Personal Data Processing Notice
This notice from the company with the corporate name 3K Investment Partners Mutual Fund Management Company Single Member S.A., whose registered offices are at 25-29 Karneadou St., Athens, website: www.3kip.gr, Tax Reg. No. 094304867/Athens FAE Tax Office, General Commercial Reg. No. 1003501000 (hereinafter the MFMC) has been prepared in accordance with the provisions of Regulation (EU) No 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and Directive (EU) 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA, and seeks to provide information about how the personal data of its clients is processed.
The MFMC is the Controller.
Regulation (EU) No 2016/679 defines the controller as the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Legality of processing:
The MFMC can process its clients’ personal data where any of the following conditions are met:
a) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
b) processing is necessary for compliance with a legal obligation to which the MFMC is subject or for the purposes of legitimate interests deriving from contractual relations with clients or from other rights deriving from the applicable legislation;
c) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.
It is noted that personal data are processed by the MFMC and in accordance with the provisions of Law 4557/2018 in order to prevent and suppress money laundering and terrorist financing. In this context, personal data may be transmitted to the competent authorities overseeing the implementation of those provisions, as well as to other public authorities tasked with combating money laundering and terrorist financing. The processing of personal data for the above purpose is considered a matter of public interest.
(Note that in cases (a), (b) and (c) to process data no consent form the clients / data subjects is required).
d) you have given express, specific, written consent to the personal data relating to you being processed for one or more specific purpose, provided that processing is not based on one of the legal bases in points (a) to (c) above*.
Note that the concept of processing of personal data of the MFMC’s clients includes any operation or set of operations which is performed on personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
* Where the processing of your personal data is based on consent given by you (and such consent is required; for instance, for you to be sent forms and emails for advertising - promotional purposes by the MFMC), you can withdraw your consent at any time, and that withdrawal does not affect the legality of processing which was based on consent prior to withdrawal. Consent can be withdrawn by a letter sent in writing or electronically to the MFMC addressed to the Data Protection Officer and is valid from the date of submission onwards.
The types of data the MFMC processes:
The personal data processed by the MFMC may have come to its knowledge both in the context of its contractual relations with clients and in the context of information the MFMC receives from third parties (whether natural or legal persons) or public sector bodies when they or the MFMC are exercising their lawful rights. They include the following data:
The client’s name and surname & father's name.
The client’s ID or passport details.
Country of birth.
Tax Reg. No., Tax Office and country of tax residence.
Contact details: mobile phone number, home phone number, work phone number, email address and address for correspondence.
Note that personal data provided by clients must be complete and accurate and must be updated by clients themselves, promptly in each case where the data changes or whenever else considered necessary or useful by the MFMC to maintain business relations or to enable the MFMC to comply with obligations deriving from the legislative and regulatory framework applicable from time to time.
The MFMC does NOT process personal data of its clients revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of identifying a client or data concerning health or data concerning a client’s sex life or sexual orientation.
The data of minors:
The processing of personal data relating to minors is done under the strict condition that consent is first obtained from the parents or persons with parental care in accordance with the specific provisions of the legislation in force from time to time.
The purposes for which the personal data of the MFMC’s clients are processed are:
a) to facilitate, support and monitor the participation of unitholders in collective investment undertakings (UCITS and CIUs) which the MFMC manages and/or represents, based on application forms submitted by clients to join and redeem units or redeem units - reinvest in CIUs managed / represented by the MFMC.
b) to facilitate, support and monitor contractual relations with MFMC clients who receive portfolio management services, investment advice services, the receipt and forwarding of orders in financial instruments as a service, and to ensure proper and lawful implementation of contracts between those parties.
c) to record, register and file all manner of instructions, application forms and requests from clients to the MFMC provided in writing, electronically or by phone in the context of their holding in the CIUs which the MFMC manages and/or represents or in the context of investment services provided to them by the MFMC.
d) to fulfil the MFMC’s obligations deriving from the legislative and regulatory framework applicable from time to time in the context of managing and representing the CIUs and providing investment services, and to comply with decisions of the competent supervisory, administrative, public and judicial/prosecution authorities and services.
e) to satisfy all manner of client requests addressed to the MFMC and to examine client complaints and
f) to enable clients to receive printed and electronic messages for advertising - marketing purposes from the MFMC.
Storage and retention period:
The personal data of MFMC clients is subject to processing, and is held and stored by the MFMC in a secure environment solely and exclusively for the purposes intended and only for such time as is needed to achieve those purposes, subject to more specific provisions of the applicable legislation. In all events, the personal data of clients is held for 20 years from termination of the contractual relationship between the MFMC and the client in any manner or from total redemption by the client of all units in the CIUs managed and/or represented by the MFMC, as appropriate. Those time limits do not apply in the case of litigation, in which case the data retention periods extends until an irrevocable court judgment is handed down.
Data recipients / categories of data recipients:
The recipients of the personal data of the MFMC’s clients may include:
i) any credit institution which performs the duties of custodian / sub-custodian of the CIUs managed / represented by the MFMC, the brokers / sub-brokers appointed in each case to distribute units in the CIUs managed / represented by the MFMC and third parties - providers to whom the MFMC has outsourced under contract its functions in the context of the CIUs it manages / represents and the provision of investment services.
ii) third parties to whom the MFMC has assigned in whole or in part the performance of personal data processing functions on its behalf, to better facilitate the management and representation of CIUs and the provision of investment services to clients, and compliance with the legislative and regulatory framework applicable from time to time.
iii) third parties with whom the MFMC collaborates in carrying on its activities to perform its obligations in the context of managing and representing the CIUs and providing investment services to clients.
iv) CIU management companies which the MFMC represents, their custodians, and any person to whom the management companies and the custodians of the CIUs the MFMC represents have outsourced, under the relevant contact, the performance of their functions in the context of managing / acting as custodian for the said CIUs, including performing client personal data processing functions on their behalf.
v) any person to whom transmission of data is required under the applicable legislative and regulatory framework or on the basis of an administrative decision and
vi) the supervisory authorities competent for inspection and operation of both the CIUs which the MFMC manages and/or represents and for the MFMC itself, and in general any public, administrative, supervisory, judicial, prosecution or other authority and/or service when performing its lawful duties.
The MFMC has lawfully ensured that the persons processing the personal data of clients on its behalf comply with the requirements deriving from the applicable legislation and provide adequate assurances about the application of suitable technical and organisational measures so that when the personal data of clients is being processed by them, their rights are protected.
Data Subjects’ Rights:
Data subjects have the following rights:
a) the right to information and to access the personal data relating to them and to obtain information about such, and the origin, purposes of processing, recipients or categories of recipients, and retention period.
b) the right to submit a request for rectification.
c) the right to erasure of data, subject to the MFMC’s obligations and lawful rights to retain data for a minimum specific period pursuant to the legislative and regulatory framework applicable from time to time.
d) the right to restrict processing of data where the accuracy of the data is contested or processing is unlawful, or there is no longer any purpose for processing it, provided that there are no lawful grounds for retaining the data.
e) the right to data portability to another controller, provided that processing is based on client consent and is done using automated means (whether this right can be satisfied depends on the MFMC’s lawful rights and obligations to retain data and the performance of its duties in the public interest) and
f) the right to object to the processing of data relating to them on grounds relating to their particular situation in cases where data is processed to perform a duty carried out in the public interest or for the purpose of the legitimate interests pursued by the MFMC or a third party.
* It should be noted that the fulfillment of the above mentioned rights is subject to the MFMC's legal obligation to prohibit disclosure of data and information where applicable under Article 27 of Law 4557/2018 in the context of preventing, investigating and detecting any money laundering activities and financing of terrorism.
The MFMC has already taken strict security measures to safeguard confidentiality and protect the personal data of its clients from all illegal or unlawful processing, accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access in accordance with the provisions of the applicable legislation.
Data Protection Officer:
The MFMC has appointed a Data Protection Officer whose contact details are as follows: Elena Chilari, 25-29 Karneadou St., Athens GR-10675, tel. 210 7419828 email: email@example.com.
Requests from MFMC clients about their personal data and requests to exercise their rights must be submitted to the MFMC’s Data Protection Officer at the email address firstname.lastname@example.org or in writing to the MFMC’s offices at 25-29 Karneadou St., Athens GR-10675, marked for the attention of the Data Protection