Pale Blue Dot Advisors AB, Reg. No. 559246-5461 and Pale blue dot Manager, Reg. No. 559387-8415, Monbijougatan 17b, 211 53 Malmö, Sweden (jointly “Pale blue dot” or “we”) is a seed-stage venture capital firm, which (through its affiliated venture capital funds) invests in climate tech startups in Europe and the U.S. that reduce and reverse the climate crisis.
Pale blue dot is the data controller regarding the processing of personal data that is conducted within our business including this website, which is described in more detail in this policy. Should you have any questions regarding our processing of your personal data, please contact us at privacy@paleblue.vc or via the contact details in section 7.
What kind of processing (which is a generic term in the EU Data Protection Regulation (”GDPR”) for operations which is performed on your personal data) that we carry out regarding your personal data depends on the context in which you come into contact with us and in which capacity you act. To make it easier for you, we have divided this policy into different category sections based on which services you use with us, for example if you act as contact person for a current or potential business partner to us, sign up for our newsletter, sign up for or attend an event organised by us, participate in our statistical or marketing surveys, or apply for a job with us, where under each category you can read about what kinds of processing are carried out.
After the category sections, follows multiple sections that are common to all types of services. These sections contain information about e.g., who we share your personal data with, where we process your personal data, what rights you have vis-à-vis us and how you get in touch with us. Below, you can click yourself to each section.
Which personal data are used for what, on which legal basis and for how long?
With whom do we share your personal data?
Where do we process your personal data?
What rights you have vis-à-vis us
Cookies and other tracking technologies
Changes to, and updates of, the Privacy Policy
How you get in touch with us
It is important to us that you feel safe with what types of personal data we collect and, even more importantly, how we process them. Thus, this policy covers the necessary information about this, which is why we think it is important that you read and understand the information.
Please note that our website contains links to websites managed by someone other than us. These websites have (or should have) their own regulations about how that company processes personal data. We have no control over, nor can we take any responsibility for, what happens there. Thus, if you use these websites, you should take a closer look at that website's privacy policy.
For what purposes we process your personal data, i.e., what we do and why?
We collect your personal data to perform preparing measures with you or the company that you are representing for the purpose of entering into a business relationship with you or the company you are representing.
What personal data we may process and where they come from?
From you:
your name;
your e-mail;
your phone number;
your address;
your employer; and
information related to legal requirements and taxation collected for customer due diligence and anti-money laundering requirements.
From other sources:
your name;
your phone number;
your e-mail;
your address;
your employer; and
your personal ID number and tax identification number
What is the legal basis for our processing?
Our legitimate interest to be able to perform preparing measures on your request before we enter into a business relationship with you or the company you are representing.
For how long do we process your personal data for the specific purpose?
This processing takes place during the period when we negotiate to enter into an agreement. If an agreement is entered into, the processing will continue as described in Section 1.2. If no agreement is entered into, our processing will cease within two (2) years after our last contact with you.
For what purposes we process your personal data, i.e., what we do and why?
We collect your personal data, to administer our business relationship with you or the company you are representing (including to ensure fulfilment of our commitments, to administer invoices, to make payments etc.)
What personal data we may process and where they come from?
From you:
your name;
your e-mail;
your phone number;
your employer; and
information related to legal requirements and taxationcollected for customer due diligence and anti-money laundering requirements.
From other sources:
your name;
your phone number;
your e-mail;
your address;
your employer; and
your personal ID number and tax identification number
What is the legal basis for our processing?
To be able to perform under the contract with you or the company you are representing.
For how long do we process your personal data for the specific purpose?
This processing takes place for as long you or the company you are representing continues to be a business partner of us or until we are informed that you are no longer representing such business partner. Invoice documentation is stored in accordance with applicable legislation.
For what purposes we process your personal data, i.e. what we do and why?
We collect your personal data and use them to contact you by e-mail or phone.If we use a service provider to distribute this, your personal data may be shared with them for this purpose. More information about our sharing can be found in section 2.1.3.
What personal data we may process and where they come from?
From you:
your name;
your e-mail;
your phone number;
your address; and
your employer.
What is the legal basis for our processing?
Your consent. You can withdraw this at any time. More information about your right to withdraw your consent can be found in section 4.8.
For how long do we process your personal data for the specific purpose?
This processing takes place for as long as we have your consent (i.e. until you withdraw your consent, more information about the right to withdraw your consent can be found in section 4.8).
For what purposes we process your personal data, i.e. what we do and why?
We collect your personal data and use them to carry out a recruitment process.
What personal data we may process and where they come from?
From you:
your name;
your e-mail;
your phone number;
a resumé;
a personal letter; and
photos.
From other sources:
Data collected in connection with background checks (can vary depending on the nature of the position) such as information on criminal convictions, verification of education and employment, and reference checks.
What is the legal basis for our processing?
To comply with a legal obligation as employer and our legitimate interest in conducting a recruitment process, including background checks and verification of the information provided by you during the recruitment process.
For how long do we process your personal data for the specific purpose?
This processing takes place during the recruitment process and for a period of two years thereafter, in order for us to be able to defend ourselves against any legal claims.
For what purposes we process your personal data, i.e. what we do and why?
We collect your personal data when you agree to answer our Pale blue dot Founder Diversity Questionnaire (or any other statistical or marketing surveys).
What personal data we may process and where they come from?
From you:
your ethnic origin;
your political opinions;
your religious beliefs;
your sexual orientation;
your gender;
your age;
whether you have a disability;
your family situation and history; and
your education.
From other sources:
Sensitive personal data may be collected and aggregated by our data processor Google Forms.
What is the legal basis for our processing?
Your consent. You can withdraw this at any time. More information about your right to withdraw your consent can be found in section 4.8.
For how long do we process your personal data for the specific purpose?
This processing takes place for as long as we have your consent (i.e. until you withdraw your consent, more information about the right to withdraw your consent can be found in section 4.8).
For what purposes we process your personal data, i.e. what we do and why?
We collect your personal data when you visit our website in order to optimise your experience of the website and to be able to handle any requests, submissions and similar via the website (for submissions regarding investments, see section 1.1).
What personal data we may process and where they come from?
From you:
your name;
your e-mail; and
your employer.
From other sources:
Technical information generated through your use of the website;
information about your internet device, such as IP address, language settings, browser settings, operating system; and
time and date of the visit of the website.
What is the legal basis for our processing?
Our legitimate interest in being able to provide our website.
For how long do we process your personal data for the specific purpose?
This processing takes place during your visit of the website and is stored for up to 400 days thereafter. For more information, please see below under section 5.
For certain purposes, we process your personal data and rely on our legitimate interest as the legal basis for the processing. In assessing the legal basis, we rely on a balancing of interests test by which we have determined that our legitimate interests of the processing override your interest and your fundamental right not to have your personal data processed. We have stated our legitimate interest in the tables above. Please contact us if you want to read more about how this test has been performed. Our contact details can be found in section 7.
We carry out certain surveys related to diversity. For statistical purposes, we ask the participants of such surveys to specify certain sensitive personal data (such as data revealing ethnic origin, political opinions, religious beliefs, or sexual orientation). Thus, we may process such sensitive personal data. Before processing any such sensitive personal data, we first ask for your consent pursuant to Article 9.2(a) GDPR. When processing sensitive personal data, we are precautious and apply particular safeguards, such as limiting the access to the sensitive personal data to one single individual within our organization. Please note that we may use third parties, such as Google Forms, to collect and aggregate your sensitive personal data, such third parties are data processors and by agreement bound to protect the personal data in accordance with our standards, to process the personal data only for our account and for the purpose which you have given your consent.
If we process your personal data pursuant to section 1, some or all of such personal data may be shared with certain specific recipients. When we share your personal data, we ensure that the recipient processes them in accordance with this privacy notice, by, e.g. entering into Data Transfer Agreements or Personal Data Processing Agreements with the recipients. The agreements ensure that your data are processed in accordance with the GDPR and this privacy policy. We would like to emphasize that we do not sell your personal data to any third party.
2.1.1 Group companies and portfolio companies
Recipients: Companies within the Pale blue dot group (including investment funds managed or advised by us), situated within the EU/EEA. Portfolio companies of the Pale blue dot group, situated within the EU/EEA and the U.S.A.
Purpose and legal basis: This may be required for us to evaluate an investment opportunity, when investing in a company or when monitoring an existing portfolio company. We have a legitimate interest of being able to evaluate such investments and companies prior to carrying them out, carrying out KYC checks, as well as monitoring our investment in them. If the sharing of your personal data is necessary to fulfill that interest, and that interest overrides your right not to have your data processed, the sharing may be carried out on the legal basis of legitimate interest.
2.1.2 Partners outside the Pale blue dot group
Recipients: Business partners outside the Pale blue dot group. These business partners are situated within the EU/EEA and in the U.S.A.
Purpose and legal basis: We may need to share your personal data with the partners with whom we work closely, for the purpose of evaluating an investment opportunity, when investing in a company, or when monitoring an existing investment in a company. This only takes place to the extent necessary for them to fulfil their obligations relating to an investment due diligence, or assistance in relation to investor reporting. However, they may not process or use your personal data for any other purposes. Sharing may also occur in some cases to partners evaluating a potential co-investment or follow-on investment in a company when you have requested us to do so. Thus, sharing with partners outside the Group can take place on the legal basis of performance of contract or consent.
2.1.3 Service providers
Recipients: We have agreements with other companies that perform certain services on our behalf. These services include, e.g. providing newsletters to subscribers via e-mail, providing invitations and registrations to attendees at events organised by us, or to collect and aggregate your sensitive personal data. These companies gain access to your personal data to the extent necessary for them to fulfill their assignment, but they may not use or share the data for other purposes.These service providers are situated both within the EU/EEA and in the U.S.A.
Purpose and legal basis: We sometimes need to access the services of other companies. In such cases, we have a legitimate interest of being able to access these. If the sharing of your personal data is necessary to fulfill that interest, and that interest overrides your right not to have your data processed, sharing may take place on the legal basis of legitimate interest. However, these companies may not process or use your personal for any other purposes than to perform the services pursuant to the agreement.
2.1.4 Authorities
Recipients: The Swedish Police Authority, the Swedish Enforcement Authority, the Swedish Financial Supervisory Authority or other authorities or courts of law.
Purpose and legal basis: By law, we are obliged to share personal data with certain authorities, for example under the Act on Measures against Money Laundering and Terrorism Financing (Sw. lagen om åtgärder mot penningtvätt och finansiering av terrorism). Sharing may also occur in some cases, when you have requested us to do so. Thus, sharing to authorities can be carried out on the legal basis of compliance with legal obligations or consent.
2.1.5 Third party in corporate transaction
Recipients:If we, or a significant part of our business, were to be sold to or integrated with a third party, your personal data may be passed on to the new owner of the business. Thereafter, the new owner of the business will be the data controller of your personal data.
Purpose and legal basis: We may have a legitimate interest of being able to sell our business to, or integrate our business with, a third party. Thus, sharing your personal data to such parties may be carried out on the legal basis of our legitimate interest.
You have the right to object to the sharing of your personal data, due to circumstances in your individual case. More information about your right to object can be found in section 4.5.
The transfers described above may be made to recipients in Member States of the EU/EEA, and to the U.S.A., as Pale blue dot has engaged certain American service providers. When such transfers are carried out, Pale blue dot takes all appropriate measures to ensure that your personal data is adequately protected and that all processing is performed in accordance with applicable data protection laws and this privacy policy. We ensure that appropriate safeguards are put in place for these transfers. All of these American service providers are private entities that are participating in the EU-U.S. Data Privacy Framework.
If you would like to receive further information about transfers to countries outside the EU/EEA, or if you would like to receive a copy of the safeguard we have used, you can contact us using the contact details set out in section 7 below.
According to applicable legislation, you have the right to exercise certain rights against us, when we process your personal data.Below we describe each right, and what it means for you in relation to the personal data we process.If you want to read more about what the Swedish Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten) writes about these rights, there are links under each section to the relevant page on the Swedish Authority for Privacy Protection's website.
If you want to exercise any of these rights, want to know more, or have questions, please feel free to contact us at privacy@paleblue.vc or by using the contact details set out in section 7 below.
You have the right to be informed about how we process your personal data. In this privacy policy, we generally describe what personal data are processed by us in different contexts. If you want to know more about whether we process your personal data, and to what extent it is done, you can contact us as described above and request information about what personal data we process.
If you want to read more about the right to information – please see here.
We can also provide you with a copy, a so-called register extract, of the personal data processed by us. In the register extract, we provide information about e.g. which categories of personal data are processed, what the personal data are used for, for how long the data will be stored, with whom the personal data has been shared and where the data come from.
If you want to read more about the right to access – please see here.
We strive to always have accurate personal data about you and to update them when necessary. If you discover that we process inaccurate data about you, you have the right to contact us as described above to have these corrected. You also have the right to ask us to complete incomplete data if this is relevant based on the purposes for which your data are processed, by providing us with additional information.
If you want to read more about the right to rectification – please see here.
You have the right to request the erasure of your personal data. However, this right is not absolute. Certain conditions must be at hand in order for us to erase your data. For example, you may have the right to have data erased if they are no longer necessary for the purposes for which they were collected, if you withdraw your consent or if you object to us using your data for direct marketing.
The right to erasure is also limited in the event that an exception applies to the data in question. For example, we have the right to retain the data if it is necessary for establishing, exercising or defending legal claims.
If you want to read more about the right to erasure – please see here.
You always have the right to object to our processing if the legal basis for the processing (this is stated in the various processing operations above in section 1) is that it is necessary for purposes relating to our legitimate interest.
If you object, we do not have the right to process the data anymore, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or if it is needed for the establishment, exercise or defence of legal claims. If we consider that we have such legitimate grounds, or if the data are needed for the establishment, exercise or defence of legal claims, we will notify you of this, and the reasons for such assessment.
You can also object to your personal data being processed for marketing purposes (including profiling if this is included as part of this). If you do so, we will cease the processing for these purposes.
If you want to read more about the right to object – please see here.
You can request that the processing of your personal data should be restricted, for example if you do not think that the information we have about you is correct or if you believe that the processing is unlawful. Such request can also be made during the time we investigate whether our legitimate interests override your interest of privacy when you object to the processing (see more about this under section 4.5 above).
If you want to read more about the right to restriction – please see here.
You have the right to receive your personal data, that you have provided to us (in case the legal basis for our processing is consent or performance of a contract), in a structured, commonly used and machine-readable format. However, this presupposes that the processing takes place by automated means (i.e. not in physical form on paper). If technically possible, and you wish to do so, we may also transmit such personal data to another data controller.
If you want to read more about the right to transmit personal data (data portability) – please see here.
You can withdraw the whole or part of the consent you have given at any time, with effect as from the withdrawal (i.e. the processing of personal data that we have carried out before the withdrawal will not be affected). This can be done by contacting us via the contact details in section 7. In the case of direct marketing via e-mail, a withdrawal can be carried out through a link attached in each such e-mail.
You can lodge a complaint to the Swedish Authority for Privacy Protection (or with another supervisory authority) if you believe that our processing of your personal data is not in accordance with applicable legislation.
If you want to read more about the right to lodge a complaint – please see here.
To protect your privacy, we may (if necessary) require you to prove your identity when you contact us to exercise your rights.
We handle your request to exercise your rights promptly. Your request will normally be answered within one month from the date the request was received by us. Only in the case of an unusually complicated request, or if we have received a large number of requests, the response time may be extended by up to two months. If an extension of the response time is decided upon, you will be notified of that.
In order for us to deliver our services with the highest possible quality, we use so-called cookies and similar tracking technologies on our website.
When you visit our website, you will be asked if you consent to our use of cookies (with the exception of such necessary cookies that do not require your consent). You can delete cookies from your browser or adjust your settings for the use of cookies, at any time. You can read more about this in our cookie policy, which you can find here. In the cookie policy, we describe, e.g. what types of cookies we use, what they are used for and for how long they are stored.
We may make changes to the privacy policy if this is necessary to describe how we process your personal data. All such changes are posted here on the website, which is why you should review the privacy policy at regular intervals and each time you use our services. However, in the event of major changes of material importance, we will notify you by e-mail (if you have provided us you’re your e-mail address and it is stored by us) to inform you that such changes have been made.
If you have any questions or comments regarding the processing of your personal data, you can contact us via the e-mail address below.
PALE BLUE DOT
Monbijougatan 17B
211 53 Malmö
Sweden
Email: privacy@paleblue.vc
Phone number: +46 734344087