First Boston Capital First Boston Capital
About Services Sectors Transactions Team
— Placement Agent — Debt Advisory — M&A Advisory
Get in touch

Legal

Privacy Policy

Last updated: June 2026 — Working draft. Please have reviewed by data protection counsel before publishing.

1. Who we are

First Boston Capital is the trading name of First Boston Capital Limited (registered in England and Wales) and First Boston Capital (DIFC) Limited (registered in the Dubai International Financial Centre). For UK GDPR purposes, First Boston Capital Limited is the data controller for personal data collected through this website by UK and EEA visitors. For DIFC Data Protection Law purposes, First Boston Capital (DIFC) Limited is the data controller for DIFC visitors.

2. What personal data we collect

  • Identifying information you provide — name, company, job title, contact details.
  • Information you submit through our contact form or by email.
  • Information collected automatically when you visit our website — IP address, device information, browser type, pages visited (see our Cookie Policy).

3. How we use personal data

  • To respond to your enquiry.
  • To provide our advisory services to clients, where we are engaged.
  • To comply with our legal and regulatory obligations — AML, sanctions screening, KYC, suitability.
  • To improve our website and services.
  • For business development, in accordance with applicable marketing rules.

4. Legal basis for processing (UK GDPR)

  • Consent — where you have given consent.
  • Contract — where processing is necessary to perform a contract with you.
  • Legal obligation — where required by law (e.g. AML, sanctions).
  • Legitimate interests — for business development, balanced against your rights.

5. Sharing your data

We may share personal data with: regulators (FCA, DFSA), professional advisers (lawyers, auditors), service providers acting on our behalf (under data processing agreements), and law enforcement where required by law. We do not sell personal data.

6. International transfers

Personal data may be transferred between our UK and DIFC entities, and to service providers in third countries. Where required, we put in place appropriate safeguards (UK IDTA / EU SCCs / DIFC-equivalent mechanisms).

7. Retention

We retain personal data for as long as necessary to fulfil the purposes set out above and to comply with our legal and regulatory obligations — typically six years after the end of a client relationship for UK regulated business, longer where required by law.

8. Your rights

Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, port, or object to the processing of your personal data. To exercise these rights, contact privacy@firstbostoncapital.co.uk.

9. Complaints

You may complain to the UK Information Commissioner's Office (ICO) or to the DIFC Commissioner of Data Protection.

10. Contact

Privacy enquiries: privacy@firstbostoncapital.co.uk.