How Sedermera manages personal data
Valid from May 25, 2018.
To Sedermera Fondkommission (”Sedermera”) your right to protection of personal privacy is important, as well as awareness of privacy and integrity are important elements of our business. As we develop Sedermera’s services, these are preceded by technical, physical and organisational measures to ensure both the integrity and availability of personal data and other data we process. As data controller, Sedermera constantly works to ensure that our services and internal processes meet the requirements for processing personal data.
This policy describes what personal data Sedermera processes and for what reasons. Furthermore, we also provide information on where we collect personal data, who we share these with and how long we save data. We also describe how you can access your personal data, comment or ask us questions.
Personal data processed within Sedermera
We have divided personal data into different categories. The personal data we process relates to the following categories with examples listed in brackets:
- Basic personal data (personal identification number, name, contact details and ID number),
- Assessment and classification (data needed to, for example, to achieve customer awareness and manage the risk of money laundering and financing of terrorism, such as data about your financial assets and the purpose of transactions),
- Agreements (all types of personal data linked to agreements relating to Sedermera's services, such as account numbers and power of attorney),
- Financial transactions (transfers and securities transactions), and
- Communication (physical communication as well as electronic communication).
The following data about you also applies, if applicable, also to proxies, receivers or trustees.
Purpose and legal basis for processing
Your personal data is primarily used to fulfil legal obligations that impose on us as investment firm and to fulfil agreements that Sedermera already have entered into or are about to enter into with you as customer. Below is a description of the purposes that Sedermera has in the processing of personal data, what the current purposes are and the legal basis for each purpose.
Legal obligation
Sedermera has to comply with securities- and other relevant legislation applicable for our business and government regulations. Within this framework, we process your personal data to, for instance:
- Conduct money laundering controls,
- Document and save personal data related to securities transactions that Sedermera has contributed to,
- Conduct customer approvals and establish contractual relationships,
- Document services and transactions attributable to Sedermera's license to act as investment firm, and
- Report to competent authorities such as the Swedish Tax Agency and the Swedish Financial Supervisory Authority.
Completion of agreements
Sedermera collects, processes and stores personal data in order to prepare, provide and administrate Sedermera's services to you – electronically, at office or by telephone.
In the framework of the fulfilment of our contractual obligations, we may also record your telephone conversations with us – in the extent it concerns conversations that will or may lead to transactions being carried out. This process is also based on legal obligations.
Legitimate interest
Sedermera offers financial services with the aim of creating long and good relationships with our customers. Therefore, we process your personal data for the following purposes:
- Conduct market activities where we identify and suggest services that may be relevant to you. You have always right to unsubscribe from newsletters and offers.
Consent
We base processing of personal data on consent when you visit our website. In addition, a cookie with a unique ID is placed in your web browser that we use for web analytics so that we can understand how the site is used. You hereby consent to this when you accept the use of cookies the first time you visit our website. However, Sedermera does not monitor how you use the site as an individual. Consequently, no names, e-mails, IP addresses etc. are stored in our cookies. It´s recalled that consent could always be withdrawn at any time for newsletters and offers that are only based on this legal basis.
Wherefrom we collect your personal data
We collect personal data directly from you, for example, when you become customer at Sedermera, or when using services at Sedermera. We also retrieve data from public- and other registers, such as Bisnode.
Who we share your personal data with
By law, Sedermera is prohibited to disclose information about you unless valid reasons within the terms of agreement with you exist or legal purposes require or permit it, such as reporting to authorities.
In order to meet the terms of our customer agreements and other commitments, we need to share information about you internally within Sedermera and sometimes even with external companies that provide contracted services to Sedermera and our customers. For example, it may be financial infrastructure partners, suppliers, parties acting on clients' assignments or other parties in the customer agreement.
Situations when we share your personal data outside the organisation are:
- To authorised credit reporting companies when we process credit data in connection to when you enter into an agreement with us,
- To other banks and/or investment firms when we transfer liquidity or securities, and
- To different authorities for complying with legislation and other provisions concerning, for example taxes and money laundering or financing of terrorism.
Transfer to third countries
Processing of personal data is conducted within the EU/EEA and no data transfer is performed outside this area. However, in rare cases may personal data be transferred to and processed in countries outside the EU/EEA area (so-called third countries). Before such transfer occurs, Sedermera ensures that the transfer is carried out only on condition that appropriate safeguards have been undertaken in accordance with, inter alia, Privacy Shield and standard agreement clauses approved by the EU Commission.
Storage
We only save your personal data as long as we need to, to provide the services you have with us. We also save personal data to comply with statutory provisions (e.g. securities law and accounting law) and government decisions.
If you terminate any service at Sedermera, we need to, according to provisions stipulated by law, save some of your personal data that is linked to the relevant service for a certain period of time. For example, we need to retain certain personal data for seven (7) years to report to the Swedish Tax Agency and for a maximum period of ten (10) years to comply with provisions concerning money laundering and financing of terrorism.
Your rights
You have rights regarding your personal data that Sedermera processes:
- You have the right to access the personal data we process about you. The data is given in the form of a copy (through a register extract). Request for a register extract is usually free of charge.
- If the data we have about you is incorrect or incomplete you may request that we correct or supplement them.
- You are entitled, under certain conditions, to request that the processing of your personal data to be restricted for certain specified purposes.
- You are entitled to object to a processing of your personal data that is based on the balancing of interests.
- You have, under certain conditions, right to be deleted ("to be forgotten"), i.e. to get the personal data we possess about you erased. However, we are entitled to deny deletion in certain situations, such as if we are required by law to save the data.
- If you not want to receive direct marketing from Sedermera, you can contact us at any time.
- You have the right to data portability, which means that you are entitled to obtain your personal data in a structured, widely used and machine-readable format transferred to other personal data controllers under certain conditions.
You are normally entitled to use the above rights free of charge. Subsequently, the request will be answered without undue delay and usually within one (1) month of receipt of the request. However, if the request is unreasonable or unfounded, Sedermera has the right to charge a reasonable fee or choose not to comply with your request. In addition, Sedermera may request further data to validate your identity.
Changes to the Privacy Policy
We may make changes to the privacy policy and the latest version of the policy is available on our website.
Contact details
If you have questions or comments about how we treat your personal data, please contact Sedermera by info [at] sedermera.se or to the following address:
Sedermera Fondkommission
Norra Vallgatan 64
211 22 Malmö
You can also contact Sedermera's complaint manager or the Swedish Data Authority (Datainspektionen) for any complaints regarding the processing of your personal data.