Your privacy is important to us. This privacy notice is provided by Lynx Asset Management AB (“Lynx”) and sets out the policies of Lynx for the collection, use, storage, sharing, disclosure (collectively, “processing”) and protection of personal data.
This privacy notice is being provided in accordance with the requirements of data privacy laws, including the EU General Data Protection Regulation 2016/679 (“GDPR”) (such data privacy laws, including GDPR, the “Data Protection Law”).
References to “you” or an “investor” in this privacy notice mean any current, future or previous investor, or other user of Lynx’ services, who is an individual, any individual connected with an investor who is a legal person, and in certain instances any individual connected with our counter-parties or service suppliers (each such individual, a “data subject”), as applicable.
The types of personal data we may collect and use
The categories of personal data we may collect include such personal data as names, residential addresses, e-mail addresses, phone numbers, or other contact details, signature, nationality, tax identification number, personal identification number, date of birth, place of birth, copies of identification documents, such as passports, bank account details, information about assets or net worth, source of funds details or finance-related information such as amount invested, and other details of the investment made and the transactions you make with Lynx.
How we collect personal data
We may collect personal data about you through: (i) information provided directly to us by you, or another person on your behalf; (ii) information that we obtain in relation to any transactions between you and us; and (iii) recording and monitoring of telephone conversations and electronic communications with you as described below.
We may also receive your personal information from third parties or other sources, such as our affiliates, the relevant fund’s administrator, publicly accessible databases or registers, tax authorities, governmental agencies and supervisory authorities or other publicly accessible sources.
Using your personal data: the legal basis and purposes
We may process your personal data for the purposes of administering the relationship between you and us (including communications and reporting), marketing of our products and services and complying with applicable legal or regulatory requirements (including anti-money laundering, fraud prevention, tax reporting, sanctions compliance, or responding to requests for information from supervisory authorities with competent jurisdiction over our business). Your personal data will be processed in accordance with Data Protection Law.
Where personal data is required to satisfy a statutory obligation (including compliance with applicable anti-money laundering or sanctions requirements) or a contractual requirement, failure to provide such information may result in your subscription in the relevant fund being rejected or compulsorily redeemed. Where there is suspicion of unlawful activity, failure to provide personal data may result in the submission of a report to the relevant law enforcement agency or supervisory authority.
Depending on which Lynx services or products you use, we may process your personal data for the purposes listed below, on the legal bases set forth for each purpose.
How we may share your personal data
We may disclose information about you to government authorities (at their request and/or to comply with legal requirements), our affiliates or third parties, such as our service providers (which include fund administrators, banks and custodians as well as providers of mail and e-mail distribution and similar technical/administrative services), for our everyday business purposes,such as to facilitate transactions, maintain your account(s), engage in communication or respond to legal investigations. It may also be necessary, under anti-money laundering and similar laws, to disclose information about investors in order to accept subscriptions from them.
We may share your information with our affiliates for marketing purposes, such as offers of products and services to you by us or our affiliates. We may also disclose information about your transactions and experiences with us to our affiliates for their everyday business purposes. When you are no longer our investor, we may continue to share your information as described in this information for a period of one year from the termination of the customer relationship.
Monitoring of communications
We may in certain instances record and monitor telephone conversations and electronic communications with you for the purposes of: (i) ascertaining the details of instructions given, the terms on which any transaction was executed or any other relevant circumstances; (ii) ensuring compliance with our regulatory obligations; and/or (iii) detecting and preventing the commission of financial crime. See the table above for information about the processing of personal data and the legal basis for the processing.
We will process your personal data for the period of time necessary to fulfil the purpose of our processing. This means that when we stop processing your personal data for a specific purpose we may still retain the data for as long as the data is needed for other purposes, but in such case only for processing in accordance with the remaining purposes. We regularly review the purposes for which personal data has been collected and decide whether to retain or delete personal data if the purpose for the collection no longer applies and in accordance with the retention periods applied by Lynx for various personal data and purposes. Depending on the applicable legislation, your personal data may be retained for up to ten years after the end of our customer relationship.
To protect your personal information from unauthorised access and use, we apply organisational and technical security measures in accordance with Data Protection Law. These measures include computer safeguards and secured files and buildings. We will notify you of any personal data breaches affecting you in accordance with the requirements of Data Protection Law.
Because of the international nature of a fund management business, personal data may in certain circumstances be transferred to countries outside the EEA (“Third Countries”), such as to jurisdictions where we conduct business or have a service provider, including countries that may not have the same level of data protection as that afforded by the Data Protection Law in the EEA. In such cases, we will ensure that your data is protected in a manner equivalent to that in which it would have been protected if it had been processed in the EU/EEA, either (i) by establishing that the European Commission has decided that the receiving country has an adequate level of protection equivalent to that in the EU/EEA or (ii) by carrying out an assessment of the receiving country’s level of protection and, based on this, agreeing on standard contract clauses with the recipient and taking other appropriate security measure, where necessary.
Your rights under Data Protection Law
You have certain rights under Data Protection Law in relation to our processing of your personal data.
You have the right to request information from us free of charge about the personal data we process about you. We will also correct or delete information that is incorrect and encourage you to notify us this is the case. You also have the right to object to processing carried out on the basis of our legitimate interest and to request that your data not be processed for direct marketing purposes. While we investigate the validity of your request, you have the right to request that we limit the processing. In principle, we may then only store your data while the issue is being investigated. In certain limited cases, you also have the right to receive your personal data in a machine-readable format or, if technically feasible, to have the data transferred to a third party indicated by you. We invite you to contact us using the below contact details if you want to exercise any of your rights or if you are not satisfied with our processing. If you are not satisfied with our processing, you also have the right to submit a complaint to the supervisory authority where you live or work or where you believe that a breach of the General Data Protection Regulation has been committed. In Sweden, you can contact the Swedish Authority for Privacy Protection (www.imy.se).
SE-104 20 Stockholm
You should note that your right to be forgotten that applies in certain circumstances is rarely available in respect of the personal data we process, given the purposes for which and the legal basis on which we process your personal data, as described above.
Changes to this privacy notice
This privacy notice was published in December 2021. We may update this notice from time to time. If we make material changes to this privacy notice, we will notify you separately.
If you have any questions in relation to this information or our processing of personal data or if you wish to exercise your rights set forth above, please contact our Data Protection Manager.
Lynx Asset Management AB
Att. Data Protection Manager
103 86 Stockholm
Tel: +46 8–663 33 60