VAM Managed Funds (Lux) Privacy Notice
VAM Managed Funds (Lux), hereinafter the “Company”, cares about your privacy and values the trust you place in us when you share your personal information.
Accordingly, we want to let you know how we deal with the personal information you give us or is given to us by a third party. The aim of this Notice is to explain to you as Data Subject what kind of personal information we gather on you, why and how we process it as Joint Data Controller (together with VAM Global Management Company, acting as the Management Company for the Company), and, as the case may be, Data Processor. This Notice sets out your rights with regard to the General Data Protection Regulation 2016/679 (“GDPR”).
This Notice may be subject to changes. Any updates will be posted on our website. We recommend you regularly review it to ensure that you are always aware of our privacy practices. Our privacy commitments to you are:
- We will keep your data safe and private;
- We will ensure that you can exercise your rights;
- We will train our employees to properly manage your personal information;
- We will ensure that your personal data is processed only for the purpose for which it has been collected.
WHO IS CONCERNED?
This Notice describes our practices when using:
- The personal information of natural persons which are investors or representatives of the investors being legal persons based in the European Economic Area (EEA) or outside the EEA;
- The personal information of any other Data Subject which operates as a legal representative, a supplier, a partner, a proxy, an administrator, a guarantor or a contact person;
- The personal information of natural person based in the EEA who may visit our website.
WHAT PERSONAL INFORMATION ARE WE COLLECTING AND WHY?
In general, we may collect the following types of personal information you give us or which are given to us by third parties:
- Birth date;
- Passport information;
- Profession, job title and position;
- Tax identification number;
- “Politically Exposed Person” status, criminal convictions, etc.;
- Any other personal information as required on the Company’s subscription application form, necessary for the provision of investment services and compliance with legal requirements.
General Data Protection Regulation requires that we undertake to process only the data necessary for the purpose pursued by the processing.
More specifically, we use your personal data for the following purposes:
- To fulfill the contract to which you are party, or as part of the pre-contractual measures of such contract, e.g. assess and process your subscription application, perform investor servicing functions in relation to your investment, provide net asset value calculation of the Company etc.;
- To comply with legal and regulatory requirements including anti-money laundering, anti-bribery and “know your client” requirements;
- To pursue our legitimate interest as far as it is not overridden by your fundamental rights and freedoms e.g. update and maintain records;
- For any additional purpose to which you have explicitly consented.
WHAT ARE YOUR RIGHTS?
Individuals have the following rights, under certain circumstances, in relation to their personal information:
- Right to access personal information;
- Right to rectify personal information;
- Right to restrict the use of personal information;
- Right to request that personal information is erased;
- Right to object to processing of personal information;
- Right to data portability (in certain specific circumstances);
- Right to withdraw consent for data processing (if the consent was required for lawful processing);
- Right to lodge a complaint with a supervisory authority.
If you as an individual wish to exercise these rights, you can send an email to: firstname.lastname@example.org
We may ask for additional information to verify your identity before carrying out a request.
DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
We share your personal data with entities acting as our service providers and delegates who process the data on our behalf and act as the Data Processors for the purposes defined above.
It should be noted that one of our delegates acting as a Data Processor is based in Mauritius. However, the Data Protection Act which entered into force in Mauritius in 2017 ensures the equivalent level of protection of Data Subjects’ rights as GDPR.
Additionally, your data can be transmitted to public authorities, regulatory authorities, courts, etc. when required by law.
We only transmit your data for commercial use with your prior consent.
We will retain your personal information covered by this Notice for as long as required to perform the purposes for which the data was collected, depending on the legal basis on which that data was obtained and/or whether additional legal/regulatory obligations mandate that we retain the personal information. In general terms, this will mean that personal information will be kept for the duration of our relationship, and:
- the period required by tax, company and financial services laws and regulations, especially AML/CFT regulations; and
- as long as it is necessary for individuals to be able to bring a claim against us, and for us to be able to defend ourselves against any legal claims. This will generally be the length of the relationship plus the length of any applicable statutory limitation period under applicable law.
CONFIDENTIALITY AND SECURITY
We are subject to certain confidentiality and secrecy obligations, e.g. arising under data protection, other legal obligation, contract, professional secrecy, as the case may be. The personal data we process is also subject to the said obligations. Our representatives as well as the persons acting as Data Processors are required to follow specific procedures with respect to maintaining the confidentiality of our investors’ personal information. We and our duly authorised delegates apply appropriate information security measures designed to protect data in our possession and/or our delegates’ possession from unauthorised access by third parties or any form of computer corruption. We continuously improve our security measures in line with the technological developments.
HOW TO CONTACT US
If you would like to raise any questions, concerns or complaints concerning this Notice, you can contact us through our Management Company at:
VAM Global Management Company SA
16, rue Jean-Pierre Brasseur
The person responsible for Data Protection can be contacted directly at: email@example.com
You can also lodge a complaint with the competent supervisory authority, in Luxembourg, at:
The Commission Nationale pour la Protection des Données (CNPD)
1, avenue du Rock’n’Roll