Privacy Policy

FRCST Fund ("we", "us", "our") operates the website at frcst.com and related investor communications. This Privacy Policy explains how we handle personal data we collect from visitors, prospective investors, and existing participants.

We are committed to protecting your privacy and handling your data responsibly, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By using this website or engaging with us directly, you acknowledge that you have read and understood this policy.

We collect personal data only to the extent necessary to operate our fund and communicate with investors. This may include:

• Contact information — name, email address, telephone number, and professional title, when you reach out to us directly.
• Investor information — identity documentation, financial profile, and suitability data required for regulatory onboarding of qualified investors.
• Usage data — anonymised information about how you interact with this website, including pages visited and time spent, collected via standard server logs.
• Communications — correspondence you send us via email or through any contact forms on this site.

We do not use tracking cookies, advertising networks, or third-party analytics platforms on this website.

We use the data we collect for the following purposes:

• Investor relations — responding to enquiries, providing fund documentation, and managing ongoing communication with investors and prospects.
• Regulatory compliance — fulfilling our obligations under applicable financial services regulations, including anti-money laundering (AML) and know-your-customer (KYC) requirements.
• Fund operations — administering capital allocations, processing capital releases, and reporting performance to participants.
• Website improvement — understanding how our site is used in aggregate to improve navigation and content.

We process your data on the legal bases of contract performance, legitimate interests, and legal obligation, as appropriate to each purpose.

We do not sell, rent, or trade your personal data. We may share data with a limited set of third parties strictly necessary to operate the fund:

• Legal and compliance advisors — for regulatory filings, investor verification, and fund structuring.
• Custodians and exchanges — operational counterparties required for fund execution, under strict confidentiality obligations.
• Regulatory authorities — where we are legally required to disclose information to competent authorities.

All third parties with whom we share data are bound by contractual obligations to handle it with appropriate care and in compliance with applicable law.

In addition to the parties named in section 04, we may engage third-party service providers who process personal data on our behalf as data processors. These processors act only on our documented instructions and are bound by appropriate data processing agreements. The categories of processors we use include:

• Email and communications providers — for sending investor correspondence, fund updates, and responses to enquiries.
• Fund administration and NAV reporting — the independent administrator responsible for maintaining participant records, processing capital events, and producing periodic statements.
• Identity verification and KYC providers — services used to fulfil regulatory onboarding obligations for qualified investors.
• Legal and compliance tools — document management and secure file exchange services used in the investor onboarding process.
• Website infrastructure — hosting and content delivery services required to operate this website.

We do not use advertising technology, behavioural tracking tools, or social media integrations that process visitor data for third-party purposes.

Some of the third-party processors we work with may be based outside the European Economic Area (EEA), or may process data on infrastructure located outside the EEA. Where this is the case, we ensure that appropriate safeguards are in place to protect your personal data in accordance with GDPR requirements.

These safeguards may include:

• Adequacy decisions — transfers to countries that the European Commission has recognised as providing an adequate level of data protection.
• Standard Contractual Clauses (SCCs) — the European Commission's standard contractual terms, which impose equivalent obligations on the receiving party.
• Binding Corporate Rules or equivalent mechanisms — where applicable, for transfers within international corporate groups.

You may request further information about the specific safeguards applicable to any cross-border transfers involving your data by contacting us at the address in section 10.

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

Investor records and KYC documentation are retained for a minimum of five years following the end of the investor relationship, in accordance with financial regulatory requirements. Website usage data is retained in anonymised form only.

When data is no longer required, it is securely deleted or anonymised.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• Access — the right to request a copy of the personal data we hold about you.
• Rectification — the right to ask us to correct inaccurate or incomplete data.
• Erasure — the right to request deletion of your data, where no legal obligation requires us to retain it.
• Restriction — the right to ask us to limit how we process your data in certain circumstances.
• Objection — the right to object to processing based on legitimate interests.
• Portability — the right to receive your data in a structured, machine-readable format.

To exercise any of these rights, please contact us at info@frcst.com. We will respond within 30 days.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include encrypted communications, access controls, and regular review of our data handling practices.

While we take all reasonable precautions, no method of transmission over the internet is completely secure. We encourage you to contact us via encrypted channels where possible.

If you have questions about this Privacy Policy or how we handle your data, please contact us at info@frcst.com.

If you believe your data protection rights have been infringed and we have not resolved your concern, you have the right to lodge a complaint with your local supervisory authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

We may update this policy from time to time. Any material changes will be communicated to existing investors directly. The current version is always available on this page.