Privacy Policy

1. Introduction

Ardvest (“we,” “us,” or “our”) is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website at https://www.ardvest.com/ (the “Website”) and related services (collectively, the “Services”).

This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws. By using our Services, you consent to the practices described in this Privacy Policy.

2. Data Controller

Ardvest is the data controller responsible for your personal data. Our contact details are:

Company: Ardvest Pertners Limited

Location: Ireland

Email: info@ardvest.com

Website: https://www.ardvest.com/

3. Personal Data We Collect

We collect and process the following categories of personal data:

3.1 Identity and Contact Information

Full name
Email address
Postal address
Phone number
Date of birth

3.2 Investor-Related Information

Investment preferences and interests
Investment experience and knowledge
Financial profile and accreditation status
Source of funds information
Risk tolerance assessment

3.3 Identity Verification / Due Diligence Data (KYC)

To comply with legal and regulatory requirements, we may collect:

Government-issued identification (passport, driver’s license, national ID)
Proof of address documents
Tax identification numbers
Beneficial ownership information
Politically Exposed Person (PEP) status
Sanctions screening results

3.4 Technical and Usage Data

IP address
Browser type and version
Device information
Operating system
Cookies and similar technologies (see our Cookie Policy)
Pages visited and time spent on our Website
Referral sources

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

4.1 Contract (Article 6(1)(b) GDPR)

Processing necessary for the performance of a contract with you or to take steps at your request before entering into a contract, including:

Providing access to our Services
Processing your expressions of interest in investment opportunities
Managing your account

4.2 Legal Obligation (Article 6(1)(c) GDPR)

Processing necessary to comply with legal obligations, including:

Anti-money laundering (AML) and counter-terrorist financing (CTF) compliance
Tax reporting requirements
Regulatory reporting obligations
Record-keeping requirements

4.3 Legitimate Interests (Article 6(1)(f) GDPR)

Processing necessary for our legitimate interests, provided your interests and fundamental rights do not override those interests:

Improving our Services and user experience
Fraud prevention and security
Marketing communications (where consent is not required)
Analytics and performance monitoring

4.4 Consent (Article 6(1)(a) GDPR)

Processing based on your explicit consent, including:

Sending marketing communications
Using certain cookies and tracking technologies
Sharing data with specific third parties

You have the right to withdraw your consent at any time by contacting us at info@ardvest.com.

5. How We Use Your Personal Data

We use your personal data for the following purposes:

To provide and maintain our Services
To verify your identity and conduct due diligence (KYC/AML checks)
To process your expressions of interest in investment opportunities
To communicate with you about our Services and investment opportunities
To comply with legal and regulatory obligations
To detect, prevent, and address fraud and security issues
To improve and personalize our Services
To send you marketing communications (with your consent)
To analyze usage patterns and trends

6. Data Retention Periods

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Our retention periods are:

Identity and contact information: For the duration of your relationship with us, plus 7 years after account closure (to comply with AML regulations)
KYC/AML documentation: Minimum 5 years after the end of the business relationship (as required by Irish AML legislation)
Transaction records: 7 years (to comply with tax and accounting obligations)
Marketing consent records: Until consent is withdrawn, or 2 years after last interaction
Technical/usage data: 2 years (or anonymized earlier)

After the applicable retention period expires, your personal data will be securely deleted or anonymized.

7. Data Sharing and Recipients

We may share your personal data with the following categories of recipients:

7.1 Service Providers

We engage trusted third-party service providers to perform functions and provide services on our behalf, including:

Cloud hosting and data storage providers
Identity verification and KYC service providers
Customer relationship management (CRM) platforms
Email and communication service providers
Analytics providers (e.g., Google Analytics)
IT and security service providers

7.2 Investment Partners

With your consent, we may share your information with:

Investment sponsors or fund managers
Real estate developers or operators
Professional advisors (legal, tax, accounting)

7.3 Legal and Regulatory Authorities

We may disclose your personal data to:

Regulatory authorities (Central Bank of Ireland, Revenue Commissioners)
Law enforcement agencies
Courts and tribunals
Other parties as required by applicable law

7.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections.

8. International Data Transfers

Your personal data is primarily processed and stored within the European Economic Area (EEA). However, some of our service providers may be located outside the EEA.

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions recognizing the recipient country as providing adequate protection
Binding Corporate Rules (BCRs) for intra-group transfers

You may request a copy of the appropriate safeguards by contacting us at info@ardvest.com.

9. Your Rights Under GDPR

As a data subject, you have the following rights:

Right to Access: You have the right to request copies of your personal data
Right to Rectification: You have the right to request correction of inaccurate or incomplete data
Right to Erasure (“Right to be Forgotten”): You have the right to request deletion of your personal data in certain circumstances
Right to Restrict Processing: You have the right to request restriction of processing in certain circumstances
Right to Data Portability: You have the right to receive your data in a structured, commonly used format
Right to Object: You have the right to object to processing based on legitimate interests or direct marketing
Right to Withdraw Consent: You may withdraw consent at any time
Right to Lodge a Complaint: You have the right to complain to a supervisory authority (Data Protection Commission, Ireland)

To exercise any of these rights, please contact us at info@ardvest.com. We will respond within one month of receiving your request.

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

Encryption of data in transit (TLS/SSL) and at rest
Access controls and authentication mechanisms
Regular security assessments and penetration testing
Employee training on data protection
Incident response procedures

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or electronic storage is 100% secure.

11. Data Protection Officer

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions or concerns, please contact our DPO at:

Email: info@ardvest.com

Postal Address: Ardvest Partners Ltd., 16 Mount Street Lower, Dublin 2, D02KX05, Ireland

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page with an updated “Effective Date.” We encourage you to review this Privacy Policy periodically.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: info@ardvest.com

Website: https://www.ardvest.com/

You also have the right to lodge a complaint with the Irish Data Protection Commission:

Website: www.dataprotection.ie

Privacy Policy

1. Introduction

2. Data Controller

3. Personal Data We Collect

3.1 Identity and Contact Information

3.2 Investor-Related Information

3.3 Identity Verification / Due Diligence Data (KYC)

3.4 Technical and Usage Data

4. Legal Basis for Processing

4.1 Contract (Article 6(1)(b) GDPR)

4.2 Legal Obligation (Article 6(1)(c) GDPR)

4.3 Legitimate Interests (Article 6(1)(f) GDPR)

4.4 Consent (Article 6(1)(a) GDPR)

5. How We Use Your Personal Data

6. Data Retention Periods

7. Data Sharing and Recipients

7.1 Service Providers

7.2 Investment Partners

7.3 Legal and Regulatory Authorities

7.4 Business Transfers

8. International Data Transfers

9. Your Rights Under GDPR

10. Security Measures

11. Data Protection Officer

12. Changes to This Privacy Policy

13. Contact Us

Quick Links

What We Do

Our Portfolio

Get in Touch

Email Us: