Data protection
Data protection FISCH Umbrella Fund
The FISCH Umbrella Fund (hereinafter “Fisch”, “we”, “us”) is required to protect and securely store the personal data of its current, future and former clients (hereinafter “clients”, “you”) in accordance with applicable legislation, in particular the European General Data Protection Regulation (hereinafter the “GDPR”). The present Data Protection Policy (hereinafter the “Policy”) includes information on how we may collect, use, process and, under certain circumstances, pass on personal data.
Notwithstanding the provisions of this Policy, the provisions of any contracts into which you have entered with us shall take precedence.
Contents
A. General note on data processing
B. Use of cookies
C. Email correspondence
D. Marketing emails
E. Data protection rights of the client
F. Initiating contact
G. Policy updates
A. General note on data processing
1. Processing of personal data
1.1. Scope of processing of personal data
As a rule, we process our clients’ personal data only to the extent necessary to provide our services and deliver a functional website.
Fisch may collect, use and pass on your personal data to enable Fisch (i) to conduct its day-to-day business activities and transactions with you; (ii) to meet its obligations based on the terms of use of the website; (iii) to carry out statistical analyses of the pages of the website that were visited; (iv) to monitor and analyze its business activities; (v) to contribute to the prevention of crime and compliance with statutory and supervisory regulations; (vi) to develop and market other products and services and (vii) to delegate Fisch’s rights or obligations.
Fisch will not collect or require the disclosure of any sensitive personal data (e.g. ethnicity, religion or medical data). However, if you choose to provide such sensitive personal data, Fisch may assume that such sensitive data has been made available with your consent and it may be processed by Fisch in its sole discretion unless you instruct Fisch otherwise in writing.
1.2. Data security
At Fisch, your personal data is transferred and stored in a secure environment. We will take all reasonable steps to prevent third parties who are not trusted service providers of Fisch from gaining access to your personal data. We will only share your data with other third parties if we are required to do so for statutory, official or supervisory reasons. We will not share information about you with others unless we believe it is lawful to do so or if you have consented.
1.3. Outsourcing
Fisch has delegated the storage and archiving of company and client data to a specialized third-party company. This outsourced activity is limited to data storage and archiving. Data processing remains within the company and is not outsourced. The activity of the third-party company primarily entails hosting and server maintenance.
1.4. Data transfer
We process data both inside and outside of Luxembourg and rely on mechanisms provided by law to lawfully transfer data across borders. Fisch may transfer the personal data collected or stored from you to other countries for the purposes described in this Policy, including to countries where privacy and data protection laws may not be equivalent to those in the EU. By accepting the terms of use of the website, you consent to such transfer.
Fisch will not disclose personal data collected from you to third parties except: (i) as required by applicable law or regulation; (ii) where there is a general disclosure obligation; (iii) where Fisch’s legitimate business interests require disclosure; or (iv) at your request or with your consent or to the persons identified below.
Fisch may, subject to applicable law, disclose your personal data to persons or companies providing services to or acting as agents of Fisch, and to any person to whom Fisch transfers or offers to transfer its rights or obligations under the terms of use of the website, or who assists it with identity authentication and fraud prevention checks or credit checks.
1.5. Data protection on the internet
Fisch applies various security measures to ensure the protection of your personal data. However, Fisch assumes no responsibility or liability for the security of your data at the time it is transmitted to us via the internet. Please be advised that in order to protect your privacy, you may also contact us through other means of communication as you deem appropriate.
This website may contain hyperlinks to third-party websites that are not operated or monitored by Fisch. Once you leave our website, Fisch is not responsible for the content or privacy practices of third-party websites.
1.6. Recording and monitoring
Fisch may record or monitor telephone conversations and email correspondence between you and Fisch for security, compliance purposes, and to maintain and improve the quality of Fisch’s services.
2. Legal basis for the processing of personal data
Fisch processes personal data in accordance with the provisions of the GDPR. In particular, Article 6 of the GDPR governs the lawfulness of data processing.
At Fisch, the processing of personal data is based on:
- Contractual agreements. Its purpose is to fulfil contractual obligations between you and Fisch. This also applies to processing operations required to take steps prior to entering into a contract.
- A legal obligation to which Fisch is subject.
- Your consent through your use of Fisch’s website.
- A legitimate interest pursued by Fisch or by a third party, except where such interests are overridden by your interests, or fundamental rights and freedoms.
3. Duration of storage
The personal data will be processed or stored for as long as is necessary to fulfill the purpose of data collection and to meet the contractual or statutory obligations. Storage beyond this is possible to the extent provided for by national or international law applicable to Fisch (statutory retention and documentation periods).
As a rule, data is also blocked or deleted when the retention period specified in the applicable legal standards has expired, unless the continued storage of the data is necessary for the conclusion or fulfillment of a contract.
B. Use of cookies
Our website uses cookies. Cookies are text files, which are stored on the client’s computer system within or by the internet browser. If a client accesses a website, a cookie may be saved in the client’s operating system. This cookie contains a character string, which facilitates the unique identification of the browser the next time the website is accessed.
This website uses Google Analytics, a free web analytics service provided by Google, Inc. Google Analytics uses cookies, which are text files that are stored on your computer. The information generated by cookies about your use of this website (including your IP address) is transferred to a Google server in the United States and stored there. Google uses this information to evaluate your use of this website and to compile reports on website activity for the website operator. Google is also entitled to share this information with third parties when legally required to do so, or where third parties process the information for Google. You can opt out of cookies by making the appropriate adjustments in your browser settings, block cookies, and delete cookies that are already on your computer. By using our website, you agree to the processing of the data collected about you by Google in the manner and for the purposes described above.
The purpose of cookies required for technical reasons is to make the website easier for clients to use. Without cookies, some features of our website cannot be provided. For them to function, it is necessary for the browser to be recognised after leaving the page. Analytics cookies are used for improving the quality of our website and its contents. Analytics cookies tell us how the website is being used, enabling us to steadily improve our online presence.
Cookies are stored on the client’s computer and sent from there to our site. You, the client, thus have full control over the use of cookies. By changing your browser settings, you can disable or restrict cookies. Stored cookies can be deleted at any time, and deletion can be set to occur automatically. If cookies are disabled for our website, it is possible that some features of the site will not work properly.
C. Email correspondence
Contact can be made via the e-mail address provided. In this case, the sender’s personal data transmitted with the e-mail will be stored. This data will be used exclusively for processing the correspondence.
The necessary legitimate interest in data processing by Fisch lies in Fisch’s duty to process correspondence initiated by the customer via e-mail. The purpose of the other personal data processed when responding is to ensure the security of our IT systems.
If you contact us by email, you can object to the storage of your personal data at any time (cf. E below: “Data protection rights of the client”). If you do so, the communication cannot be continued.
D. Marketing-E-Mails
Fisch may send informational marketing e-mails (newsletters, event invitations, etc.) using software that enables the collection of behavioral data. This process entails the storage and evaluation of personal data of the recipients of these emails abroad, including:
- Statistical analysis of the e-mails, including actions traceable to individual recipients, such as click or link opening behavior. This information is used to form target groups and to influence the sending of future e-mails.
- Automatic sending of follow-up e-mails based on recipient reactions.
- Non-anonymized surveys and evaluation of personal data.
By using marketing e-mails, you agree to the processing of data collected about you in the manner and for the purposes described in this Policy. Recipients can opt out of receiving such marketing emails at any time using the unsubscribe link in each email.
All tracking data collected through marketing emails are stored abroad in line with legal and regulatory requirements.
E. Data protection rights of the client
If the relationship between you and Fisch falls under the GDPR and your personal data is processed, you are a data subject within the meaning of the GDPR. How the rights listed below can be exercised depends on the legal basis selected for the storage of the personal data. Under the GDPR, every data subject has a right of access, a right to rectification or erasure, a right to restrict processing, a right to object and, under certain conditions, a right to data portability. Furthermore, every data subject has a right to withdraw consent as well as the right to lodge a complaint about the processing of their personal data with a supervisory authority.
F. Initiating contact
If you are a Fisch client and have further questions about Fisch’s data protection practices or would like to verify that your personal data is accurate and up to date, please contact your relationship manager directly or send an email to CompSec-UIL@universal-investment.com
G. Policy updates
This Policy was last updated on 17 December 2021. Please be aware that Fisch reserves the right to amend this Policy at any time. Changes or additions to the above description of the processing of personal data are communicated through suitable information channels, such as the Fisch website. Continued use of this website constitutes consent and agreement to any additional or amended provisions of this Policy.