Legal, GDPR

 

UI efa S.A.
2, Rue d'Alsace
L - 1122 Luxembourg

Register of Commerce and Companies n°: B56766
Intra community VAT: LU16944578

The data processing controller can be contacted by phone (+352) 48 48 80 80 or by email: dpo@efa.eu.

WebMaster : Marc.Vatrey@efa.eu

 

GDPR policy

Cookie policy

We treat your personal data with respect, while we process any information collected in relation to our activity.
Our privacy policy applies to every visitor who visits our website www.efa.eu

Icons

The icons used on this website are coming from https://icons8.com/.

 

What personal data do we collect?


Technical data

While you navigate through our website, we collect different kinds of technical data :

  • web browser and screen resolution
  • operating system and device type (computer, mobile, tablet)
  • session statistics
  • navigation feed and clicks
  • IP address

This data is stored anonymously and can not be used to identify you.

 

How do we collect your personal data?


Only data that you voluntarily provided is being collected, such as data submitted while signing up to a newsletter, filling out a contact form or contacting us via email.  

Data outlining how you navigate through our website will also be collected.

Where another party (such as a company or a partnership or any third parties acting on you or your behalf) provides your personal information to us, they must also comply with their obligations under the relevant privacy laws and regulations. If you believe that the entity for whom you work or a third party has not provided you with details of the personal information that it holds about you and/or has not obtained your authority to provide us with that personal information for processing as described in this Privacy Notice, then please contact such entity directly.

 

Legal grounds


Personal data is collected based on the following legal grounds :

  • To adapt and improve the offer
  • To comply to legal obligations
  • For our legitimate interest
  • To defend our interests during legal procedures
  • For commercial purposes, if we have received your consent

 

How long is your data stored for?


Your data is only kept as long as we estimate for it be necessary to achieve the initial goal.

All personal data is stored for a defined period of time depending on the type of data. The retention period may differ depending on the purpose of the data collected such as:

  • legal and contractual retention periods
  • the limitation period during which the concerned persons may assert their legal rights against our company
  • good practice
  • Company’s commercial goals

The maximum retention period of your personal data does not exceed 10 years.

 

Protection of your personal data


We use different technical and organizational methods to protect your personal data from unauthorized access.

 

Change to your Privacy Policy


We are constantly trying to improve our website so the policies may change from time to time. You can see when the policy was last updated by checking the date on the first page. You are responsible for periodically reviewing the GDPR and Cookie policies.

 

To which countries is your personal data transferred to?


Personal data may be shared internally for company purposes and with different third party providers in accordance with their contractual arrangements.

Selected data may be transferred to third party providers as part of an outsourcing contract.

All third party providers have confirmed to treat and process any data in accordance with GDPR (General Data Protection Regulation) as of 25th May 2018.

 

Name and address of the provider
 Data storage country
 Type of service
 Concerned data
Amazon Web Services Inc
410 Terry Avenue North
Seattle, WA 98109-5210
USA
 Germany, France, Ireland Website hosting All data filled out in forms available on the website.
Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA
 Member countries of the European Union & USA Web analytics (Google Analytics), social media (Google+), Google fonts COOKIE: Pageviews, clicks, technical data of the web browser and of the device used to connect to the website


Some of the data we obtain from you when you use our website includes technical data, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login details, browser type and version, your time zone, the types of browser extensions and their versions, the operating system and the platform.

 

Your rights

Regulation (EU) n° 2016/679 of the European Parliament (1) and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and the free movement of such data, repealing Directive 95/46/EC, the so-called General Data Protection Regulation ("GDPR") defines a stronger and more coherent personal data protection framework for any personal data processed within the EEA.

The new set of rules enters into force as from 25 May, 2018.

Some of the main points the GDPR emphasises on are (i) the rights of data subjects (the natural person) on the processing of their personal data, (ii) the obligations of the data controller, which determines the purposes and means of the processing of the personal data, as well as (iii) the obligations of the data processor, which processes personal data on behalf of the data controller.

efa is data controller when it acts for its own purposes (e.g. relating to employees, clients, providers,…).  

The funds are data controllers and determine the purposes and means of the personal data processing. As subcontractor in charge of the central administration of the funds, efa is data processor and processes personal data on behalf of, on instructions from and under the authority of the funds.

The investment vehicle, acting as data controller (for identity and contact details of the data controller, see the prospectus or the subscription form of the investment vehicle), and/or efa, acting as data processor (or data controller for its own purposes), shall collect and use information on the account holder in a fair and lawful manner, in accordance with the provisions of the Law of 2 August 2002 on the protection of individuals with regard to the processing of personal data, as amended (the Law of 2002) and according to the Regulation (EU) of the European Parliament and the Council of april 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("GDPR") as such laws may be amended or repealed from time to time.

efa is committed to keeping your information private and safe. By 'your information' (the personal data) we mean any data about you that you or third parties provide to us. efa respects your privacy and is committed to protecting your personal data.

According to the GDPR, you have (as data subject) the following rights :

  • Right of access to your personal data
  • Right to rectification  of your personal data
  • Right to erasure (‘right to be forgotten') of your personal data
  • Right to restriction of processing
  • Right to data portability of your personal data
  • Right to object and automated individual decision-making

Documentation and personal data which are used to demonstrate orderly data processing will be stored in accordance with Luxembourg legal retention periods. Data subject's personal data are then erased if and when permitted by the Law of 2002 and GDPR or any other applicable laws.

(1) http://eur-lex.europa.eu/legal...

You also have the right to submit a formal complaint to the Commission nationale pour la protection des données having its registered office at 1 Avenue du Rock'n'Roll, L-4361 Esch-sur-Alzette.