Legal
Privacy Statement
This Privacy Statement explains how 265 Capital AG and its affiliates (together, "265 Capital", "we", "us" or "our") collect, use, and protect personal data when you visit https://265.capital (the "Site") or otherwise engage with us. We treat your information with the same discretion we apply to our own affairs.
1. Who we are
The data controller is 265 Capital AG, a Swiss stock corporation registered with the Commercial Register of the Canton of Zug under CHE-499.376.686, with registered office at Reiffergässli 4, 6300 Zug, Switzerland. Affiliated processing is also carried out by 265 Capital BV, The Pulse, Hildegard von Bingenstraat 44, 1081 LH Amsterdam, Netherlands.
For all matters concerning your personal data, write to jorgo@265.capital.
2. Personal data we collect
(a) Information you give us
- name, email address, subject category and message content when you complete the Contact form;
- any information you choose to share via email, telephone, meeting bookings, or other correspondence;
- where applicable, identification, suitability and source-of-funds information collected as part of investor onboarding (handled separately to this Site under our Onboarding Notice).
(b) Information collected automatically
- standard server log data (IP address, user agent, request path, timestamp) recorded by our hosting provider for security and abuse-prevention;
- technical request data triggered by Google Fonts when delivering the Site's typefaces (see §5).
We do not use advertising cookies, tracking pixels, fingerprinting, behavioural analytics, or session-replay tools on this Site.
3. Why we process your data, and our legal basis
| Purpose | Legal basis (GDPR Art. 6 / Swiss FADP) |
|---|---|
| Responding to enquiries you submit via the Contact form, by email, or by booking a meeting | Pre-contractual measures at your request and our legitimate interest in operating the Site |
| Operating, securing and maintaining the Site (including server-side logging and abuse-prevention) | Our legitimate interest in providing a secure, functional service |
| Complying with legal, regulatory, AML/KYC, tax and audit obligations | Compliance with a legal obligation |
| Establishing, exercising or defending legal claims | Our legitimate interest and, where relevant, legal obligation |
We do not engage in profiling or automated decision-making that produces legal or similarly significant effects in respect of you.
4. How long we keep your data
- Contact-form submissions and follow-on correspondence: up to 24 months from the last interaction, unless a longer period is required by law or by an active business relationship.
- Server log data: up to 30 days, after which it is deleted or aggregated into non-identifying statistics.
- Investor onboarding records: retained for the period mandated by applicable AML, tax, and corporate-record rules (typically 10 years from the end of the relationship).
5. Sharing and processors
We share personal data only with the categories of recipients listed below, in each case under written processing agreements:
| Processor | Purpose | Location of processing |
|---|---|---|
| Vercel Inc. | Static hosting and edge delivery of the Site | United States & global edge network |
| Hostmax GmbH | Form-handler hosting, DNS, and ancillary services | Switzerland |
| Microsoft Corporation (Microsoft 365) | Email transport and mailbox storage | European Union & global |
| Google LLC (Google Fonts) | Web-font delivery; receives your IP address briefly when fonts load | United States & global |
We disclose personal data to public authorities, courts, regulators, professional advisers, auditors and counterparties only where compelled by law or strictly necessary to protect our or others' legal rights. We do not sell or rent personal data to anyone.
6. International transfers
Where personal data is transferred outside Switzerland or the European Economic Area, we rely on appropriate safeguards: the Standard Contractual Clauses adopted by the European Commission and equivalent Swiss safeguards approved by the Swiss FDPIC, supplemented where applicable by the EU-U.S. and Swiss-U.S. Data Privacy Framework. A copy of the relevant safeguards is available on request to jorgo@265.capital.
7. Your rights
Subject to the conditions and limitations set out in the GDPR and the Swiss FADP, you have the right to:
- obtain confirmation that we process your personal data and request access to it;
- request correction of inaccurate or incomplete data;
- request erasure ("right to be forgotten") subject to applicable retention obligations;
- request restriction of processing or object to processing carried out on a legitimate-interest basis;
- receive your data in a structured, machine-readable format and request its portability;
- withdraw consent at any time, where processing is based on consent (without affecting the lawfulness of prior processing);
- lodge a complaint with a supervisory authority — in particular the Dutch Autoriteit Persoonsgegevens or the Swiss Federal Data Protection and Information Commissioner.
To exercise any of these rights, write to jorgo@265.capital. We will acknowledge promptly and respond substantively within 30 days, unless an extension is permitted by law.
8. Cookies and tracking
The Site does not set first-party cookies. The only outbound network requests it triggers are to Google Fonts (web-font delivery) and to our own form endpoint when you submit the Contact form. No advertising or analytics third parties are loaded.
9. Security
We use TLS encryption in transit, restrict access to personal data on a need-to-know basis, segregate production systems from corporate environments, and review our processors' security practices annually. Despite these measures, no online service is 100% secure; please take reasonable care when sharing sensitive information.
10. Children
The Site and our services are directed at sophisticated, professional and qualified investors. We do not knowingly collect personal data from anyone under 16. If you believe we have, please contact us and we will delete it.
11. Changes
We may update this Statement from time to time. Material changes will be flagged on this page with a new "Last updated" date and, where appropriate, with prior notice by email to investors and counterparties.
12. Governing law
Swiss law governs this Privacy Statement, without prejudice to mandatory provisions of the GDPR or other consumer-protection rules of your country of residence.