Privacy Policy

We are committed to protecting and respecting your privacy. In this policy, “we”, “us” and “our” refer to FundRock Management Company S.A. Further information about us and our contact details are set out in the section headed “Our details” below.

This policy (explains how we will process personal data you provide, when you visit our website, when you discuss or enter into transactions with us; or when you email us, telephone us, network with us or otherwise communicate with us. “Processing” is defined under applicable data protection laws, most notably the Regulation n°2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), and includes among other things, the collection, storage and use of personal data.

This policy applies where we are acting as the data controller with respect to your personal data (in other words, where we determine the purposes and means of the processing of that personal data).

Changes to our privacy policy

This policy may change from time to time and if it does, we will publish a new version on our website which will become effective immediately.  Please check this page occasionally to see any updates or changes.

The layout of this document

This policy is split into the following sections.

  • Information we collect for you
  • Cookies
  • How we will use your information and the legal basis for processing
  • Disclosure of your information
  • International transfers of your personal data
  • Retaining and deleting your personal data
  • Rights of individuals
  • Changes to our privacy policy
  • Our details

Information we collect from you

Information that you give us

The personal data that you give us may include:

  • your title, name and date of birth
  • contact information, including telephone number, postal address and email address
  • information relating to your location, preferences or interests
  • employment and job application details, e.g. date of birth, employment history, qualifications, equality monitoring information
  • your personal description or photographic identification
  • in certain circumstances, your and others’ signature(s), National Insurance number(s), financial details such as bank account details and details of any relevant sanctions or similar restrictions
  • in certain circumstances, data relating to health (including disabilities), ethnicity, race, religious beliefs, trade union membership and other ‘special category personal data’
  • the content of any enquiry submitted over our website
  • information about your holding in a Fund or the reference number in relation to your holding.

In relation to investors or potential investors in our Funds, you have the right to refuse to give us your personal data in which case we may at our discretion: refuse to issue shares or units in a Fund to you; refuse to pay the proceeds of a redemption of shares or units; refuse to pay income on shares or units to you; compulsorily redeem your holding.

Information we collect about you

Usage data

Each time you visit our website: www.fundrock.com (“our site”) we will automatically collect the following information:

  • technical information about your computer, including where available your Internet protocol or “IP” address, operating system and browser type and version, your login information, time zone setting, operating system and platform; information about your visit, including the full Uniform Resources Locators (“URLs”), clickstream to, through and from our website (including date and time); time on page, page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs). We will do so for administration purposes; to analyse the use of our website and services. The source of the usage data is our analytics tracking system.
  • location, device and demographic information (Google Analytics provides age range and gender information. Find out more about how Google collects demographic data).

Categories of persons whose data we process

The personal data described above may include personal data of:

  • our clients (and prospective clients) and their personnel
  • investors or prospective investors in our Funds
  • our prospective employees, work experience students, interns or other job applicants emergency contacts whose details have been provided to us by our people
  • third parties with whom we contract or enter into discussions with in relation to the services that we offer
  • contacts at professional adviser firms with whom we work in the context of our services
  • our service providers, contractors and suppliers
  • contacts that we meet or interact with at client events or industry events
  • visitors to our offices
  • visitors to our website

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By using our website you are accepting that we use Cookies. For more information, please do not hesitate to contact us using the contact information provided below.

How we will use your information and the legal basis for processing

Information you give us

Personal data of investors or prospective investors in a Fund

Personal data of an investor or a prospective investor in a Fund (collectively, “investor data”) may be processed by the “registrar” or “administrator” (as described in the prospectus of a Fund) or other services providers to a Fund.  Investor data may be processed for the purpose of:

1.opening your account

2. maintaining the register of unitholders/shareholders in a Fund

3. processing subscriptions, redemptions and exchanges of shares or units and payments of dividends to unitholders/shareholders in a Fund

performing controls on excessive trading and market timing

4. complying with applicable anti-money laundering rules or anti-terrorist financing rules, our reporting obligations to regulatory bodies or tax authorities as well as our obligations under other applicable laws and regulations

5. monitoring calls and electronic communications for: processing and verification of instructions, investigation and fraud prevention; or enforcing and defending claims.

The legal grounds for processing (referred to as the “legal basis for processing”) is:

1.our legitimate interests, namely the proper management and administration of your investment and the operation the Fund by us, our delegates and the service providers in relation to a Fund;

2. the performance of the contractual obligations between you and us, as the operator of the Fund

3. to provide you with information, products and services that you request from us

4. to notify you about changes to our services and our Funds, and

5. to comply with applicable laws.

Information we collect about you.

“Usage data”

The usage data may be processed for the purposes of analysing the use of the website and services. This may include to:

1. ensure that content from our site is presented in the most effective manner for you or your device

2. administer our site and for internal operations, including troubleshooting, data analysis, testing, research and statistical analysis

3. ensure content is presented in the most effective manner for you or your device, and

4. help keep our site safe and secure.

The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services.

Information we receive from other sources.

We will combine information from other sources with information you give us and information we collect about you; and use all of the information for the purposes set out above (depending on the types of information we receive).

Other uses of your personal data

Other uses of your personal data

We may use your information:

  • to respond to any query that you may submit to us
  • to manage our relationship with you (and/or your business), including by maintaining our database of clients and other third parties for administration, and accounting and relationship management purposes
  • to complete our contractual obligations to you, or take steps as described in our contract with you
  • to send you any relevant information on our services and events that may be of interest to you using the email and/or postal address which you have provided, but only if you have given us your consent to do so or we are otherwise able to do so in accordance with applicable legislation
  • to process any job application you (or your representative) has submitted
  • to measure or understand the effectiveness of advertising we send to you and others, and to deliver relevant advertising to you
  • to ensure we appropriately administer any attendance or visits to our offices
  • to comply with any other professional, legal and regulatory obligations which apply to us or our policies
  • as we feel is necessary to prevent illegal activity or to protect our interests.

The legal basis of this processing is

  • Performance of, or entry into, a contract – where the personal data that we are required to collect in order to comply with any professional, legal and regulatory obligations which apply to us must be provided to us in order for us to perform the contract
  • Compliance with a legal obligation to which we are subject
  • We have a legitimate interest in doing so – and where our legitimate interests are not overridden by your (or the relevant individual’s) own interests or fundamental rights or freedoms). These legitimate interests will include our interests in managing our relationship with our clients, administering visits to our offices and monitoring compliance with our policies, practices or procedures
  • Where we have obtained your consent – for example, where we send you relevant information on our services and events that may be of interest to you. As we will explain at the time we collect your consent, you may withdraw it at any time in accordance with the information we provide to you at that time

Establishment, exercise or defence of claims

We may process your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

Obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice

We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice.

The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.

Compliance with a legal obligation or protection of vital interests

We may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Disclosure of your information

We will only share your personal data in accordance with applicable laws. We will not rent or sell your details to any other organisation or individual. We may disclose your personal data to:

  • any member of our “group” (which means our subsidiaries, our ultimate holding company and any of its subsidiaries) in so far as necessary and for the purposes and on the legal basis set out in this policy
  • our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure
  • our auditors
  • our bank (including as permitted under applicable anti-money laundering or anti-terrorist financing laws
  • competent authorities including our regulator, the Financial Conduct Authority; tax authorities, courts and bodies as required by law for reporting or as otherwise required by law
  • service providers, support services and organisations that help us market our services and third parties instructed to enable us to fulfil our contractual obligations
  • our data processors providing security, email security, data governance, archiving and other IT business and support services
  • Selected partner digital agencies
  • Analytics and search engine providers that assist us in the improvement and optimisation of our website
  • Any third party that you ask us to share your data with

Our website may, from time to time, contain links to and from the websites of advertisers and partners. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Investor data

We may disclose investor data to the service providers to the Funds, our service providers, delegates, suppliers or our contractors and sub-contractors insofar as reasonably necessary for the purpose of the operation, and administration of a Fund, the distribution of a Fund and the safe custody of the assets of a Fund. In particular, investor data (as described above) will be given:

1.by us to the registrar or administrator of a Fund in order to enable them to provide various services, including but not limited to investor relations and on-boarding functions, anti-money laundering and other regulatory compliance checks, set-up of investor accounts, monitoring of trading activity and other record keeping obligations

2. by us or the registrar or administrator of a Fund to credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you

3. by the registrar or administrator of a Fund to the depositary of a Fund (“depositary”) within the context of the instructions for subscriptions and redemptions of the shares or units of a Fund

4. by the depositary of a Fund to the custodian of a Fund (“custodian”) or to entities within the depositary’s group of companies

5. by us or the registrar or administrator to the sponsor, distributor, or third party technology service provider in relation to the distribution of a Fund or in order to monitor changes to the investor register, perform the calculation of management fee rebates (if applicable) or carry out statistical analysis and market research

6. by us to the investment manager of a Fund in order to monitor a Fund’s investments

7. by us or the registrar or administrator of a Fund to other business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you; and

8. by us or the registrar or administrator to other third parties in order to comply with legal and regulatory requirements applicable to a Fund.

We may disclose usage data (as described above) to entities within our group of companies, or to analytics and search engine providers that assist us in the improvement and optimisation of our site.

We may disclose your personal data to third parties:

1.in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets, or

2. if we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred asset.

International transfers of your personal data

Certain service providers to our Funds and certain third parties used by such service providers have offices or are situated in countries or territories outside the European Economic Area or “EEA”. (The EEA means the 28 countries or territories of the European Union, together with Iceland, Liechstenstein and Norway.) Such service providers or third parties may transfer your personal data outside of the EEA. If they do so, we will ensure that they do so in compliance with data protection legislation including where applicable by ensuring that the transfer is necessary to perform a contract in place with you or a contract entered into in your interests. We will therefore ensure that one of our Fund administrators that uses the services of entities based outside of the EEA enters into EU-approved Model Clauses (or other approved protection mechanism such as a code of conduct or other certified mechanisms such as binding contractual rules) with: a company located in India that provides operational support, a company located in Israel that provides support services for call recording, a company based in the USA that provides information technology security services, and a US customer service software company that has affiliates in multiple locations outside of the EEA.

 Consent

• Where we process your personal data on the basis that you have provided your consent for us to do so for a purpose set out in this policy, you may withdraw your consent to this processing at any time by contacting us at frmc_gdpr@fundrock.com or contacting us on the details below under “Our Details”.

If you do withdraw your consent, we may still be able to process some of the data that you have provided to us on other grounds and will notify you of these at such time.

Retaining and deleting your personal data

We follow strict security procedures as to how your personal information is stored and used, and who sees it, to help stop any unauthorised person getting hold of it.

In relation to our Funds we and our affiliates, delegates, or service providers will retain your personal data for the duration of your contractual relationship in relation to a Fund and for as long as required for the Fund or for us or our affiliates, delegates, or service providers to perform the contractual services in relation to the Fund, or to perform any investigations, or as otherwise required under applicable law. Following the termination of your contractual relationship we or our affiliates, delegates or service providers may keep your personal data for the maximum period permitted under applicable laws.

We shall not keep your personal data that we process for any purpose or purposes for longer than is necessary.

We may nevertheless retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Rights of individuals

As an individual, you have certain rights under data protection law. Some of the rights are complex and only apply in specific circumstances.  You should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

Your principal rights under data protection law are set out below:

1.right of access

2. right to rectification

3. right to erasure

4. right to restrict processing

5. right to object to processing

6. right to data portability

7. right to complain to a supervisory authority

8. right to withdraw consent

Right of access

  • You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.

Right to rectification

  • You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.

Right to erasure

  • Also known as ‘the right to be forgotten’, the broad principle underpinning this right is to enable an individual to request the removal or deletion of personal data where there is no reason for its continued processing. The right may apply when: the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; or the personal data has been unlawfully processed.
  • However, we can refuse to comply with a request for erasure in certain circumstances, including: to exercise the right of freedom of expression and information; to comply with a legal obligation; or for the establishment, exercise or defence of legal claims.

Right to restrict processing

  • You have the right to ‘block’ or supress the processing of your personal data including where: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require the personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection.
  • Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.

Right to object to processing

1. You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

2. You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). We do not use your personal data for such purposes but if we did and you made such an objection, we would be required to cease to process your personal data for this purpose.

3. You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Right to data portability

To the extent that the legal basis for our processing of your personal data is:

1. consent; or

2. that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract and such processing is carried out by automated means,

you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

Right to complain to a supervisory authority

• If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.

Right to withdraw consent

• To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

• You may exercise any of your rights in relation to your personal data by written notice to us using the contact details under ‘Our details’ below.

Our details

This website is owned and operated by FundRock Management Company S.A.

We are registered in Luxembourg, and our registered office and principal place business is at H2O Building, 33 Rue de Gasperich L-5826 Hesperange, Luxembourg.

If you have any questions, comments or requests regarding this policy, you can contact us:

(a) by post, to the postal address given above;

(b) by contacting our Data Protection Officer.

(c) by email, to frmc_gdpr@fundrock.com or the email address published on our website from time to time.