This document sets out the privacy policy of 500 Startups Management Company, L.L.C. and its affiliates (together referred to as “500 Global”, “we” or “us“) and explains how we collect and use your personal information in connection with your relationship with us as a customer or potential customer including;
- through your use of https://500.co/ and any country top level domain name (the “Site“),
- through your use of and applications for our products and services and participation in our program(s);
- by interacting with our content and/or services such as online training; or
- by contacting our team members.
This policy also applies to information held about suppliers and possible future suppliers, contacts and all other people we hold information about.
This Privacy Policy also sets out your rights and who you can contact for more information. If you are a customer based in the EU, please see the EU Users for additional information that is relevant to you. If you are based in California, please see the CPRA section below for additional information that is relevant to you.
Information
“Personal Information” means data that allows someone to identify or contact you (e.g. your name, address, telephone number, e-mail address, credit/debit numbers, expiration date and other billing information; people to whom purchases have been shipped, including addresses and phone number). “Non-Personal Information” means data that is not associated with or linked to your Personal Information.
Depending on the particular circumstances, we may collect and hold different Personal Information about you. For example, this may include:
- your name;
- your education;
- your occupation and professional qualifications;
- your contact information such as your home or work address, telephone and email contact details;
- your payment details/financial information, such as your bank account or credit card details;
- your postings on any social media applications and services that we provide;
- your account security credentials, such as username and passwords;
- information about how you use our products and services;
- information in connection with communications you send us, for example to report a problem; and
- where necessary, additional information as part of our user authentication process.
Automated collection of information
Each time you use the Site, we may automatically collect the following types of information:
- Technical information: For example, the type of internet browser and the operating system. We use this information to help provide a good user experience on the Site.
- Log information: For example, the details of the use of the Site by you, the visits to the Site and traffic data. We use this information to help us understand how users use the Site and to improve user experience.
If you fail to provide us with this information, or you object to us processing such information the consequences are that we may be prevented from conducting business with you and we may be unable to provide our products and services to you.
How Information is Obtained
- Information you give to us when you purchase our products and services. If you purchase one of our products you will need to provide certain information including your name, address and card number in relation to the purchase.
- Other information you give to us. We may receive and store information that you enter on the Site (e.g. when you register for a program) or give us in any other way (e.g., by telephone, email or other software platform). As a result of your use of the Site, you may supply us with such Personal Information such as your name and contact details.
- Social Media. Depending on your settings or the privacy policies for social media and messaging services such as LinkedIn, Facebook, Twitter and Instagram you might give us permission to access information from those accounts or services.
- Information we collect about you.
- We may also collect information from you online using cookies and other analytical tools or when you visit the Site, including when you use our products and services. Like most websites, we use “cookies” to help us make our Site – and the way you use it – better. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone / tablet). They improve website use and speed – for example by automatically filling your name and address in text fields. There are more details in our section on Cookies below.
- In addition, with regard to each of your visits to our Site we will automatically collect certain information e.g. your IP address used to connect your computer to the Internet.
How we hold your information
The Site has reasonable security measures in place to protect against the loss, misuse and unauthorized alteration of Personal Information in 500 Globals’ possession and control. Although we endeavor to provide security for information in our possession and control, no security system can prevent against all potential security breaches, and we bear no liability for uses or disclosures of Personal Information or Non-Personal Information arising in connection with the theft thereof.
Links to Other Sites
Our Site may contain links to other sites, including via our social media buttons. While we try to link only to websites that share our high standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other websites and a link does not constitute an endorsement of that website. Once you link to another website from our Site you are subject to the terms and conditions of that website, including, but not limited to, its internet privacy policy and practices. Please check these policies before you submit any data to these websites.
How the Information is used
Our primary purpose in collecting user information is to provide you with a safe, smooth, efficient, and customised experience and to provide the products and services that you have requested. We may also use the information that you have provided to ensure that the content on our Site is presented in the most effective manner for you and your computer. We may use and disclose your information for the following specific purposes:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the products, services and information that you request from us;
- to assist you with enquiries, or to improve our customer service;
- to communicate with you;
- to send you marketing (where we have the right to do so – see marketing section below);
- for our billing and account purposes;
- to maintain our business relationships where you are a business partner, a user of our website and services, or a customer;
- to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- as part of our efforts to keep our Site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our Site about services that may interest you or them;
- to develop and improve our products and services;
- to update our records;
- to allow you to participate in interactive features of the Site or our programs, when you choose to do so; and
- comply with legal and regulatory obligations.
As further described below, in limited circumstances we may disclose collected information, including Personal Information, to certain third parties in connection with providing the Services or as required by law.
We may use Non-Personal Information in a variety of ways, including, by way of example, to evaluate the performance of the Site and Services and the general preferences of users, or to generate anonymous statistics for our benefit or for our business partners. Because Non-Personal Information is entirely anonymous, and therefore can never be used by us to identify you, this policy does not limit our ability to use or disclose Non-Personal Information.
Information Shared with Third Parties
As a necessary part of providing our products and services, we may disclose information collected from you to the following categories of third parties for the purposes outlined in this Privacy Policy:
- We may disclose certain Personal Information about you to our affiliates, third-party service providers, agents and contractors (e.g., our third party payment processors), if this is necessary to provide you with our products and services, respond to your inquiries or for any other related purposes and so long as they are only using the Personal Information to provide services to us. We will ensure that if we share information with, or provide access to, third party service providers or affiliates, any such disclosure or access is at all times in compliance with applicable data protection legislation.
- If another company acquires our company, business, or our assets, that company will possess the Personal Information collected by it and us and will assume the rights and obligations regarding your Personal Information as described in this Privacy Policy.
- Under certain limited circumstances, we may cooperate with legal investigations and/or we may be subject to legal requirements to disclose information collected through the Site or the Services, such as, by way of example, to a court or a governmental agency, and our policy is to provide such cooperation and comply fully with all such legal requirements.
- We may also disclose Personal Information to protect or defend the rights or property of 500 Global or users of the Services and/or to investigate any violation or potential violation of the law, this Privacy Policy, or the Terms of Use. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
- We may also share your Personal Information with third parties who support our information technology or handle mailings on our behalf and our professional advisers.
The disclosures contemplated by this paragraph (“Necessary Disclosures”) are necessary if you wish to use our products and services. As mentioned above, we may use and disclose Non-Personal Information without restriction. If you do not want us to make such Necessary Disclosures, or to use Non-Personal Information without restriction, you must not use the Services. We do not sell, rent or lease e-mail addresses or other Personal Information to third parties.
How long we keep your information
We will only keep the information we collect about you for as long as required for the purposes set out above or as required to comply with any legal obligations to which we are subject. This will involve us regularly reviewing our files to check that information is accurate, up-to-date and still required.
If you close an account you have with us or you decide not to go ahead with participating in one of our programs, we may still keep your information.
Marketing
If you have subscribed to one or more of our products or services, communications or mailing lists, you may unsubscribe by following the instructions which are included in any email that you receive or by contacting privacy@500.co at any time.
Cookies
Cookies are small digital signature files that are stored by your web browser that allow your preferences to be recorded when visiting the Site. They may also be used to track your return visits to the Site. When using the Services, we may create “cookies” on your computer for purposes of facilitating and maintaining your current user session to help 500 Global understand your use of the Site and enable you to access, navigate and use the Services. 500 Global may collect Personal Information using those cookies in order to enable the Company to identify you in connection with the Services and to track use of the Services for purposes consistent with this policy.
To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, IP, which may vary from session to session), domain name, and/or a date/time stamp for your visit. Third party advertising companies may also use cookies for tracking purposes.
You may be able to block cookies via your browser settings, but this may prevent you from access to certain features of the Site. For information about blocking the use of cookies, please refer to the instructions/help screen on your browser.
Do Not Track
500 Global does not currently take steps to respond to browsers’ “Do Not Track” signals as no uniform standard to respond to such signals has been developed at this time.
Changes to Privacy Policy
If we change our privacy policy, we will post those changes on the Site so that users are always aware of what information we collect, how we use it, and under what circumstances, if any, we will disclose it. These changes will be effective immediately. In any event, changes to this Privacy Policy may affect our use of Personal Information that you provided us prior to our notification to you of the changes. Please check this Privacy Policy periodically to inform yourself of any changes. If you do not accept the changes made to this Privacy Policy you should immediately stop using the Site and our products and services.
Effective December 15, 2022. 500 Global may make changes to this policy in the future. Last updated December 15, 2022.
Questions
For any questions or comments on our privacy policy please contact privacy@500.co
Introduction
This section applies to users in the European Union in addition to the terms set out above. In this section “Data Protection Legislation” means the EU General Data Protection Regulation 2016/679, together with all other applicable legislation relating to privacy or data protection, and where we use the terms “personal data”, “data subject”, “controller”, “processor” and “process” (and its derivatives), such terms shall have the meanings given to them in the Data Protection Legislation.
Who are we?
500 Startups Management Company, L.L.C acts as data controller for the purpose of Data Protection Legislation and is responsible for processing your personal data under this Privacy Policy unless otherwise notified to you in connection with a particular product or service.
Legal grounds for using your personal information
Our processing of your personal information is necessary:
- for the performance of contracts to which you will be a party to and in order to take steps at your request prior to you entering into those contracts;
- for the purposes of legitimate interests pursued by us; or
- in order to comply with a legal obligation to which we are subject.
In relation to any processing of special categories of personal information such as information about your ethnicity, we will generally rely on obtaining specific consent from you at the time unless there is otherwise a legal requirement for us to process such information.
Legitimate interests
Where our processing is based on the legitimate interest grounds described above, those legitimate interests are: (i) collecting personal information to provide you with a smooth and efficient customer experience; (ii) running our business; (iii) to provide the products and services you have requested; (iv) to prevent fraud; (v) to update you and keep you informed about relevant products and services, unless you indicate at any time that you do not wish us to do so; and (vi) for our own marketing, research and product development.
Your rights
At any time, you have the right:
- to be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from which it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences);
- to request access to or a copy of any personal data which we hold about you;
- to rectification of your personal data, if you consider that it is inaccurate;
- to ask us to delete your personal data, if you consider that we do not have the right to hold it;
- to withdraw consent to our processing of your personal data (to the extent such processing is based on previously obtained consent);
- to ask us to stop or start sending you marketing messages at any time by using the below contact details;
- to restrict processing of your personal data;
- to data portability (moving some of your personal data elsewhere) in certain circumstances;
- to object to your personal data being processed in certain circumstances; and
- to not to be subject to a decision based on automated processing and to have safeguards put in place if you are being profiled based on your personal data.
Any request for access to or a copy of your personal data must be in writing and we will endeavour to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will comply with our legal obligations as regards your rights as a data subject.
We will correct any incorrect or incomplete information and will stop processing your personal data, or erase it, where there is no legal reason for us to continue to hold or use that information.
We aim to ensure that the information we hold about you is accurate at all times. To assist us in ensuring that your information is up to date, do let us know if any of your personal details change.
Overseas Transfers
You acknowledge and agree any personal data that you provide to 500 Global will be transferred to and stored in the US in accordance with this Privacy Policy.
Where we share data with affiliates and other third parties as described here, your information may also be sent to and stored at, a destination outside the European Economic Area (“EEA”) and may be processed by staff operating outside the EEA who work for us, or for one of our service providers, affiliates, distributors, agents or contractors.
Where recipients are outside the EEA, we ensure that the recipient provides an adequate level of protection for your personal data or the transfer is otherwise permitted under applicable Data Protection Legislation.
Contact us
If you wish to exercise any of the rights relating to your information set out above, or if you have any questions or comments about data protection, or you wish to raise a complaint about how we are using your information you can contact us using the following details, or any other details notified to you from time to time: write to the registered and head office of 500 Global at privacy@500.co.
If you have any concerns about our use of your information, you also have the right to make a complaint to the relevant Data Protection Authority which regulates and supervises the use of personal data in the EEA.
Questions
For any questions or comments on our privacy policy please contact privacy@500.co
Information for California Residents
We collect Personal Data from Consumers and comply with the California Privacy Rights Act (“CPRA”). This California Privacy Notice applies to California residents (“Consumers,” “you,” or “your”).
For the purposes of this California Privacy Notice, “Personal Data” means information that is linked or reasonably linkable to a particular individual or household. However, the following categories of information are not Personal Data:
- Publicly available information;
- Deidentified or aggregated data; or
- Information otherwise excluded from the scope of the CPRA.
This Privacy Notice provides the following information to California Consumers:
- Categories of Personal Data we collect;
- Purposes for which we use Personal Data;
- Categories of Personal Data we disclose to third parties;
- Categories of third parties to which we disclose Personal Data; and
- How Consumers can exercise their rights under the CPRA:
- The rights to access, correct, or delete Personal Data;
- The right to obtain a portable copy of Personal Data;
- The right to limit the use of sensitive personal data in certain circumstances; and
- The rights to opt out of the sharing of Personal Data for behavioral advertising, sales of personal data, or certain profiling.
Categories of Non-Sensitive Personal Data
The table below outlines the non-sensitive categories of Personal Data 500 Global collects about Consumers and whether and how they are disclosed to third parties.
We collect Non-Sensitive Personal Data from the following sources:
- Directly from our users
- Inferences from your activity
- From our affiliates
- Identifiers
- Examples: Identifiers may contain the following: Portfolio company / investor / program participant / client information such as names, addresses, email addresses, and phone numbers or other contact information.
- Purpose(s): Investor / client / service provider/portfolio/program participant records and communications; anti-money laundering & know your customer (AML/KYC) purposes; to improve and provide our services; and/or marketing purposes
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data may be sold to Affiliates and Business Partners
- Sharing: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Personal Characteristics
- Examples: Personal Characteristics may contain the following: Age, gender.
- Purpose(s): Investor / client / service provider/portfolio/program participant records and communications; anti-money laundering & know your customer (AML/KYC) purposes; to improve and provide our services; and/or marketing purposes
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data may be sold to Affiliates and Business Partners
- Sharing: This data may be shared with Processors, Affiliates, and Business Partners
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Commercial Information
- Examples: Commercial Information may contain the following: Customer information, property records.
- Purpose(s): Anti-money laundering & know your customer (AML/KYC) purposes; to improve our services and programs; and/or for business development & marketing purposes.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data may be sold to Affiliates and Business Partners
- Sharing: This data may be shared with Processors, Affiliates, and Business Partners
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Internet/Electronic Activity
- Examples: Internet/Electronic Activity may contain the following: Web information of users accessing our website.
- Purpose(s): To improve user experience on our website; to improve our services; and/or to generate statistics on the makeup of our website users.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Imprecise Geolocational
- Examples: Imprecise Geolocational may contain the following: Personnel office access information.
- Purpose(s): To facilitate entry into 500 Global’s office; and for security purposes.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Sensory Information
- Examples: Sensory Information may contain the following: Photographs, videos, and video recordings of company related events and programs
- Purpose(s): For business development & marketing purposes; and/or for delivery of our services.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data may be sold to Affiliates and Business Partners
- Sharing: This data may be shared with Processors, Affiliates, and Business Partners
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Professional Information
- Examples: Professional Information may contain the following: Employment history, salary information, job titles
- Purpose(s): Anti-money laundering & know your customer (AML/KYC) purposes; to deliver and improve our services; to generate statistics on the makeup of our investors / clients / service providers / portfolio / program participants; for employment and HR-related purposes; and/or for business development & marketing purposes.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data may be sold to Affiliates and Business Partners
- Sharing: This data may be shared with Processors, Affiliates, and Business Partners
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Educational Information
- Examples: Educational Information may contain the following: Educational history.
- Purpose(s): Anti-money laundering & know your customer (AML/KYC) purposes; to deliver and improve our services; to generate statistics on the makeup of our investors / clients / service providers / portfolio / program participants; for employment and HR-related purposes; and/or for business development & marketing purposes.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data may be sold to Affiliates and Business Partners
- Sharing: This data may be shared with Processors, Affiliates, and Business Partners
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Inferences
- Examples: Inferences may contain the following: Information drawn from other pieces of information.
- Purpose(s): For HR-related purposes.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
Categories of Sensitive Personal Data
The table below outlines the categories of Sensitive Personal Data 500 Global collects about Consumers and whether they are shared with third parties. 500 Global obtains affirmative consent from Consumers to process the Sensitive Personal Data, in compliance with applicable law.
We collect Sensitive Personal Data from the following sources:
- Directly from our users
- From our affiliates
- Government ID Data
- Examples: Government ID Data may contain the following: Driver’s License Number, Government-Issued Identification, and Passport Information.
- Purpose(s): To provide services, to improve services, and to comply with statutory or other obligations.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Sensitive Category Data
- Examples:Sensitive Category Data may contain the following: Identification Numbers, racial or ethnic origin, identifiers and other personal characteristics.
- Purpose(s): To provide services, to improve services, and to comply with statutory or other obligations.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Financial Data
- Examples: Financial Data may contain the following: Account numbers, credit card information, or other financial information.
- Purpose(s): To provide services, to improve services, and to comply with statutory or other obligations.
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
- Precise Geolocation Data
- Examples: Precise Geolocation Data may contain the following: Office access information.
- Purpose(s): To facilitate entry into 500 Global’s office; and for security purposes
- Targeted Advertising: We do not engage in targeted advertising or share this data for targeted advertising purposes
- Sale: This data is not sold to third parties
- Sharing: This data may be shared with Processors and Affiliates
- Retention Period: We retain this data for as long as reasonably needed to fulfill the purpose for which it was collected.
Use of Personal Data
We use Personal Data for the purposes described above. Personal Data may also be used or disclosed as otherwise permitted or required by applicable law.
We share and/or sell Personal Data with the following categories of third parties:
- Processors: We use processors to securely handle Personal Data on our behalf and only on our instructions. These companies may not use your Personal Data for their own purposes.
- Affiliates: We may share your information with our affiliates, subsidiaries, and representatives as part of providing our services.
- Our Business Partners: We may share relevant personal data with our business partners to provide you with exclusive offers for products and services that may interest you.
See the tables above for more details about how different categories of Personal Data are shared.
Exercising Your Personal Data Rights
California Consumers have the following rights under the CPRA:
- The rights to access, correct, or delete Personal Data;
- The right to obtain a portable copy of Personal Data;
- The right to limit the use of Sensitive Personal Data in certain circumstances; and
- The rights to opt out of the sharing of Personal Data for behavioral advertising, sales of personal data, or certain profiling.
If you are a California Consumer, you can submit a request to exercise your personal data rights under the CPRA by submitting a request to exercise your personal data rights under the CPRA by clicking here and submitting the form at https://500.co/cpra. You may also make any of these requests by calling (888) 680-2293 Ext. 5 or emailing privacy@500.co. Please be aware that we do not accept or process requests through other means (e.g., via fax, social media, etc.). To protect your privacy, we may need to authenticate your identity before we respond to your rights request. We will use commercially reasonable efforts to verify your identity for this purpose. Any information you provide to authenticate your identity will only be used to process your rights request. Please be aware that we do not accept or process rights requests through other means (e.g., via fax or social media).
We will respond to your rights request within 45 days, though in certain cases we may inform you that we will need up to another 45 days to act on your request. If we suspect fraudulent or malicious activity on or from your account, we will delay taking action on your request until we can appropriately verify your identity and the request as authentic. Also note that each of the rights are subject to certain exceptions.
We reserve the right to decline to process, or charge a reasonable fee for, requests from a Consumer that are manifestly unfounded, excessive, or repetitive.
The CPRA defines a “sale” as the exchange of Personal Data to a third party for money or anything of value. In certain situations, we sell Personal Data to third parties. You can opt out of the sale of your Personal Data by submitting a rights request as described above.
The CPRA defines “sharing” as disclosing Personal Data to a third party for behavioral advertising, sometimes referred to as “targeted advertising.” An example of this is displaying advertisements to a consumer where the advertisement is selected based on Personal Data obtained from that consumer’s activities over time and across nonaffiliated websites or online applications to predict such consumer’s preferences or interests. We share some Personal Data for behavioral advertising. You can opt out of the sharing of your Personal Data for behavioral advertising by submitting a rights request as described above.
Limiting the Use of Sensitive Personal Data
The CPRA provides a right to limit some uses of Sensitive Personal Data. In particular, you may direct companies not to use Sensitive Personal Data except as necessary to provide goods or services you have requested.
You may submit a request to limit the use of your sensitive Personal Data by submitting a rights request as described above.
Authorized Agent Requests
The CPRA allows you to designate an authorized agent to make a rights request on your behalf. Your authorized agent may submit such a request by following the same method described above. We may require verification of your authorized agent in addition to the information for verification above for Consumers and households.
Contact us
If you have any questions or concerns regarding this California Privacy Notice, contact us at privacy@500.co.
Children
Our services are not directed to children, and we do not knowingly collect personal information from children under the age of 16. If you learn that a child has provided us with personal information, then you may contact us as indicated above.
Questions
For any questions or comments on our privacy policy please contact privacy@500.co.