The confidentiality, and thus the security, of your data is of great importance to Creutz & Partners. We have therefore implemented appropriate technical and organisational measures to ensure the security of your data and to protect them from unlawful processing.
PRIVACY POLICY - CREUTZ & PARTNERS - 10.06.2020
PRIVACY POLICY OF CREUTZ & PARTNERS THE ART OF ASSET MANAGEMENT S.A.
(»CREUTZ & PARTNERS«)
1. WHO IS RESPONSIBLE FOR THE DATA PROCESSING AND WHOM CAN I CONTACT?
The office responsible for processing and storing your personal data is:
Creutz & Partners The Art of Asset Management S.A.
18, Duarrefstrooss
L-9944 Beiler
Phone: +352 978 22 11
E-mail address: info@creutz-partners.com
Website: www.creutz-partners.com
2. WHICH SOURCES AND DATA ARE USED BY CREUTZ & PARTNERS?
We process personal data which we receive from our customers in the context of our business relationship. To the extent necessary – in order to provide our services – we also process personal data which we lawfully (e. g., for executing orders, performing contracts or on the basis of your consent) receive from other entities within the Creutz & Partners Group or other third parties. We also process personal data from publicly accessible sources (e. g., commercial registers and registers of associations, press, media, Internet) which we lawfully obtain and are permitted to process.
Relevant personal data collected in dealing with prospective clients, when opening an account or in the context of authorisation (power of attorney for an account) may include:
Name, address / other contact information (telephone, fax, e-mail address), date and place of birth, gender, nationality, marital status, matrimonial property regime, occupation, identification data (e. g., identification document data), authentication data (e. g., specimen signature), tax-ID, FATCA status.
Upon agreement and use of services provided by Creutz & Partners (individual asset management, investment in C&P Funds / CP NVST (collective asset management)), additional personal data may be collected, processed and stored in addition to the aforementioned data. These primarily include:
Information on knowledge of and/or experience with financial instruments (MiFID status), investment behaviour / strategy (scope, frequency, risk appetite / risk-bearing capacity), documentation data (e. g., suitability statements), occupation, financial situation (assets, financial liabilities, income (from (self-)employment / commercial business), expenses), foreseeable changes in financial circumstances (e.g., reaching retirement age), specific objectives / major concerns in the future (e.g., planned acquisitions, redemption of liabilities), tax information, account balances and portfolio holdings.
Additional personal data, such as information about the contact channel (telephone, letter, email), date, occasion and result, (electronic) copies of correspondence and information on participation in direct marketing activities (e.g., newsletter), may be collected during the initial business phase and over the course of the business relationship, particularly as a result of personal, telephone or written contact initiated by you or Creutz & Partners.
3. WHY DO WE PROCESS YOUR DATA (PURPOSE OF THE PROCESSING) AND ON WHAT LEGAL BASIS?
We process the aforementioned personal data in accordance with the provisions of the EU General Data Protection Regulation (hereinafter referred to as »GDPR«)1 and the data protection provisions of Luxembourg.
a) To fulfil contractual obligations or to carry out pre-contractual measures (Art. 6, para. 1b of the GDPR)
Personal data is first and foremost processed in order to provide asset management services (individual / collective asset management), which includes conducting transactions, in the context of carrying out our contracts with our customers or to carry out pre-contractual measures that occur as part of a request.
b) Due to statutory provisions (Article 6, para. 1c of the GDPR) or in the public interest (Article 6, para. 1e of the GDPR)
As an asset manager, we are subject to various legal obligations, meaning statutory requirements (such as the Law of 05 April 1993 on the financial sector; the Law of 12 November 2004 concerning the prevention of money-laundering and the financing of terrorism; the Law of 18 December 2015 on the automatic exchange of information on financial accounts in the field of taxation and / or other applicable laws and regulations each in its currently valid version) and the regulations issued by supervisory authorities (e.g., circulars and regulations of the Commission de Surveillance du Secteur Financier (»CSSF«)). The purposes of data processing include, amongst others, identity verification, anti-fraud and anti-money laundering measures and the compliance with tax law control and reporting obligations.
c) On the basis of your consent (Article 6, para. 1a of the GDPR)
Insofar as you have granted your consent to the processing of your personal data for certain specific purposes (e.g., sending you our »Villa Louise« newsletter, sending you the Factsheets of the C&P Funds or for the use of the CP NVST app), the lawfulness of such processing is based on your consent. Any consent granted may be revoked at any time. This also applies to the revocation of declarations of consent that have been granted to us prior to the entry into force of the GDPR, i.e. prior to 25 May 2018. Please be advised that the / a revocation will only have effect for the future. Any processing that was carried out prior to the revocation shall not be affected thereby.
d) For the purpose of safeguarding legitimate interests (Article 6, para. 1f of the GDPR)
Where required, we process your data beyond the actual fulfilment of the contract for the purpose of safeguarding the legitimate interests pursued by us or a third party. Examples:
Assertion of legal claims and defence in legal disputes;
Ensuring IT security and IT operations;
Prevention of criminal offenses;
Video surveillance to protect the right of owner of premises to keep out trespassers, to gather evidence in the event of burglary and assault;
Measures for building security (e. g., admittance control);
Measures for ensuring the right of owner of premises to keep out trespassers;
Measures of business management and further development of services and products.
Whenever we intend to rely on legitimate interest as the legal basis for the processing of personal data, we will give due consideration to any data subjects’ rights.
4. WHO RECEIVES MY DATA?
Only those persons that require your personal data in order to fulfil our contractual and legal obligations will have access to it. Service providers and vicarious agents appointed by us may also receive access to data for the purposes given, if they observe the professional secrecy and our written instructions for data protection.
With regard to the transfer of data to recipients outside Creutz & Partners, it must first of all be noted that as an asset manager we are bound by professional secrecy obligations regarding all customer-related matters of which we acquire knowledge (professional secrecy and data protection in accordance with our
General Terms and Conditions). We may only disclose information about you in case permitted by statutory provisions, in case you have given your consent and / or if sub-processors commissioned by us guarantee compliance with the professional secrecy and the provisions of the GDPR and the data protection provisions of Luxembourg.
Under these conditions, recipients of personal data may be, for example:
Public authorities and institutions (e. g., CSSF, tax and financial authorities) insofar as a statutory or official obligation exist;
Other credit and financial services institutions, comparable institutions and processors to whom we transfer personal data in order to perform the business relationship with you. Specifically: archiving, document processing, data screening for anti-money laundering purposes, data destruction, purchasing / procurement, customer management, marketing, media technology, reporting, research, expense accounting, telephony, postal services, website management, financial and investment services, share register, fund management, payment transactions, auditing services.
Other recipients of data may be those bodies for which you have given us your consent to data transfer or, respectively, for which you have granted us an exemption from professional secrecy on the basis of an agreement or consent.
5. ARE MY DATA TRANSFERRED TO THIRD COUNTRIES?
Creutz & Partners generally stores and processes your personal data in Luxembourg or within the European Union (EU). Data will only be transferred outside of the EU (to »third countries«) if this is required for the execution of your orders, prescribed by law (e. g., reporting obligations under tax law) or if you have given us your consent.
6. HOW LONG WILL MY DATA BE STORED?
We process and store your personal data for as long as it is necessary in order to fulfil our contractual and legal obligations. In this regard, it should be noted that our business relationship is a continuing obligation designed to last for several years.
If the data is no longer required in order to fulfil contractual or legal obligations, it is deleted, unless its further processing is required for a limited time for the following purposes:
Compliance with record retention periods under commercial and tax law, such as the Luxembourg commercial code, the tax code, the Law on the financial sector and the anti-money laundering law. The record retention periods prescribed therein range from two (2) to ten (10) years;
Preservation of evidence within the scope of the statutes of limitations. According to the provisions of the Luxembourg civil code, these limitation periods may be up to thirty (30) years.
7. IS THE PROVISION OF DATA OBLIGATORY?
Within the scope of our business relationship, you must provide personal data which is necessary for the initiation and execution of the / a business relationship and the performance of the associated contractual obligations or which we are legally obligated to collect. As a rule, without these data we would not be able to enter into any contract or execute an order or we may no longer be able to carry out an existing contract and would have to terminate it.
In particular, provisions of money laundering law require that we verify your identity before entering into the business relationship, for example, by means of your identity card and that we collect and record your name, place of birth, date of birth, nationality and your residential address. In order for us to be able to comply with this statutory obligation, you must provide us with the necessary information and documentation and notify us without undue delay of any changes that may arise during the course of the business relationship. If you do not provide us with the necessary information and documentation, we will not be allowed to enter into or continue your requested business relationship.
8. WHAT DATA PRIVACY RIGHTS DO I HAVE?
a) Information about your personal data and data portability
You are entitled to receive information about the personal data concerning you, which you have provided to Creutz & Partners, and you may obtain a free copy thereof.
You also have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and you have the right to have these data transmitted directly by us to third parties.
b) Rectifying, updating and / or erasing your personal data
You may also contact Creutz & Partners to rectify, update or erase your stored personal data. The relevant contact information can be found in Section 8e. Please note that prior to accessing and making changes to your data, we must verify your identity properly.
Following the data deletion instruction, your personal data will promptly be erased by Creutz & Partners (electronic data) or destroyed (data in physical form), unless such erasure / destruction is not permitted due to legal / regulatory retention periods as referred to in Section 6.
c) Right to revoke your consent
Some of Creutz & Partners’ processing activities may be based on your consent. In such a case, you have the right to revoke your consent at any time. A revocation of consent will not affect the lawfulness of the data processing conducted prior to the revocation. If you revoke your consent, Creutz & Partners and any third parties involved in the data processing will cease to process your personal data, unless the continued processing or storage of the data is permitted or required according to applicable legislation concerning personal data or other applicable laws and provisions. Please note that the revocation of your consent may mean that Creutz & Partners will not be able to meet your requests or will no longer be able to provide services and/ or information to you.
d) Right to restriction of data processing and right to object
You have the right to restrict the processing of your personal data (i) if the personal data is not correct, (ii) if the processing is unlawful, but you object to the erasure of your personal data, (iii) if Creutz & Partners no longer requires your personal data for the purposes of processing, but you still desire the storage of such data in order to establish, exercise or defend legal claims before a court or (iv) if Creutz & Partners continues to assert a legitimate interest in the relevant personal data.
At any time you have the right to object to the processing of your personal data that have been collected and processed for the purposes of the legitimate interests pursued by Creutz & Partners.
Moreover, you have the right to object to the processing of your personal data for direct marketing purposes.
e) Right to lodge a complaint / claim your data privacy rights
If you want to lodge a complaint about a privacy breach with Creutz & Partners or if you want to claim your aforementioned data privacy rights, please turn to the following address:
Creutz & Partners The Art of Asset Management S.A.
Data Protection Officer
18, Duarrefstrooss
L-9944 Beiler
Phone: +352 978 22 11
E-mail address: datenschutz@creutz-partners.com
We will acknowledge receipt of your request within two (2) business days. We will do our best to answer your request as quickly as possible and within one (1) month from the date of its receipt. In case that it would take longer than one (1) month for us to respond to your request, we will inform you accordingly and provide you with the reasons for the delay.
If you are not satisfied with the results or with the handling of your complaint by Creutz & Partners or with the claim of your data privacy rights, you may contact the Luxembourg data protection authority:
Commission nationale pour la protection des données
15, Boulevard du Jazz
L-4370 Belvaux
Phone : +352 261 06 01
Website: www.cnpd.lu
9. Security of the data processing
The confidentiality, and thus the security, of your data is of great importance to Creutz & Partners. We have therefore implemented appropriate technical (e. g., virus scanners, firewalls) and organisational measures (e.g., access controls/ restrictions) to ensure the security of your data and to protect them from unlawful processing, from unlawful or unintended modification or erasure and from loss and unauthorised disclosure or unauthorised access.
PRIVACY POLICY - C&P FUNDS - 01.01.2021
PRIVACY POLICY OF C&P FUNDS SICAV (THE »C&P FUNDS«)
1. WHO IS RESPONSIBLE FOR THE DATA PROCESSING?
Your personal data will be processed and stored by the following joint data controllers (within the meaning of Article 26 of the EU General Data Protection Regulation* (hereinafter referred to as »GDPR«)):
C&P Funds SICAV
4, rue Robert Stumper
L-2557 Luxembourg
Phone: +352 978 22 11
E-Mail address: CP-NVST@creutz-partners.com
Website: www.creutz-partners.com/en/funds
Creutz & Partners The Art of Asset Management S.A.
18, Duarrefstrooss
L-9944 Beiler
Phone: +352 978 22 11
E-Mail address: info@creutz-partners.com
Website: www.creutz-partners.com
The joint data responsibility between the C&P Funds and the management company Creutz & Partners The Art of Asset Management S.A. (hereinafter referred to as »we« or »us«) involves the sharing of responsibilities with regard to the protection of personal data in accordance with a corresponding agreement between the two parties.
This agreement essentially governs who is responsible for which fulfilment of the obligations under data protection law, in particular with regard to the protection of your data privacy rights (see Section 8 below) and the fulfilment of the data protection information obligations.
In this context, it is the responsibility of the C&P Funds to provide you with the information required pursuant to art. 13 and 14 GDPR by means of this »Privacy Policy«.
Although there is a joint responsibility and we are in principle equally responsible for compliance with the legal provisions, in particular for the lawfulness of the processing of personal data, Creutz & Partners, as the management company and main distributor of the C&P Funds, bears the primary responsibility for the processing of your personal data.
To exercise your data privacy rights, you can contact either the C&P Funds or the management company at any time. We will inform each other immediately of any legal positions you may have claimed and provide each other with all information necessary to respond to your request. Please note, however, that pursuant to Section 8e), the Data Protection Officer of the management company is the preferred contact point for exercising your data privacy rights.
2. WHICH SOURCES AND DATA DO WE USE?
We process personal data which we receive from our customers in the context of our business relationship. To the extent necessary – in order to provide our services – we also process personal data which we lawfully (e.g., for executing orders, performing contracts or on the basis of your consent) receive from other entities within the Creutz & Partners Group or other third parties. We also process personal data from publicly accessible sources (e.g., commercial registers and registers of associations, press, media, Internet) which we lawfully obtain and are permitted to process.
Relevant personal data collected in dealing with prospective clients, when opening and/or maintaining a register, in the context of a power of attorney may include:
Name, address/other contact information (telephone, fax, e-mail address), date and place of birth, gender, nationality, marital status, matrimonial property regime, occupation, identification data (e. g., identification document data), authentication data (e.g., specimen signature), tax-ID, FATCA status.
Upon agreement and by use of our services, additional personal data may be collected, processed and stored in addition to the aforementioned data. These primarily include: Information on knowledge of and/or experience with financial instruments (MiFID status), investment behaviour/strategy (scope, frequency, risk appetite/ risk-bearing capacity), documentation data (e.g., suitability statements), occupation, financial situation (assets, financial liabilities, income (from (self-) employment/commercial business), expenses), foreseeable changes in financial circumstances (e.g., reaching retirement age), specific objectives/major concerns in the future (e.g., planned acquisitions, redemption of liabilities), tax information, account balances and portfolio holdings.
Additional personal data, such as information about the contact channel (telephone, letter, email), date, occasion and result, (electronic) copies of correspondence and information on participation in direct marketing activities (e.g., newsletter), may be collected during the initial business phase and over the course of the business relationship, particularly as a result of personal, telephone or written contact initiated by you or by us.
3. WHY DO WE PROCESS YOUR DATA (PURPOSE OF THE PROCESSING) AND ON WHAT LEGAL BASIS?
We process the aforementioned personal data in accordance with the provisions of the GDPR and the data protection provisions of Luxembourg.
A) To fulfil contractual obligations or to carry out pre-contractual measures (Art. 6, para. 1b of the GDPR) Personal data is first and foremost processed in order to provide collective asset management, which includes conducting transactions, in the context of carrying out our contracts with our customers or to carry out pre-contractual measures that occur as part of a request.
B) Due to statutory provisions (Article 6, para. 1c of the GDPR) or in the public interest (Article 6, para. 1e of the GDPR) Furthermore, we are subject to various legal obligations, meaning statutory requirements (such as the Law of 05 April 1993 on the financial sector; the Law of 12 November 2004 concerning the prevention of money-laundering and the financing of terrorism; the Law of 18 December 2015 on the automatic exchange of information on financial accounts in the field of taxation and/or other applicable laws and regulations each in its currently valid version) and the regulations issued by supervisory authorities (e.g., circulars and regulations of the Commission de Surveillance du Secteur Financier (»CSSF«)). The purposes of data processing include, amongst others, identity verification, anti-fraud and anti-money laundering measures and compliance with tax law control and reporting obligations.
C) On the basis of your consent (Article 6, para. 1a of the GDPR) Insofar as you have granted your consent to the processing of your personal data for certain specific purposes (e.g., sending you our »Villa Louise« newsletter, sending you the Factsheets of the C&P Funds or for the use of the CP NVST app), the lawfulness of such processing is based on your consent. Any consent granted may be revoked at any time. This also applies to the revocation of declarations of consent that have been granted to us prior to the entry into force of the GDPR, i.e. prior to 25 May 2018. Please be advised that the/a revocation will only have effect for the future. Any processing that was carried out prior to the revocation shall not be affected thereby.
D) For the purpose of safeguarding legitimate interests (Article 6, para. 1f of the GDPR) Where required, we process your data beyond the actual fulfilment of the contract for the purpose of safeguarding the legitimate interests pursued by us or a third party.
Examples:
Assertion of legal claims and defence in legal disputes;
Ensuring IT security and IT operations;
Prevention of criminal offenses;
Video surveillance to protect the right of owner of premises to keep out trespassers, to gather evidence in the event of burglary and assault;
Measures for building security (e.g., admittance control);
Measures for ensuring the right of owner of premises to keep out trespassers;
Measures of business management and further development of services and products.
Whenever we intend to rely on legitimate interest as the legal basis for the processing of personal data, we will give due consideration to any data subjects’ rights.
4. WHO RECEIVES MY DATA?
Only those persons that require your personal data in order to fulfil our contractual and legal obligations will have access to it. Service providers and vicarious agents appointed by us may also receive access to data for the purposes given, if they observe the professional secrecy and our written instructions for data protection.
Under these conditions, recipients of personal data may be, for example:
Public authorities and institutions (e.g., CSSF, tax and financial authorities) insofar as a statutory or official obligations exist;
Other credit and financial services institutions, comparable institutions and processors to whom we transfer personal data in order to perform the business relationship with you. Specifically: archiving, document processing, data screening for anti-money laundering purposes, data destruction, purchasing/procurement, customer management, marketing, media technology, reporting, research, expense accounting, telephony, postal services, website management, financial and investment services, share register, fund management, payment transactions, auditing services.
Other recipients of data may be those bodies for which you have given us your consent to data transfer or, respectively, for which you have granted us an exemption from professional secrecy on the basis of an agreement or consent.
5. ARE MY DATA TRANSFERRED TO THIRD COUNTRIES?
We generally store and process your personal data in Luxembourg or within the European Union (EU). Data will only be transferred outside of the EU (to »third countries«) if this is required for the execution of your orders, prescribed by law (e. g., reporting obligations under tax law) or if you have given us your consent.
6. HOW LONG WILL MY DATA BE STORED?
We process and store your personal data for as long as it is necessary in order to fulfil our contractual and legal obligations. In this regard, it should be noted that our business relationship is a continuing obligation designed to last for several years.
If the data is no longer required in order to fulfil contractual or legal obligations, it is deleted, unless its further processing is required – for a limited time – for the following purposes:
Compliance with record retention periods under commercial and tax law, such as the Luxembourg commercial code, the tax code, the Law on the financial sector and the anti-money laundering law. The record retention periods prescribed therein range from two (2) to ten (10) years.
Preservation of evidence within the scope of the statutes of limitations. According to the provisions of the Luxembourg civil code, these limitation periods may be up to thirty (30) years.
7. IS THE PROVISION OF DATA OBLIGATORY?
Within the scope of our business relationship, you must provide personal data which is necessary for the initiation and execution of the business relationship and the performance of the associated contractual obligations or which we are legally obligated to collect. As a rule, without these data we would not be able to enter into any contract or execute an order or we may no longer be able to carry out an existing contract and would have to terminate it.
In particular, provisions of money laundering law require that we verify your identity before entering into the business relationship, for example, by means of your identity card, and that we collect and record your name, place of birth, date of birth, nationality and your residential address. In order for us to be able to comply with this statutory obligation, you must provide us with the necessary information and documentation and notify us without undue delay of any changes that may arise during the course of the business relationship. If you do not provide us with the necessary information and documentation, we will not be allowed to enter into or continue your requested business relationship.
8. WHAT DATA PRIVACY RIGHTS DO I HAVE?
A) Information about your personal data and data portability
You are entitled to receive information about the personal data concerning you, which you have provided to us, and you may obtain a free copy thereof.
You also have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and you have the right to have these data transmitted directly by us to third parties.
B) Rectifying, updating and/or erasing your personal data
You may also contact us to rectify, update or erase your stored personal data. The relevant contact information can be found in Section 8e. Please note that prior to accessing and making changes to your data, we must verify your identity properly.
Following the data deletion instruction, your personal data will promptly be erased (electronic data) or destroyed (data in physical form), unless such erasure/ destruction is not permitted due to legal/regulatory retention periods as referred to in Section 6.
C) Right to revoke your consent
Some of our processing activities may be based on your consent. In such a case, you have the right to revoke your consent at any time. A revocation of consent will not affect the lawfulness of the data processing conducted prior to the revocation. If you revoke your consent, we and any third parties involved in the data processing will cease to process your personal data, unless the continued processing or storage of the data is permitted or required according to applicable legislation concerning personal data or other applicable laws and provisions. Please note that the revocation of your consent may mean that we will not be able to meet your requests or will no longer be able to provide services and/or information to you.
D) Right to restriction of data processing and right to object
You have the right to restrict the processing of your personal data (i) if the personal data is not correct, (ii) if the processing is unlawful, but you object to the erasure of your personal data, (iii) if we no longer require your personal data for the purposes of processing, but you still desire the storage of such data in order to establish, exercise or defend legal claims before a court or (iv) if we may continue to assert a legitimate interest in the relevant personal data.
At any time, you have the right to object to the processing of your personal data that have been collected and processed for the purposes of our legitimate interests.
Moreover, you have the right to object to the processing of your personal data for direct marketing purposes.
E) Right to lodge a complaint/Claiming your data privacy rights
If you want to lodge a complaint about a privacy breach or want to claim your aforementioned data privacy rights, please turn to the following address:
Creutz & Partners The Art of Asset Management S.A.
Data Protection Officer
18, Duarrefstrooss
L-9944 Beiler
datenschutz@creutz-partners.com
We will acknowledge receipt of your request within two (2) business days. We will do our best to answer your request as quickly as possible and within one (1) month from the date of its receipt. In case that it would take longer than one (1) month for us to respond to your request, we will inform you accordingly and provide you with the reasons for the delay.
If you are not satisfied with the results or with the handling of your complaint or of your claim of data privacy rights, you may contact the Luxembourg data protection authority:
Commission nationale pour la protection des données
15, Boulevard du Jazz
L-4370 Belvaux
Phone : +352 261 06 01
Website : www.cnpd.lu
9. SECURITY OF THE DATA PROCESSING
The confidentiality, and thus the security, of your data is of great importance to Creutz & Partners. We have therefore implemented appropriate technical (e.g., virus scanners, firewalls) and organisational measures (e.g., access controls/restrictions) to ensure the security of your data and to protect them from unlawful processing, from unlawful or unintended modification or erasure and from loss and unauthorised disclosure or unauthorised access.
* Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
PRIVACY POLICY - APPLICANT - 10.06.2020
INFORMATION ON THE USE OF PERSONAL DATA BY CREUTZ & PARTNERS THE ART OF ASSET MANAGEMENT S.A. (CREUTZ & PARTNERS) IN THE APPLICATION AND SELECTION PROCESS
As part of the application and selection process, applicants provide Creutz & Partners with a series of personal data. This personal data essentially consists of the following:
Personal master data such as surname, first name, date of birth, marital status, residential address and contact details (telephone no., email address, etc.);
Personal outline data such as curriculum vitae, evidence of professional training/ certificates, social security number and health insurance;
Performance data such as training certificates, job references and assessments.
Creutz & Partners processes the aforementioned data to implement the application and selection process in accordance with the provisions of the EU General Data Protection Regulation (GDPR)* and the data protection provisions that apply in Luxembourg. Personal data is processed in particular in order to perform pre-contractual measures as defined in Article 6 (1) b) GDPR. Creutz & Partners processes the data in physical or electronic form. Within Creutz & Partners, those people who require the personal data to implement the application process have access to this data. Creutz & Partners processes the personal data at the company’s headquarters in Luxembourg.
Applicants’ personal data is in principle retained by Creutz & Partners for the duration of the application and selection process. The data is then returned to the applicant or erased or destroyed.
Creutz & Partners may retain applicants’ personal data for a longer period in individual cases so that it can include the applicants in future job advertisements and application processes. In all cases, Creutz & Partners will erase/destroy applicants’ personal data no later than 2 years after receipt.
Applicants have the following rights in relation to their personal data:
a) Information about personal data and data portability
Applicants are entitled to receive information about their personal data provided to Creutz and Partners and they may obtain a copy thereof. They also have the right to receive the personal data concerning them in a structured, commonly used and machine-readable format and they have the right to have these data transmitted directly by Creutz & Partners to third parties.
b) Rectifying, updating and/or erasing personal data
Applicants have the right to have their personal data rectified, updated or erased. After receiving an instruction to erase personal data, Creutz & Partners will erase it (electronic data) or destroy it (data in physical form) immediately.
c) Right to withdraw consent
Applicants have the right to withdraw their consent to the processing of their data by Creutz & Partners at any time. A withdrawal of consent does not affect the lawfulness of the data processing carried out before consent was withdrawn. If consent is withdrawn, Creutz & Partners will cease processing the personal data immediately. The withdrawal of consent may mean that Creutz & Partners may not (or may no longer) be able to reply to applicants’ enquiries or no longer be able to include them in future application processes.
d) Right to restriction of data processing and right to object
Applicants have the right to restrict the processing of their personal data if the personal data is not correct, if the processing is unlawful but they have objected to the erasure of their personal data, if Creutz & Partners no longer requires their personal data for the purposes of processing but applicants wish such data to be stored so that they can assert, exercise or defend legal claims in court, or if the employer may continue to assert a legitimate interest in the personal data concerned.
Applicants have the right to object at any time to the processing of their personal data collected and processed for the purposes of the legitimate interests of Creutz & Partners.
In order to claim their rights, applicants can contact Creutz & Partners in writing using the details below:
Creutz & Partners The Art of Asset Management S.A.
18, Duarrefstrooss
L-9944 Beiler
datenschutz@creutz-partners.com
Applicants may lodge a complaint against Creutz & Partners concerning a data breach at any time. If applicants are not satisfied with the handling of their complaints, they may contact the Luxembourg data protection authority at the address below:
Commission nationale pour la protection des données
15, Boulevard du Jazz
L-4370 Belvaux
www.cnpd.lu
The confidentiality and thus the security of personal data are of great importance to Creutz & Partners. Creutz & Partners has therefore adopted suitable technical and organisational measures to ensure the security of the processed data.
* Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.
We use cookies on our website. Cookies are small text files that enable us to store certain information about you and your user behaviour with regard to our website on your device (e.g. PC, smartphone, tablet). Cookies enable us to improve the user-friendliness of our website, to optimise our website and to ensure the functionality of our website. You can manage (i.e. enable or disable) the storage of cookies. Please note, however, that deactivating cookies may limit the functionality of our website. You can delete cookies that are already stored on your terminal device via your browser.
The cookies used on this website are divided into the following categories:
- Strictly necessary cookies
- Functionality cookies
- Performance cookies