If you are a current, former or prospective client or an investor in a private fund managed by us, our collection, sharing and use of your personal information that we collected about you in your capacity as such is governed by a separate Privacy Notice that we deliver to you pursuant to the federal Gramm Leach Bliley Act (“GLBA”), which is available here.
If you are a resident of the European Union, please see “Your European Union Privacy Rights” below. If you are a resident of California, please see “Your California Privacy Rights” below. If you are a resident of Nevada, please see “Additional Notice for Nevada Residents” below.
Personal Information We Collect.
We may collect personal information directly from you, from service providers or from publicly available sources in the ordinary course of our business. The scope of the personal information that we collect depends on the context of your interaction with us, and may include information that identifies you personally, such as your first and last name, e-mail address, phone number, and address. We may also automatically collect certain personal information when you access or use our website, including your IP address, device identifier, browser type, operating system, information about your use of the website, and data regarding network connected hardware (e.g., computer or mobile device).
Sources of Personal Information.
We may collect personal information about you in the following ways and from the following sources:
- Directly from you. We may collect personal information directly from you, such as when you visit this website or communicate with us via email, US mail, telephone or otherwise.
- From third parties. We may collect personal information from third parties such as our business partners, service providers and vendors as well as third parties acting on your behalf.
How We Use Personal Information.
We may use personal information for our own internal business purposes, such as to operate our website, deliver the information you have requested from us, evaluate and improve the quality of your interactions with us, communicate with you, or maintain internal business records.
Why We Share Personal Information.
We may share personal information with third parties for the purposes described below:
- For legitimate business purposes. We may make certain disclosures permitted by law for our business purposes, such as disclosures to our auditors, lawyers and business partners.
- With third-party service providers. We may disclose information as needed to third-party service providers, business partners, and vendors, including, for example, service providers that help us operate and improve our website, such as for hosting and maintenance, analytics and security operations.
- To protect and enforce legal rights. We also may disclose information: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary or advisable to protect the legal rights, property or safety of Hall Capital, our clients, fund investors or other third parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
- At your request or with your consent. In certain circumstances, we may ask for your consent to share your information with third parties. When we do, we will make clear why we want to share the information.
- For corporate transactions. We may disclose information if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
How We Protect Personal Information.
We maintain physical, electronic and procedural safeguards to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. We have implemented appropriate safeguards intended to ensure that our third-party service providers protect personal information that they Process on our behalf.
Although we take precautions intended to help protect information that we Process, no system or electronic data transmission is completely secure. Any electronic transmission of your information is at your own risk and we expect that you will use appropriate security measures to protect your personal information. In particular, email sent to us may not be secure and you should therefore take special care in deciding what information you send to us via email. We may suspend your use of our website without notice if we suspect or detect any breach of security.
A pixel tag is computer code that contains a unique identifier that enables us to monitor user activity and traffic on the website. We may use pixel tags to gather aggregate information on visits to the website and assist with other features.
We also use Google Analytics, which is a Google service that collects aggregate information about use of our website and reports website trends. Google Analytics does not directly identify individual clients or other users. You can learn about Google’s practices here.
Our Policy on “Do Not Track” Signals: Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) incorporate a “Do Not Track” (“DNT”) or similar feature that signals to websites that a client or other user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain personal information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, Hall Capital, like many other website operators, does not respond to DNT signals.
Links to Other Websites and Services.
Mail: One Maritime Plaza, Sixth Floor, San Francisco, CA 94111
Your European Union Privacy Rights.
Click to expand
Our legal bases for Processing your personal information depends on the personal information concerned and the specific context in which we collect it. We Process personal information when we have your consent, if we need to information for the purposes of administering the relationship between you and us (including communications and reporting), or when the Processing is in our legitimate interests and not overridden by your fundamental rights and freedoms, such as to provide our services to you, to respond to your inquiries, to monitor and improve our services, to offer new services to you, and to comply with applicable legal or regulatory requirements (including anti-money laundering, fraud prevention, tax reporting, securities laws, sanctions compliance, or responding to requests for information from regulatory authorities). We also collect and use information about how our website is used to improve the website and develop new features, to prevent, detect and fight fraud or other illegal or unauthorized activities, and to enforce or exercise our legal rights.
If you are located in the European Union, you have the right to lodge a complaint with a data protection authority about how we Process your personal information. Hall Capital is the “data controller” of your personal information. As a data controller, Hall Capital is subject to requirements under applicable data protection law and regulation, including the General Data Protection Regulation ((EU) 2016/679) and the Data Protection Act 2018, and any other European Union member state legislation in force from time to time that regulates the Processing of personal information.
We may transfer your personal information to the US where are offices and servers are located, subject to suitable data protection safeguards (when required). If you are located in the European Union, please contact us using the contact information above to learn more about our safeguards for transfers of your personal information.
If you are located outside of the United States, please be aware that any information you provide to us may be transferred to, Processed, maintained, and used outside your jurisdiction of residence where the privacy and data protection laws may not be as protective as those in your jurisdiction.
If you would like to review, correct, delete or restrict our use of personal information about you that you previously provided to us or if you would like to receive an electronic copy of your personal information for purposes of transmitting it to another company (in each case, when these rights are provided to you by law), please contact us using the contact information above. In your request, please make clear the personal information to which your request relates and the actions you would like us to take. For your protection, we will verify your identity before responding to your request, and will Process your request in compliance with applicable law. Please note that we may not allow you to review or delete certain data for legal, security or other reasons.
Your California Privacy Rights.
Click to expand
This section applies to residents of California whose personal information is subject to the California Consumer Privacy Act, as amended by the California Privacy Rights Act (the “CPRA”). If you are not a resident of California, the rights described in this section do not apply to you.
Not all of the personal information we collect about certain California residents is subject to the CPRA, because personal information collected, Processed, sold or disclosed pursuant to the GLBA is fully exempt from the CPRA. If you are a current, former or prospective client or an investor in a private fund managed by us, please see the applicable Privacy Notice available here.
We may collect the following categories of personal information: (1) identifiers (for example, your name, postal address, unique personal identifiers and e-mail address; (2) internet usage information (for example, when you browse our website or otherwise interact with us online, we may collect information regarding such interaction); and (3) personal information categories listed in Cal. Civ. Code § 1798.80(e) (for example, your signature, physical characteristics or description, address or telephone number).
We may retain each category of personal information described above as necessary for our legitimate business purposes. The criteria used to determine our retention periods generally include: the length of time we have an ongoing relationship with you; whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); and whether retention is advisable considering our legal position (such as, for statutes of limitations, litigation or regulatory investigations).
We do not “sell” your personal information to, or “share” your personal information with, third parties (as those terms are defined by the CCPA). Below is a summary of the categories of personal information that we may have disclosed for a business purpose in the previous 12 months and the categories of third parties to whom we disclosed it.
Additional information about the categories of sources from which we collect personal information and the purposes for which we use it are described above in “Sources of Personal Information” and “How We Use Personal Information,” respectively.
We do not knowingly “sell” or “share” (as those terms are defined by the CCPA) any personal information of children under 16 years of age.
Subject to certain legal limitations and applicable exceptions, residents of California may exercise the following rights:
Right to Know. You have the right to request that we disclose to you the categories of personal information we have collected about you, the categories of sources from which we collected the Personal Information, the purposes for collecting the personal information, the categories of third parties to whom we have disclosed your personal information, the categories of personal information disclosed for a business purpose and, for each, the categories of recipients, or that no disclosure occurred, and the categories of personal information sold about you and, for each, the categories of recipients, or that no sale occurred. You also have to right to request the specific personal information we have collected from or about you.
Right to Delete. You have the right to request that we delete all or a portion of your personal information that we have collected from you.
Right to Correct. You have the right to request that we correct inaccurate personal information that we maintain about you.
You may exercise your California privacy rights by either: (i) emailing us at email@example.com; (ii) calling us at 800-588-0544; or (iii) submitting the form here. You may also designate an authorized agent to exercise these rights on your behalf by following the process described below.
You may request access to your personal information twice in any 12-month period, measured from the date we receive your first request. If you submit a request to obtain your personal information more than twice in any 12-month period, we will either: (i) proceed with honoring your request; or (ii) deny your request in writing.
In accordance with applicable law, you have the right not to receive discriminatory treatment from us as a result of your exercising these rights.
In order for us to process your request, we will need to obtain certain information from you to verify your identity. For a report of the specific personal information we have Processed about you, you must provide us with any three of the following pieces of information in order for us to verify your identity: (i) full name; (ii) email address; or (iii) mailing address. You also must provide us with a signed declaration, under penalty of perjury, that you are who you say you are.
To request a report of the categories of personal information we have Processed about you or to request that we delete or correct your personal information, you must provide us with two of the above-referenced pieces of information in order for us to verify your identity.
To the extent possible, we will use our existing authentication practices to verify your identity. Where necessary, we may request additional information about you so that we can verify your identity. Where we did not already hold that information, we will use it only for the purpose of verifying your identity and to process your request.
You may use an authorized agent to exercise your rights on your behalf. Authorized agents may demonstrate that the agent has authority to exercise rights on the requesting consumer’s behalf by submitting supporting documentation to firstname.lastname@example.org. At a minimum, we will require evidence of the agent’s identity (via passport or driver’s license submission), and at least one of the following, evidencing proof of your legal authority to act on the behalf of the individual who is the subject of this request: (i) written authorization signed by the consumer; (ii) certified copy of a Power of Attorney; or (iii) evidence of parental responsibility.
Whenever you interact with us on behalf of another individual or entity, such as by providing or accessing personal information about another individual, you represent that your interactions and exchanges comply with the CPRA. You shall have sole responsibility for any violation of applicable laws as a result of a failure to obtain any necessary consent from such individual.
We will process requests to know, correct, and delete within 45 calendar days, unless we need more time, in which case we will notify you and may take up to an additional 45 calendar days (90 days total) to process your request.
Additional Notice for Nevada Residents.
Click to expand
Nevada “consumers” have the right to instruct us not to “sell” “covered information” (as those terms are defined by Chapter 603A of the Nevada Revised Statutes). Although we do not currently sell covered information of Nevada consumers (as those terms are defined under that law), you may contact us as described in “Contact Us” above and provide your name, Nevada address, and email address to be verified and exercise your opt-out rights in the event we do sell covered information under that law in the future. If you change your email address or other contact information, contact us in the same manner to update your contact information to help facilitate your opt-out. Changing your contact information elsewhere (e.g., informational requests, account information, etc.) will not update your Nevada opt-out information and we will only use the information provided to our opt-out program for managing opt-outs. It is your responsibility to keep your opt-out information current. If after opting-out you direct us to share you covered information with others, we will do so regardless of your prior opt-out.
If you have any questions about our privacy practices, please feel free to contact us at Compliance@hallcapital.com.