Nordic Capital respects your privacy and is committed to protecting your personal data. This Privacy Notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
This Privacy Notice aims to give you information on how we use, process and store your personal data.
It is important that you read this Privacy Notice together with any other Privacy Notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements the other notices and is not intended to override them.
This Privacy Notice was last updated on 25 March 2020. In this Privacy Notice, “DP Laws” shall mean (i) the General Data Protection Regulation (2016/679) and any supplementing national law, (ii) the Data Protection (Jersey) Law 2018, (iii) the Data Protection Authority (Jersey) Law 2018 and (iv) any other applicable laws concerning the protection or processing of personal data in any jurisdiction worldwide, each as amended from time to time.
About Nordic Capital
Nordic Capital is the common denomination for a group of private equity funds and vehicles domiciled in Jersey, Channel Islands, including Nordic Capital Fund V, Nordic Capital Fund VI, Nordic Capital Fund VII, Nordic Capital Fund VIII, Nordic Capital Fund IX, Nordic Capital CV1 and any successor funds or vehicles from time to time (together, the Vehicles), together with certain co-investment, holding companies and other vehicles within, or otherwise connected to, those Vehicles (each, an Entity).
This Privacy Notice is issued by Nordic Capital Limited (NCL) and/or each other Entity classified as a data controller in connection, where relevant, with a Vehicle, to include (but not limited to) the general partners for each of the Vehicles and/or the Entities (as appropriate), being (but not limited to) Nordic Capital V Limited, Nordic Capital VI Limited, Nordic Capital VII Limited, Nordic Capital VIII Limited, Nordic Capital IX Limited and Nordic Capital CV1 Limited (each, a Controller).
The Vehicles are advised by their non-discretionary sub-advisers (as appropriate), NC Advisory AB, NC Advisory A/S, NC Advisory AS, NC Advisory GmbH, NC Advisory Oy, NC Advisory (UK) LLP, Nordic Capital Investment Advisory AB, Nordic Capital Investment Advisory A/S, Nordic Capital Investment Advisory AS, Nordic Capital Investment Advisory GmbH, Nordic Capital Investment Advisory Oy, Nordic Capital Investment Advisory LLP, Nordic Capital Investment Advisory LLC and Nordic Capital Operations Advisory AB.
NCL is the sole or, along with a Controller, the joint data controller and is/are responsible for your personal data. Information which is collected as a result of your use of this website will be the responsibility of NCL, who will act as data controller in relation to your personal data. If you deal with any of the Vehicles and/or Entities as an investor or as a prospective investor, then the general partner of that Vehicle and/or that Entity or that Entity itself will be responsible for the processing of your personal data and will act as data controller or joint controller.
What personal data does Nordic Capital collect?
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you, including:
- Identity Data, which includes title, name, marital status, gender, nationality, date of birth, username or similar identifier, as well as copies of identity documents (for example, passport, national ID card, driver’s license, employee identification numbers);
- Contact Data, which includes address, email address, telephone numbers as well as copies of proof of address documentation (for example, copies of utility bills or bank statements);
- Financial Data, which includes bank account details and may include source of wealth, including details of your tax residency;
- Transaction Data, which includes details about payments to and from you;
- Technical Data, which includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;
- Usage Data, which includes information about how you use our website or access other online platforms that are provided to you (for example, the Intralinks Inc. (Intralinks) system); and
- Marketing and Communications Data, which includes your preferences in receiving marketing from us and our third parties, and your communication preferences.
The above list is not exhaustive and is provided for convenience only. We may also collect and process personal data to the extent necessary or useful for the provision of the services we provide.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data), nor do we collect any information about criminal convictions and offences (other than information which is already in the public domain and is provided to us by third party providers, including World-Check).
How does Nordic Capital collect personal data?
We use different methods to collect personal data, including:
Information that is provided directly to Nordic Capital
We may collect personal information from prospective investors, intermediaries and other business partners for the purposes of establishing a business relationship with you in respect of a Nordic Capital fund, entering into contractual relationships, and/or to otherwise satisfy our legal or regulatory obligations.
Information obtained from third parties
We also collect and process information from a variety of publicly available sources, such as the internet, social media and commercial registries. We may also undertake background checks (using providers such as World-Check).
In addition, we may receive personal data in connection with legal requirements that are applicable to us, or from third parties in connection with the services we provide.
How do we use your personal data once collected?
We will only use your personal data when applicable laws allow us to. Typically we will use your personal data in the following circumstances, for the following purposes and pursuant to the following legal bases:
1. where we need to do so in order to perform a contract to which you are party, or to comply with a request you have made prior to entry into a formal contract with us, including;
- to manage or administer your commitments and/or interests and any related accounts on an ongoing basis;
- to administer and operate the Entity;
- to verify the identity of the Controller or the Entity in connection with any actual or proposed investments of the Entity and/or for any purpose which the Controller or NCL considers is necessary or desirable to further the interests of the Controller, NCL or the Entity;
- risk management and risk controlling purposes relating to the Controller, NCL or the Entity or any entity in the same group as the Controller, NCL or the Entity; and/or
2. for direct marketing purposes (e.g. to inform you of new investment opportunities);
3. where it is necessary for our legitimate business interests (or those of a third party) and your interests and fundamental rights do not override those interests, including
- to carry out statistical analysis or market research;
- to help detect, prevent, investigate, and prosecute fraud and/or other criminal activity, and share this data with our legal, compliance, risk and managerial staff to assess suspicious activities;
- to investigate and respond to any complaints about us and to help maintain service quality and train staff to deal with complaints and disputes.; and/or
4. where we need to comply with our legal and/or regulatory obligations, for example:
- to comply with in-house procedures and statutory/regulatory requirements applicable to the Controller, NCL or the Entity (including under appropriate anti-money laundering legislation and customer due diligence verification purposes);
- if required in order to comply with FATCA, CRS or as otherwise required by law, disclose details of your name, address, taxpayer identification number (TIN) or perform a contract with you concerning the accounts held by you (including the total gross amount paid or credited); and/or
5. for any other specific purpose to which you have given your consent.
Disclosure of personal data
We may disclose or transfer personal data to other entities within Nordic Capital insofar as we deem it necessary for the proper performance of the services NCL or the Controller provides to you, for bona fide compliance purposes as well as on the other basis as set out within this Privacy Notice.
In addition, we may disclose or transfer personal data to subcontractors (including, but not limited to, our corporate administrators, our bankers and other service providers) where it is necessary for the proper performance of the services that we provide to our clients, and may disclose or transfer personal data to competent authorities in order to comply with our legal and/or regulatory obligations.
International data transfers
We may process, store or transfer (in hard copy and/or electronically) your personal data anywhere in the world, including countries outside the European Economic Area. We may transfer personal data to a Non-Equivalent Country (as defined below), in order to fulfil the purposes described in this Privacy Notice and in accordance with applicable law, including where such transfer is a matter of contractual necessity to perform and administer the services NCL or the Controller provides to you, and to implement requested pre-contractual measures. For information on the safeguards applied to such transfers, please contact NCL. For the purposes of this Privacy Notice, “Non-Equivalent Country” shall mean a country or territory other than (i) a member state of the European Economic Area; or (ii) a country or territory which has at the relevant time been decided by the European Commission in accordance with DP Laws to ensure an adequate level of protection for personal data.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will process and store your personal data for as long as our business relationship continues, or for the duration of provision of services to you by us.
We may also store that data for as long as necessary in order to comply with our legal, compliance, contractual or other regulatory obligations or in connection with the establishment, enforcement or defense of any legal claims.
You have the right to:
- access your personal data;
- correct your personal data where it is inaccurate or incomplete;
- restrict under certain circumstances the further processing of your personal data;
- ask for erasure of your personal data under certain circumstances;
- object to the use of your personal data (including direct marketing purposes); and
- ask for personal data portability under certain circumstances.
Further, you may at your discretion refuse to communicate personal data to the Controller or NCL or object to some processing of your personal data. There are, however, situations where the Controller or NCL can refuse to comply with such a request. For example, where it is subject to a legal or contractual obligation to process the data. There may, however, be implications in respect of your holding of interests in the Entity until such time as the requisite data has been provided. Where the processing is based on consent, the withdrawal of consent shall not affect the lawfulness of processing for other reasons and based on other grounds where this is permitted under applicable law.
You may exercise your rights by contacting:firstname.lastname@example.org.
Third party websites
You have the right to make a complaint at any time to the Data Protection Authority (the Jersey supervisory authority for data protection issues): Tel +44 (0)1534 716530 or at www.JerseyOIC.org. We would, however, appreciate the chance to deal with your concerns before you approach the Data Protection Authority, so please contact us in the first instance.
Changes to Privacy Notice
NCL and each Controller reserves the right to update this Privacy Notice at any time, and will ensure that any update to this Privacy Notice is made available on this website. We encourage you to regularly review this and any updated Privacy Notice to ensure that you are always aware of how personal data is collected, used, stored and disclosed. We may also notify you in other ways from time to time about the processing of your personal data.
Our full contact details are:
Name or title of contact: The Administrator
Email address: email@example.com
Postal address: 26 Esplanade, St Helier, Jersey, Channel Islands, JE2 3QA