Asia Growth Capital Management AB strives to maintain a high level of protection for its clients, fund unit holders, suppliers, partners and employees as well as other persons whose personal data is processed within our business. We may process personal data obtained from you, your employer, your colleagues or others, such as the Swedish Companies Registration Office (Bolagsverket) or other publicly available sources. Your personal data is always processed in accordance with applicable data protection regulations.
On May 25, 2018, the EU General Data Protection Regulation ("GDPR") and the Swedish Act of Data Protection (dataskyddslagen) has become applicable. The new regulations have resulted in enhanced protection of personal data and tougher requirements for companies and organizations that process personal data.
The purpose of processing personal data
We may process personal data with the following, and other related, purposes:
to perform our services,
to provide client support and handle complaints,
to inform and market our services and the investment funds that we manage, including direct marketing,
to conduct client- and market analysis regarding our services and the investment funds that we manage,
to handle contacts with existing and potential suppliers, counterparties, partners and authorities,
perform activities in accordance with the Swedish Act on Measures Against Money Laundering and Financing of Terrorism (lagen om åtgärder mot penningtvätt och finansiering av terrorism) and the Market Abuse Regulation and monitoring based on EU and UN sanction lists,
financial- and human resources management,
recruitment of personnel,
continuity planning, and
handling of questions and other contacts taken with us.
We may employ data processers in the processing of personal data. For instance, we may use external parties to conduct marketing and sales activities of our managed investment funds and for financial administration.
The data processors who process personal data on our behalf are always covered by data processing agreements in order to ensure that your personal data is, at all times, processed in accordance with applicable regulations.
The legal basis of the processing
Processing of personal data is only allowed if there is a legal basis under GDPR or, if applicable, the Act on Measures Against Money Laundering and Financing of Terrorism.
Our processing of client information generally has the legal basis that the processing is necessary in order for us to fulfill obligations pursuant to a client agreement.
Information about both existing and potential investors in our managed investment funds is processed with the legal basis that we, and where appropriate, our partners, have a legitimate interest in developing, market and administer services and activities.
Information about employed personnel is processed with the legal basis that the processing is necessary to fulfill our agreement with the employee and the legal obligations arising from the employment contract, collective agreements etc., as well as, where appropriate, that we have legitimate interests in processing information about our employees.
In addition, personal data is processed to administer our contacts with representatives of existing and potential suppliers, applicants in recruitment processes, counterparties and authorities as well as other persons who contact us. In these cases, the processing is generally based on the fact that we have a legitimate interest in processing the data. If the processing occurs because the data subject has contacted us spontaneously (and, in the individual case, we do not have a legitimate interest or other reason for processing), the data subject will be deemed to have consented to our processing of the personal data transmitted through the contact. The data subject is always entitled to revoke such consent.
When the processing of personal data is based on our legitimate interests, we always perform an assessment to ensure that there is a balance between our interests and the integrity and fundamental freedoms and rights of the data subjects. If the data subject has objected to our processing of personal data we take his/her preference into account in the assessment. In these cases, the processing is only allowed if our interests of the processing are particularly important.
The duration of the processing
Personal data regarding clients are processed for the time during which we are required to keep the information pursuant to the Swedish Securities Market Act (lagen om värdepappersmarknaden) and other regulations that apply to our business. These regulations generally require us to process the personal data during the time of the client relationship and for a period of five years thereafter. The processing may last for a longer period of time if we consider that we have legitimate interests in continuing the processing that is more important than the interests of the data subject (for example, if the information is necessary to enable us to make of or defend legal claims). Normally, the processing of personal data will not last for more than ten years after the client relationship has ended.
Our business also includes processing of other types of personal data which we are obliged to process according to the regulations that applies to the business (for instance, certain information about our staff, suppliers and counterparties). In these cases the personal data is processed during the time which we are required to keep the data pursuant to the relevant regulations and any additional time that we may have a legitimate interest in the processing.
Other types of personal data are regularly sorted out in accordance with our data protection policies based on whether the processing is necessary due to the purpose of the processing.
The rights of the data subjects
Data subjects have the right to, free of charge, access the personal data that we process in a structured, commonly used and machine-readable format.
Under certain circumstances, the data subjects may transfer personal data and, if technically possible, request that such transfer shall be made directly from us to a new data controller. Furthermore, the data subjects have the right to receive information about the purposes of the processing, from where we have retrieved the data, the categories of data which are being processed, the recipients or categories of recipients to which the data is provided or is to be provided, the estimated time of processing and the data subjects rights under GDPR. The data subjects are also entitled to request correction of incorrect personal data and to supplement any incomplete information.
If our processing of personal data is no longer necessary the data subjects are generally entitled to request that we delete the data without unnecessary delay. This also applies if the processing is based on the consent of the data subject. In some cases, the data subjects are entitled to request that we restrict the processing of personal data. If the personal data has been provided by us to an external recipient (for example a data processor, a supplier or an authority), we are obliged to notify these recipients of the request of the data subject, if this is possible and does not entail a disproportionate workload.
If a data subject considers that an error has been committed in our processing of personal data, it is possible to file a complaint with the Swedish Data Inspection Board (Datainspektionen).
Particularly about direct marketing
Data subjects always have the right to notify us if they oppose their personal data to be used for direct marketing.
If you have questions regarding our processing of personal data, please contact us at Asia Growth Capital Management AB, Birger Jarlsgatan 10, 114 34 Stockholm, or telephone 08-403 745 00. You can also send an e-mail to email@example.com.