Compliance & Legal

    Privacy Policy.

    How Sapphire Capital Partners LLP collects, uses, and protects your personal data in connection with the DealsFlow platform. Our commitment to data integrity and regulatory transparency.

    Updated April 2026

    1. Data Controller

    The data controller responsible for your personal data is Sapphire Capital Partners LLP, a limited liability partnership registered in England and Wales. Sapphire Capital Partners LLP is authorised and regulated by the Financial Conduct Authority (FCA), Firm Reference Number 565716.

    Registered Entity

    Sapphire Capital Partners LLP · Belfast, United Kingdom

    Primary Contact

    info@dealsflow.co.uk

    DealsFlow is a product brand operated under Sapphire Capital Partners LLP. References to "DealsFlow", "we", "us", or "our" in this policy refer to Sapphire Capital Partners LLP acting through the DealsFlow platform.

    2. Scope of This Policy

    This Privacy Policy applies to personal data we collect and process in connection with:

    Visitors to our official web domains
    Individuals submitting demo requests or enquiries
    Authorised users of the DealsFlow platform
    Founders submitting data via inbound channels

    Note: This policy does not apply to data processed on behalf of our fund clients where we act strictly as a data processor.

    3. Personal Data We Collect

    We may collect and process the following categories of data to ensure platform integrity and performance:

    Contact & Identity

    Full name, professional email, job title, company name, and LinkedIn profiles for authentication.

    Account & Usage

    Hashed credentials, activity logs, feature engagement, and session metadata.

    Deal Submission

    Company details, pitch materials, financial metrics, and founder biographies submitted by company representatives.

    Technical Data

    IP addresses, browser specifications, and referring domains used for security monitoring.

    5. How We Use Your Personal Data

    Data utilisation is strictly governed by operational necessity and regulatory compliance:

    • Platform maintenance and delivery
    • AI-assisted scoring and memo generation
    • Routing inbound deal submissions
    • Security and audit logging
    • FCA and AML regulatory reporting
    • Fraud prevention and detection
    • Internal analytics and improvements
    • Direct support and walkthroughs

    Transparency Notice: We do not sell personal data to third parties, nor do we use data for automated decision-making with legal effects without human oversight.

    6. Data Sharing & Third Parties

    Recipients of your personal data are strictly vetted and bound by confidentiality agreements:

    Cloud infrastructure providers (UK-based)
    AI and analytics sub-processors
    Authorised fund clients for deal submissions
    Regulatory authorities (FCA, HMRC)
    Professional legal and audit advisers

    7. Data Retention

    Our retention schedules are designed to balance business necessity with data minimisation principles:

    Account Data

    Duration + 7 years (FCA)

    Deal Data

    Up to 7 years

    Enquiries

    2 years

    Access Logs

    90 days

    8. Data Security

    DealsFlow employs industry-leading security protocols to safeguard your sensitive information:

    AES-256 Encryption at rest
    TLS 1.3 Encryption in transit
    Multi-factor authentication (MFA)
    Role-based access control (RBAC)
    Continuous audit logging
    ISO 27001 Certified Data Centres

    9. Your Rights

    Under UK GDPR, you maintain comprehensive control over your personal data:

    Right of Access
    Right to Rectification
    Right to Erasure
    Right to Restriction
    Right to Portability
    Right to Object

    To exercise these rights, contact our data protection team at info@dealsflow.co.uk.

    10. Cookies & Tracking

    DealsFlow uses strictly necessary cookies for platform security and session management. We do not employ non-essential tracking or marketing scripts without explicit consent.

    Necessary cookies include authentication tokens and anti-CSRF protection, which are essential for secure interaction with our services.

    11. Changes to This Policy

    We reserve the right to update this policy to reflect platform evolution or legal updates. Registered users will be notified of material changes via their primary account email.

    12. Contact Us

    For any enquiries relating to this policy or our data practices, please reach out directly:

    Sapphire Capital Partners LLP

    Belfast, United Kingdom

    FCA Reference: 565716