Cramer Rosenthal McGlynn

GDPR

The following outline our policy regarding the General Data Protection Regulation (2016/679) (“GDPR”) and any national laws implementing the GDPR and the Directive on Privacy and Electronic Communications (2002/58/EC) (together, the “Data Protection Legislation”). It will be necessary for an investor, consultant or potential investor (“you”) to provide certain information to us in respect of your identity and other details relating to you, or, in case of an Investor that is not a natural person, information relating to your officers, directors, partners, members or employees (“personal information”). If you are not a natural person, please make the disclosures set out below available to the individuals whose personal information you have provided.

Personal information is subject to certain legal safeguards specified GDPR and the Data Protection Legislation. The Data Protection Legislation prescribes the way in which our firm (“Investment Manager, us or we”), and/or our agents and service providers, may collect, retain and handle personal information.

We will be a ‘controller’ of your personal information for the purposes of the GDPR, and will process, or arrange the processing of, your personal information by our service providers, including broker-dealers and your custodian. The following information is applicable to our clients in all cases, and contacts/prospects in some cases, as noted below.

With whom do we share your personal information?

We may share certain of your personal information with the following categories of third parties for the following reasons:

  • Broker-dealers who may be necessary to provide trade execution services for the purposes of executing investment decisions pertaining to an investment account you may have with us;
  • advisers (e.g. auditors, legal counsel and tax advisers) to our firm relating to or in connection with your investments with us;
  • the custodians you retain for maintaining the assets in your account with us; and
  • law enforcement agencies; regulatory or tax authorities and other governmental or public agencies or authorities.

They may in turn use the services of their affiliates or service providers to process your personal information where necessary or appropriate. Where we share your personal information with a third party, we require the recipients of that personal information to put in place reasonably designed measures to protect it.

If you do not provide the information requested, we will not able to provide to you the services set out in the investment management agreement, or any other contractual agreement that exists between us. We will not be able to provide services to you without processing your personal information for the purposes identified below.

We have reviewed the purposes and appropriateness of our activities, and those of the processors of your personal information, in each case, as related to the processing of your personal information.

The lawful bases for processing your personal information may include any of the following reasons: to facilitate our ability to perform our obligations to you under our investment management agreement and other documents that together form the basis for your contractual relationship with us, as well as our ability to comply with applicable legal and regulatory provisions including the requirement to comply with any regulatory or tax reporting requirements; to carry out money laundering/terrorist financing checks, conflict checks, for purposes of fraud prevention, to comply with any applicable auditing or financial reporting requirements; to comply with information disclosure requests from regulatory, tax or other governmental or public authorities; and to communicate information we think may be of interest to you.

In addition to the above lawful bases for processing your personal information, your personal information will also be processed based on our legitimate interests including:

  • to exercise and comply with our rights and obligations at law or under regulation, where such obligations are not set out under the laws of EU member states, or under contract, including for the establishment, exercise or defense of legal claims;
  • to manage and administer our business and to improve relationships with you and our other investors, and assist with investor relationship management, and for marketing and business development activities and analysis;
  • to communicate with you in respect of your investment or other products we offer for risk assessment and control, for statistical and trend analysis, for system administration, operation, testing and support and to operate control systems and management information systems;
  • to help detect, prevent, investigate, and prosecute fraud and/or other criminal activity;
  • to manage our information technology and to ensure the security of our systems;
  • to disclose information to a governmental, tax or regulatory body, financial market, broker or other intermediaries, counterparties, court, auditors or other third parties and to conduct compliance activities, when we think this is in any of their, or someone else’s interests, but where applicable law does not require the Investment Manager to make this disclosure or conduct these activities;
  • to establish, exercise or defend legal claims and in order to protect and enforce our rights, property, or safety, or to assist our other investors, or others to do this;
  • to investigate and respond to any complaints about us and our business or any incidents relating to us or our business and to help maintain quality and to deal with complaints and disputes; and
  • to make certain assessments about you in order to assess your investment objectives, risk tolerance, and understanding of investment risk to assess the suitability of an investment we make for you, including in any investment strategy or fund we offer for investment.What personal information will be collected and used?
  • When processing your personal information, we are subject to, and shall comply with, the relevant requirements contained in the GDPR as we believe is applicable to us.

The types of personal information relating to you we may process include, for example:

  • your (or your officers’, directors’, partners’, members’ or employees’) name, address, date of birth and gender;
  • your (or your officers’, directors’, partners’, members’ or employees’) bank account details, source of wealth information, accounts and bank statements;
  • information relating to your investment or proof of your eligibility to purchase interests in a particular investment product or fund; and
  • copies of your (or your officers’, directors’, partners’, members’ or employees’) passport, driver’s license and other official documentation required for identity or address verification purposes.

How do we use your personal information?

We will process your personal information in order to market our investment products, to process queries, applications, subscriptions and redemptions, and to otherwise undertake the necessary and appropriate actions in order to offer our services and manage assets on behalf of our clients. We will do this while complying with the applicable legal and regulatory obligations, to exercise its rights at law or under contract. This may include, without limitation, providing administrative services in connection with your investment, preventing fraud, carrying out money laundering checks or conflict checks, reporting to national and international regulatory bodies. We may also process your personal information to manage and administer your investments and our business and to improve relationships with you and our other investors, and assist with investor relationship management, and for marketing and business development activities and analysis.

We also may share your personal information with third parties (including legal advisors and law enforcement agencies) in order to respond to investigations, court orders, legal process, or to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, or as otherwise required by law.

We also may use your information in order to provide you with information of investments or products that may interest you. If you prefer not to be contacted in connection with prospective products, please email us at ClientService@crmllc.com.

Transfers of your personal information outside Europe

We maintain your information within the United States in our Connecticut offices. To the extent certain of your personal information is transferred to third party service providers or to regulatory or other governmental or public authorities located in countries outside of the European Economic Area (the “EEA”), we anticipate these third party suppliers, regulatory or other governmental or public authorities will also be located in the United States. Our UCITS investors will receive separate correspondence pertaining to that product.

Where your personal information is transferred outside of the EEA, we will, where possible, take appropriate steps to ensure it is adequately protected in compliance with the requirements of Data Protection Legislation, including by entering into appropriate data transfer agreements with third party recipients of your personal information incorporating standard contractual clauses approved by the European Commission governing data transfer contracts. Please contact us at legal@crmllc.com, if you would like a copy of the model clauses.

How long is your personal information retained?

We will regularly review the personal information that we process relating to you to ensure it is accurate and up-to-date, and will not retain your personal information for longer than is necessary in relation to the purposes for which your personal information is processed, and in accordance with regulatory requirements.

Generally, we will retain your personal information concerning your investments for seven (7) years after you have exited your investment with us. Personal information may be retained for longer if it is required by law, or by a tax or regulatory authority, a law enforcement agency or other governmental or public body, or considered necessary in order to allow us to act in accordance with our specific set of circumstances, for example, in light of an actual or a potential legal action or a regulatory investigation.

Your rights in relation to the personal information we process about you

You have various rights under Data Protection Legislation in relation to the personal information relating to you that we process. These include:

  • the right to request access to your personal information;
  • the right to have your personal information rectified;
  • the right to have your personal information erased;
  • the right to request that your personal information is only used for restricted purposes;
  • the right to object to your personal information being processed, for example, for marketing;
  • (in some circumstances) the right to require certain of your personal information to be transferred to you or a third party; and
  • the right to lodge a complaint with the relevant data regulator in your jurisdiction.

You can seek to exercise any of these rights by contacting us at legal@crmllc.com.

Questions or complaints

If you have any questions or complaints regarding the processing of your personal information, please contact us directly at legal@crmllc.com.

Complaints regarding our processing of your personal information may also be made directly to the relevant data protection regulator in the EU.