Global Privacy Notice

About This Privacy Notice

Demeter Tactical Investments and its affiliates (collectively, “Demeter” or the “Firm”) act as data controllers with respect to your personal data under applicable data-protection laws, including the European Union General Data Protection Regulation (EU GDPR), the UK GDPR, the Abu Dhabi Global Market Data Protection Regulations 2021, the British Virgin Islands Data Protection Act 2021, the Gramm-Leach-Bliley Act (GLBA), and the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA) (collectively, the “Data Protection Laws”).

Demeter is responsible for ensuring that it processes your personal data in compliance with these laws. The Firm generally processes personal data provided to it in connection with a potential or actual investment in a Demeter-managed fund and to comply with its legal and regulatory obligations. 

Ascent GFS, the administrator of the funds managed by Demeter, also processes personal data in connection with investor relations and maintains its own privacy notice, available at Ascent GFS Privacy Policy. 

Scope of This Notice

This Notice applies to you if your personal data is collected or processed by Demeter: 

  1. In connection with a current, past, or potential investment; 
  2. When your information is provided by another person or entity (for example, as a director, trustee, partner, or beneficial owner of an investor); or 
  3. Where Demeter otherwise collects or uses your personal data in the course of its operations.

If you are an entity, you must provide this Notice to all individuals whose personal data you have shared with Demeter. 

Types of Personal Data We Process

We may collect and process the following categories of personal data: 

  • Identification and contact information (name, address, email, phone, date of birth, nationality, passport or ID details); 
  • Financial information (bank details, investment amounts, income, assets, tax residency, transaction history); 
  • Regulatory and compliance information (KYC/AML, FATCA, CRS); 
  • Communications data (emails, call records, correspondence); 
  • Technical data (IP address, device, and site usage information). 

How We Use Your Data

Your data may be processed for: 

  • Evaluating, administering, and servicing investments; 
  • Conducting KYC/AML and regulatory due diligence; 
  • Performing business, accounting, and auditing functions; 
  • Communicating with investors, regulators, and service providers; 
  • Meeting legal, tax, and reporting obligations; 
  • Protecting our rights, managing risks, and ensuring IT and data security. 

Legal Bases for Processing

Demeter processes personal data on the following lawful bases:

  • Contractual necessity – to establish or perform investment agreements; 
  • Legal obligation – to comply with financial regulations, tax laws, and reporting regimes; 
  • Legitimate interests – to operate efficiently, maintain compliance, prevent fraud, and manage risks; 
  • Consent – where required by applicable law. 

Sensitive personal data is only processed where necessary for substantial public interest or to fulfill legal requirements. 

Disclosure to Third Parties

Demeter may share personal data with:

  • Ascent GFS and other administrators or custodians; 
  • Professional advisers (legal, accounting, audit); 
  • Technology and cybersecurity providers; 
  • Regulators, tax authorities, and courts, as required by law; 
  • Counterparties and financial institutions involved in transactions

All third parties are subject to confidentiality obligations and must process data in accordance with Demeter’s instructions or applicable law. 

Cross-Border Data Transfers

Your personal data may be transferred outside the jurisdiction in which it was collected, including to the United States, the British Virgin Islands, the United Arab Emirates, and the United Kingdom.

Demeter ensures that such transfers comply with Data Protection Laws by using appropriate safeguards, including standard contractual clauses or equivalent protections recognized by regulators. 

Retention

Demeter retains personal data for as long as necessary to fulfill the purposes described above or to comply with legal and regulatory record-keeping requirements. When data is no longer required, it is securely deleted or anonymized. 

Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access and receive a copy of your data; 
  • Request correction or deletion; 
  • Restrict or object to processing; 
  • Request data portability; 
  • Withdraw consent (where processing is based on consent); 
  • Lodge a complaint with the relevant data-protection authority.

California residents may also exercise CCPA/CPRA rights to access, delete, correct, or limit the use of personal data, and to be free from discrimination for exercising such rights. 

Requests should be directed to:

 📧 info@demeter-funds.ae ☎ +971 2 494 0985 ✉ Unit 21, Level 25, Al Sila Tower, ADGM Square, Abu Dhabi UAE. 

Cybersecurity & Safeguards

Demeter employs multi-layered security controls—administrative, technical, and physical—to protect data integrity, confidentiality, and availability. These include encryption, secure access controls, network monitoring, and employee training. Independent reviews of cybersecurity policies are conducted periodically and aligned with industry best practices. 

Policy Updates

This Privacy Notice may be updated from time to time to reflect legal or operational changes. The latest version will always be available at demeter-funds.ae/privacy. 

© Demeter Tactical Investments - All rights reserved.