PERSONAL INFORMATION COLLECTION STATEMENT
MCP ASSET MANAGEMENT COMPANY LIMITED (THE “COMPANY”)
The Company is committed to respecting your privacy in relation to the personal data we collect from you in the course of operating our business and our website and to complying with the Personal Data (Privacy) Ordinance (Cap 486) and other applicable data protection law, including in relation to our hedge funds business only (the “Hedge Funds Business”) the European Union’s General Data Protection Regulation (2016/679) (“GDPR”) and any statutory instrument, order, rule or regulation made thereunder, as from time to time amended, extended, re-enacted or consolidated (the “Data Protection Legislation”).
The purpose of this document is to provide you with information on the collection, use and disclosure of your personal data by the Company and your rights with respect to those personal data. In this document, “we”, “us” and “our” refer to the Company and its affiliates and delegates.
In relation to the Hedge Funds Business, the Company is a data controller for the purposes of the GDPR and more generally, the Company is responsible for ensuring that it uses your personal data in compliance with the Data Protection Legislation.
This document applies to you if (i) you are an applicant for shares in any fund or financial product offered to you through the Company’s products or services (ii) your personal data has been provided to us in connection with an application for shares in any fund or financial product offered to you through the Company’s products or services (such as where you are a director, partner, trustee, agent or direct or indirect owner of an applicant) or (iii) the Company otherwise uses your personal data in connection with the offering of its products or services.
YOUR PERSONAL DATA
The Company might process the following personal data about you:
USE OF YOUR PERSONAL DATA
The Company may collect, store and use your personal data for lawful purposes disclosed below:
DISCLOSURES OF PERSONAL DATA TO THIRD PARTIES
The Company shall take reasonable measures to ensure that your personal data is only accessible by those with a need for access to fulfil the purposes set out above. Where the Company is entering into an engagement with a third party pursuant to which data may be processed by that third party, we will seek to enter into an agreement with that third party setting out the respective obligations of each party and will seek to be reasonably satisfied that the third party has measures in place to protect data against unauthorized or accidental use, access, disclosure, damage, loss or destruction and in all circumstances, shall execute such contracts in line with requirements pertaining to such contracts within the Data Protection Legislation. Some of these third parties will process personal data in accordance with the Company’s instructions and others will themselves be responsible for their use of your personal data. These third parties may be permitted to further disclose the personal data to other parties.
TRANSFERS OF PERSONAL DATA OUTSIDE THE EUROPEAN ECONOMIC AREA
In the event that any such third party is outside the European Economic Area and where the data being transferred would include personal data which would be protected under applicable Data Protection Legislation in the European Union, we will ensure we meet the relevant requirements of that Data Protection Legislation prior to carrying out any such transfer.
For example, the recipient to which the personal data is transferred may:
You can obtain more details of the protection given to your personal data when it is transferred outside the EEA, including a copy of any standard contractual clauses entered into with recipients of your personal data, by contacting the Company using the details set out below under “Getting in Touch”.
RETENTION OF PERSONAL DATA
How long the Company holds your personal data for will vary. The retention period will be determined by various criteria, including the purposes for which we are using it (as it will need to be kept for as long as is necessary for any of those purposes) and legal obligations (as laws or regulations may set a minimum period for which we have to keep your personal data). After the retention period, we shall take appropriate steps to irretrievably delete or put beyond use any records containing your personal data, to the extent this is operationally feasible and proportionate.
YOUR DATA PROTECTION RIGHTS
Under the Data Protection Legislation, you have several legal rights in relation to the personal data that the Company holds about you.
In relation to the Hedge Funds Business where it offers goods or services to EU investors, you also have the following specific rights regarding the Company’s use of your personal data:
You can exercise any of the rights above by using the details set out under “Getting in Touch” below.
GETTING IN TOUCH
The Company is not required to appoint a data protection officer under the Data Protection Legislation. However, should you have any queries or wish to discuss your data protection rights with us, please contact our Legal and Compliance Department at email@example.com.
You can find out more about your rights listed under “Your Data Protection Rights” above by contacting an EU data protection regulator such as the UK’s Information Commissioner’s Office or the Irish Data Protection Commissioner by searching their website at www.ico.org.uk or www.dataprotection.ie.