Privacy Policy

Strategic Resilience Finance

Effective Date: 27th January 2026
Last Updated: 27th January 2026

 

1. Introduction

Strategic Resilience Finance (“SRF,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website srf-ia.com (the “Site”) or communicate with us.

This policy applies to all visitors, prospective investors, and companies engaging with SRF. By using our Site or providing us with your personal information, you consent to the practices described in this Privacy Policy.

Strategic Resilience Finance IA Ltd is the data controller responsible for your personal information. We are registered in England and Wales under company number [Insert Number].

 

2. Information We Collect

We collect minimal personal information necessary to respond to inquiries and maintain professional relationships with investors and companies.

2.1 Information You Provide Directly

When you contact us via email or inquiry form, we may collect:

  • Contact Information: Name, email address, phone number, company name, job title
  • Professional Information: Industry sector, investment interests, company description, funding requirements
  • Communication Content: The content of your messages and any attachments you send us
  • Meeting Information: If you schedule a meeting, we may collect availability preferences and meeting notes

2.2 Information Collected Automatically

When you visit our Site, we automatically collect certain technical information:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on pages, referral sources, navigation paths
  • Cookies and Similar Technologies: See Section 8 (Cookies Policy) for details

2.3 Information We Do Not Collect

We do not collect:

  • Payment card information (we do not process payments via the Site)
  • Sensitive personal data such as health information, racial or ethnic origin, political opinions, or religious beliefs
  • Information from individuals under the age of 18

 

3. Legal Basis for Processing (UK GDPR)

We process your personal information under the following legal bases:

  • Legitimate Interests: To respond to inquiries, maintain business relationships, and operate our investment advisory business (Article 6(1)(f) UK GDPR)
  • Contractual Necessity: To enter into or perform investment agreements with qualified investors or portfolio companies (Article 6(1)(b) UK GDPR)
  • Legal Obligation: To comply with legal and regulatory requirements applicable to financial services firms (Article 6(1)(c) UK GDPR)
  • Consent: Where you have provided explicit consent, such as for marketing communications (Article 6(1)(a) UK GDPR)

 

4. How We Use Your Information

We use your personal information for the following purposes:

4.1 Business Operations

  • Responding to inquiries from prospective investors and companies
  • Evaluating investment opportunities and conducting due diligence
  • Managing relationships with investors and portfolio companies
  • Providing information about our fund and investment strategy
  • Scheduling and conducting meetings

4.2 Website Functionality

  • Operating and maintaining the Site
  • Analyzing Site usage to improve user experience
  • Ensuring Site security and preventing fraud

4.3 Legal and Compliance

  • Complying with legal obligations, including anti-money laundering (AML) and know-your-customer (KYC) requirements
  • Responding to legal requests and preventing prohibited activities
  • Maintaining records as required by financial services regulations

4.4 Communications

  • Sending information you have requested
  • Providing updates about our fund (only to those who have opted in)
  • Responding to your questions and requests

We do not use your information for automated decision-making or profiling.

 

5. Data Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share information only in the following limited circumstances:

5.1 Service Providers

We may share information with trusted third-party service providers who assist us in:

  • Website hosting and technical infrastructure
  • Email delivery and communication platforms
  • Document management and secure data rooms (for investors and companies in active discussions)
  • Legal, accounting, and compliance services
  • Background checks and due diligence (for investment transactions)

All service providers are contractually bound to protect your information and use it only for specified purposes.

5.2 Professional Advisers

We may share information with our:

  • Legal counsel
  • Auditors and accountants
  • Fund administrators
  • Investment consultants

5.3 Regulatory and Legal Requirements

We may disclose information when required by law or to:

  • Comply with legal process (court orders, subpoenas)
  • Respond to requests from regulatory authorities (Financial Conduct Authority, HM Revenue & Customs)
  • Enforce our agreements and policies
  • Protect the rights, property, or safety of SRF, our investors, or others

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5.5 With Your Consent

We may share information for purposes not described in this policy with your explicit consent.

We do not share your information with third parties for their marketing purposes.

 

6. International Data Transfers

Your information is primarily processed and stored within the United Kingdom. If we transfer information outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

  • European Commission-approved Standard Contractual Clauses
  • Transfers to countries with adequacy decisions
  • Your explicit consent for the transfer

 

7. Data Retention

We retain personal information only as long as necessary for the purposes described in this policy or as required by law.

Retention Periods:

  • General Inquiries: 2 years from last contact, unless you request earlier deletion
  • Active Business Relationships: Duration of relationship plus 7 years (regulatory requirement for financial services)
  • Investment Documentation: Permanently or as required by applicable regulations (typically 7+ years after fund closure)
  • Website Analytics: 26 months maximum

When information is no longer needed, we securely delete or anonymize it.

 

8. Cookies Policy

8.1 What Are Cookies?

Cookies are small text files placed on your device when you visit our Site. They help us provide a better user experience.

8.2 Types of Cookies We Use

Essential Cookies (Always Active)

  • Required for basic Site functionality
  • Enable secure areas and remember your privacy preferences
  • Cannot be disabled

Analytics Cookies (Optional – Consent Required)

  • Google Analytics (anonymized IP addresses)
  • Help us understand how visitors use the Site
  • Collect aggregate, non-personally identifiable information

We do not use:

  • Advertising/tracking cookies
  • Social media cookies
  • Third-party marketing cookies

8.3 Managing Cookies

You can control cookies through your browser settings. Disabling cookies may affect Site functionality.

To opt out of Google Analytics: Google Analytics Opt-out

 

9. Your Rights Under UK GDPR

You have the following rights regarding your personal information:

9.1 Right of Access

Request a copy of the personal information we hold about you.

9.2 Right to Rectification

Request correction of inaccurate or incomplete information.

9.3 Right to Erasure (“Right to be Forgotten”)

Request deletion of your personal information, subject to legal retention requirements.

9.4 Right to Restrict Processing

Request limitation of how we use your information.

9.5 Right to Data Portability

Receive your information in a structured, commonly used format.

9.6 Right to Object

Object to processing based on legitimate interests or for direct marketing.

9.7 Right to Withdraw Consent

Withdraw consent at any time where we rely on consent as the legal basis.

9.8 Right to Lodge a Complaint

File a complaint with the UK Information Commissioner’s Office (ICO):

To exercise your rights, contact us at: kmakuch@ces-global.net

We will respond to requests within one month (extendable by two months for complex requests).

 

10. Data Security

We implement appropriate technical and organisational measures to protect your personal information:

10.1 Technical Safeguards

  • SSL/TLS encryption for all data transmission
  • Secure hosting infrastructure with regular security audits
  • Firewall protection and intrusion detection systems
  • Regular software updates and security patches
  • Encrypted backups stored securely off-site

10.2 Organisational Safeguards

  • Access controls limiting staff access to personal information on a need-to-know basis
  • Confidentiality obligations for all employees and contractors
  • Regular security training for staff
  • Incident response procedures
  • Secure disposal of physical and electronic records

10.3 Third-Party Security

All service providers are required to maintain equivalent security standards and are vetted for compliance.

However, no internet transmission is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

 

11. Third-Party Links

Our Site may contain links to third-party websites, including:

  • Partner organizations
  • Industry associations
  • Reference materials

We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies before providing personal information.

 

12. Children’s Privacy

Our Site and services are directed at professional and institutional investors and business entities. We do not knowingly collect information from individuals under 18 years of age.

If you believe we have inadvertently collected information from a minor, please contact us immediately at privacy@srf-ia.com for prompt deletion.

 

13. Marketing Communications

We send marketing communications only to those who have opted in or with whom we have a legitimate business relationship.

You can opt out at any time by:

  • Clicking “unsubscribe” in any marketing email
  • Emailing privacy@srf-ia.com
  • Writing to our postal address (see Section 15)

Opt-out requests are processed within 5 business days. You will continue to receive transactional emails (e.g., responses to inquiries, meeting confirmations).

 

14. Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors.

Material changes will be communicated by:

  • Posting the updated policy on the Site with a new “Last Updated” date
  • Email notification to active contacts (where appropriate)

We encourage you to review this policy periodically. Continued use of the Site after changes constitutes acceptance of the updated policy.

 

15. Contact Information

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact:

Data Protection Contact:
Strategic Resilience Finance IA Ltd
[Office Address]
London, United Kingdom

Email: privacy@srf-ia.com
General Inquiries: info@srf-ia.com
Telephone: [Insert Number]

Data Protection Officer (if appointed): [Name/Contact Details]

 

16. Investor and Company-Specific Provisions

16.1 For Prospective Investors

If you are considering investing in the D&S Scaler UK Fund, additional privacy terms may apply as outlined in:

  • Fund offering documents (Private Placement Memorandum)
  • Subscription agreements
  • Investor onboarding documentation

These documents may require collection of additional information for regulatory compliance (AML/KYC), suitability assessments, and investor servicing.

16.2 For Portfolio Companies and Investment Prospects

If you are seeking investment from SRF, we may collect additional information during:

  • Initial screening and evaluation
  • Due diligence processes
  • Investment negotiations
  • Post-investment monitoring

This information is handled in accordance with this Privacy Policy and any separate confidentiality or non-disclosure agreements.

All due diligence information is stored in secure data rooms with restricted access and retained in accordance with regulatory requirements for financial services firms.

 

17. Legal Basis Summary Table

Purpose Legal Basis Retention Period
Responding to inquiries Legitimate interests 2 years
Investment evaluation Legitimate interests / Contract 7 years post-relationship
Investor relations Contract / Legal obligation 7+ years (regulatory)
Website analytics Consent 26 months
Regulatory compliance Legal obligation Per applicable regulations
Marketing communications Consent / Legitimate interests Until opt-out + 2 years

By using our Site or engaging with Strategic Resilience Finance, you acknowledge that you have read and understood this Privacy Policy.

 

Document Version: 1.0
Policy Owner: Strategic Resilience Finance