1. Introduction and Scope
HOOPP Thames Limited (“HOOPP Thames”, “we” or “us”), a company registered in
the United Kingdom and a subsidiary of the Healthcare of Ontario Pension Plan (“HOOPP”), recognises the importance of privacy, and is committed to protecting and respecting your personal information
that we handle in connection with our UK-based operations. This privacy notice (“Privacy Notice”) is relevant to you if you are based in the UK and interact with HOOPP Thames either by:
- accessing our website HOOPP.com (“Our Website”);
- signing up to receive communications from us (for example, ‘The Pension Collective’, ‘The Expert Corner’, or to ‘Research & Analysis’);
- visiting us in person at one of our UK offices;
- applying for a role at HOOPP Thames via our Careers Portal (or through a recruitment agent); or
- corresponding or otherwise engaging with us.
This Privacy Notice explains the rights you have in this respect. It also sets out how we process personal information in the context of our due diligence investment activities (see ‘Due Diligence Activities’ at section 13 below).
We encourage you to read this document thoroughly to understand our practices regarding your personal information and how we will treat it. We use sub-headings to help you find specific information that you may be looking for more easily.
2. Identity of the data controller
HOOPP Thames is the “Controller” of any personal information you provide to us via the channels listed under ‘Introduction and Scope’ at section 1 above, or where HOOPP Thames obtains personal information in connection with
its investment activities (see ‘Due Diligence Activities’ at section 13 below). This means that it is responsible for deciding how it holds and uses your personal information.
If you have any questions about this Privacy Notice or our data practices, please contact us at:
HOOPP Thames Ltd.
3rd Floor, Office A, 5 Swallow Place
London, W1B 2AF, United Kingdom
3. Personal information we collect
We collect and process your personal information when you interact with us. The categories of personal information that we may collect include:
- Contact and Identification Information: We collect information such as your name, contact details (e.g., phone number(s), address, or email) professional title and employer.
- Application Information: We collect information such as current and past employers, job title, appointments, nationality, languages, qualifications, education history, and experience, Contact and Identification
Information and any other information you include in your application.
- Communications Information: Your preferences regarding communications methods and areas of interest relating to: ‘The Pension Collective’, ‘Expert Corner’, ‘Research & Analysis’ and any other marketing
or update type communications from us.
- Website Information: We collect your IP address, details of visits to Our Website, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, the
full Uniform Resource Locators (URL), clickstream to, through and from Our Website and the date and time of the clickstream, products or services you viewed or searched for, page response times, download errors, length of visits to certain
pages, page interaction information (scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our contact numbers.
- Visitor Information: We capture information regarding individuals who visit our physical HOOPP Thames offices in the form of basic contact information, and through images taken by Closed Circuit
Television (CCTV) on our premises.
You are not under a legal obligation to provide us with any of your personal information but please note that if you elect not to provide us with your personal information, we may be unable to provide certain services to you.
Our Website
uses cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse Our Website and allows us to improve it.
4. Special categories of information
There may be instances in which the personal information that you provide to us or that we collect is considered Sensitive Personal Information (for example, if you include this in any application that you make to us or to make reasonable accommodation
when you visit us). “Sensitive Personal Information” can mean personal information from which we can determine or infer your racial or ethnic origin, political opinions, religious beliefs or other beliefs of a similar nature, membership
in a trade union or professional, religious, philosophical, or political association, physical or mental health or condition, medical treatment, genetic data, biometric information, and information about an individual’s sexual orientation.
In certain circumstances we may also process criminal records information. If we rely on consent to process this information, you have the right to withdraw that consent at any time. We only process this information if and to the extent permitted
or required by applicable law (such as for equal opportunities monitoring, or compliance with employment law or regulatory obligations).
5. How we use your personal information
We may collect, use, and disclose the categories of personal information set out in section 3 to:
- respond to your request or questions when you contact us;
- provide you with the services you expect us to;
- communicate with you about HOOPP or HOOPP Thames;
- allow us to evaluate, analyse, and improve the functionality of Our Websites and services;
- assess your job application and contact you in relation to the application;
- carry out due diligence as part of our investment activities;
- communicate with you about our relationship, such as updates to this Privacy Notice or other important legal or business changes;
- support in-person visits to our office;
- administer general record keeping; and
- fulfil other purposes as disclosed to you in accordance with applicable law or with your consent.
6. What does the law say about this?
Our use of your personal information as described above is permitted by data protection law because it is:
- necessary for our legitimate interests in pursuing the purposes set out above, and such interests in each case not being overridden by your privacy interests;
- in some cases, necessary to meet our legal or regulatory responsibilities, such as disclosures to authorities, regulators, or government bodies; or
- in limited circumstances, processed with your consent which we obtain from you from time to time, such as when you opt-in to receive communications and news via email. See further information about this in “Communications” at section
10 below.
7. Third Party Websites
Our Website includes links to third party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are
not responsible for their privacy statements. When you leave Our Website, we encourage you to read the privacy notice of every website you visit.
8. Automated decision making
HOOPP Thames does not use fully automated decision-making processes in a way that produces legal effects concerning you, or similarly significantly affects you.
9. Sharing personal information
We share personal information with third parties to enable us to provide services to you. However, this will only occur in the following circumstances:
- To suppliers, contractors, and agents: from time to time we engage or employ other companies and individuals to perform functions on our behalf, these include:
- providers maintaining Our Website;
- marketing services providers who assist us with our marketing;
- analytics and search engine providers who assist us in the improvement and optimisation of Our Website;
- Information Technology service providers who support and maintain the IT software and infrastructure we use;
- Regulatory and compliance service providers who assist us in satisfying our regulatory obligations
Such recipients will only have access to your personal information as required by them to perform their functions and are not permitted to use such personal information for any other purposes. These recipients will be subject to contractual confidentiality
obligations. These recipients may be located in various jurisdictions, including the United Kingdom, Canada, and the United States.
- To HOOPP (located in Canada): who is involved in the provision of Our Website, the services that we provide or assist us in responding to your requests (e.g. when you use contact us forms).
- To government or law enforcement authorities (located in any applicable jurisdiction): if we determine in our sole discretion that we are under a legal obligation to do so.
Where we transfer your personal information to third parties that are outside of the UK we do so only where there are adequate provisions to ensure your privacy. Where the jurisdiction is not considered adequate by the UK Information Commissioner
(“
ICO”), we put in place appropriate safeguards.
10. Communications
We will not send communications to you unless you ask us to.
Where we send such communications to you via email, you may opt out of receiving any further communications by clicking the ‘unsubscribe’ or ‘opt-out’
function in the email. In addition, you can also exercise your opt-out right at any time by contacting us via the webform below and providing the following information: your name, your email address, and the communications you would like to opt
out of receiving.
11. Data security
We have implemented technical and organisational measures to keep your personal information secure. These measures include encryption, access controls, regular assessments, and staff training on data protection best practices. We limit access to your
personal information to those employees, agents, contractors and other third parties as detailed in ‘Sharing Personal Information’ at section 9 above. They will only process your personal information on our instructions and are subject
to a duty of confidentiality.
Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of personal information
sent to Our Website. Accordingly, you send us personal information at your own risk.
12. Data retention
We use and retain your personal information for as long as is necessary to fulfil the purpose for which it is being processed, and in line with our legal and regulatory obligations and risk management guidelines.
Please note that we may
anonymise your personal information or use it for statistical purposes. We keep anonymised and statistical data indefinitely, but we take care to ensure that such data can no longer identify or be connected to any individual. For further information
on our retention periods, please contact us using the details above.
13. Due diligence activities
We collect and process the personal information of individuals in connection with our investment activities. This may occur specifically in relation to due diligence activities that we carry out for the purpose of determining whether to invest in
a specific company (the “Target Company”). As part of that due diligence process, we may need to process certain personal information connected with the Target Company. On certain occasions,
during our due diligence activities, the Target Company may provide us with personal information of individuals who are not aware of our involvement or of our processing of their personal information. In such situations, we are likely to not have
direct contact with individuals whose personal information we are processing, or it may for other reasons (for instance, to maintain confidentiality) not be appropriate for us to provide them with a privacy notice setting out how we process their
personal information. In any event, we will process such personal information in line with this Privacy Notice.
14. Your rights in relation to your personal information
Data protection law grants you certain rights (‘information rights’) which we summarise below. Please note that these rights are not absolute, and they may not always apply in your circumstances. To exercise any of these rights, please
contact us using the details provided above.
| Right of access and data portability | You have the right of access to information we hold about you and/or to have it transferred to another data controller in some circumstances. |
| Right of rectification or erasure | If you feel that any data that we hold about you is inaccurate you have the right to ask us to correct or rectify it. You also have a right to ask us to erase information about you where you can demonstrate that the data we hold is
no longer needed by us, if you withdraw the consent upon which our processing is based, or if you feel that we are unlawfully processing your data. Your right of rectification and erasure extends to anyone we have disclosed your
personal information to and we will take all reasonable steps to inform those with whom we have shared your data about your request for erasure. |
| Right to restriction of processing | You have a right to request that we refrain from processing your data where you contest its accuracy, the processing is unlawful and you have opposed its erasure, where we do not need to hold your data anymore but you need us to in
order to establish, exercise or defend any legal claims, or we are in dispute about the legality of our processing your personal information. |
| Right to object | You have a right to object to our processing of your personal information. This includes the right to object to the use of your information for direct marketing and profiling purposes. |
| Right to withdraw consent | You have the right to withdraw your consent for the processing of your personal information where the processing is based on consent. |
| Right of complaint | If you are unhappy with how we have used or are handling your personal information you have the right to lodge a complaint with the ICO. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory
authority, so please contact us via the web form below should you have any concerns. |
15. Changes to this privacy notice
We will review and update this Privacy Notice from time to time and will take reasonable steps to notify you of any substantive updates to it.
This Privacy Notice was last updated on 1st May, 2024.