Privacy Notice
Effective 24 June 2026
Privacy Notice
Gliese Capital LLC ("Gliese Capital," "the Firm," "we," "us," or "our")
Last updated: [the date shown in the footer]
This Privacy Notice explains how Gliese Capital collects, uses, shares, and protects personal data when you visit our website at gliesecap.com (the "Website"), contact us, or engage with us as a prospective or existing investor or counterparty. Please read it together with our Terms & Conditions and AML Policy.
Gliese Capital is a private investment firm operating across multiple jurisdictions, including the United Kingdom, the United Arab Emirates, the Republic of Kazakhstan, and the United States. Depending on the activity, the relevant Gliese Capital entity acts as the "controller" of your personal data. __
1. Who We Are and Scope
1.1 This Notice applies to personal data we process about visitors to the Website, individuals who contact us, representatives of prospective and existing investors and counterparties, and individuals connected with them (such as beneficial owners, directors, and authorised signatories).
1.2 Because we operate across the UK, UAE/DIFC, Kazakhstan/AIFC, and the US, the data-protection laws that apply to you may include the UK GDPR and Data Protection Act 2018, the EU GDPR (where relevant), the DIFC Data Protection Law, the AIFC data-protection framework, and applicable U.S. state privacy laws. We aim to apply a consistent, high standard of protection across all jurisdictions in which we operate.
2. Categories of Personal Data We Collect
We may collect and process the following categories of personal data:
- Contact and identity data — name, email address, telephone number, company or organisation, job title, and the country from which you contact us.
- Website contact-form data — when you submit our contact form, the information you provide, typically your name, email address, company, the nature of your inquiry, and your message, together with the date and time of submission.
- Investor and due-diligence data (KYC/AML) — for prospective and existing investors and counterparties, information required to verify identity and meet legal obligations, which may include date of birth, nationality, residential and registered addresses, government identification, tax identification numbers, ownership and control structures, beneficial-ownership details, source-of-funds and source-of-wealth information, banking details, regulatory and sanctions-screening results, and politically-exposed-person (PEP) status. See our AML Policy. __
- Correspondence and engagement data — records of your communications and interactions with us, including emails, meeting notes, and inquiries.
- Technical and usage data — IP address, device and browser information, operating system, referring pages, pages viewed, and interactions with the Website, collected through cookies and similar technologies.
We do not knowingly collect special categories of personal data through the Website except where required for due-diligence or legal-compliance purposes and permitted by law.
3. Purposes and Legal Bases for Processing
We process personal data for the following purposes, relying on the legal bases shown (under the UK/EU GDPR and equivalent frameworks):
| Purpose | Legal basis |
|---|---|
| Responding to inquiries and contact-form submissions; corresponding with you | Legitimate interests (responding to and managing communications); steps prior to entering a contract at your request |
| Assessing investor eligibility, conducting due diligence, and onboarding | Performance of a contract / steps prior to a contract; legitimate interests; compliance with legal obligations |
| Meeting KYC, AML, sanctions-screening, and other regulatory obligations | Compliance with a legal obligation; legitimate interests in preventing financial crime |
| Operating, securing, and improving the Website and our services | Legitimate interests; consent (for non-essential cookies, where required) |
| Sending updates or materials you have requested | Consent, or legitimate interests, as applicable |
| Establishing, exercising, or defending legal claims; protecting against fraud and misuse | Legitimate interests; compliance with a legal obligation |
Where we rely on consent (for example, for certain cookies or communications), you may withdraw it at any time without affecting prior processing. __
4. Investor Due-Diligence and KYC Data
Where you engage with us as a prospective or existing investor or counterparty, we are subject to anti-money-laundering, counter-terrorist-financing, and sanctions obligations across the jurisdictions in which we operate. We collect and verify due-diligence information as part of onboarding and ongoing monitoring, and may be required to retain it and to disclose it to regulators, auditors, and financial-intelligence authorities. Provision of this information is generally a legal and contractual requirement; if you do not provide it, we may be unable to onboard you or continue the relationship. Further detail is set out in our AML Policy.
5. Cookies and Analytics
The Website uses cookies and similar technologies for functionality, security, and analytics. Where required by law, non-essential cookies are set only with your consent. You can control cookies through your browser settings and, where provided, through our cookie-preference controls. __
6. How We Share Personal Data
We may share personal data with:
- Service providers and processors — IT, cloud-hosting, website, fund-administration, KYC/screening, and analytics providers who process data on our behalf under appropriate contractual terms.
- Professional advisers — our auditors (EY) and legal counsel (including Cohen & Gresser and Morgan Lewis), and other advisers, where necessary for our legitimate business, audit, or compliance purposes. __
- Regulators, authorities, and courts — where required by law, regulation, court order, or a lawful request, including for AML, sanctions, and tax-reporting purposes.
- Corporate transactions — in connection with a merger, acquisition, reorganisation, or transfer of assets, subject to appropriate confidentiality protections.
We do not sell personal data, and we do not "sell" or "share" personal data for cross-context behavioural advertising as those terms are defined under applicable U.S. state privacy laws. __
7. International Transfers and Safeguards
We operate across Kazakhstan, the United Kingdom, the United Arab Emirates, and the United States, and your personal data may be transferred to, and processed in, jurisdictions other than your own, including those that may not provide the same level of protection as your home jurisdiction. Where we transfer personal data internationally, we put in place appropriate safeguards recognised under applicable law, which may include Standard Contractual Clauses (and the UK International Data Transfer Agreement/Addendum), adequacy decisions, or other lawful transfer mechanisms, together with appropriate technical and organisational measures. __
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, regulatory, tax, accounting, and reporting obligations and to establish, exercise, or defend legal claims. KYC/AML and related records are generally retained for at least five (5) years after the end of the relevant relationship or transaction, and longer where a law or regulator requires. When personal data is no longer required, we securely delete or anonymise it. __
9. Your Rights
Depending on your jurisdiction and the applicable law, you may have some or all of the following rights in relation to your personal data:
- Access — to obtain confirmation of, and a copy of, the personal data we hold about you.
- Rectification — to have inaccurate or incomplete data corrected.
- Erasure — to request deletion of your personal data in certain circumstances.
- Restriction — to request that we restrict processing in certain circumstances.
- Objection — to object to processing based on legitimate interests, and to object to direct marketing at any time.
- Portability — to receive certain data in a structured, commonly used, machine-readable format.
- Withdraw consent — where processing is based on consent.
- Complaint — to lodge a complaint with a supervisory authority (for example, the UK Information Commissioner's Office, the DIFC Commissioner of Data Protection, or the relevant AFSA/AIFC authority).
U.S. state privacy rights. Where applicable U.S. state privacy laws apply to you, you may also have rights to know, access, correct, and delete personal data, to opt out of "sale" or "sharing" and certain targeted advertising and profiling, and to be free from discrimination for exercising those rights. __
These rights are subject to legal limits and exemptions, including where we are required to retain data for regulatory or AML purposes. To exercise any right, please contact us using the details in Section 13. We may need to verify your identity before responding.
10. Security
We maintain appropriate technical and organisational measures designed to protect personal data against unauthorised or unlawful access, loss, alteration, or disclosure. These may include encryption, access controls, network security, audit logging, staff confidentiality obligations, and secure hosting. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
11. Children
The Website and our services are intended for institutional, professional, and eligible-investor audiences and are not directed at children. We do not knowingly collect personal data from individuals under the age of 18, and if we become aware that we have done so, we will take steps to delete it.
12. Updates to This Notice
We may update this Privacy Notice from time to time to reflect changes in our practices or applicable law. The current version is the one published on the Website, identified by the "last updated" date shown above. Material changes will be highlighted where appropriate.
13. Contact and Data Protection Officer
For questions about this Privacy Notice, to exercise your rights, or to raise a privacy concern, please contact:
Gliese Capital LLC Email: info@gliesecap.com
__