of processing is lifted.

Right of opposition:

The data subject shall have the right to object to processing of personal data, on grounds relating to his or her situation, at any time. The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where the data subject objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

Right not to be subject to profiling:

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her, mainly when is referred to the following personal aspects:

-Professional performance.
-Economic situation.
-Health.
-Preferences or personal interests.
-Reliability.
-Behavior.
-Location or movements of the person.

When profiling is based solely on automated processing:

-The data subject will have the right to be informed if the decision that can be taken could have legal effects that significantly affect him.
-The data subject will have the right to obtain human intervention from the Data Controller to express their point of view and to challenge the decision, if the processing has been authorized by:
-The explicit consent of the data subject.
-A contract between the Responsible and the data subject. This right shall not apply if the decision:
-is necessary for entering, or for the performance of, a contract between the data subject and the Data Controller;
-is authorized by European Union or Member State law to which the Data Controller is subject, and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests; or
– is based on the data subject’s explicit consent.

SUPERVISORY AUTHORITY:

 

If you consider that MERIDIA CAPITAL PARTNERS SGEIC,  S.A. has violated any of your rights protected by the personal data protection regulations or that it has violated any obligation regarding the protection of Personal Data, you have the right to submit a claim to the competent Supervisory Authority which in Spain is the Spanish Agency for Data Protection located at Calle Jorge Juan, 6. 28001 – Madrid. Tel. 901 100 099 – 912 663 517

You can also submit an electronic claim through the electronic address that is available on their website https://www.aepd.es/

GOVERNING LAW AND JURISDICTION

This privacy policy is governed in each and every one of its aspects by Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons in regard to the processing of personal data and the free circulation of this data.

It is also governed by Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights. Likewise, our website is governed by Law 34/2002, of July 11, on Information Society and Electronic Commerce Services.

Any dispute arising from matters relating to our Website shall be exclusively subject to the jurisdiction of the courts of the city of Barcelona.

DATA PROTECTION OFFICER

MERIDIA CAPITAL PARTNERS SGEIC, S.A has a Data Protection Officer that will perform the following functions:

  • Inform and advise MERIDIA CAPITAL PARTNERS SGEIC, S.A on the obligations that it must carry out to comply with the data protection regulations.
  • Supervise that the suppliers of MERIDIA CAPITAL PARTNERS SGEIC, S.A. comply with what is required in the contracts of the person in charge of processing and ultimately with the regulations for the protection of personal data.
  • Supervise the application at MERIDIA CAPITAL PARTNERS SGEIC, S.A of the data protection regulations.
  • Ensure the correct preservation of documentation related to the protection of personal data.
  • Supervise documentation, notification and communication of personal data violations or security breaches.
  • Act as a point of contact with the control authority of each country in which MERIDIA CAPITAL PARTNERS SGEIC, S.A has a presence on issues related to data processing.
  • Supervise the response to the requests of the supervisory authority, as well as cooperate with it when required.
  • Offer information or advice to interested parties, regarding data protection.

You can contact our Data protection officer: protecciondedatos@meridiacapital.com

SECURITY MEASURES:

The data you provide will be treated confidentially. MERIDIA CAPITAL PARTNERS SGEIC, S.A. has adopted all the technical and organizational measures and all the necessary levels of protection to guarantee the security in the treatment of the data and avoid its alteration, loss, theft, treatment or unauthorized access, according to the state of technology and nature of the stored data. Likewise, it is also guaranteed that the processing and registration in files, programs, systems or equipment, premises and centers comply with the requirements and conditions of integrity and security established in current regulations.

LANGUAGE

The language applicable to this Privacy Policy is English. Therefore, in case there is any contradiction in any of the versions we could provide in other languages, the English version will prevail.

UPDATE

This Privacy Policy was last updated in October 2020 but may be updated at any time. We recommend that you check it every time you access our page in case you have suffered alterations.

1. Introduction

1.1 Meridia Capital Partners SGEIC, S.A. (hereinafter “Meridia”) is a Spanish public limited company (sociedad anónima), with registered office in Barcelona (Spain), at Avenida Diagonal, 640, 5th Floor (08017), registered at the Commercial Registry of Barcelona in page B-329676 and at the official registry of the Spanish Securities Market Commission (Comisión Nacional del Mercado de Valores) as of 15th January 2016 under registration number 112, and with tax identification number A-64214240. You may contact Meridia at any time sending an e-mail to info@meridiacapital.com.

1.2 Through our website www.meridiacapital.com (hereinafter the “Site”) we make accessible to the public news, information and events organized by Meridia, as well as certain corporate information for our partners and investors.

1.3 The Privacy Policy set out below applies to all the services on this Site, to any pages and services with which this Site may be extended in the future, to the processing of personal data in the course of the execution of a contractual relationship and to the direct marketing that Meridia can address to you (provided you have requested them).

1.4 By your acceptance to the Privacy Policy, you expressly accept all of the conditions included in this Privacy Policy.

1.5 Visiting our Site does not imply any obligation to provide any type of information. Protecting your privacy is of utmost importance to us. Should you provide any personal information via the Site, the data collected via the Site will be used in the manner, for the purpose and subject to the restrictions and rights set forth in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter, GDPR.

1.6 The contents of our Privacy Policy will help you to become familiar with the type of data we collect, what we do with such data, your rights and our obligations in relation to the Site users, Meridia’s clients, investors and potential investors and to keeping that data out of reach of unauthorized third parties.

2. Personal Data

The personal data that you provide (“Personal Data“) will be processed and, where appropriate, stored in automatized files of which Meridia is the controller.

3. The controller

The controller: Meridia Capital Partners SGEIC, S.A

Address: Avenida Diagonal, 640, 5th Floor, 08017, Barcelona (Spain)

Telephone: +34 93 484 15 00

Email address: protecciondedatos@meridiacapital.com

4. Purpose of processing and storing Personal Data

4.1 Meridia uses a data processing and storage system in order to be able to resolve any incidents that may arise in relation to your opinions and questions. This filing system complies with the provisions set forth in the GDPR in order to safeguard the security of the data you provide.

4.2 The Personal Data collected through the following data collection forms will be included in our personal data filing system:

  • Contact form: used in order to receive specific information or replies to questions made to Meridia. The storage of your Personal Data fulfills the main purpose of recording your query and being able to offer you a suitable response and also improve the services we offer. Your data will be deleted after six months from its collection.
  • Careers Form: which you may use in order to provide us your resume in order to apply for a job in Meridia. The storage of your Personal Data fulfills the main purpose of collecting your appliance and your resume. In any event, your Personal Data will be deleted after two years from its collection without prejudice of storing these Personal Data in case the applicant has become an employee.
  • Registered Area: the Site will include a restricted section which will be only accessible by registered users. In the event you provide your Personal Data in order to create a new user account, your Personal Data will be stored in order to grant you access to and manage said registered area.

4.3 When providing your data through any of the aforementioned forms and accepting the Privacy Policy, you are giving your consent to the storage of your Personal Data in our filing systems. All the data marked with an asterisk on the form must be completed for your query to be admitted. We do not request any information that is deemed specially protected data under the legislation in force, or any type of economic data. You guarantee that the Personal Data provided to Meridia is accurate, truthful and up-to-date.

4.4 Meridia may process and store investor’s Personal Data files in order to manage the contractual relationship that shall be kept during the contractual relationship and prescription of the legal claims.

4.5 Meridia may process and store investor’s Personal Data files in order to send marketing communications (provided they have been requested) until the investor communicates its willingness not to receive any further marketing communications.

4.6 You give your free, specific and unambiguous consent to the processing of your Personal Data for each and every purpose that is applicable to you.

5. Legal basis for processing your Personal Data

The basis for the processing of your Personal Data is: (i) the consent you give to the same; (ii) the performance of a contract (if applicable); (iii) the fulfilment of Meridia’s legal obligations and (iv) the pursuit of Meridia’s legitimate interests.

6. Supplementary information

One way of collecting supplementary information on your visits to our Site, such as the most visited pages or the services that receive the most attention, is by registering your device’s IP address or protocol. This IP protocol is a number that it is automatically assigned to your device each time you browse. Any web page you access immediately detects the presence of your device via your IP address. When you access any of our pages, your IP address is stored automatically. The sole purpose of collecting this information is to prepare statistics on the visits to our Site which enables us to track how our service is working and improve it daily.

7. Recipients

7.1 The personal data shall be communicated to other companies of the Group or vehicles managed by Meridia, or their SPVs, for internal administrative purposes, including personal data treatment of clients, potential clients, service providers and employees.

Personal data shall also be communicated to MailChimp for data treatment and marketing and in the frame of the agreement EU-US Privacy Shield.

Meridia also communicates personal data to Data-Comp, as company in charge of administration, accounting, human resources, taxes and Data treatment.

8. User Rights

8.1 You may access your Personal Data stored on our filing systems at any time, and may exercise your right to rectification, erasure, object, data portability, restriction of processing and not to be subject to automated individual decision-making at any time. You may also withdraw your consent to the processing of your Personal Data (“ARCOLP Rights”). You may exercise your ARCOLP Rights by sending an e-mail to protecciondedatos@meridiacapital.com or a letter to: Avenida Diagonal, 640, 5ª planta (08017), Barcelona (Spain).

8.2 In all cases you must evidence your identity with a photocopy of your valid ID document or passport in order to exercise your ARCOLP Rights.

8.3 You have the right to lodge a complaint with the Spanish Data Protection Authority or with the competent control authority (as the case may be).

9. End of the processing and period for which the Personal Data will be stored

9.1 The period for which the Personal Data will be stored is indicated in section 4 Purpose of processing and storing data and depends on the type of Personal Data that are processed.

10. Use of cookies

10.1 Meridia may use cookies when providing the Site service. Cookies are automatic data collection processes regarding your determined preferences when you visit a particular web site. This information is recorded on small files that are stored on your device and are imperceptible. Each time you go back to the web site these files are automatically activated and the site tailors the information to the preferences indicated on previous visits. In short, cookies are physical personal information files stored on your device and unequivocally associated to that device. Cookies cannot read the cookie files created by other providers.

10.2 For more information on this matter, please review our Cookies Policy.

11. Limitation on liability

Meridia will not be liable for the damage caused as a result of any technical failure in the services provided or products acquired caused by the actual nature of Internet systems or your device, including, inter alia, loss, misuse, alteration, unauthorized access, theft, fire, flooding or any other force majeure event that may affect the data.

12. Changes to the privacy policy

12.1 You will be notified of any changes to the Privacy Policy via the “Privacy Policy” section of the homepage of the Site, and they will be applicable from the effective publication in same.

12.2 Meridia reserves the right to amend, update or adapt this Privacy Policy to any changes in the legislation or in the interpretation by the Spanish Data Protection Agency.

13. Applicable legislation and jurisdiction

All aspects of this Privacy Policy are governed by European and Spanish law.

back to top

We use our own and and third-party cookies, for the analysis of user navigation. If you continue browsing, we consider that you accept its use. You can change the settings or get more information here. If you want to hide this message click here.