Gabelli Funds, LLC, GAMCO Asset Management INC. Privacy Policy

This Privacy Policy explains what we do with the “personal data” of “data subjects”, each as defined under the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR“), resident in the EU to whom goods or services are offered by us. It describes how we collect, use and process your personal data, and how, in doing so, we comply with our legal obligations. This Privacy Policy applies to the personal data of former, current and prospective investors in funds we manage, directors (or, to the extent relevant, employees, officers or similar), business contacts, agents, service providers, website users, and other people whose personal data we may process.

 

For the purpose of applicable data protection legislation (including but not limited to GDPR, the entity responsible for the personal data you provide to us is Gabelli Funds, LLC of One Corporate Center, Rye, NY 10580-1422, United States (“Gabelli“, “we“, “us” or “our“).

 

It is important to point out that we may amend this Privacy Policy from time to time. Please visit this page if you want to stay up to date, as we will post any changes here. If you are dissatisfied with any aspect of our Privacy Policy, you may have legal rights. We have described these in the document as well where relevant.

 

How do we collect personal data?

We collect personal data in a number of ways. This will usually be collected directly from you, or indirectly from our service providers or other business contacts, for example when you become an investor in one of our funds, or where you provide personal data on request from us. We may also receive personal data when you contact us directly by phone, email or by other means. Personal data may also be provided to us by business contacts or our service providers for the purposes of marketing to prospective investors.

 

What personal data do we collect?

 

We describe below the types of personal data we may collect:

 

• We may collect personal data including your name, address, e-mail address, phone number, job title and identification documents, or any other information which you provide to us.
• We may also collect identification and verification details such as passports, driving licences, birth/marriage certificates and tax/credit references.
• To the extent that you access our website we will also collect certain data from you, as described in our “cookies policy”. A cookie is a small piece of information about an Internet session that may be created when a visitor accesses a website. We may use cookies to facilitate easier navigation within the site and provide a higher level of convenience for the visitor. We also may use cookies for various purposes such as maintaining continuity during a session, gathering data about the use of our site, storing preferences or recognizing return users. We may use cookies or other tracking technology to monitor our online promotions.

 

How do we use personal data?

 

We use personal data in the following ways:

 

• If you are an investor in one of our funds, we use your personal information in the following ways:
  • to comply with legal and/or regulatory requirements;
  • to carry out anti-money laundering and “Know Your Customer” checks in accordance with our legal and regulatory obligations;
  • contacting you in relation to your investment;
  • where you are a current or former investor, contacting you by email or telephone to offer you shares or units in one of our funds or send you literature relating to one of our funds; and
  • keeping records of conversations and correspondence.

 

We may use your personal data for such purposes if we deem this to be necessary for our legitimate interests provided these interests are not overridden by the interests or fundamental rights or freedoms of the individuals concerned.

 

If you are not happy about this, in certain circumstances you have the right to object and can find out more about how and when to do this in this policy.

 

•  If you are a prospective investor in one of our funds, we use your personal information in the following ways:
  • to carry out anti-money laundering and “Know Your Customer” checks in accordance with our legal and regulatory obligations; and
  • keeping records of conversations and correspondence.

 

We may use your personal data for such purposes if we deem this to be necessary for our legitimate interests provided these interests are not overridden by the interests or fundamental rights or freedoms of the individuals concerned. If you are not happy about this, in certain circumstances you have the right to object and can find out more about how and when to do this in this policy.

 

• For marketing activities to individuals who are not current or former investors in our funds:
  • We may use your personal data to contact you by email or telephone to offer you shares in one of our funds or send you literature relating to one of our funds (except where you have asked us not to).
  • Subject to any applicable local laws and requirements, we will only send non-investors marketing information when you have confirmed, by opting-in, that you wish to be contacted by us. o You have the right to opt out of receiving marketing materials from us at any time. 
• For legal reasons: In some circumstances, we may use your personal data to help us to establish, exercise or defend legal claims.
• Service provider data: We will use information about individuals at our service providers in the following ways:
  • to store (and update when necessary) details on our database, so that we can contact individuals in relation to our agreements or commercial activities with service providers;
  • to offer services to or to obtain support and services from our service providers; and
  • facilitating our invoicing processes.

 

We may use personal data from our service providers for such purposes if we deem this to be necessary for our legitimate interests provided these interests are not overridden by the interests or fundamental rights or freedoms of the individuals concerned.

 

We, or third parties on our behalf, may provide personal data to our service providers, provided that the data is used for the purposes described above. We may also share personal data with our group companies/undertakings, but again, only for the purposes described above.

 

How do we store and transfer your data internationally?

 

In order to carry out the activities described in this Privacy Policy, your data may be transferred between and within entities within our corporate group, to third parties (such as regulatory or tax authorities, or advisers/service providers to us or our funds), to a cloud-based storage provider, and to other third parties, as referred to here.

 

We want to make sure that your data are stored and transferred in a way that is secure. We will therefore only transfer data outside of the European Economic Area (“EEA”) (i.e. the Member States of the European Union, together with Norway, Iceland and Liechtenstein) where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:

 

• by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission for the transfer of personal data by data controllers in the EEA to data controllers and processors in jurisdictions without adequate data protection laws; or
• the transfer is made to an entity certified under the EU – US Privacy Shield; or
• transferring your data to a country where there has been a finding of adequacy by the European Commission in respect of that country’s levels of data protection via its legislation; or
• where it is necessary for the conclusion or performance of a contract between ourselves and a third party and the transfer is in your interests; or
• where you have consented to the data transfer.

 

To ensure that your personal information receives an adequate level of protection, we have put in place appropriate procedures with the third parties we share your personal data with to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the law on data protection.

 

How do we keep personal data secure?

 

We are committed to taking all reasonable and appropriate steps to protect the personal data that we (or third parties on our behalf) hold from misuse, loss, or unauthorised access. We do this by having in place a range of appropriate technical and organisational measures and by having in place a range of contractual standards (relating to, amongst other matters, appropriate technical and organisational measures) in agreements with our service providers. These include measures to deal with any suspected data breach. If you suspect any misuse or loss of or unauthorised access to your personal data please let us know immediately. Details of how to contact us can be found below.

 

How long do we keep personal data?

We, or our service providers on our behalf, will ordinarily process your data throughout the course of our interactions and will then generally retain it for an appropriate period afterwards. The precise length of time will depend on the type of data, our legitimate business needs and other legal or regulatory rules that may require us to retain it for certain minimum periods. In other instances, there may be legal, regulatory or riskmanagement reasons for retaining data, including where certain data might be relevant to any potential litigation (bearing in mind relevant limitation periods).

 

In determining the appropriate retention period for different types of personal data, we always consider the amount, nature and sensitivity of the personal data in question, the potential risk of harm from unauthorised use or disclosure of that personal data, the purposes for which we need to process it and whether we can achieve those purposes by other means (in addition to ensuring that we comply with our legal, regulatory and risk-management obligations, as described above).

 

Once we have determined that we no longer need to hold your personal data, we will delete it from our systems.

 

Your legal rights in respect of your personal data

 

Under certain circumstances, you will have the following rights in respect of your personal data:

 

• The right to ask for a copy of the personal data which we, or service providers on our behalf, hold about you, subject to certain exceptions. If any of the personal data which we hold about you is incorrect or out of date, please let us know and we will correct it.
• The right to object to the processing of your personal data if it is being used because we deem it necessary for our legitimate interests. Where we have obtained your consent to process personal data for certain activities, you may withdraw this consent at any time and we will cease to carry out that particular activity unless we consider there to be an alternative reason to justify our continuing to do so, in which case we will inform you of the reason.
• From 25 May 2018, the right to erase any personal data we hold about you and/or request that it be transferred to another data controller (again, subject to certain exceptions).

 

Please note that if you exercise any of the rights listed above, we may no longer have the personal data (e.g. contact details, financial information, etc.) necessary to comply with our obligations to you following such request.

 

Contacting us

 

If you would like to exercise any of your rights, or learn more about your rights, please contact: David Goldman, our General Counsel at dgoldman@gabelli.com or Richard Walz, our Chief Compliance Officer at rwalz@gabelli.com.

 

You also have the right to lodge a complaint with a data protection supervisory authority, including in the EU member state of your residence, your place of work or the place of the alleged infringement.