PROTECTION OF YOUR PERSONAL DATA
This memorandum is intended to inform you about the processing of your personal data. It explains why and how we collect information about you, how we protect it and how long we keep it. It also informs you of your rights.
Please read the following carefully. By submitting information by post, email or via the online form available on the ADEPA website, you acknowledge that you have read and understood the contents of this memorandum.
1 Who is the controller
We, ADEPA Global Services SA, and the companies belonging to our group of companies, (hereafter “ADEPA”), having our registered office at 6A, rue Gabriel Lippmann L-5365 MUNSBACH and registered with the Trade and Companies Register of Luxembourg under number B158609, process the personal data provided to or collected by us.
We act as the controller insofar as we take the decisions within the Group on the purposes and means of the processing of personal data.
In some cases, personal data may be processed on behalf of us by our services providers or by our subcontractors in their capacity as processors.
2 What personal data we collect
The personal data referred to in this memorandum relates to visitors of our Website, our prospective clients and clients including any authorised representatives, proxy holders, beneficial owners and/or any other related persons.
In general, we will collect, receive, store and process the following information:
- Identification data, such as name, date of birth, contact details, country of residence, nationality, passport, identity card, tax identification number.
- Electronic identification data, such as IP addresses, cookies, traffic data.
- Banking and financial data, such as financial identification, financial situation, ability to bear loss, investment objectives or preferences.
- Qualifications and occupation, such as curriculum vitae, employer, function, title, place of work, work history.
- Criminal record extract.
- Images, such as copies of identification documents.
Please note that to enter into or maintain a business relationship with us, you will be required to provide us with certain mandatory personal data. You are free to give this information or not. If you communicate them, you consent to us using them. Failure to supply any of the personal data that we may request might prevent us from entering into or maintaining a business relationship.
3 Are sensitive data collected
We may have to collect, process or store data considered as sensitive as follows:
- Political opinions;
- Religious or philosophical beliefs;
- Trade union membership;
- Data concerning sex life and sexual orientation; and
- Biometric data.
Indeed, processing of some of these sensitive data is necessary for the purposes of carrying out the obligations of ADEPA in the field of anti-money laundering and terrorism financing regulation.
Please note that if you decide to voluntarily disclose unsolicited sensitive data from us, you consent to the processing of such data by us.
4 What are the purposes of the data processing
Personal data may be processed where necessary:
- For the performance of a contract to which the data subjects is party or in order to take steps at the request of the data subject prior to entering into a contract.
- For compliance with legal and regulatory obligations to which we are subject. This concerns in particular regulations on markets in financial instruments (MiFID) and on Anti-Money Laundering and Combatting the Financing of Terrorism (AML/CTF). This also concerns our obligations of cooperation with local and foreign authorities when required by law.
- For the purposes of the legitimate interests pursued by us or by a third party as including the processing of personal data for the establishment of secure access to our premises and for having a global overview of our clients and of their needs.
- When you have given your explicit consent to the processing of your personal data for one or more specific purposes e.g. to receive marketing material or recommendations of services that might be of interest to you.
Please note that you have the right to withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of the processing of the personal data before the withdrawal.
5 Who are the recipients of your personal data
We may disclose personal data to the following data recipients, depending on the purpose of the processing of the personal data:
- Other internal departments and/or ADEPA group entity: for outsourcing purposes, for establishing the business relationship with you and complying with our legal and regulatory requirements.
- Services providers: for outsourcing purposes and transactions operations.
- Local competent authorities: for being compliance with applicable law or regulation.
- An US Company which is on the Privacy Shield List, for commercial purposes.
6 How long we may keep personal data
All personal data must be stored by us only for the time necessary for the achievement of the purposes referred to under point 4 i.e. for the whole duration of our contractual relationship with you, plus the legal prescription periods during which you or we require such information for the exercise or defence of a legal claim.
7 What are your rights
In accordance with the applicable data protection regulation, you have the following rights:
- Right of access to your personal data and to information concerning the processing of your personal data by ADEPA;
- Right of rectification of your inaccurate personal data;
- Right of erasure (‘right to be forgotten’);
- Right to restrict processing for legitimate reasons;
- Right of data portability in order to transmit your personal data to another controller;
- Right to object to processing of your personal data for legitimate reasons.
For any request for information concerning the processing of personal data by ADEPA or if you wish to exercise your rights, you can contact the Chief Compliance officer of ADEPA by post at the following address : 6A, rue Gabriel Lippmann, L-5365 Munsbach or by Fax: (+352) 26898051.
8 What is the competent data protection authority
After contacting us, if you believe that your data protection rights have been infringed by us, you have the right to complain to the competent data protection authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.
The competent data protection authorities are the following:
- in Luxembourg is “Commission Nationale pour la Protection des Données” (CNPD) at https://cnpd.public.lu/fr/index.html
- in Italy: “Garante per la Protezione dei Dati Personali”
- In Spain: “Agencia de Proteccion de Datos”
9 How we update or change this memorandum
We may change or update parts of this memorandum in order to maintain our compliance with applicable law and regulations, or following an update of our internal practices. When we change this memorandum, we will publish the updated version on our website. Please check this memorandum regularly.
1 You are connected to the website of
Adepa Global Services
6A rue Gabriel Lippmann
Adepa Global Services is a public limited company governed by Luxembourg law, registered under number 158609 with the Luxembourg Trade and Companies Register.
Director of publication: Adepa Global Services.
2 Aim of the website:
The aim of this website is to present Adepa Global Services (hereinafter “Adepa”), its subsidiaries or affiliates and its activities.
The current website is designed to provide information for Adepa’s clients and persons who are not clients of Adepa. The information published on this website is provided for information purposes only.
3 Website content:
Adepa reserves the right to change the content of the site or restrict its access, whenever it deems it suitable.
Adepa provides no guarantee that this information is accurate, reliable, up-to-date or complete. Adepa shall not be liable for any damage resulting from the use of this information.
This website contains information made available by external companies or hypertext links to other sites that have not been developed by Adepa. The existence of links to another website shall neither constitute an approval, nor guarantee of the content or the ownership of this other website.
The creation of hypertext links to this website shall be subject to the express prior agreement of Adepa.
Adepa does not accept, under any circumstances, any responsibility for hypertext links from the current website to other websites.
All users are reminded that secrecy with regard to communication over the internet is not guaranteed and that they must take appropriate steps to ensure that their data and/or software are protected from viruses.
Adepa shall not be held responsible if the Client is subject to a phishing attack resulting in the disclosure of confidential information.
Any reproduction or representation, in whole or in part, of the pages, data and any other element making up the site, by whatever process or tool, is forbidden and subject to the express permission of Adepa. Failure to do so shall be considered an infringement of copyright.
Access to the website is free with the exception of the costs of internet access (internet providers and telephone communication), which are billed directly to the client by the operator.
Applicable law and competent jurisdictions:
This website, as well as relations and transactions pertaining to it, is governed by Luxembourg law. Adepa undertakes to respect Luxembourg laws and regulations applicable to the use of a website.
All litigation with respect to the current website shall be submitted to the exclusive jurisdiction of the Courts of the Grand Duchy of Luxembourg.
Any access to this website shall be considered to have taken place at the head office of Adepa at the date and time shown on the Adepa server, with the connections log serving as proof of these.