About
Posts
Markets
Contact

GDPR Privacy Notice

Updated on

This GDPR Privacy Notice (“Notice”) has been revised and is effective as of the date above and will remain in effect except for future changes to its terms. The management of Quantum Rise osoba rizikového kapitálu s.r.o may amend this Notice anytime. Investors will be notified about material changes. However, they are encouraged to review this Notice periodically to stay informed about how the Management Company Quantum Rise (“Company”) processes and protects personal data.

QUANTUM RISE, osoba rizikového kapitálu s.r.o. Registered under the Laws of the Czech Republic on 19.08.2020 with the Registration Number 09427261.

FOLLOWING THE SECTION 15(4)(A)(6) OF ACT NO. 240/2013, QUANTUM RISE, OSOBA RIZIKOVÉHO KAPITÁLU S.R.O. IS NOT SUBJECT TO SUPERVISION BY THE CZECH NATIONAL BANK.

The Company manages assets on a commercial or similar basis, consisting of accumulated monetary funds or assets assessable in monetary terms from the Investor or acquired for such monetary funds or assets assessable in monetary terms, for their collective investment based on a defined strategy for the benefit of the Investor, as defined in Article 15 (1) of The Act No. 240/2013 on Investment Companies and Investment Funds (Act No. 240/2013).

According to Article 15(4) of Act No. 240/2013, the Company may collect monetary funds or assets assessable in monetary terms only from an Investor who invests through the Company monetary funds or assets assessable in monetary terms corresponding to an amount of at least 125,000 EUR, and about whom the Company can reasonably assume, that this investment corresponds to the Investor’s financial background, investment objectives, and expertise and experience in the field of investments, and the Investor confirms these facts in writing.

This Notice provides the necessary information about your rights and our obligations and explains how, why, and when Quantum Rise processes your personal data.

Please read this Notice carefully, as it becomes legally binding when interacting with the Company. The Company takes the privacy and protection of your data very seriously. It is committed to handling the personal information of those it engages with responsibly and in a way that meets the legal requirements of the Czech Republic.

This Notice applies to you if:

  • You are a Natural or Legal Person (“Investor”) concluding the Asset Management Agreement – this applies both for Investors who have already concluded the Asset Management Agreement and for Investors who are willing to proceed with the signing of the Asset Management Agreement (“Prospective Investors”).
  • Your personal data has been provided to the Company by another person in connection with an application for the Asset Management Agreement signing or in the case when you provide or are going to provide the Company with any services related to the activities of the Company (for example, if you are a director, partner, trustee, employee, agent or direct or indirect owner of any counterparty).
  • The Company otherwise uses your personal data.
  • You are an applicant for a position within the Company.
  • You are a data subject. The GDPR defines “data subjects” as “identified or identifiable natural person(s)”. In other words, data subjects are only individuals from whom or about whom the Company collects information about its business and operations.

Information we collect / Information you provide to us

We process your personal data to comply with our legal, statutory, and contractual obligations and to provide you with our products and services. We will never collect unnecessary personal data from you and will not process your data in any way other than as set out in this Notice.

The personal data we collect from you

  • Personal Data include first name, last name, date of birth, photograph, passport details, CV, contact details, bank details, signature, investment history, etc.
  • Residential Address Confirmation such as a utility bill, bank statement, or tax bill.
  • Forms that include employment details, net worth, annual income, and any information and evidence within the scope of local regulatory requirements to interpret the Economic Profile and Suitability Assessment of Prospective Investors.
  • Tax identification number and country of taxation for CRS /FATCA purposes.

We may also process

  • Information we collect or generate may include information relating to your (or the Natural or Legal Person you represent) investments, emails (and related data), call records, website usage data, and messages sent through our Website.
  • Information we receive from other sources, such as information we receive for the purposes of our Know Your Client (KYC) procedures (which include anti-money laundering, counter-terrorist financing, counter-proliferation financing procedures, and politically exposed person and sanctions checks), information from public websites and other public sources and information we receive from your advisers or intermediaries.

Personal data is defined under the GDPR as any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The Data Protection Act similarly defines personal data.

Any personal data collected by us during the interaction between you and us will be processed under the GDPR (and the relevant regulatory framework incorporating the GDPR domestically) and, where applicable, Data Protection Law.

How we collect the information

  • Through the documents and forms provided by Prospective Investors to us.
  • In face-to-face meetings with Prospective Investors, where applicable.
  • Electronic and hard copies, in plain written form or certified/notarized/apostilled.
  • From third parties with whom we have a contractual relationship.
  • We only ask for personal information that we are required to collect by our legal obligations and relevant to your specific requests to provide our services.
  • Further details are contained in our complete Personal Data Protection Policy.

You are required to provide true, complete, and accurate information and to keep it up to date. If you doubt your personal information, please feel free to contact us in any way that is preferable to outline the issue. We will take all reasonable steps to ensure that any inaccurate data relating to the purposes for which it is processed is deleted or rectified without delay.

We may retain information and data relating to your bank account, credit/debit card details, or other payment account information following the requirements of the law.

How we use your personal data

We take your privacy very seriously and will never disclose, share, or sell your data without your consent unless required by law. We only retain your data for as long as necessary and for the purpose(s) specified in this Notice. If you consent to us providing you with promotional offers and marketing, you can withdraw this consent anytime.

The purposes and reasons for processing your personal data

  • We collect, store, and process your personal data to assess and process applications for the Asset Management Agreement signing, including carrying out know-your-client procedures, ongoing working, receiving payments from and making payments to the Investors, calculating the Net Asset Value and monitoring these processes.
  • We collect, store, and process your personal data to reach an agreement with us or for any interaction.
  • We collect, store and process your personal data as part of our legal obligations for business accounting, tax purposes, audit purposes, and any legal or regulatory obligations or industry standards arising from our licenses or registrations as regulated entities.
  • We may occasionally send marketing information to you that we have deemed beneficial to you as a customer and in our interests. Such information will not be intrusive and will be processed based on legitimate interests to adequately monitor and update customer information following local legislation and providing better quality services.

Your rights

You have the right to access and request information about any personal data we process about you:

  • The personal data we hold about you.
  • The purposes of the processing.
  • The categories of personal data concerned.
  • The recipients to whom the personal data has been/will be disclosed.
  • The time period we intend to retain your personal data.
  • If we have not collected the data directly from you, information about the sources.

If you believe that we have incomplete or inaccurate information, you have the right to ask us to correct and/or complete it. We will endeavour to do so as soon as possible unless there is a good reason not to, in which case you will be notified.

You also have the right to request the erasure of your personal data or to restrict processing (where applicable) according to data protection laws; similarly, you may object to any direct marketing from us. Where applicable, you have the right to data portability and the right to be informed about any automated decision-making we use.

If you request to exercise any of the above rights, we may ask you to verify your identity before we comply; this is to ensure that your data is protected and kept secure.

Sharing and Disclosure of Your Personal Information

We will not share your personal information without your consent except for the purposes set out in this Notice or where there is a legal obligation to do so. If necessary, we may share your personal information with third parties to conduct the working process or if required by law.

When we share personal information, we do so following data protection laws. Sharing your personal information with third parties may result in transferring your personal information outside of the European Union.

We use third parties to provide the services and business functions set out below; however, any processors acting on our behalf will only process your data following our instructions and fully comply with this Notice, Data Protection Laws, and all other relevant confidentiality and security measures. Neither party (Data Subject and/or Data Controller and/or Data Processor) will disclose any information unless strictly necessary following the law or business operations.

Personal information may be disclosed to

  • Affiliates (such as brokers, accountants, legal advisors, consultants, tax advisors, etc.) to provide services, fulfil regulatory and legal requirements, and increase the quality of services provided.
  • Regulated banking/credit institutions with whom we work to provide services to Investors.
  • Regulatory authorities and agencies, including but not limited to Czech National Bank (Česká Národní Banka), Financial Analytical Office, tax authorities, etc., to comply with applicable laws and regulations.
  • For Investors, we may provide information to our appointed custodian for purposes of compliance with applicable laws and regulations.

AML Act Purposes

Act No. 253/2008 Sb. of 5 June 2008 on the Selected Measures against Legitimisation of Proceeds of Crime and Financing of Terrorism (hereinafter the „AML Act“), adopted at the national level, sets the basic rules for combating money laundering and terrorist financing.

The processing of personal data for the purposes of the AML Act is subject to the provisions of the Processing of Personal Data Regulation (EU) 2016/679 of the European Parliament and the Council on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 04.05.2016, pp 1–88), and such data must not be additionally processed in a manner that does not meet the purpose, for instance, for marketing purposes.

Thus, personal data submitted for the purposes of the AML Act shall be processed exclusively for the purposes of the AML Act.

The data subject’s right of access to personal data relating to him or her may be wholly or partially restricted if such restriction will:

  1. Enable the Company or Financial Analytical Office (FAÚ) to fulfil its tasks properly for the purposes of the AML Act; or
  2. Avoid obstructing official or legal inquiries, analyses, investigations, or procedures for the purposes of the AML Act and to ensure that the prevention, investigation, and detection of money laundering and terrorist financing is not jeopardised.

Measures to protect your data

We take your privacy seriously and take all reasonable steps and precautions to protect and secure your personal information. We work hard to protect you and your information from unauthorized access, alteration, disclosure, or destruction and have several layers of security measures in place, including restricted access to paper files and electronic files, firewalls, and anti-virus/anti-malware software.

Transfers outside the EU

We use some products or services (or parts thereof) that may be hosted/stored in the EU and/or in non-EU countries. Transfers of personal data to non-EU countries may be necessary for the performance of our activity and the interaction between you and us or for the performance of pre-contractual measures taken at your request. This means that we may transfer the data you provide to countries outside the European Economic Area (“EEA”), including to a jurisdiction that is not recognized by the European Commission as providing an adequate level of data protection, for the purposes of electronic storage of your personal data, brokerage services, operational services, legal services, marketing services.

Thus, when you provide us with your personal data and/or use our Website and/or send us an email and/or sign up for our newsletter, etc., the personal data you provide may be stored on servers hosted in the EU and/or non-EU countries. Where this is the case, we will take steps to ensure that these providers use the required level of protection for your data adhere to the strict agreements and measures we set out to protect your data and comply with relevant data protection legislation.

Consequences of not providing your data

You are not obliged to provide us with your personal data. However, the provision of personal data is a requirement for entering into an Agreement with us. Investors have a statutory and contractual obligation to provide and keep up-to-date and accurate personal data they provide to us. Failure to provide such data will not allow us to commence or continue the business relationship, as compliance with our legal obligations will be deemed impossible.

Legitimate Interests

As mentioned in the “How we use your personal data” section of this Notice, we may process your personal data on the legal basis of legitimate interests. Where this is the case, we have carried out a thorough Legitimate Interests Assessment (LIA) to ensure that we have balanced your interests and any risk to you against our own interests to ensure that they are proportionate and appropriate.

Personal data is processed under all applicable laws and regulations of the Czech Republic and the European Union. We are obliged to process personal data fairly and lawfully for specified, explicit, and legitimate purposes and to the extent that is relevant, proportionate, and not excessive concerning the purposes of the processing.

We use legitimate interests as the legal basis for processing your personal data to send you marketing information that we have determined to be beneficial to you as a customer and in our interest. We have determined that our interests are to monitor and update customer information according to local legislation and to provide better-quality services.

How long we keep your data

We retain personal data for the duration of the business relationship with an Investor and five (5) years after the termination of the business relationship unless otherwise requested by a competent authority, in line with the provisions of the applicable legislation.

We may keep personal data longer if we cannot delete it for legal or regulatory reasons. In particular, the retention of data is not limited in time in the case of pending legal proceedings or an investigation initiated by a public authority, provided that the Company is informed of the pending legal proceedings or the investigation initiated by a public authority within the retention period described hereinabove.

We only retain personal data for as long as required by applicable laws and regulations, and we have strict review and retention policies in place to comply with these obligations. Your data will be retained in electronic, paper, or both formats. When no longer required, it will be deleted or destroyed in accordance with applicable laws and regulations.

If you have consented to our using your data for direct marketing, we will retain that data until you inform us otherwise or withdraw your consent.

Marketing

We may occasionally send you information about products and services related to our activity or to interaction between you and us by email and/or post, which has been identified as beneficial to our Investors and in our interests. Such information will be relevant to you and will not be intrusive. You will always have the option to unsubscribe at any time using the opt-out/unsubscribe options or contacting us directly.

Submitting a complaint

We will only process your personal data following this Notice and in compliance with relevant data protection laws. However, if you wish to complain about the processing of your personal data or are dissatisfied with the way we have processed your data, you have the right to lodge a complaint with the supervisory authority (Office for Personal Data Protection of the Czech Republic).

Details can be found on the following website: https://uoou.gov.cz/en

Data protection officer

The GDPR requires the appointment of a data protection officer. The data protection officer is responsible for educating us and our employees about compliance, training staff involved in data processing, and conducting regular security audits. The data protection officer also serves as the point of contact between us and any supervisory authorities that oversee activities related to personal data. In addition, the data protection officer maintains comprehensive records of all data processing activities conducted by us and interfaces with data subjects to inform them about how their data is being used, their right to have their personal data erased, and what measures we have put in place to protect their personal data.

The data protection officer is reachable by the following contact details:

Email: info@quantumrise.eu
Address: Walterovo náměstí 985/6, Jinonice, 15800 Praha 5, Czech Republic.