Private Policy

​

2025

 

Blacksmith Fund (“Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting it through this Privacy Policy. This policy describes how we collect, use, share, and protect your information when you visit our website (the “Website”) and engage with our services, in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Gramm-Leach-Bliley Act (GLBA), Financial Industry Regulatory Authority (FINRA) rules, and other relevant global and U.S. regulations.

 

By accessing or using the Website, you consent to the data practices described in this Privacy Policy. If you do not agree with our policies and practices, please do not use our Website.

 

1. Information We Collect

 

We may collect different types of personal and non-personal information depending on your interactions with us.

 

A. Personal Information

 

We collect personally identifiable information (“Personal Information”) that you voluntarily provide, including but not limited to:

• Identity Information – Name, date of birth, Social Security Number (SSN) or Tax Identification Number (TIN), passport number, driver’s license, or other government-issued identification.

• Contact Information – Email address, phone number, mailing address, and other contact details.

• Financial Information – Bank account details, wire transfer information, income, net worth, investment experience, and accreditation status.

• Transaction Data – Records of investment transactions, fund contributions, redemptions, and other financial activities.

• Employment & Professional Data – Employer name, job title, regulatory affiliations, and background verification information.

 

B. Non-Personal Information

 

We automatically collect certain technical and behavioral data:

• Device & Usage Data – IP addresses, browser type, device type, operating system, and Website usage patterns.

• Cookies & Tracking Technologies – We use cookies, web beacons, and other tracking technologies to improve user experience and Website performance.

 

2. How We Collect Information

 

We collect information in the following ways:

1. Directly from You – When you submit forms, subscribe to newsletters, request information, or make investments.

2. Through Automated Technologies – Via cookies, log files, and analytics tools such as Google Analytics.

3. From Third Parties – Background check services, financial institutions, and regulatory agencies.

 

You can manage your cookie preferences through your browser settings. However, disabling cookies may limit your ability to use certain Website features.

 

3. How We Use Your Information

 

We use your information for legitimate business purposes, including:

• Investment Processing & Account Management – Facilitating investments, verifying identity, and executing transactions.

• Regulatory Compliance & Legal Obligations – Ensuring compliance with anti-money laundering (AML) and Know Your Customer (KYC) regulations, SEC rules, and tax laws.

• Security & Fraud Prevention – Detecting unauthorized access, fraudulent activity, and cyber threats.

• Communications – Sending investment statements, fund updates, and other relevant communications.

• Website Optimization & Analytics – Improving our digital experience and tailoring content to user preferences.

 

We DO NOT sell your personal data to third parties.

 

4. Legal Basis for Processing (GDPR Compliance)

 

For users in the European Economic Area (EEA), our processing of your data is justified under:

• Contractual Necessity – To fulfill agreements related to investment transactions.

• Legal Obligations – To comply with regulatory and legal requirements.

• Legitimate Interests – For security, fraud prevention, and Website improvement.

• Consent – Where required, we will obtain your explicit consent before processing certain types of data.

 

5. Information Sharing & Disclosure

 

We may share your data under the following circumstances:

 

A. With Third-Party Service Providers

 

We engage trusted third parties to perform business functions, including:

• Cloud Hosting & IT Security Providers

• Payment Processors & Banks

• Regulatory Compliance Consultants

• Auditors & Legal Advisors

 

B. For Legal & Regulatory Compliance

 

We may disclose information when required by:

• SEC, FINRA, IRS, or other government authorities

• Legal proceedings, subpoenas, or regulatory investigations

• Fraud prevention & cybersecurity mandates

 

C. Business Transfers

 

In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction.

 

6. Data Security & Protection Measures

 

We employ robust security measures to protect your personal information:

• Encryption & Secure Storage – Sensitive data is encrypted and stored on secure servers.

• Access Controls – Limited access to authorized personnel only.

• Regular Audits & Compliance Checks – Internal and third-party audits ensure regulatory compliance.

• Incident Response Plan – A disaster recovery plan is in place to address data breaches.

 

However, no data transmission is 100% secure. You should also take steps to protect your data, such as using strong long passwords and avoiding phishing scams.

 

7. Your Rights & Choices

 

Depending on your jurisdiction, you may have the following rights:

 

For U.S. Residents (CCPA Rights)

• Right to Know – Request details about data collected and how it’s used.

• Right to Delete – Request deletion of personal data, subject to legal exceptions.

• Right to Opt-Out – Prevent sale of personal information (we do not sell data).

• Right to Non-Discrimination – No penalties for exercising privacy rights.

 

For EEA Residents (GDPR Rights)

• Right to Access – Obtain copies of your data.

• Right to Rectification – Correct inaccurate information.

• Right to Erasure (“Right to be Forgotten”) – Request deletion of data.

• Right to Restrict Processing – Limit how we process your data.

• Right to Data Portability – Request data in a transferable format.

• Right to Object – Object to direct marketing.

 

To exercise your rights, email us at [Insert Contact Email].

 

8. Data Retention Policy

 

We retain personal data only as long as necessary for:

• Regulatory compliance (AML, KYC, SEC, IRS reporting, etc.)

• Business operations

• Legal dispute resolution

 

After retention periods expire, data is securely deleted or anonymized.

 

9. Third-Party Links & Services

 

Our Website may contain links to third-party sites. We are not responsible for their privacy policies or data practices. Please review their policies before providing any information.

 

10. Children’s Privacy

 

We do not knowingly collect or process data from individuals under 18 years old. If you believe a minor has provided us with information, please contact us to remove it.

 

11. Changes to This Privacy Policy

 

We may update this policy periodically. Material changes will be communicated via:

• Email Notification (if applicable)

• Website Updates

 

Continued use of our services after updates constitutes acceptance of the revised policy.

 

This Privacy Policy ensures full compliance with GDPR, CCPA, GLBA, FINRA, FATCA, CRS, and SEC regulations, offering comprehensive legal coverage and protection for both investors and the firm.