Privacy notice – Artemis Funds (Lux)
This notice was updated in March 2024 following changes to the Artemis Cookie Policy and international data transfers.
The following privacy notice (the “notice”) is issued by Artemis Funds (Lux), referred to in this notice as "we", "our", or "us".
Please note that a separate privacy notice is issued by Artemis Investment Management LLP and any holding company or subsidiary company (including but not limited to Artemis Fund Managers Limited) as defined in section 1159 of the Companies Act 2006; view the Artemis Investment Management LLP privacy notice.
We are compelled to comply with all applicable laws and regulations relating to the processing of personal data and privacy, including (but not limited to) relevant local data protection legislation and the EU’s General Data Protection Regulation (the “Data Protection Legislation”).
We act as data controller in respect of the processing of the information we gather about you.
In this policy, “personal data” includes any data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of, Artemis Funds (Lux) or its representatives or service providers. We collect and use personal data and where applicable this may include information related to your spouse/partner, directors, partners and owners (your “representatives”).
Certain personal data is considered particularly sensitive and is subject to stricter rules regarding its processing. These categories of personal data are referred to as “special category data” and include any personal data relating to the racial or ethnic origin of the data subject; their political opinions; their religious (or similar) beliefs; their physical or mental health condition; details of criminal offences or criminal convictions (including the commission or alleged commission of any offence, any proceedings for any offence committed or alleged to have been committed and the disposal of such proceedings or the sentence of any court in such proceedings) and genetic and biometric data.
This notice applies to any personal data we receive from you, create or obtain from other sources and explains how it will be used by us. It is important that you take the time to read and understand this notice so that you understand how we will use personal data and your rights in relation to the personal data we may gather about you.
If you fail to provide certain information when requested, we may not be able to perform any contract we may have with you, or we may be unable to deal with you.
If you have any questions regarding our use of personal data or this notice, including any requests to exercise your legal rights, you can contact our Privacy Officer using the details in the “Contact us” section below.
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the European Union, you have the right to lodge a complaint with the competent supervisory authority (in Luxembourg this is the Commission Nationale pour la Protection des Données – www.cnpd.lu (opens in a new window)). We would, however, appreciate the opportunity to deal with your concerns before you approach the relevant data protection authority, so please contact us in the first instance.
Personal data that we collect from you
We will collect and use the following personal data about you and your representatives:
Information you give us
- This is information about you (and your financial adviser/representative or beneficial owner which may include a child for whom you have parental responsibility, if applicable,) that you (and/or your financial adviser/representative, if applicable) give us by filling in forms or by corresponding with us by phone, e-mail, electronic messaging, voice and/or video conferencing or otherwise. The information you give us may include your name, address, e-mail address and phone number, financial and debit card information, credit history, identification records.
Information we collect or generate about you and your representatives
- We (or third parties acting on our behalf) sometimes record telephone conversations, electronic messaging and voice and/or video conferencing and monitor email communications to resolve complaints, improve our service and in order to comply with our legal and regulatory requirements. We generate data to improve our service, to manage, administer and take decisions about your account, and to help us market our products. The information we capture in this way may include your name, address, e-mail address and phone number, financial and debit card information, credit history and identification records.
Information we receive from other sources
- Verifying your identity – we will use information provided by third parties (e.g. fraud prevention agencies) when verifying your identity and when carrying out anti money laundering checks. Such information may include some details about any criminal convictions and any allegations regarding criminal activity that relate to you, as well as details of your status as a politically exposed person. It may also include your nationality and identification records (e.g. passport information).
- Cookies - when you visit the Artemis website, cookies are used to collect information about the services that you use, and how you use them. These are used to monitor and improve our services, and may be used to help us market our products to you. For more information on the cookies used by Artemis please see our Cookie Policy on our website.
- Intermediaries – we may receive information from dealers, brokers and introducers for the purposes of entering in to and administering your agreement. This may include your name, address, e-mail address and phone number, financial and debit card information, credit history and identification records.
- Public databases – we may obtain information about you from public databases.
For the avoidance of doubt, in the case of institutional investors, personal data includes personal data of individuals linked to such institution.
When you are no longer our client, we continue to process your information as described in this notice, subject to our record retention policies and applicable law.
Purposes for which we process your personal data and the legal grounds for this
We may process your personal data in line with one of the following legal bases:
- in order to perform our obligations under our contract with you, such as:
- managing your investments and administering your account(s);
- verifying your information, including your identity as part of our client onboarding process;
- to communicate with you in order to provide you with services or information about Artemis and our products and services; and
- to make payments or distributions.
- where we have obtained your consent, such as:
- to send promotional information about our products and services via the methods you specify (to the extent such consent is required by law); and
- to allow events and webinars to be delivered.
- to comply with our legal and regulatory obligations, such as:
- to fulfil our legal, regulatory, and compliance obligations, including identity verification, know your client (KYC), terrorist financing, anti-money laundering, and sanctions checks;
- to respond to governmental (including tax authorities) and regulator inquiries or examinations, court orders and legal investigations; and
- to establish, exercise or defend our legal rights and / or for the purpose of (or in connection with) legal proceedings.
- the use of personal data is necessary for our legitimate business interests, such as:
- allowing us to effectively and efficiently manage and administer the operation of our business;
- maintaining compliance with internal policies and procedures;
- marketing our products and services (where consent is not required);
- for ongoing review and improvement of the information on the Artemis Website, analysing the data of visitors to our site and capturing metrics about the journey of users within our site, and preventing any potential disruptions or cyber-attacks;
- enforcing the terms and conditions of any agreement we have with you; and
- the recovery of outstanding debts from you;
We will only use personal data for the purposes for which we collected it or as otherwise described in this notice.
Sharing personal data
We may disclose personal data to third party service providers in the circumstances described below:
- to ensure the delivery of products or services to you;
- to ensure the safety and security of our data; and
- for internal research and statistical analysis purposes.
We will take steps to ensure that the personal data is accessed only by personnel that have a need to do so for the purposes described in this notice.
We may also share personal data:
- in order to enforce or apply the terms of use and other agreements you have with us;
- with an insurer or insurers for administration, claims handling and fraud prevention (which could include passing it to other insurers);
- with any broker or introducer of an agreement with us;
- with tracing and repossession agents;
- if we sell any of our business or assets, in which case we may disclose personal data to the prospective buyer for due diligence purposes;
- if we are acquired by a third party, in which case personal data held by us about you will be disclosed to the third party buyer; and
- with third party agents for the purposes of providing services to us.
These third parties will be subject to confidentiality requirements and they will only use personal data as described in this privacy notice.
We may also share personal data to the extent required by law, for example if we are under a duty to disclose personal data to comply with any legal obligation (including disclosures made to tax authorities, regulators, credit agencies and company registrars), and to establish, exercise or defend our legal rights.
Transfer of personal data outside the European Economic Area
On 28 June 2021, the EU Commission announced that it had ruled that the UK’s data protection regime is adequate under the EU’s General Data Protection Regulation. The UK government has also adopted adequacy regulations in relation to the EU/EEA regime. This means that most data can continue to flow between the UK and the EU / EEA without the need for additional safeguards. The majority of the information you provide to us will be transferred to and stored on secure servers in the European Economic Area. However, from time to time personal data may be transferred to, stored in, or accessed from a destination outside the EEA, including the USA. It may also be processed by authorised staff operating outside of the EEA who work for one of our suppliers.
Where we transfer your personal data to another country, we will ensure that it is protected and transferred in a manner consistent with legal requirements that are as robust as those in the EU. In relation to data being transferred outside of the EEA, for example, this may be done in one of the following ways:
- Adequacy Decisions - the country that we send the data to might be approved by the EU as providing ‘adequate’ protection for people’s rights and freedoms in respect of their personal data;
- EU Standard Contractual Clauses - in the absence of an EC adequacy decision, Standard Contractual Clauses (SCCs) can be used which the sender and the receiver of the personal data can both sign up to. These clauses comprise a number of specific contractual obligations designed to provide legal protection to individuals when their personal data is transferred to ‘third countries’; and
- The recipient of the data might be a signatory to binding corporate rules; or
- Other safeguards, which may include:
- Approved codes of conduct;
- Approved certification mechanisms; and
- Legally binding and enforcement instruments between public authorities or bodies.
You can obtain more details of the protection given to your personal data when it is transferred internationally by contacting us in accordance with the “Contact us” section below.
How long we keep personal data
How long we hold personal data for will vary. We will only retain personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider:
- the amount, nature, and sensitivity of the personal data;
- the potential risk of harm from unauthorized use or disclosure of your personal data;
- the purposes for which we process personal data; and
- whether we can achieve those purposes through other means, and the applicable legal requirements.
Your rights
You have a number of rights in relation to the personal data that we hold about you. These rights include:
- the right to obtain information regarding the processing of personal data and access to the personal data which we hold about you;
- the right to withdraw your consent to our processing of personal data at any time. Please note, however, that we may still be entitled to process personal data if we have another legitimate reason (other than consent) for doing so;
- in some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;
- the right to request that we rectify personal data if it is inaccurate or incomplete;
- the right to request that we erase personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase personal data but we are legally entitled to retain it;
- the right to request that we restrict our processing of personal data in certain circumstances. Please note that there may be circumstances where you ask us to restrict our processing of personal data but we are legally entitled to refuse that request;
- the right to object to our processing of personal data where we process personal data in line with our legitimate business interests. Please note that there may be circumstances where you object to our processing of personal data but we are legally entitled to refuse that request;
- the right to object to any automated decision making (including profiling) which we conduct based on personal data, which significantly affects you. Please note that there may be circumstances where you object to us conducting automated decision making but we are legally entitled to refuse that request;
- the right to object to the processing of personal data for direct marketing purposes; and
- the right to lodge a complaint with the data protection regulator (as detailed below) if you think that any of your rights have been infringed by us.
You can exercise your rights by contacting us using the details set out below.
You can find out more information about your rights by contacting the data protection regulator, Commission Nationale pour la Protection des Données – www.cnpd.lu.
Changes to our privacy policy
We keep our privacy policy under regular review. Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
Contact us
Please contact us if you have any questions about our privacy policy or personal data we hold about you:
- Write to us at: Artemis Investment Management LLP, Cassini House, 57 St. James's Street, London, SW1A 1LD
- By telephone on +44 (0)20 7399 6000
- By email to [email protected]