Our Commitment to Privacy
Visitors that are residents of California should also refer to our California Privacy Policy, which supplements this Website Privacy Policy, below. Visitors located in the United Kingdom, the European Union or the European Economic Area should refer to our EU and UK Privacy Policy, which supplements this Privacy Policy, below.
Your privacy is important to Cortec Group Management Services, LLC and its affiliates (together, “Cortec” “our,” “us,” “we” or “company”). To better protect your privacy, we are providing information explaining our information practices, including the types of personally identifiable information we collect, how we use that information, how we share it and your rights regarding our use of this information. We also describe the measures we take to protect the security of your information, and how you can contact us about of data protection practices.
This Website Privacy Policy (this “Privacy Policy”), which is supplemented by the California Privacy Policy and the EU and UK Privacy Policy (together the “Supplements”), describes how we gather and use the personally identifiable information or personal data of visitors of this website and other individuals who may provide their personal data to Cortec in the scenarios listed under “the Scope of this Privacy Policy and Our Supplements” below.
For simplicity, we use “personally identifiable information”, “personal information” and “personal data” interchangeably throughout this Privacy Policy and the Supplements. Please read this Privacy Policy carefully.
The Scope of This Privacy Policy and Our Supplements
This Privacy Policy and the Supplements apply to personally identifiable information that we collect in the following scenarios:
- on or through www.cortecgroup.com and investor reporting portals (“our Website”);
- when you opt to receive communications from Cortec;
- when you visit our offices;
- about representatives of our vendors, business partners or portfolio companies;
- when you apply for a job with us; or
- through other data collection points where we refer to this Privacy Policy and/or the Supplements.
This Privacy Policy and our Supplements (if applicable) do not apply to any processing of personally identifiable information by or on behalf of Cortec that is covered by a more specific privacy notice
The Information We Collect About You
We collect, use, store and transfer the following categories of personally identifiable information about you, depending on the nature of our relationship with you and the business context:
- basic information: your name, date of birth, name of your employer, title, job title and/or position;
- contact information: your mailing or home address, telephone number and/or email address;
- information that you provide to us when you contact us: such as via the “Contact” section of our Website, when you visit our offices, when you communicate with us over email or the telephone, information from your resume or CV when you apply for a job with us, etc.;
- information about you collected through automated technology, such as cookies: your internet protocol (IP) address, your login data and/or other similar online identifying data. Cortec does not collect personally identifiable information about website users (e.g., names, contact information, etc.) other than online identifiers, unless the website user chooses to provide additional personally identifiable information to Cortec through the “Contact” section of our Website. For further information on the types of cookies and the purposes for which we use cookies, please see the “Cookies” section below;
- identification and background information: such as social security number, passport information, financial information and/or any other information provided by you or collected by us as part of our due diligence and business acceptance processes, in order to comply with our regulatory and legal requirements; and/or
- marketing and communications information collected about you or that you provide to us: your preferences in receiving marketing information from us and/or our third parties, and/or your communication preferences.
We may combine any personally identifiable information that you provide to us with information that we collect from or about you from publicly available sources. This will include information collected in an online or offline context. For example, we may collect resume information sent to use by a recruiting firm, background information from a background check provider, personal data we viewed on social media (e.g., LinkedIn) or information obtained from publicly available lists of individuals subject to sanctions or trade restrictions.
Why We Use Your Information
We may use your personally identifiable information for the following purposes and, where EU and UK Privacy Laws (as defined in the EU and UK Privacy Policy) apply to our collection and processing of your personally identifiable information, on the following legal basis:
| Purpose | Legal Basis (where EU and UK Privacy Laws apply to our use of your personal data) |
|---|---|
| To conduct business with you or to provide you with the services you have requested | Contractual necessity; and/or our legitimate interest in operating our business and providing investment services |
| To communicate with you, to operate schedule and facilitate meetings (in-person and online) and to administer your participation in any of our events | Our legitimate interest in operating our business and providing investment services |
| To keep a record of your relationship with us | Our legitimate interest in operating our business and providing investment services; and/or legal requirement |
| To verify your identity (including to conduct anti-money laundering or KYC checks and to enable you to access our offices) or to evaluate a potential business partner or supplier | Legal requirement; and/or our legitimate interest in operating our business and providing investment services securely |
| To protect against, identify and prevent, fraud, money-laundering, cyber-attacks, theft of our property and other unlawful activity | Legal requirement; and/or our legitimate interest in operating our business and providing investment services securely and safely |
| To conduct conflicts checks | Legal requirement |
| To conduct due diligence activities in connection with an actual or prospective corporate transaction or investment which are evaluated by Cortec or which we are party to | Our legitimate interest in operating our business and providing our investment services; contractual necessity; and/or legal requirement |
| To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding
|
Our legitimate interest in operating our business and providing our investment services |
| Corporate transaction and investment reporting | Legal requirement |
| Management of litigation or other judicial, administrative or other dispute resolution proceedings, to comply with court or regulatory orders and to conduct internal audits and investigations | Legal requirement; and/or our legitimate interest in operating our business
|
| To obtain advice from our professional advisors, including lawyers and accountants | Our legitimate interest in operating our business |
| To provide, support, personalize, develop, improve and administer our website and to manage your online account | Our legitimate interest in operating our business |
| To make suggestions and recommendations to you, or to provide you with updates or other information, about our business and services that may be of interest to you | Our legitimate interest in operating our business |
| For statistical analysis and market research | Our legitimate interest in operating our business |
If we require your personally identifiable information due to a legal requirement or obligation or in order to perform a contract with you, we will make you aware of this at the time we collect your personally identifiable information, and the possible consequences of you failing to provide this information (e.g., we may require your passport details to verify your identity for the purposes of anti-money laundering regulations). Failure to provide this information means that we cannot conduct business with you. In this case, we may have to cancel an existing business arrangement with you but we will notify you if this is the case at the time.
Who We May Share Your Information With
Cortec will not disclose any personally identifiable information about you to anyone, except to our affiliates, our service providers (including legal, tax and financial professional advisors, our auditors, recruitment firms, office management companies and security providers, IT and data security providers, placement agents, administration agents, depositaries and investment managers), government or judicial bodies, law enforcement or contractual counterparties as necessary in connection with the purposes described above.
How We Keep Your Information Secure
We consider the protection of personally identifiable information to be a sound business practice, and to that end we employ appropriate organizational, physical, technical and procedural safeguards, which seek to protect your personally identifiable information in our possession or under our control to the extent possible from unauthorized access and improper use. These safeguards include (among other measures) limiting access to your personally identifiable information to those employees, workers and third parties (as described in the section above) who have a business need to know, and on the basis that they will keep your information confidential. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information and data via the Internet is not completely secure. Although we make an effort to protect your personally identifiable information, we cannot guarantee the security of any information or data transmitted to or through our website; any transmission of information or data by you to or through this website is at your sole risk.
Marketing
We may use your personally identifiable information to keep you informed of our products and services, if you have provided your consent to us doing so, or where we have an existing relationship with you and we wish to contact you about products and services similar to those which we provide you, in which you may be interested. You may opt-in to certain kinds of marketing, or all forms of marketing at any time, by contacting us and you may unsubscribe to receiving emails by clicking on the “opt-out” or “unsubscribe” link provided in all our marketing emails, at any time.
Capacity
This website is only intended for individuals who are at least 18 years of age. We do not knowingly encourage or solicit visitors to this website who are under the age of 18 or knowingly collect personally identifiable information from anyone under the age of 18 without parental consent. If we learn we have collected or received personally identifiable information from an individual under the age of 18, we will delete that information.
Cookies
Information regarding how you access our Website (e.g., browser type, access times, and Internet Protocol (IP) address) and your hardware and software is automatically collected through the use of cookies (a small text file placed on your hard drive) or other technologies or tools. This information is used to improve website performance and for our business purposes. Where cookies are not necessary for us to provide the products or services you have requested or for the functioning of this site, we will ask you to consent to their use. You may opt-in to accept cookies automatically by changing the settings on your browser. If you opt-out of certain cookies, you may not be able to access certain parts of this site.
On our Website we use the cookies listed below:
| Cookie | Name | Type / Purpose | More Information |
|---|---|---|---|
| Cookie Consent | CookieConsent | A cookie to remember that a user has accepted the cookie disclaimer when the website first loads. | Cookie expires after 30 days |
You may wish to visit www.aboutcookies.org, which contains comprehensive information about types of cookies, how they are used, and how you manage your cookie preferences.
You may access any personally identifiable information we have about you by contacting: [email protected].
Notification of Changes
We reserve the right to amend this Privacy Policy and/or the Supplements from time to time and for any reason, in our sole discretion, without notice, by updating this Privacy Policy and/or the Supplements. Accordingly, users are strongly encouraged to review our Privacy Policy and the relevant Supplement (if applicable) regularly. If we decide to change our Privacy Policy and/or any Supplement, we will post those changes so our users are always aware of what information we collect, how we use it and under what circumstances, if any, we disclose it. If at any point we decide to collect personally identifiable information or use any collected information in a manner different from that stated at the time it was collected, we will notify users by posting changes on this page. We will use information only in accordance with the Privacy Policy and the relevant Supplement (if applicable) under which the information was collected.
Contact Us
If you have any questions or concerns about this Privacy Policy, please contact [email protected].
California Website Privacy Policy
DATE LAST UPDATED: August 15, 2023
This California Website Privacy Policy (this “California Privacy Policy”) supplements the Privacy Policy with respect to specific rights granted under the California Consumer Privacy Act of 2018, as amended (the “CCPA”) to natural person California residents and provides information regarding how such California residents can exercise their rights under the CCPA. This supplement is only relevant to you if you are a resident of California as determined in accordance with the CCPA. Information required to be disclosed to California residents under the CCPA regarding the collection of their personal information that is not set forth in this CCPA supplement is otherwise set forth in the Privacy Policy. To the extent there is any conflict with the privacy requirements under the Gramm-Leach-Bliley Act and/or Regulation S-P (“GLB Rights”), GLB Rights shall apply.
What does this California Privacy Policy apply to?
This California Privacy Policy applies solely to your interactions with us in the data collection scenarios described in “The Scope of this Privacy Policy and our Supplements” section of the Privacy Policy.
What information do we collect about you?
The types of personal information we collect about you depends on the nature of your interaction with us. The categories of personal information we have collected from individuals in the data collection scenarios described in “The scope of this Privacy Policy and our Supplements” section of the Privacy Policy over the last twelve (12) months include the following:
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Name, contact details and address (including physical address, email address and Internet Protocol address), and other identification (including social security number, passport number and driver’s license or state identification card number). | YES |
| B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | Telephone number, signature, bank account number, other financial information (including accounts and transactions with other institutions and anti-money laundering information), and verification documentation and information regarding investors’ status under various laws and regulations (including social security number, tax status, income and assets). | YES |
| C. Protected classification characteristics under California or federal law | Date of birth, citizenship and birthplace. | YES |
| D. Commercial information | Account data and other information contained in any document provided by investors to authorized service providers (whether directly or indirectly), risk tolerance, transaction history, investment experience and investment activity, information regarding a potential and/or actual investment in the applicable fund(s), including ownership percentage, capital investment, income and losses, source of funds used to make the investment in the applicable fund(s). | YES |
| E. Biometric information | Imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns and voice recordings or keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contains identifying information. | NO |
| F. Internet or other similar network activity | Use of our website, fund data room and investor reporting portal (e.g., cookies, browsing history and/or search history), as well as information you provide to us when you correspond with us in relation to inquiries | YES |
| G. Geolocation data | Physical location or movements. | NO |
| H. Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information. | NO |
| I. Professional or employment-related information | Current or past job history or performance evaluations. | YES, as to the following types of information: job history as provided in resume of job candidates |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | YES, as to the following types of information: grades, as provided in resume of job candidates |
| K. Inferences drawn from other personal information | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO |
| L. Sensitive Personal Information (see further information on use of sensitive personal information below) | Social security, driver’s license, state identification card, or passport numbers; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin; religious or philosophical beliefs; union membership; genetic data; the contents of a consumer’s mail, email, and text messages unless you are the intended recipient of the communication; criminal history; biometric information for the purpose of uniquely identifying a consumer; and personal information collected and analyzed concerning a consumer’s health, sex life, or sexual orientation. | YES, as to the following types of information: social security, driver’s license, state identification care, or passport numbers, account log-in information to the Cortec Sharefile site, financial account in combination with any required security or access code password, criminal history (with respect to background checks of employees or certain business counterparties) or credentials allowing access to an account only. |
We do not collect or use sensitive personal information other than:
- To perform services, or provide goods, as would reasonably be expected by an average consumer who requests those goods or services;
- As reasonably necessary and proportionate to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information;
- As reasonably necessary and proportionate to resist malicious, deceptive, fraudulent, or illegal actions directed at us and to prosecute those responsible for such actions;
- For short-term, transient use (but not in a manner that discloses such information to another third party or is used to build a profile of you or otherwise alter your experience outside of your current interaction with us);
- To perform services on behalf of our business;
- To verify or maintain the quality or safety of a service or to improve, upgrade, or enhance such service or device; and
- To collect or process sensitive personal information where such collection or processing is not for the purpose of inferring characteristics about a consumer.
Some internet browsers have incorporated “Do Not Track” features. Most of these features, when turned on, send a signal or preference (the “DNT Signal”) to websites you visit indicating that you do not wish to be tracked. At this time, we do not currently respond to DNT Signals.
How do we obtain your personal information?
Please see “The Scope of this Privacy Policy and our Supplements” section of the Privacy Policy for information on how we obtain your personal information.
How do we use your personal information?
We will use your personal information for one or more of the business or commercial purposes set out in the “Why we use your information” section of the Privacy Policy. We retain the categories of personal information set forth above in “What information do we collect about you?” section of this California Privacy Policy only as long as is reasonably necessary for those purposes set forth above in “Why we use your information?” section of the Privacy Policy, except as may be required under applicable law, court order or government regulations.
Who do we disclose your personal information to?
We do not share (i.e., disclose to a third party for the purpose of cross-context behavioral advertising) or sell (as such terms are defined in the CCPA) any of the personal information we collect about you to third parties.
Within the last twelve (12) months, we have disclosed personal information collected in connection with this the data collection scenarios described in “The scope of this Privacy Policy and our Supplements” section of the Privacy Policy for a business or commercial purpose to the categories of third parties indicated in the chart below. We may also disclose your information to other parties as may be required by law or regulation, or in response to regulatory inquiries.
| Personal Information Category | Category of Third-Party Recipients |
|---|---|
| A. Identifiers | Administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. |
| B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | Administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. |
| C. Protected classification characteristics under California or federal law | Administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. |
| D. Commercial information | Administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. |
| E. Biometric information | N/A |
| F. Internet or other similar network activity | Administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. |
| G. Geolocation data | N/A |
| H. Sensory data | N/A |
| I. Professional or employment-related information | N/A |
| J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | N/A |
| K. Inferences drawn from other personal information | N/A |
| L. Sensitive Personal Information | Administrators, lenders, banks, auditors, law firms, governmental agencies or pursuant to legal process, self-regulatory organizations, consultants and placement agents. |
Your rights under the CCPA
Deletion Rights: You have the right to request that we delete any of your personal information that we retain, subject to certain exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations. We will notify you in writing if we cannot comply with a specific request and provide an explanation of the reasons.
Disclosure and Access Rights: You have the right to request that we disclose to you certain information regarding our collection, use, disclosure and sale of personal information specific to you. Such information includes:
- the categories of personal information we collected about you;
- the categories of sources from which the personal information is collected;
- our business or commercial purpose for collecting such personal information;
- the categories of third parties with whom we disclose the personal information;
- the specific pieces of personal information we have collected about you; and
- whether we disclosed your personal information to a third party, and, if so, the categories of personal information that each recipient obtained.
Correction Right: You have the right to request that we correct any inaccuracies in the personal information that we retain, subject to certain statutory exceptions, including, but not limited to, our compliance with U.S., state, local and non-U.S. laws, rules and regulations. We will notify you in writing if we cannot comply with a specific request and provide an explanation of the reasons.
No Discrimination: We will not discriminate against you for exercising your rights under the CCPA, including by denying service, suggesting that you will receive, or charging, different rates for services or suggesting that you will receive, or providing, a different level or quality of service to you.
How to Exercise Your Rights: To exercise any of your rights under the CCPA, or to access this notice in an alternative format, please submit a request on your behalf using any of the methods set forth in the Contact us section below.
Contact us
For any requests relating to the exercise of your rights under the CCPA, or questions regarding our processing of your personal information, please submit or have your authorized representative submit a request using any of the methods set forth below.
Call us using the following toll-free number: 1-844-569-3851
Submit a request online using the following online form: Privacy Standards Form
Email us at the following email address: [email protected].
We will contact you to confirm receipt of your request under the CCPA and request any additional information necessary to verify your request. We verify requests by matching information provided in connection with your request to information contained in our records. Depending on the sensitivity of the request and the varying levels of risk in responding to such requests (for example, the risk of responding to fraudulent or malicious requests), we may request further information or your investor portal access credentials, if applicable, in order to verify your request. You may designate an authorized agent to make a request under the CCPA on your behalf, provided that you provide a signed agreement verifying such authorized agent’s authority to make requests on your behalf, and we may verify such authorized person’s identity using the procedures above. If we request you verify your request and we do not receive your response, we will pause processing your request until such verification is received.
Please contact Michael S. Neuberger, the Chief Compliance Officer and Chief Financial Officer of Cortec Group Management Services, LLC, with any questions about this California Privacy Policy at the email address above.
EU and UK Website Privacy Policy
DATE LAST UPDATED: August 15, 2023
This EU and UK Privacy Policy (the “EU and UK Privacy Policy”) supplements the general Privacy Policy with respect to individuals located in the European Union, the European Economic Area, or the United King, to the extent that EU and UK data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK implementation of the GDPR, and the UK Data Protection Act 2018 (collectively, “EU and UK Privacy Laws”) applies to the personal data processing activities set out in the general Privacy Policy.
Who Is the ‘Controller’?
For the purposes of applicable EU and UK Privacy Laws, Cortec Group Management Services, LLC and/or one or more of our affiliates (collectively, “we”, “our”, or “Cortec”) will be a controller of any personal data collected by us in any of the data collection scenarios described in, “The scope of this Privacy Policy and our Supplements” section of the Privacy Policy. As a “controller” under the EU and UK Privacy Laws, we are responsible for deciding how we collect and use personal data about you and for the information contained in this EU and UK Privacy Policy.
What Is Our Lawful Basis?
Please see the, “Why we use your information” section of the Privacy Policy for details of the legal bases that we rely on under EU and UK Privacy Laws to process your personal data. Note that we may process your personal data on more than one legal basis depending on the specific purpose for which we are using your personal data.
The Personal Data We Process and Why We Use It
We collect your personal data as described in the “Information we collect about you” section of the Privacy Policy, and we do not collect any information about criminal convictions and offences. We also do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
We only collect the personal data necessary to carry out our business for the purposes set out in the next section headed “Why we use your information”. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.
Solely Automated Decision-Making
We do not perform solely automated decision-making, including profiling, when processing your personal data.
Transfer of Your Personal Data
To the extent your personal data is transferred to countries outside of the European Union, European Economic Area and/or United Kingdom such transfers will only be made in accordance with the EU and UK Privacy Laws. For further information about the safeguards used, please contact [email protected].
Retention of Your Personal Data
We will keep your personal data only for as long as is reasonably necessary for the purposes set out in the “Why we use your information” section of the Privacy Notice, unless a longer retention period is required by law. We will not keep more personal data than we need for those purposes. For further information about how long we will keep your personal data for, please contact [email protected].
Your Rights Under EU and UK Privacy Laws
To the extent that the EU and UK Privacy Laws apply to you, you may have a right of access to the personal data that we hold about you and to some related information, and there are a number of ways you can control the way in which and what personal data we store and process about you as set out below.
- Access. You have the right to ask for a copy of the personal data that we hold and process about you.
- Correction. You have the right to ask us to correct inaccurate personal data and to complete incomplete personal data we hold about you.
- Deletion. You have the right to ask us to delete your personal data in certain circumstances. Please note that this may not always be possible due to legal obligations.
- Restrictions on use. You have right to request that we stop processing your personal data (other than storing it), if: (i) you contest the accuracy of it (until the accuracy is verified); (ii) you believe the processing is against the law; (iii) you believe that we no longer need your personal data for the purposes for which it was collected, but you still need your personal data to establish or defend a legal claim; or (iv) you object to the processing, and we are verifying whether our legitimate grounds to process your personal data, override your own rights.
- Objection. You have the right to object to our processing of some or all your personal data in certain circumstances including: (i) for direct marketing; (ii) for research or statistical purposes; or (iii) where processing is based on legitimate interests.
- Portability. You have the right to ask that we transfer the personal data that we hold and process about you on the legal ground of contractual necessity to another organisation or to you, in certain circumstances (including where we have the technical means to do so).
- Withdrawal of consent. You may withdraw any consent you previously provided to us (by a clear affirmative action) to process your personal data for a particular purpose not specified in this EU and UK Privacy Policy and we will apply your preferences going forward.
Please contact us if you wish to exercise any of the rights set out above. In the event you do contact us, we may need to verify your identity to allow us to prevent disclosure of your information to an unauthorised person. Please note that if you request erasure, object to our processing of your personal data or request the restriction of our processing of your personal data we may not be able to provide our services.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive to help us cover the costs of locating the information you have requested.
We normally respond to requests within one month. Occasionally it may take us longer, if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Contact Us
If you have any questions or concerns about this EU and UK Privacy Policy, please contact [email protected].
Complaints
You have the right to make a complaint at any time with regards to how your personal data has been processed by us under:
- the EU GDPR, please contact your local supervisory authority in particular in the EU Member State of your habitual residence, place of work, or place of the infringement, concern or complaint.
- the UK GDPR and/or Data Protection Act 2018, please contact the UK Information Commissioner’s Office – https://ico.org.uk/global/contact-us
We would, however, appreciate the opportunity to deal with your concerns before you approach the ICO or other relevant supervisory authority, so please contact us at [email protected] in the first instance.