Controller and contact details
MVI acts as data controller in accordance with this policy. If you have any questions about our processing of personal data, please do not hesitate to contact us at the following address email@example.com.
Collection of personal data via our website/e-mail
When you visit our website, communicate with us by e-mail or other channels, participate in our events or similar, you provide us with personal data, such as your name, title, position, e-mail address, telephone number and other information you may provide, which we collect and process. The data may be used for marketing and recruitment purposes, to respond to your enquiry, to invite you to our events and for internal business purposes. When we process your personal data for these purposes, we rely on either your consent or our legitimate interests in maintaining business relationships and communicating with you about our business and events. We may obtain information about your use of our website through "cookies", which enable us to provide visitors with access to various basic features that facilitate use and enhance the website experience. When you access our website, we may also collect information about your computer, IP address, operating system and browser type, for example for statistical purposes or for system administration. This information generally includes data that does not allow individual identification of information relating to a specific user and is subject to your consent.
Collection of personal data on investors
If you are an investor or potential investor in an MVI fund, we collect personal data when you provide it, when you do business with us, when it is available in publicly accessible sources and when we receive information about you from third parties. We may also create personal information by combining or organizing our records or combining information you have provided with information we have received from other sources. The personal data collected may fall into one of the following categories of personal data: (i) name, date and place of birth; (ii) contact information and addresses (including physical address, email address and telephone number); (iii) account information, payment instructions and other information contained in any documents you provide to us; (iv) risk tolerance, transaction history, investment experience and investment activity, or if the decision to invest is made by persons within your organisation, information about their experience, knowledge and expertise in investing in alternative funds; (v) information about your status under various laws and regulations, including social security number, tax status, income and assets; (vi) accounts and transactions with other institutions; (vii) information about your interest and holdings in MVI Funds, including ownership, equity investments, income and losses; (viii) information about your citizenship and place of residence; (ix) the source of the funds used to make the investment in our Fund; and (x) anti-money laundering documentation, identification (including passport and driver's license) and verification and, if applicable, additional information for any individual who is considered a politically exposed person.
Depending on the nature of the data and your relationship with us, our lawful basis for processing your personal data may vary. We collect data based on our legitimate interest in providing services, your consent or the performance of our contract with you as an investor. We also collect data on the basis of legal obligations, for example in relation to anti-money laundering procedures and know your customer (KYC).
You are not obliged to provide personal data to us, but if you do not, we cannot provide you with any requested services as we would not be able to carry out our legal obligations in relation to money laundering and KYC. We will only process sensitive personal data to the extent required by law, and then only with your explicit consent.
How the data is processed
We will only process personal data for the purpose for which it was collected and as set out in this policy. Personal data will only be available to authorized employees who hold a position that requires them to process personal data in order to perform their job.
Storage and security measures
Personal data is processed in accordance with our internal retention policy and our legal retention obligations. Personal data will not be kept longer than necessary for the stated purpose of processing, unless we have a legal obligation to keep the personal data for a longer period of time.
We have internal policies in place to ensure the secure processing of personal data and have taken appropriate technical and organisational measures to keep your personal data secure to ensure that only authorised persons have access to the personal data.
Transfer of data to third parties
We will not disclose personal data to third parties unless (i) you have given your prior consent, (ii) it is required by applicable law, (iii) to defend a claim or (iv) to perform services for our investors.
However, your personal data may be transferred to and processed by third party service providers who perform services for us (data processors), such as professional advisors, lenders or other persons engaged to fulfill the purposes described in this policy. We will only provide personal data necessary to fulfil the purposes set out in this policy to such processors and we will enter into data processor agreements with all processors. The data processing agreements require the data processors to comply with our instructions and any other agreements in place between us and such data processors. Before entering into a data processing agreement, we ensure that the data processor has appropriate technical and organisational measures in place to protect the personal data.
Where is the data processed?
We mainly process personal data on servers within the EU/EEA. However, we may process personal data in countries outside the EU/EEA. We will implement appropriate measures under the GDPR to ensure that your personal data remains protected and secure if the data is processed outside the EU/EEA. In order to ensure that appropriate safeguards in accordance with the provisions of the GDPR are implemented by a processor outside the EU/EEA, such processing will always be based on the EU Commission's standard contractual clauses.
Rights of the data subject
You have the right to receive confirmation from us as to whether or not personal data concerning you is being processed, or whether personal data has been processed. You have the right to obtain a copy of the personal data processed and the personal data under processing. You also have the right to obtain the rectification or erasure of personal data concerning you and the right to prohibit the processing of personal data for direct marketing purposes. If the processing is based on your consent, you can withdraw your consent at any time and we will no longer process your data. However, the withdrawal does not affect the lawfulness of the processing prior to the withdrawal. In certain cases, you have the right to request a restriction of the processing of personal data or otherwise object to the processing. In addition, you may request that the personal data you have provided to us be transmitted in a machine-readable format. All requests mentioned above should be sent to firstname.lastname@example.org. If you believe that the processing of your personal data is unlawful, you may lodge a complaint with a supervisory authority. The relevant supervisory authority in Sweden is Datainspektionen, which you can contact at email@example.com or by calling +468-657 61 00.
MVI Advisors AB
Address: Mäster Samuelsgatan 3, 111 44 Stockholm