One PlanetFund

Policy · Last updated May 2026

Privacy Policy — US & EU

GDPR (EU/UK) and CCPA/CPRA (California) compliant. We never sell your data.

1. Who we are

One Planet Fund (the "Fund") is managed by Plural Investments — Sociedade de Capital de Risco S.A., a CMVM-regulated entity headquartered in Lisbon, Portugal. For data-protection matters: privacy@oneplanetfund.com.

2. Data we collect

  • Identification: full name, email, phone, country, IP address, device & browser.
  • Investor profile: investment range, accreditation status, SDIRA/401(k) use, timeline.
  • Marketing attribution: UTM parameters, click IDs (fbclid, gclid), referrer.
  • Communications: support messages, scheduled-call notes, signed agreements.

3. How we use it (legal bases)

  • Pre-contractual qualification of investors (legitimate interest + consent).
  • Compliance with AML, KYC, FATCA, CRS and CMVM obligations (legal obligation).
  • Service of the investor relationship (contract performance).
  • Marketing of our funds (consent — withdrawable any time).

4. Sharing

We share data only with: regulated sub-processors (Supabase, Resend, Cal.com, Meta CAPI, Google Analytics), our auditors, our legal/tax counsel, and Portuguese/EU authorities when required by law. A full sub-processor list is available on request.

5. Retention

Investor records are retained for the longer of (a) 10 years after the end of the commercial relationship (AML obligation) or (b) the period required by tax/CMVM rules. Marketing prospect records that never convert: 24 months, then deleted.

6. Your rights — EU/UK (GDPR)

  • Access, rectification, erasure ('right to be forgotten').
  • Data portability and restriction of processing.
  • Withdraw marketing consent at any time.
  • Lodge a complaint with the Portuguese CNPD or your national supervisory authority.

7. Your rights — California (CCPA / CPRA)

  • Right to know what personal information we collect and disclose.
  • Right to delete personal information.
  • Right to correct inaccurate personal information.
  • Right to opt out of 'sale' or 'sharing' of personal information — we do NOT sell data. Use the 'Do Not Sell or Share' link in the footer to reinforce your opt-out for ad tracking.
  • Right to non-discrimination for exercising these rights.

8. Cookies & tracking

We use first-party cookies for the privacy consent banner, language preference, and authenticated sessions. Marketing pixels (Meta, Google, LinkedIn) load only after granular consent via the consent banner. Server-side conversions are sent via Meta CAPI with deduplication.

9. International transfers

Some sub-processors (Supabase storage in EU; Meta/Google in US) involve transfers outside the EEA. We rely on EU Standard Contractual Clauses (SCCs) and the EU–US Data Privacy Framework where applicable.

10. Security

Encryption at rest and in transit, Row-Level Security on all investor tables, role-based access for operators, mandatory 2FA for admins, audit logs for sensitive actions.

11. Contact

Data Controller: Plural Investments SCR · Lisbon, Portugal.
Email: privacy@oneplanetfund.com

Risk Warnings →Back home →