OSMOSIS INVESTMENT MANAGEMENT NL B.V. (“Osmosis”)

Privacy Statement Introduction

Osmosis is committed to protecting your personal data and we will keep your personal data confidential unless we are required to disclose it by law or regulation. This privacy statement explains what information we collect from you, how we use any information, who we may share it with and why, your rights about the information you have given to us and the way we protect your privacy.

Use of Personal Data

We use personal data in the following cases:

1. a) Contractual – to fulfil our contract with you – it is necessary to provide the product or service you have requested
   b) Legal Duty – to meet our legal or regulatory obligations
   c) Legitimate Interests – when Osmosis has a business or commercial reason to use your information which does not unfairly use this information against your best interests
   d) Consent – clear unambiguous and informed consent to using your personal data

Osmosis uses Personal Data to provide services and comply with regulatory requirements, and to ensure you are fully informed of Osmosis services and service developments. If Osmosis wants to use Personal Data for other purposes it will seek your affirmative consent in advance and give an explanation of why it wants to use the information and for what specific purpose. If you do not wish us to collect and use your personal data in this way, inform us of your wishes we will not use your personal data.

Types of Personal Data collected by Osmosis

The information we may collect about you:
• Name, address, date of birth and contact details,
• Title, status and history,
• National Identifiers e.g. HMRC reference, National Insurance number,
• Documents in different formats or copies of them e.g. passport, bank,
• Contact details re meetings, phones calls, emails and letters.

Disclosure of Personal Data

UK-based financial services firm Osmosis (Holdings) Limited (“Osmosis Group”) is the parent undertaking of Osmosis. We may share your personal data with companies within the Osmosis Group of companies and with agents and advisers who we use to help run your accounts and services. We never sell your details to other organisations or individuals. We will process your information lawfully and keep your information safe and secure.

International Data Transfer

All your information is processed within the EEA. We will only send your data outside the EEA to:
• Follow your instructions,
• Comply with legal requirements,
• Work with our agents and advisers to provide our services to you.

Personal data will only be transferred outside the EEA if the country offers an appropriate level of data protection or by using appropriate safeguards like standard contractual clauses. 

Protection of Personal Data

Osmosis complies with its obligations in taking information and system security seriously at all times. We have stringent controls in place to help protect Personal Data and to minimise loss or damage through accident, negligence of deliberate actions. Our employees receive annual training to help protect sensitive or confidential information. Our security controls are in line with industry standards, which, together with its internal data security policies and procedures, enables Osmosis to maintain all required confidentiality, integrity and availability of your information.

Personal Data Retention

We will keep your personal data for the duration of the client relationship. After the relationship has ceased we may keep your data for up to 7 years to meet our legal or regulatory obligations.

Your Rights Under GDPR

You have the following rights in relation to how Osmosis uses your personal data:
• Right to be informed. You have the right to be informed about the collection and use of your data, why and who we share it with – we do this in our Privacy Statement,
• Right of access. You have a right of access to your personal data, you can

receive a copy of the personal data we process of you,
• Right to rectification. You have the right to have your personal data rectified if it is inaccurate or incomplete,
• You can ask for your information to be deleted or removed if there is not a compelling reason for Osmosis to continue to have it,
• Right to restrict processing. You have the right to request to block or suppress the processing of personal data for certain reasons. If your request meets the necessary conditions for restriction it means that we are still permitted to keep your personal data – but only to ensure that we don’t use it in the future for those reasons you have restricted,
• Right to data portability. You have the right to ask for a copy of your personal data for your own purposes to use across different services. In certain circumstances, you may move, copy to transfer the personal data we hold to another company in a safe and secure way,
• Right to object. You have the right to object to Osmosis processing your personal data where: it’s based on legitimate interest of the performance of a task in the public interest/exercise of official authority (including profiling), if we did direct marketing and if we were using scientific/historical research and statistics,
• Rights related to automatic decision making including profiling. Osmosis does not currently use any automatic decision making or profiling processes.

You can exercise your rights by contacting the email address below.

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. When someone visits www.Osmosisim.com/nl we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way, which does not identify anyone. We do not attempt to find out the identities of those visiting our website (www.Osmosisim.com/nl/). We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal data and will explain what we intend to do with it.

Complaints

If you have a question or complaint regarding the handling of your personal data you can contact us at [email protected]

You can also contact the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). Their contact details can be found on their website www.autoriteitpersoonsgegevens.nl