Nordkinn Asset Management AB, 556895-3375, (”Nordkinn”), we, us or our) is the personal data controller and is therefore responsible for the processing of your personal data when you, or a company you work for or are related to, are using our services as a AIF Manager (the “Services”). This means that we are responsible for how your personal data is collected and processed by us when we are providing our Services. Personal data means any information relating to an identified or identifiable natural person.
We will always processes your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and other applicable privacy laws, in order to protect your personal privacy.
From where do we collect personal data?
From you and the company you work for or are related to
We collect personal data about you in connection with an application, when appointments are made or otherwise in connection with the preparation, administration or provision of our Services. We may also collect information about you when you use the Services or contact us.
We may collect personal data about you from external parties in order to maintain good customer and registry care. For example, Nordkinn may supplement or verify your personal data by collecting data from public and private registers.
What personal data do we process and for what purposes?
Provide our Services
We process your personal data when processing an application or an inquiry concerning the use of our Services. We also process your personal data when entering into a contract for our Services, or otherwise in connection with the preparation, administration or provision of our Services. Such processing typically includes your name, email address and information regarding your relation to the company you are working for or otherwise associated with.
The processing is necessary for our legitimate interest of providing our Services.
Compliance with legal obligations etc.
We process your personal data to be able to fulfil our legal obligations, such as customer due diligence measures in order to prevent money laundering and terrorist financing and measures required to fulfil the Common Reporting Standard (CRS). Such processing typically includes, but not limited to, your name, personal identification number, copy of identity document, email address and information regarding your relation to the company you are working for or otherwise associated with.
We may also process your personal data in order for us to be able to handle complaints, initiate or respond to legal proceedings and to ensure that our Services are not used in violation of applicable terms and conditions. Such process may include your name, personal identification number and your relation to the company you are working for or otherwise associated with.
The processing is necessary for compliance with legal obligations and for our legitimate interest in handling complaints etc.
Nordkinn will process personal data for marketing purposes. Personal data may be disclosed to and processed by companies that Nordkinn collaborates with. Where personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data for such marketing.
The processing is necessary for our legitimate interest in marketing our Services.
Who do we share your personal data with?
We share your personal data for the purposes described below. Unless otherwise stated, the receiving company is the data controller and thereby responsible for the processing of the personal data obtained.
Provision of Services
In order to provide our Services, we will provide personal data to our Transfer Agent and to our service providers.
The processing is necessary for our legitimate interest in providing our Services.
In some situations, we are obliged to provide information to authorities, such as to the Swedish Tax Agency.
The processing is necessary for compliance with legal obligations.
We always strive to process your personal data within the EU/EEA. If your personal data would be transferred to and processed in a country outside the EU/EEA by our service providers, we will ensure that there are necessary safeguards, such as data transfer agreements that requires the recipient to protect your data in the same way as we do.
When personal data is deleted
Your personal information will be processed by us as long as required in order for us to provide our Services, and thereafter as long as we have a legal basis for our processing. Following that, we will delete your personal data or anonymise it.
The GDPR gives you the following rights regarding the processing of your personal data.
Right of access
You are entitled to request a confirmation from us as to whether we process personal data relating to you, and where that is the case, you are entitled to be informed about what personal data concerning you that we process.
Right to rectification
You have the right to obtain rectification of inaccurate personal data concerning you. You also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
Right to erasure
You have the right to request that personal data concerning you shall be erased. However, this does not apply in some cases, including if we are required by law to preserve the data.
Oppose your treatment for direct marketing purposes
You are entitled to oppose the processing of your personal data for direct marketing purposes and to unsubscribe from such promotion by notifying us.
Oppose your treatment that relies on a balance of interest
You are entitled to oppose treatments that relate to a balance of interest (legitimate interest). We will then only continue to process your data if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms.
Right to restriction of processing
You have the right to request that processing of your personal data is restricted, for instance if you believe that the personal data is incorrect. However, please note that we might not be able provide our Services as long as the processing is restricted.
Right to data portability
You have the right to receive a copy of your personal data, in a structured, commonly used and machine-readable format. You also have the right to transmit such data to another personal data controller, where technically feasible. Please note that these rights only apply in relation to personal data that you have provided to us and which we process based on your consent or a contract that you have entered into with us.
If you have any questions about our processing of your personal information, please contact us.
Personal data controller: Nordkinn Asset Management AB
Address: Kungsgatan 33, 111 56 Stockholm
Phone number: +46 8 4734050
If you are not satisfied with the answers you receive from us, or of you have any complaints regarding our processing of personal data, you may contact the Swedish Data Protection Authority.