Fiori AS ("Fiori", "we", "our", or "us") is committed to protecting your personal data and respecting your privacy. This policy explains what personal data we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR) and applicable Norwegian data protection law.
Who we are
Fiori AS is the data controller responsible for the personal data collected through this website and in connection with our investment activities. Our registered address is in Oslo, Norway. You can contact us at hello@fiori.vc.
Data we collect
We may collect personal data in the following situations:
- Contact and enquiries. When you reach out to us by email or through contact forms, we collect your name, email address, and the content of your message.
- Founder and investor relations. As part of our investment process, we may collect professional information about founders, investors, and advisors — including names, professional backgrounds, contact details, and financial information relevant to a transaction or fund relationship.
- Website analytics. We collect anonymised usage data to understand how our website is used. This may include browser type, pages visited, and general geographic region. We do not use tracking that identifies you personally without your consent.
- Cookies. We use a small number of strictly necessary cookies required for the website to function. We do not use advertising or tracking cookies without your explicit consent.
How we use your data
We use the personal data we collect for the following purposes:
- To respond to your enquiries and communicate with you.
- To evaluate investment opportunities and manage existing portfolio relationships.
- To fulfil our legal and regulatory obligations as a fund manager.
- To improve and maintain our website and services.
Legal basis
We process your personal data on the following legal bases under GDPR Article 6:
- Legitimate interests (Art. 6(1)(f)): for investment evaluation, portfolio management, and general communications with founders, investors, and partners.
- Contract performance (Art. 6(1)(b)): where processing is necessary to enter into or perform a contract with you.
- Legal obligation (Art. 6(1)(c)): where we are required to process data to comply with applicable laws or regulations.
- Consent (Art. 6(1)(a)): where you have given us explicit consent, such as for non-essential cookies or marketing communications. You may withdraw consent at any time.
Data sharing
We do not sell or rent your personal data to third parties. We may share data with trusted service providers who assist us in operating our website and business (such as cloud hosting, analytics, or legal advisors), under strict data processing agreements. We may also share data when required by law or as part of a business transaction.
International transfers
Where personal data is transferred outside the European Economic Area, we ensure adequate safeguards are in place — such as Standard Contractual Clauses approved by the European Commission.
Data retention
We retain personal data only for as long as necessary for the purposes it was collected, or as required by law. Enquiry data is generally retained for up to two years. Data related to fund investments may be retained for the duration of the fund and for a period thereafter as required by financial regulations.
Your rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access: you may request a copy of the personal data we hold about you.
- Right to rectification: you may ask us to correct inaccurate or incomplete data.
- Right to erasure: you may request deletion of your data, subject to our legal obligations.
- Right to restriction: you may ask us to restrict how we process your data in certain circumstances.
- Right to data portability: you may request your data in a structured, machine-readable format.
- Right to object: you may object to processing based on legitimate interests.
- Right to withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, please contact us at hello@fiori.vc. We will respond within 30 days. You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet).
Cookies
Our website uses strictly necessary cookies to ensure basic functionality. We do not use third-party advertising or tracking cookies. You can manage cookie preferences through your browser settings.
Changes to this policy
We may update this privacy policy from time to time to reflect changes in our practices or applicable law. The most recent version will always be available at this URL. Material changes will be communicated where appropriate.
Contact
If you have any questions about this policy or how we handle your personal data, please contact us at hello@fiori.vc.