Data protection policy

Accueil / Data protection policy

Our commitments

We protect your personal data

The security of your personal data is a priority. We use protective measures such as firewalls and encryption to ensure the security of your personal data.

We do not sell your personal data

We may transfer your personal data to our service providers in order to provide you with suitable products and services. They will only be used for the purposes agreed and accepted in advance, and not for commercial purposes.

We use your data to improve our products and services

We use your personal data to continually improve our services and offer you better investment products.

In this privacy statement, you will find more information about :

  • The personal data we collect and use
  • how we collect, use and transfer personal data within our company and with our business partners
  • your rights in relation to the personal data we hold about you
  • how to contact us if you have any questions about data confidentiality

We may amend this Data Protection Policy to keep it up to date with current regulatory and legal requirements, the way we do business or if we are required to do so by our regulator. We will always inform you of any significant changes in the way we use your personal data where this differs from the information we originally provided when the data was first collected. This information is important, so we have tried to make it easy to read.

SWEN Capital Partners is an Aéma Groupe company. When we mention “we”, “us” or “our”, we are referring to SWEN Capital Partners. For more information on the Aéma Group companies, please visit the Group’s website.

What personal data do we collect and use?

  • Section A applies to all personal data that we collect and use

  • Section B applies to specific product groups and describes in more detail the personal data we collect and use.

How we collect, use and transfer personal information

In accordance with the General Data Protection Regulation (also referred to as the “GDPR”) – Regulation EU 2016/679 of the European Parliament and of the Council of 27 April 2016 and the Loi Informatique et Libertés of 1978 as amended, we are committed to respecting and protecting your personal data.

What legal framework applies to the processing of your personal data?

We only use your personal data where we are permitted to do so by law or regulation (according to the legal framework defined by the law or regulation). In accordance with the regulations in force, our company has set up a register of processing activities to identify the data processing that we carry out and to manage the use of your data. We may process your personal data without your knowledge or consent where this is required or permitted by regulation or law. We generally use your personal data in the following circumstances and for the following purposes:

  • Where we need to perform a contract, which we are about to enter into or have entered into with you (“contractual necessity”).
  • Where we need to comply with a legal or regulatory obligation (“legal compliance”) to verify your identity, help detect and prevent fraud and fight financial crime.
  • Where we need to comply with the Anti-Money Laundering Directive (“AML Directive”), which specifies that the fight against money laundering and terrorist financing is to be considered as a matter of public policy.
  • When it is in our legitimate interest. We will take care to consider and balance any potential impact (both positive and negative) on you and your rights before processing your personal data in accordance with our legitimate interests.
  • Where we have your consent to carry out the processing (“consent”).

Whatever the circumstances surrounding the collection of this personal data, it is in all cases in compliance with the regulations in force. Please do not hesitate to contact us for any further explanation you may require, by addressing your requests to our company’s Data Protection Officer, who can be contacted at the following e-mail address: contact.dpo@ofi-invest.com and/or by post for the attention of the Data Protection Officer, 22 rue Vernier, 75017 Paris, France.

Credit agencies, fraud prevention bodies and regulations

To help us detect and prevent fraud, fight financial crime and fulfil our regulatory responsibilities, we may transfer your information to credit agencies and fraud prevention organisations. We may also transfer your information and carry out searches with third party organisations such as the police and public bodies. This is necessary to assess creditworthiness (including affordability), product suitability, verify your identity, administer your account, track debtors or payees and prevent criminal activity. If you give us false or inaccurate information and we suspect fraud, we will record it to prevent further fraud and money laundering.

Some of our checks may involve checking public records, conducting online searches of websites, social networks and other information sharing platforms and using databases maintained by credit bureaus and other reputable organisations. We may provide you with further details about the organisations and databases to which we have access or to which we contribute, and how this information may be used.

Marketing and marketing preferences

We may use your personal data to send you direct marketing communications about our products and related services where we think they may be of interest to you. In order to protect privacy rights and to allow customers to control the use of their personal data, you can ask us to stop direct marketing at any time. All our marketing communications include unsubscribe links to help you manage your marketing preferences. Opting out of one type of marketing, for example by email or telephone, does not mean that you are unsubscribed from all marketing communications. Please bear this in mind when managing your preferences.

We recommend that you regularly check the Data Protection Policy and preference settings available to you on any social networking platforms you use, as these will dictate how advertisements and other messages are displayed and shared on those platforms. For more information about cookies and other technologies we use on our website, please see our Cookie Policy.

How we ensure the security of your personal information

We are committed to protecting your personal data. We implement appropriate organisational and technical security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised manner, or modified or disclosed. We restrict access to your personal data to employees and other third parties whose duties justify such access. All such persons are subject to a contractual obligation of confidentiality. We have procedures in place to deal with any actual or suspected breach of personal data, which include notification to the Commission Nationale de l’Informatique et des Libertés (CNIL), the local authority responsible for monitoring the protection of personal data where necessary.

  • Retention of personal data on our systems

As a general rule, we only keep personal data for as long as is reasonably necessary for the purposes described in this Data Protection Policy. We keep certain records relating to your transactions, which may include personal data, for longer periods if we need to do so to meet legal, regulatory, tax or accounting requirements. For example, we are required to keep an accurate record of transactions so that we can respond to any complaints or queries that you or other parties may raise at a later date. We will also keep records if we reasonably believe there is a possibility of a dispute. To help us manage the length of time we keep your data and our records, we operate a Records Retention Policy which includes clear guidelines on the deletion of data.

  • Transfers and disclosures of personal data

Some of the organisations with which we transfer information may be located outside your country, state, province, or in another jurisdiction where data protection laws may differ from those in your jurisdiction. Aéma Groupe entities are committed to ensuring that your personal data receives an adequate and consistent level of protection wherever it is transferred within our Group. When we transfer your data to parties outside Aéma Groupe or to other companies that provide us with a service, we obtain contractual commitments and assurances from them to protect your personal data. We only transfer personal data to countries recognised as providing an adequate level of legal protection or where we can be certain that other arrangements guarantee the protection of your privacy rights.

In the event that we are involved in a merger, acquisition or sale of assets, your personal data may be transferred. We will notify you before your personal data is transferred and becomes subject to a different Data Protection Policy.

In certain circumstances, we may be required to disclose your personal data if required to do so by law or regulation or in response to lawful requests from a lawful authority (for example, a court or government agency). You are entitled to ask us for more information about the safeguards we have put in place as mentioned above.

Your rights

In accordance with the regulations in force, you have various rights in relation to your personal data, namely the right to access, rectify and delete your personal data, as well as the following rights in relation to the processing of your data: the right to restrict processing, the right to object to processing and the right to portability of your data. You also have the right to contact us about your personal data in order to :

  • Know how we use them;
  • To whom it is sent;
  • Whether we transfer it abroad;
  • Know how we protect it;
  • Know how long we keep it;
  • Know how we obtained it;
  • To find out whether we have made an automated decision using your personal data.

We may require proof of identity when requesting the exercise of any of these rights, to ensure that we are disclosing information or amending account details for the correct person.

Find out more about your personal data rights below

To access your personal data

You can ask us to:

  • confirm whether we hold and use your personal data;
  • obtain a copy of your personal data.

To rectify or delete your personal information

Let us know about any changes to your personal data: it is important that the data we hold about you is accurate and up-to-date. You can ask us to:

  • rectify any incorrect information about you ;
  • delete your personal data if you think we no longer need to use it for the purposes for which we collected it from you;
  • delete your personal data if you have withdrawn your consent to our use of it, if you have exercised your right to object to the legitimate use of your data, if we have used it unlawfully or if we are under a legal or regulatory obligation to delete your personal data.

We may not always be able to comply with your request, for example where we need to continue to use your personal data in order to comply with a regulatory or legal obligation or where we need to use your personal data in the event of a dispute.

To restrict the use of your personal data or object to the way we use it

You may ask us to restrict our use of your personal data in certain circumstances, for example where:

  • you believe that a piece of data is inaccurate and we need to verify it; or
  • data is no longer necessary for the purposes for which it was collected, but is necessary in the event of a dispute; or
  • you have objected to our use of your personal data, but we still need to check whether we still need to use it for other purposes.

You may object to any use of your personal data if you believe that your fundamental data protection rights and freedoms outweigh our legitimate interest in using that data. If you object, we may continue to use the personal data if we can demonstrate that we have compelling legitimate interests in using the data.

To request a copy of your personal data

You may ask us to provide you with a copy of your personal data in a structured, commonly used and computer-readable format, or you may ask to have it transferred directly to another Data Controller (for example, another company). You may only exercise this right where we use your personal data in connection with a contract with you, or where we have asked for your consent to use your personal data. This right does not apply to personal data which we hold or process by virtue of our legitimate interest, or which is not held in digital form.

To withdraw your consent

Subject to certain legal and contractual restrictions and reasonable notice, you may refuse the processing of your personal data or withdraw your consent at any time by contacting us (for example in relation to direct marketing or cookies). We will inform you if withdrawing your consent may affect our ability to meet your needs.

How to contact us

If you have any questions about this Data Protection Policy or how to exercise your rights, please contact our Data Protection Officer.

By e-mail: contact.rgpd.am@ofi-invest.com
By post: for the attention of the Data Protection Officer, OFI Invest, 22 rue Vernier, 75017 Paris, France

If you are not satisfied with the way we manage your personal data, our Data Protection Officer will endeavour to resolve any issues directly with you. We aim to respond to all valid requests within one month. However, this may take longer if the request is particularly complex, so you will be notified if this is the case. To speed up the processing of your request, we may ask you to provide more details about what you would like to receive or what concerns you.

In the event of difficulties, or if you are not satisfied with the response provided, you have the right to contact the Commission Nationale de l’Informatique et des Libertés (CNIL), the local authority responsible for monitoring the protection of personal data, in order to make any complaint:

By post: CNIL- 3 place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07
Online at the CNIL website: www.cnil.fr