If you have any questions to NAPs obligations as a data controller or your rights as a data subject, please contact our Head of Compliance, Rasmus Lund, per email at firstname.lastname@example.org.
This policy is made public on the data shown at the bottom and may be updated from time to time.
This policy is provided for the benefit of natural persons (excluding those working for, or within, our organisation) with whom we interact in the course of conducting our business. In general, we comply with applicable rules and the meaning of specific wording in this policy is aligned with the wording of the applicable rules, including the GDPR. For the sake of clarity, the following words have the following meaning:
- “Data controller” means Nordic Alpha Partners ApS, Strandvejen 114A, DK-2900 Hellerup, Denmark as investment manager of the NAP funds. To some extent the general partner of a NAP Fund may also be data controller.
- “Personal data” means information from which it is possible to identify a natural person (an individual), or information from which any individual is identifiable.
- “Processing” means any manual or automated action carried out with personal data, such as collection, recording, structuring, storage, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, combination, restriction, erasure or destruction.
- “Sensitive personal data” means personal data about an individual’s race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, criminal offences or any other information that may be deemed to be sensitive under applicable law. Such data may only be processed by NAP under special circumstances and in such.
2. How personal data is collected
NAP collects personal data from a number of sources:
- when you provide it to us in telephone conversations or via e-mail or similar;
- when you engage in business with us, e.g., by subscribing to a fund (including, in the case of an investment relationship, providing applicable any anti-money laundering identification, verification documentation, and source of funds information), responding to an investor questionnaire etc.;
- when you visit our website, including any registration information or information captured via “cookies”;
- when it is available in the public domain, e.g., on the internet, journals, magazines, news reports, in public directories, registries etc.;
- when we receive information about you from third parties such as tax authorities, governmental and competent regulatory authorities, credit agencies, fraud prevention and detection agencies.
3. What personal data is collected and processed
The types of personal data we collect and process depend on the nature of your relationship with us, but would normally be within the following categories of personal data:
- name, date of birth, citizenship;
- private and professional contact details;
- bank account data, payment instructions, and other information contained in any document you provide to NAP;
- investment experience and investment activity,
- information regarding your status under various laws and regulations, including social security number, tax status, income and assets;
- job title, job experience, education;
- information regarding your interest and holding in NAP funds, including ownership percentage, capital investment, income and losses;
- source of funds used to make the investment in the NAP fund;
- anti-money laundering, identification (including passport and drivers’ license), and verification documentation and, if applicable, additional information for any individual regarded as a politically exposed person; and
- travel information, passport information etc. used in connection with travel activity coordinated by NAP.
4. Legal basis for processing your personal data
NAP only collects and processes personal data for legitimate purposes. The legitimate purpose depends on the nature of the data and your relationship with us but is always related to conducting the business activities of NAP. Specifically, the processing is based on:
- a consent from you,
- a contractual relationship made or to be made with you,
- our duty to comply with a legal obligation, and/or
- our legitimate interest in processing your data.
With respect to the regulation on Measures to Prevent Money Laundering and Terrorist Financing, we collect identification data etc. in order to comply with that statutory requirement.
5. Transfer of data
Generally, we do not transfer personal data to third parties outside NAP and its affiliated companies, unless it is necessary to comply with a legal obligation to which we are subject. The typical recipients of such data are public authorities.
As a general rule, we do not transfer data outside the EU, and if such transfer were to take place, it would occur only in compliance with the necessary safeguards as required under the data protection laws.
We transfer personal data to our systems suppliers under processor agreements and for the sole purpose of enabling us to use our IT systems.
We will not make personal data available to any third parties for the purpose of marketing or the like, unless we obtain your prior consent.
6. Storage period
Personal data may be kept for as long as it is required for our legitimate business purposes, to perform contractual obligations, or where longer, such longer period as is required by applicable legal or regulatory obligations or for any applicable limitation period under applicable law.
Personal data will be retained throughout the life cycle of an investment, however no longer than necessary with regard to the purpose of the relationship with NAP. Some personal data, for example data related compliance with to the Act on Measures to Prevent Money Laundering and Terrorist Financing, will be retained after a data subject ceases to be an investor in a NAP fund.
7. Data Subject Rights
Under applicable data protection rules, you have the rights:
- to request access to, or copies of, your data;
- to request rectification of your personal data;
- to request that the processing of your data is restricted;
- to request erasure of your personal data;
- to exercise your right to data portability;
- where we rely on your consent to process data, to withdraw your consent; and
- the right not to be subject to automated decision-making.
The right to erasure is not absolute and it may not always be possible to erase personal data on request, including where the personal data must be retained to comply with a legal or contractual obligation.
8. Data controller obligations
NAP complies with the obligations and requirements imposed on data controller under applicable laws. Amongst others, we have taken appropriate technical and organizational measures to protect against unauthorized access to, loss or destruction of data for which we are responsible. We develop our security policies and procedures on a regular basis to ensure that our systems are secure and protected.
Privacy Notice regarding CV’s
(additional information specifically for job or consultancy applicants)
If you submit information about yourself to us or any of our executive search agents, for example, by submitting your contact details and CV, we will process your personal data for recruiting purposes only (including by potentially contacting any referees provided in your CV).
We recommend that you do not include sensitive personal data in your CV. If you provide us with information about third parties, such as referees, we will assume that you have obtained the consent of that third party to provide such information to us, and for us to collect, process and to transfer their personal data to the same extent as your CV.
The purpose for collecting and processing this information is to be able to consider your suitability for a role within our organisation and/or in a portfolio company (as employee, consultant, board member, SWAT profile or other role) to be able to contact you in this regard.
If we do not have a position open, or we do not currently have a position which we think is suited to your skill set and experience, we will retain your CV for a maximum period of 12 months, unless you have consented to a longer retention period or if you have a permanent interest in being available as a capacity, for example a SWAT profile, in which case we will keep the CV as long as it is relevant for the NAP or until consent is withdrawn. You may always request that your personal data and CV is removed earlier by contacting NAP at the email address below.
Additional information for users of our website
If you submit information about yourself via our website – for example, by sending an email – we will only use your information for the intended purposes for which it has been provided. For example, we will use it for the purposes of responding to an enquiry. We may also store your information for our internal business purposes, for example to improve the site and our services in general.
We do not seek to identify visitors to this website. However, we generally record certain usage information such as the number and frequency of visitors to this site, as well as your activity whilst using our website. The information we collect may include the websites that you access immediately before and after you visit our site, the internet browsers you are using and your IP address. If we use such data at all, it will be on an aggregate basis and we will not disclose to any third party, other than IT providers, any information that could be used to identify you personally, unless required by law.
Latest update 05-03-2020