Den-AM S.A. Privacy Notice

  1. Introduction

The purpose of this data privacy notice (“Notice”) is to provide you with information on our use of your personal data in accordance with the EU data protection regime introduced by the General Data Protection Regulation (Regulation 2016/679, the "GDPR"). The Policy applies to our use of your data provided that such processing falls within the scope of GDPR.

 

This Privacy Notice deals with the way we process (i.e., collect, use, store, transmit or otherwise handle or process, collectively defined hereinafter as the "Processing" or "Processing Operations") personal data.

We may conduct our Processing Operations either directly or indirectly, through other parties which process personal data on our behalf (hereinafter the "Processors").

 

This notice might be subject to changes. Any updates will be posted on our website. We recommend you regularly review it to ensure that you are always aware of our privacy practices. Our privacy commitments to you:

 

  1. Who is concerned and who can you contact?

 

We process information and personal data relating to you as individual and/or any Related Person to you (hereinafter the "Data Subject(s)"). A "Related Person" means an individual whose information you, or a third party provides to us with, and/or which otherwise comes to our knowledge in connection with our Business Relationship. A Related Person may include, but is not limited to, (i) any director, officer or employee of a company, (ii) a trustee, settlor or protector of a trust, (iii) any nominee or beneficial owner of an account, (iv) a substantial interest owner in an account, (v) a controlling person, (vi) a payee of a designated payment, or (vii) any representative(s) or agent(s) (e.g., with a power of attorney or a right of information on an account).

In this context, we ask that you liaise with and transmit to any and all of your Related Persons this Privacy Notice, respectively the information contained therein.

In substance, we process the data in connection with our existing and/or prospective business relationships, including your use of our websites (together hereinafter the "Business Relationship"). We act as controller with the relevant funds in which you invest or in which the funds under our management invest (hereinafter the "Controller").

For any questions you may have in relation to this Privacy Notice, your Controller, or more generally the processing of your (or your Related Persons') personal data, you may contact our Compliance Officer, at any of the following addresses:

 

Den-AM S.A

Compliance Officer

4, rue du Fort Wallis

L-2714 Luxembourg

or : p.avelinedeRossignol@den-am.lu

 

  1. How do we protect your data ?

 

We are subject to certain confidentiality and secrecy obligations, e.g., arising under data protection, other legal obligation, contract, professional secrecy, as the case may be. The Personal Data we process are also subject to the said obligations. Our employees are required to follow specific procedures with respect to maintaining the confidentiality of our investors’ personal information. We, and our duly authorised delegates apply appropriate information security measures designed to protect data in our possession  and/or our delegates' possession from unauthorised access by third parties or any form of computer corruption. We continously improve our security measures in line with the technological developments.

 

  1. What personal data do we process?

 

"Personal Data" include any information that enables one to identify directly (e.g., first name, surname) or indirectly (e.g., passport number or data combination) a natural person.

Personal Data of Data Subjects we process may include:

  1. For what Purposes and on what legal basis do we process personal data?

 

We collect and process personal data for the purposes (hereinafter the "Purposes") and based on the legal basis set forth herein.

We essentially base our Processing on (i) the performance of a contract to which the Data Subject is Party, or the Data Subject is a Related Person of such Party), (ii) our obligation to comply with a legal or regulatory obligation, (iii) the pursuit of our legitimate interest  and (iv) the performance of a task carried out in the public interest (e.g., to prevent or detect offences).

More specifically, collecting and processing of your personal data for the performance of a contract, includes the following Processing Operations:

 

We also collect and process personal data in order to comply with legal and regulatory obligations to which we are subject, including :

 

 

 

The aforementioned Processing Operations may also rely on the performance of a tasks carried out in the public interest.

Furthermore, we process personal data in relation to legitimate interests we pursue:

 

To the extent that one or more of our Processes of personal data requires prior consent thereto, we will reach out to you and ask for your consent in due time.

 

The provision of personal data may be mandatory, e.g., in relation to our compliance with legal and regulatory obligations to which we are subject. Please be aware that not providing such information may preclude us from pursuing a Business Relationship with, and/or from rendering our services to you.

 

  1. Do we rely upon profiling or automated decision making?

 

We do not use automated decision making in connection with our Business Relationship and/or Data Subjects.

 

  1. What sources do we use to collect your personal data?

 

To achieve the Purposes, we collect or receive personal data:

  1. Do we share your personal data with third parties?

 

We undertake not to transfer personal data to any third parties other than those listed below, except as disclosed to Data Subjects from time to time, and upon its consent when required:

Service providers used for the performance of the contracts related  to our Business Relationship, auditors or legal advisors when necessary to perfom their duties.

  1. Are personal data transferred outside of EEA ?

 

In relation to our Business Relationship, we may disclose, transfer and/or store personal data abroad (hereinafter "International Transfer") (i) in connection with the conclusion or performance of contracts directly or indirectly related to our Business Relationship, e.g., a contract with you or with third parties in your interest, (ii) when the communication is necessary to safeguard an overriding public interest, or (iii) in exceptional cases duly foreseen by applicable laws (e.g., disclosures of certain trades made on an exchange to international trade registers).

International Transfers may include the transfer to jurisdictions that (i) ensure an adequate level of data protection for the rights and freedoms of Data Subjects as regards to Processing, (ii) benefit from adequacy decisions as regards their level of data protection (e.g., adequacy decisions from the European Commission or the Swiss Federal Data Protection and Information Commissioner) or (iii) do not benefit from such adequacy decisions and do not offer an adequate level of data protection. In the latter case, we will ensure that appropriate safeguards are provided, e.g., by using standard contractual data protection clauses established by the European Commission.

Should you wish to have further information as regards International Transfers or appropriate safeguards, you may of course contact our Compliance Officer (see Section 1 above).

  1. What are your rights in connection with data processing?

 

You have the right, subject to GDPR and applicable local data protection legislation, to:

If you or any Related Person to you would like to excersie any of the above mentioned rights please contact us by sending an email on: compliance@den-am.lu , or by mail on: Den-AM S.A. 4, rue du Fort Wallis, L-2714 Luxembourg

 

In adition to the above you can also file a complain with our Compliance Officer(see Section 1 above) in relation to the Processing of personal data or directly file a complaint in relation to the Processing of personal data with the data protection supervisory authority, which is Commission National pour la Protection des Données (CNPD) https://cnpd.public.lu/fr.html

In some cases even if a Data Subject objects to the Processing of personal data, we are nevertheless allowed to continue the same if the Processing is (i) legally mandatory, (ii) necessary for the performance of a contract to which the Data Subject is a party, (iii) necessary for the performance of a task carried out in the public interest, or (iv) necessary for the purposes of the legitimate interests we follow, including the establishment, exercise or defence of legal claims. We will not, however, use the Data Subject's personal data for direct marketing purposes if the Data Subject asks us not to do so.

Subject to the limitations set forth herein and/or in applicable local data protection laws, you can exercise the above rights free of charge by contacting our Compliance OfficerF.

  1. How long are your personal data kept or stored?

 

We will retain your personal information covered by this Notice for as long as required to perform the purposes for which the data was collected, depending on the legal basis on which that data was obtained and/or whether additional legal/regulatory obligations mandate that we retain the personal information. In general terms, this will mean that personal information will be kept for the duration of our relationship and: