Privacy Policy

Version 1.0 – 14.11.2025

1. Overview

This Privacy Policy (“Policy”) describes how Catapult Growth Partners ΑΕΔΑΚΕΣ (referred to as either “the Company”, “we”, “us”, or “our”) collects, uses, stores and protects personal data in the course of its operations as the manager of the fund Catapult Growth Partners ΑΚΕΣ (“the Fund”).

We are committed to protecting your privacy and processing personal data responsibly, transparently and in full compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and applicable Greek data protection laws.

By interacting with us—whether as an investor, portfolio company, business partner, employee, or website user—you acknowledge that your personal data may be processed as described below.

 

2. Data Controller

Catapult Growth Partners ΑΕΔΑΚΕΣ
21 Tatoiou Str.
14561, Kifissia
Greece

 

3. Who We Process Data About

We maintain both electronic and physical files containing personal data relating to individuals and entities with whom we interact in the course of our business. These include:

  • Shareholders, management members, employees and suppliers of the Company.
  • Unitholders, or prospective unitholders of the Fund, as well as their legal representatives and beneficial owners.
  • Shareholders, partners, legal representatives, beneficial owners, employees, suppliers, advisors and customers of portfolio companies in which our Fund has invested or considers an investment.
  • The custodian of the Fund.

 

4. What Data We Collect

Depending on your relationship with us, we may collect and process the following categories of data:

  • Identification and contact details: name, address, email, phone number, date of birth, nationality, ID/passport details, tax number, etc.
  • Professional and corporate data: role, position, employer/company, corporate ownership or control details and business contact information.
  • Financial and investment information: bank details, capital contributions, investment history, financial status, tax residency and KYC/AML documentation.
  • Employment information: CVs, education, qualifications and HR records (for employees and applicants).
  • Due diligence and compliance data: identity verification, sanctions screening and anti-money-laundering checks.
  • Website usage data: IP address, device type and browsing activity (through cookies or analytics tools).

 

5. Purposes of Processing

We process personal data strictly for legitimate business, legal and operational purposes, including:

  1. Fund formation and management:
    Managing agreements and documentation for fund establishment, governance and ongoing operation.
  2. Investment evaluation and due diligence:
    Assessing investment opportunities, conducting legal, financial and compliance checks and managing portfolio monitoring.
  3. Regulatory and compliance obligations:
    Complying with applicable laws and regulations, including anti-money laundering (AML) and counter-terrorist financing (CTF) obligations, investor reporting and audits.
  4. Employment and supplier management:
    Administering employment relationships, managing payroll and benefits, engaging service providers and fulfilling contractual obligations.
  5. Legal rights and protection:
    Safeguarding our legitimate interests, including enforcing or defending our legal rights in judicial or administrative proceedings.
  6. Business operations and communications:
    Managing investor relations, maintaining contact lists, sending notices or updates and ensuring smooth internal and external communication.

 

6. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Performance of a contract – when data is required to enter into or perform an agreement.
  • Legal obligation – when processing is required under Greek or EU law (e.g. AML/CTF, tax, or corporate laws).
  • Legitimate interests – to operate and manage our business efficiently, protect our assets and maintain investor relations.
  • Consent – where explicitly provided (for example, for marketing communications).

 

7. Data Sharing and Recipients

We may share personal data, on a need-to-know basis, with:

  • Internal teams.
  • Professional advisors.
  • Banks, custodians and other financial institutions.
  • IT, hosting and communications service providers.
  • Regulatory authorities, tax authorities and law enforcement when required by law.
  • Portfolio companies and co-investors, where relevant to an investment transaction.

All third-party recipients are bound by confidentiality and data protection obligations consistent with this Policy.

 

8. Data Retention

We will retain your data for as long as your relationship with the Company exists, and after its termination for as long as required by the applicable legislation or until the statute of limitations for any related claims expires. In any case, this period shall not exceed twelve (12) years.

 

9. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data and receive a copy.
  • Request correction of inaccurate or incomplete data.
  • Request deletion (“right to be forgotten”) where appropriate.
  • Restrict or object to certain types of processing.
  • Receive your data in portable form.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with the Hellenic Data Protection Authority (HDPA) (www.dpa.gr, tel. +30 210 6475600).

To exercise your rights, contact us at admin@catapultgrowth.gr. We will respond promptly and in accordance with GDPR timelines.

 

10. Updates to this Policy

We may update this Policy from time to time to reflect changes in law or our operations. The latest version will always be available on our website.

 

11. Contact Us

If you have questions about how we process your data or wish to exercise your rights, please contact:

Catapult Growth Partners ΑΕΔΑΚΕΣ
Registered Address: 21 Tatoiou Str., 14561, Kifissia, Greece
Email: admin@catapultgrowth.gr

 

© 2025 Catapult Growth Partners ΑΕΔΑΚΕΣ. All rights reserved.

Menu

Contact