Frontline Growth

Frontline Seed

Privacy Policy

Introduction

Frontline Ventures (“we”, “us”, “our”) is a venture capital firm that sources, evaluates and invests in private companies and manages relationships with investors, founders, and other stakeholders.

We process personal data in the course of:

  • evaluating investment opportunities (including confidential deal flow and founder information),
  • managing investor (Limited Partner) relationships,
  • operating our business and website, and
  • complying with legal and regulatory obligations.

 

We are committed to protecting your privacy and to handling personal data in a secure, transparent and lawful manner.

This Privacy Policy explains how we collect, use, store, and share personal data and applies to:

  • Limited Partners (LPs) and prospective investors
  • founders and prospective portfolio companies
  • portfolio company personnel
  • service providers and business contacts
  • website users and other individuals interacting with us

1. Data Controller and Roles

Frontline Ventures, with its registered office at First Floor, 26-28 Lombard Street East, Dublin 2, is the data controller for personal data processed in connection with its investment activities, investor relations, and business operations. In limited circumstances, we may act as a data processor where we process personal data solely on behalf of and under the documented instructions of another controller (for example, where we provide services to third-party funds or portfolio companies). For privacy-related queries, please contact: Email: [email protected]

2. Categories of Personal Data

We may collect and process the following categories of personal data:

(a) Identity and Contact Data

  • Name, title, employer, role
  • Address, email address, telephone number

 

(b) Investor / LP Data

  • Investor identification and contact details
  • Financial and investment information
  • KYC/AML documentation (e.g. ID documents, source of funds/wealth, tax identifiers)
  • Transaction and capital account information

 

(c) Founder and Deal-Related Data

  • Information contained in pitch decks, business plans, and financial models
  • Founder biographies, employment history, and professional background
  • Sensitive business information (including confidential or proprietary information)
  • References, due diligence materials and background checks

 

(d) Portfolio Company and Business Contact Data

  • Contact details of employees, directors, advisors
  • Professional correspondence and meeting records

 

(e) Technical and Website Data

  • IP address, browser type, device identifiers
  • Website usage and analytics data

 

(f) Recruitment Data (if applicable)

  • CVs, employment history, education
  • Identification data (where required for compliance)

3. How We Use Personal Data and Lawful Bases

We process personal data for the following purposes and on the following legal bases:

 

(a) Investment Activities and Deal Evaluation

  • Reviewing pitch materials, conducting due diligence, and making investment decisions
  • Managing relationships with founders and portfolio companies

 

Lawful basis:

  • Legitimate interests (to operate our investment business)

 

(b) Investor Relations and Fund Administration

  • Managing LP relationships and communications
  • Processing subscriptions, capital calls, distributions
  • Reporting and investor updates

 

Lawful basis:

  • Contract (performance of investment agreements)
  • Legitimate interests

 

(c) KYC / AML / Regulatory Compliance

  • Identity verification and anti-money laundering checks
  • Sanctions screening and regulatory reporting

 

Lawful basis:

  • Legal obligation

 

(d) Communications and Business Development

  • Communicating with investors, founders, and business contacts
  • Sending updates, newsletters, or event invitations

 

Lawful basis:

  • Legitimate interests
  • Consent (where required, e.g. marketing communications)

 

(e) Website Operation and Analytics

  • Improving website functionality and user experience
  • Monitoring usage and security

 

Lawful basis:

  • Legitimate interests

 

(f) Recruitment (if applicable)

  • Processing job applications and assessing candidates

 

Lawful basis:

  • Legitimate interests
  • Contract (where applicable)

4. Confidentiality and Security

Given the nature of our business, we process highly sensitive and confidential information, including proprietary deal flow, founder data, and potential material non-public information (MNPI). We recognise that unauthorised access or disclosure could result in significant financial loss, fund theft, regulatory exposure, or reputational harm.

We implement appropriate technical and organisational measures, including:

  • Access controls: role-based access and least privilege principles
  • Encryption: encryption in transit and at rest where appropriate
  • Segregation: logical and organisational separation of data
  • Monitoring and logging: tracking access and system activity
  • Vendor risk management: due diligence and contractual safeguards with service providers
  • Confidentiality obligations: binding agreements with staff and third parties
  • Incident response: documented procedures for detecting, managing, and mitigating breaches

5. Data Sharing and Recipients

We may share personal data with:

  • Professional advisors (legal, tax, audit, compliance)
  • Service providers (IT, cloud hosting, CRM, analytics)
  • Regulators, governmental authorities, or law enforcement (where required)
  • Co-investors or counterparties (where necessary for transactions)

 

All recipients are subject to appropriate confidentiality and data protection obligations.

6. International Transfers

Personal data may be transferred outside the European Economic Area (EEA), including to service providers or partners in other jurisdictions.

Where this occurs, to the extent possible, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs)
  • Transfers to jurisdictions with adequacy decisions
  • Other lawful transfer mechanisms under GDPR

7. Data Retention

We retain personal data only for as long as necessary for the purposes described above, including:

  • Duration of investor relationships and applicable limitation periods
  • Regulatory and legal retention requirements (e.g. AML/KYC obligations)
  • Ongoing business needs (e.g. deal history, audit trails)

 

When data is no longer required, it is securely deleted or anonymised.

8. Data Subject Rights

Under GDPR, you have the following rights:
  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent (where applicable)
To exercise your rights, please contact: [email protected] We may require verification of identity before responding.

9. Data Breach Response

We maintain procedures to detect, investigate, and respond to personal data breaches.

In the event of a breach:

  • We will assess the risk to individuals
  • Notify the relevant supervisory authority where required (typically within 72 hours)
  • Notify affected individuals where there is a high risk to their rights and freedoms

10. Complaints

If you have concerns about how we process your personal data, please contact us at [email protected]. You also have the right to lodge a complaint with: The Irish Data Protection Commissioner

11. Updates to this Policy

We may update this Privacy Policy from time to time. The latest version will be available on our website.

Frontline Growth

For US companies at Series B–D, ready to make Europe their next growth engine

Frontline Seed

For European founders at Pre-Seed and Seed, making the US their biggest market