EU Website Privacy Notice
PRIVACY NOTICE
1. Important information and who we are
This Privacy Notice describes the types of personal data that the Fundsmith SICAV (“we”, “our”, “us”, “Fund”), may obtain and process, how we may use this data, with whom we may share this data, how long we will retain this data, and your choices regarding our use of your data.
We also describe the measures we take to safeguard personal data and tell you how to contact us about our privacy practices as provided for under applicable data protection legislation and regulation to which we are subject, in particular, the EU General Data Protection Regulation 2016/679 (“EU GDPR”).
For the purpose of EU GDPR, the Fund is the data controller responsible for your personal data.
The website www.fundsmith.eu (“Website”) is not intended for children and we do not knowingly collect data relating to children. The Website is operated by the Fund’s Global Distributor, Fundsmith LLP (“Global Distributor”).
2. The types of personal data we collect about you
Personal data means any information about an individual from which that person can be identified. We may collect and process various items of personal data about you for the purposes set out in this Privacy Notice, in particular, when you subscribe for the Fund’s shares via completion of a subscription agreement and/or completion of any other ancillary document/form in relation to the Fund or when you otherwise communicate with us.
We may collect, use, store and transfer the following categories of personal data:
- Identity Data includes first name, last name, or similar identifier, title, date of birth and gender;
- Contact Data includes address, email address and telephone numbers;
- Financial Data includes bank account details and information resulting from “know-your-client” and anti-money laundering checks;
- Transaction Data includes details about transactions you undertake when buying and selling shares in the Fund;
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access this Website;
- Usage Data includes information about how you interact with and use our Website and the Fund;
- Profile Data includes preferences, feedback and survey responses;
- Marketing Data includes your preferences in receiving marketing from us.
From time to time, we may aggregate personal data we hold about you such that the data no longer directly or indirectly reveals your identity (and therefore no longer constitutes personal data). For example, we may aggregate individuals' Usage Data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our Website to help improve the Website and our service offering.
We may collect special categories of personal data, which include, but are not limited to, information revealing racial or ethnic origin, political opinions, religious or similar beliefs, physical or mental health conditions and sexual orientation. For example, if you are identified as a politically exposed person through client due diligence checks, we may receive information revealing your political opinions.
We may also be required, in connection with the fulfilment of our legal and/or regulatory obligations, to collect information regarding criminal offences or alleged criminal offences that have been committed by you.
3. How is your personal data collected?
We may collect your personal data, through a number of different methods including:
- Your interactions with us. For example, when you:
- invest in the Funds;
- communicate with us by phone, e-mail, writing or otherwise;
- elect to receive marketing communications from us.
- Website. As you interact with our Website, we may collect Technical Data about your equipment, browsing actions and patterns by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. As the operator of the Website, please see the Global Distributor’s Cookie Policy for further details.
- Third parties or publicly available sources. We may collect your personal data from various third parties and public sources, including when you:
- engage with an organisation that has a business relationship with the Fund, such as the Fund’s transfer agent or administrator;
- are subject to money laundering and “know-your-client” checks;
- are the beneficiary of a trust, the assets of which have been invested in the Fund.
4. How we use your personal data
Legal basis
We rely on one or more of the following legal basis when collecting and processing your personal data:
Performance of a contract with you: We may process your personal data where we need to perform a contract we are about to or have entered into with you.
Legal obligation: We may process your personal data where it is necessary for compliance with a legal obligation that we are subject to (for example, where we conduct anti-money laundering / “know-your-client” checks to confirm your identity).
Consent: We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose (for example, if you subscribe to receive marketing material from us).
Legitimate interests: We may process your personal data where it is necessary to conduct our business and pursue our legitimate interests (for example, to enable us to give you the best and most secure customer experience and make improvements to our business). We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by your interests, fundamental rights or freedoms (unless we have your consent or are otherwise required or permitted to by law).
Substantial public interest: We may process your personal data where there is a substantial public interest in us doing so (for example, to prevent or detect unlawful acts or for the purposes of compliance with a regulatory requirement relating to unlawful acts and dishonesty).
Purposes for which we will use your personal data
We have set out below, in a table format, a description of the purposes for which we plan to use the various categories of your personal data, and which of the legal bases we rely on to do so.
| Purpose/Use | Legal Basis |
|
|
| To manage our relationship with you we will respond to your queries, requests (including complaint handling) and all correlated communications including the provision of investor services. |
|
| Undertaking anti-money laundering / “know your client” checks to confirm your identity in accordance with anti-money laundering and counter-terrorist financing obligations. |
|
| To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). |
|
| To deliver relevant Website content and online marketing to you and measure or understand the effectiveness of the marketing we serve to you. |
|
| To use data analytics to improve our website, products/services, customer relationships and experiences and to measure the effectiveness of our communications and marketing. |
|
| To send you relevant marketing communications that may be of interest to you based on your Profile Data. |
|
| Reporting to and/or cooperating with supervisory and regulatory bodies, and/or other authorities pursuant to applicable laws and regulations and complying with general prudential duties. |
|
5. Disclosures of your personal data
Where it is necessary in connection with the purposes set out at section 4 above, we may share your personal data with certain third parties.
In particular, we may share your personal data with the following recipients, some of whom will be based outside the EU and/or use sub-processors based outside the EU:
- the depositary and administrator of the Fund;
- the Global Distributor and any of its affiliated entities;
- the management company of the Fund;
- the investment manager of the Fund;
- suppliers and service providers to our business, including IT and communication services providers, accountants, auditors, tax advisors, lawyers and “know-your-client” / client due diligence verification providers;
- your financial advisor, where you have provided details of their identity;
- banking establishments;
- governmental, judicial or administrative bodies;
- any public register to be used for ultimate beneficial owners’ declarations (as accessible online as the case may be).
We also may disclose information about you: (i) if we are required to do so by law, regulation or legal process (such as a court order or subpoena or for tax reporting purposes), (ii) in response to requests by government agencies, such as law enforcement or regulatory authorities, (iii) for the purpose of or in connection with legal proceedings, or otherwise for the purpose of establishing, exercising or defending our legal rights, or (iv) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity.
We also reserve the right to transfer any information we have about you to potential third-party acquirer(s) in the event we sell or transfer all or a portion of the Fund’s assets (including in the event of a reorganization, dissolution, liquidation or other corporate event.
6. International transfers
In case of transfers of personal data to entities located in non-EEA countries, such transfers will rely on appropriate safeguards as permitted or required under EU GDPR. In these circumstances, we will take those steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy Notice and EU GDPR. This means that we will transfer your personal data to third parties: (i) that are located in countries that have been confirmed by the European Commission to provide an adequate level of protection; (ii) that have agreed (by way of a contract or some other form of data transfer mechanism) to provide all protections to your personal data as required by EU GDPR; or (iii) where you have provided your express consent for us to do so.
7. Data security
We have put in place appropriate security measures intended to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those persons who have a business need to have such access and are, in each case, subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of any actual personal data breach where we are legally required to do so.
8. How long will you retain my personal data for?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for (including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements) and in any event for no longer than is permitted pursuant to EU GDPR.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we collected your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances you can ask us to delete your data: see section 9 below for further information.
9. Your legal rights
Within the limits set out in the EU GDPR, you have the right to:
- know what personal data we process about you and access such personal data;
- request any incomplete or inaccurate personal data be corrected;
- require us to delete your personal data and/or otherwise restrict our processing of your personal data in some circumstances;
- object to our processing of your personal data where we are relying on a legitimate interest (or those of a third party) as the legal basis for that particular use of your data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your personal data and which overrides your right to object;
- object to our processing of your personal data where we send you direct marketing;
- "data portability", which is a right to require us to transfer your personal data to you or to a new service provider in a structured, commonly used and machine-readable format.
If you wish to exercise any of the rights set out above, please contact us through the means outlined at section 10.
10. Contact details
If you have any questions about this Privacy Notice, our use of your personal data or you want to exercise your privacy rights, please contact us on the following:
E-mail: FUNDSMITH-TA-LUX@ntrs.com
Postal address:
c/o Northern Trust Global Services SE
10 Rue du Château d’Eau
Leudelange
L-3364 Grand Duché de Luxembourg
Telephone: +352 282 941 36
11. Complaints
You have the right to make a complaint at any time to the relevant body regulating data protection in your own country (for the European Union, details are available here). We would, however, appreciate the chance to deal with your concerns before you approach the relevant body, so please contact us in the first instance.
12. Cookies
For more information about the cookies we use on the Website and how to change your cookie preferences, please see the Global Distributor’s Cookie Policy.
13. Changes to the Privacy Notice
This Privacy Notice may be updated periodically to reflect changes in our personal data practices. By continuing to use the Website, communicate with us, or otherwise provide us with your personal data, you agree to any updated version of this Privacy Notice.