If you are a Roark investor or a representative of an investor, please see the investor privacy notice, which is available in our investor portal, for additional information about our collection, use, and sharing practices with respect to investor information. In addition, our investor portal provider’s policies also apply to the information collected in our investor portal.
1. Information We Collect
a. Information You Provide Directly to Us
Except as provided below, you may visit this Site without providing Roark Capital Management with any personally identifiable information. We collect personally identifiable information about you only if you voluntarily provide it to us and you have the option not to provide any personally identifiable information to us. You may voluntarily provide to us personally identifiable information such as your name, address, email, phone number, and other contact information, when you contact Roark Capital Management, submit a request to Roark Capital Management, fill out contact or recruiting forms, or subscribe to mailing lists concerning Roark Capital Management or our affiliates.
b. Information We Collect from Third Parties
We may also collect information from third parties, such as a CV received from a recruiting firm, fit-for-work information received from a physician, background information received from a background check provider, information we view on social media, or details obtained from publicly available lists of individuals subject to trade restrictions. We also collect information from affiliates and vendors to support our provision of investment services. The data we collect from such third parties is often in aggregate form and not individually identifiable, though at times may include personal data. For example, we may collect information from providers of market surveys and vendors who aggregate publicly available information. The extent to which we may obtain information from such sources is governed by the third-party source.
c. Information that Is Passively or Automatically Collected
i. Device/Usage Information
We may automatically collect certain information about the computer or devices (including mobile devices or tablets) you use to access the Site. As described further below, we may collect and analyze information such as (a) IP addresses, location information, unique device identifiers, IMEI and TCP/IP addresses, and other information about your computer or device(s), browser types, browser language, operating system, mobile device carrier information, and the state or country from which you accessed the Site; and (b) information related to the ways in which you interact with the Site, such as referring and exit web pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, statistical information about the use of the Site, the amount of time spent on particular pages, the date and time you used the Site, the frequency of your use of the Site, error logs, and other similar information. As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.
ii. Cookies and Other Tracking Technologies
We may also collect data about your use of the Site through the use of web server logs, cookies, and/or tracking pixels. A web server log is a file where website activity is stored. A cookie is a small text file that is placed on your computer when you visit a website, that enables us to: (a) recognize your computer; (b) store your preferences and settings; (c) understand the web pages of the Site you have visited; (d) enhance your user experience by delivering content and advertisements specific to your inferred interests; (e) perform searches and analytics; and (f) assist with security administrative functions. We also may include tracking pixels and web beacons in email messages, newsletters, and other electronic communications to determine whether the message has been opened and for other analytics, personalization, and promotion. As we adopt additional technologies, we may also gather additional information through other methods.
Please note that you can change your settings to notify you when a cookie is being set or updated or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g. Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). You can also manage the use of Flash technologies, including cookies and local storage objects, with the Flash management tools available at Adobe’s website. Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Site.
iii. Online Analytics
We may use third-party web analytics services (such as those of Google Marketing Platform) on our Site to collect and analyze the information discussed above and to engage in auditing, research, or reporting. The information (including your IP address) collected by various analytics technologies described in the “Cookies and Other Tracking Technologies” section will be disclosed to or collected directly by these service providers who use the information to evaluate your use of the Site, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.
iv. Do-Not-Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not currently recognize or respond to browser-initiated DNT signals. Third parties, such as our analytics providers, may collect data that relates to you on our Site. We cannot control third parties’ responses to DNT signals. Third parties’ responsiveness to DNT signals is governed by their respective privacy policies. You can learn more about Do Not Track here.
2. How We Use Your Information
We may use the information we collect from and about you for the following purposes:
- For the purposes for which you provided it to us or a vendor;
- To provide the features and services available through the Site;
- To provide and improve our investment services, including evaluating potential investments and managing existing investments;
- To respond to your requests or to send you other communications;
- To conduct surveys and analyze market trends and interests;
- To process and respond to your inquiries or to request your feedback;
- For internal research and reporting;
- To improve the content and features of the Site;
- For recruiting purposes;
- To enforce the legal terms that govern your use of the Site; and
- To administer and troubleshoot the Site.
Please note that we may combine information that we collect from you and about you (including automatically-collected information) with information we obtain about you from our affiliates, vendors, and/or other non-affiliated third parties and use such combined information in accordance with this Policy.
We may aggregate and/or de-identify information we collect. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties or affiliates.
3. When We Disclose Your Information
We may disclose and/or share your information to or with any non-affiliated third parties under the following circumstances:
- Consent. We may disclose your information to any third parties based on your consent to do so.
- Service Providers. We may provide access to or share your information with select third parties who perform services on our behalf, including without limitation communications, market research, customer support, data storage, analysis and processing, and legal services.
- Business Transfers. As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions (including in contemplation of such transactions, e.g., due diligence), user information may be among the disclosed or transferred assets. If any of Roark’s assets are sold or transferred to a third party, your information could be one of the transferred business assets.
4. Legal Basis for Processing Personal Data
The laws in some jurisdictions require companies to tell you about the legal ground they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds for processing your personal data are as follows:
- Legitimate Interests. In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities, such as the following, in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:
- Providing our investment services
- Providing and maintaining our Site
- Analyzing and improving our business and Site
- Communications, including responding to your inquiries about our services
- Addressing information security needs and protecting our investors, Roark, and others
- Managing legal issues
- Legal Compliance. We need to use and disclose personal data in certain ways to comply with our legal obligations.
- Honor Our Contractual Commitments to You. Much of our processing of personal data is to meet our contractual obligations to our investors or to take steps at investors’ request in anticipation of entering into a contract with them.
- Consent. Where we collect personal data from a third party that has obtained your consent, we may process your personal data on the basis of consent.
5. Your Choices and Rights
Subject to local law, you may have certain rights with regard to your personal data. To learn more about the personal data we collect about you or the rights you may have, please contact us using the contact information below. These rights may include the following rights to (1) access or rectify your personal data or request its deletion, (2) request a restriction on the processing of your personal data, (3) object to the processing of your personal data, or (4) exercise other rights with respect to your personal data. We strongly encourage you to first raise any questions or concerns about your personal data directly with us. You may have a right to lodge a complaint with the relevant regulatory authority.
a. California’s Shine the Light Law
Subject to certain limits under California’s “Shine the Light” law, California residents may ask Roark to provide them (i) a list of certain categories of personal data that we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, and (ii) the identity of those third parties. California residents may make one request per calendar year. To make this request, please click here.
b. California Consumer Privacy Act
This section applies to “Consumers” as defined by the California Consumer Privacy Act (“CCPA”) and uses the term “Personal Information” as defined by the CCPA. The CCPA grants California Consumers several rights regarding their Personal Information.
The right to know what categories of Personal Information are being collected, sold, or disclosed and the categories of sources of that Personal Information
You have the right to know what categories of Personal Information we collect, sell, or disclose about you, as well as the categories of third parties who purchased or received your Personal Information and the categories of sources of that Personal Information.
We collect the following categories of information from California consumers:
- Identifiers, such as names, email addresses, IP addresses, or other similar identifiers
- Internet activity information
- Professional or employment-related information
- Educational information
- Financial information
We may use or disclose to a service provider identifiers and professional or employment-related information to process and respond to your inquiries or to send you other communications, for recruiting purposes, to provide and improve our investment services, including evaluating potential investments and managing existing investments, or for any other purposes for which you have provided us that information. We may use or disclose to a service provider internet activity information to improve the content and function of our Site or for internal research and reporting.
We do not “sell” Personal Information, as defined in the CCPA.
The right to access collected Personal Information
You have the right to request that we provide a copy of your Personal Information that we collected, sold, or disclosed in the preceding twelve (12) months. Only you, or someone you legally authorize to act on your behalf, may make a request related to your Personal Information. You may submit a maximum of two requests in a 12-month period.
You must provide sufficient information to enable us to reasonably verify your identity or that of your authorized agent. We will only use the Personal Information provided in your request to verify your identity or that of your authorized agent. Please note that we cannot provide any Personal Information in response to a request if we cannot verify your or your authorized agent’s identity, or your authorized agent’s authority to make the request on your behalf, and/or if we cannot confirm that the collected Personal Information relates to you.
After receiving and verifying your request, we will provide the following information (depending on your request):
- The categories of Personal Information collected about you in the preceding twelve (12) months
- The sources of that Personal Information by category
- The business or commercial purpose(s) for collecting or selling that Personal Information
- The categories of third parties with whom we shared that Personal Information.
- The specific pieces of Personal Information collected about you
You may submit a request to access your Personal Information by clicking here or calling 1-833-508-0401.
The right to request deletion of Personal Information
With certain exceptions, you have the right to request that we and our service providers delete Personal Information we or our service provider collected or maintained. Once we receive and verify your request, we will delete and instruct any applicable service providers to delete your Personal Information from our records, unless an exception applies.
You may submit a deletion request by clicking here or calling 1-833-508-0401.
The right to be free from discrimination
You have the right to equal service, and we will not discriminate against you if you exercise your rights under the CCPA.
Request verification process
Once we receive a request to know or to delete your Personal Information, we must verify your identity before we can respond. In order for us to verify your request, you may be required to provide the following information:
- Your first and last name
- Your email address
- The company for which you work
You also may be asked to verify your request by responding to an email sent to the email address you have provided to us. If you submit either a request to know specific pieces of Personal Information collected or a request to delete sensitive, irreplaceable, or otherwise valuable Personal Information, you (or your authorized agent, if applicable) may be required to provide a signed declaration affirming your identity (or your authorized agent’s identity, if applicable).
An authorized agent is either a natural person or a business entity registered with the California Secretary of State that a consumer has authorized to act on his or her behalf.
You may use an authorized agent to submit a request to know, to delete, or to opt-out. Your agent will need to provide: either (1) a power of attorney; or (2) your written permission to allow the authorized agent to submit the request on your behalf and verification of your identity.
c. Nevada Consumer Rights
Under Nevada law, Nevada residents may opt out of the sale of certain “covered information” collected by operators of websites or online services. We currently do not sell covered information, as “sale” is defined by such law, and we don’t have plans to sell this information. However, if you would like to submit a request that we do not sell covered information we have collected or will collect about you, you may do so here.
6. Children’s Privacy
The Site is intended for general audiences and not for children under the age of 16. If we become aware that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) or personal data (under the GDPR) from children under the age of 16 without valid parental consent, we will take reasonable steps to delete it as soon as practicable.
We take reasonable measures to protect your personal information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. Nevertheless, transmission via the internet and online digital storage are not completely secure, so we cannot guarantee the security of your information collected through the Site.
8. Data Retention
We will hold your information for as long as necessary to fulfill the purposes set forth in this Policy or as long as we are legally required or permitted to do so. Information may persist in copies made for backup and business continuity purposes for additional time.
9. Data Transfer
Our computer systems are currently based in the United States and your personal data will be processed in the United States, which may not offer the same level of protection as the privacy laws of your jurisdiction.
10. Third-Party Links and Services
11. Changes to this Policy
12. Contact Information and Questions About this Policy
Last updated on: August 1, 2020