Website Privacy Statement
The information on this website is intended to describe the activities of Private Equity Administrators Group (“PEA Group”).
This Privacy Statement should also be read in conjunction with the PEA Group Data Protection Privacy Notice.
Purpose of processing
When using the public areas of this website, you are not required to provide us with any Personal Data and we do not monitor or collect any personally identifiable information from you when you browse our website.
However, PEA Group does collect and process information about visitors to this website by using cookies.
Cookies are small text files that are stored on your computer, phone or other web enabled device when you visit this website. A cookie is usually a unique number with which data can be associated. Cookies will expire after two years.
- To learn how users or groups of users use the website, so that we can improve it.
- For analysis, research and statistics purposes.
- To improve the website, by making it easier to navigate.
- To remember your settings and preferences.
Please be assured that cookies do not allow any access to your computer or divulge any personal information about you.
How do I accept cookies?
You can accept ALL cookies by clicking the Accept and Close button on the home page of this website. The next time you visit the website the cookie pop-up will not show.
How do I reject cookies?
You can change the settings on your internet browser to block ALL cookies, while this won’t prevent you from using the website it may impact its functionality.
We may also collect your IP (Internet Protocol) address for trouble-shooting and systems administration purposes. Your IP address does not contain any personally identifiable information about you.
We have implemented appropriate technical and organisational security measures to protect your Personal Data and comply with applicable Data Protection Laws.
Whilst PEA Group has taken reasonable steps to ensure that data shown on this website is correct and accurate, it does not accept any responsibility for errors made. PEA Group cannot be held responsible for any inaccuracies of other information which can be accessed from its website pages through the hypertext links. In no event shall PEA Group be liable for any special, indirect or consequential damages or any damages whatsoever arising out of or in connection with the use or interpretation of information held on this website.
About this Website Privacy Statement
PEA Group reserves the right to update this Privacy Statement without notice and therefore it is recommended that you review this page periodically for changes.
Data Protection Privacy Notice
This Privacy Notice sets out how Private Equity Administrators Group (“PEA Group”) processes Personal Data, on individuals, including clients, intermediaries or other third parties that PEA Group deals with, or any individual who is connected to those parties (for example, Personnel, underlying investors, beneficial owners or principals). Where Personal Data is held on such individuals, this document also sets out the rights of those individuals in respect of that Personal Data.
Defined terms used in this Privacy Notice are explained in Section 14.
Please note that this Privacy Notice is primarily aimed at businesses and references in this notice to Personal Data, includes personal information that you provide to us, or which we otherwise gather whilst operating our business. As such, it is your responsibility to ensure that any relevant persons are made aware of this Privacy Notice and the individual rights and information that it sets out, prior to providing their information to us, or our obtaining their information from another source. Furthermore, if you or anybody else acting on your behalf, has provided or provides information on an individual connected to your business to us, then you or they must ensure that they have the appropriate authority to do so.
Any questions relating to this Privacy Notice, or requests in respect of Personal Data should be directed to DPO@peadm.com in the first instance.
2. About Private Equity Administrators
PEA Group are fund administrators, depositaries and corporate service providers operating in Guernsey, Denmark and Sweden.
The relevant PEA Group entity will be defined by the applicable letter of engagement or administration agreement.
Our offices include a jurisdiction outside of the European Economic Area (EEA), however, Guernsey has been deemed “adequate” for European Union (“EU”) data protection purposes. Where the processing activities of the Guernsey firm is not captured by the EU General Data Protection Regulation (679/2016/EU) (the “GDPR”) it is required to comply with the Data Protection (Bailiwick of Guernsey) Law, 2017 (“Guernsey DPL”) (together the “Data Protection Legislation”). The Guernsey DPL is modelled on the GDPR and essentially the key concepts are the same, thereby ensuring that the current adequacy requirements continue to be met and so continue to allow the free flow of Personal Data between Guernsey and the EU.
Details of the relevant PEA Group entities and the responsible Regulatory Authorities are provided in Section 11.
3. The Personal Data we hold
PEA Group processes data, in order to provide administration and depositary services and we gather Personal Data from a variety of sources:
- We obtain Personal Data when it is provided to us either by you, your representatives or a third party connected to you (for example, another service provider).
- We collect Personal Data in the ordinary course of our relationship with you.
- We obtain your Personal Data that has been made public, including via the internet and subscription databases and other open-source materials.
- We also create Personal Data about you, such as records of your interactions with us, details of your accounts and transactions, telephone calls etc, subject to applicable law.
The type of Personal Data we may collect and process includes:
- Contact details, including name, address, email addresses and telephone numbers;
- Information required by PEA Group to meet legal and regulatory requirements in respect of anti-money laundering legislation, including personal details such as gender, date of birth, passport number(s), other government issued number(s), nationality, images of passports and driving licences, signatures, occupation, source of funds and source of wealth;
- Information required by PEA Group to meet legal and regulatory requirements relating to the automatic exchange of tax information (e.g. US FATCA and OECD CRS), including details of tax residency, tax classification and tax identification numbers;
- Financial details, including billing address; bank account numbers; instruction records; transaction details and counterparty details;
- Details of meetings and telephone calls with our office and employees; and
- Any other information you may provide to us or might be provided to us by our clients, third parties etc.
4. Sensitive Personal Data
PEA Group does not routinely seek to collect or otherwise process Sensitive Personal Data. Should we need to do so:
- The Processing is necessary for compliance with a legal obligation;
- The Processing is necessary for the detection or prevention Crime;
- You have made such Sensitive Personal Data public; or
- We have obtained your consent prior to Processing your Sensitive Personal Data.
5. Purposes of Processing
The Personal Data collected from you or provided by you, or on your behalf may be processed by PEA Group (or its affiliates, agents, employees, delegates or sub-contractors) for the following purposes:
Lawful Basis for Processing
|Financial Crime Prevention: identifying and verifying the identity of individuals, screening against subscription databases (e.g. for sanctions, adverse media and PEP lists); detecting, preventing and investigating financial crime in accordance with applicable anti-money laundering procedures.|
|FATCA/CRS: Determining the tax status of individuals in compliance with the US Foreign Account Tax Compliance Act, the OECD Common Reporting Standard and/or any other applicable automatic exchange of tax information regime.|
|Client onboarding: taking on of new clients, serviced entities and their underlying principals, investors and shareholders and update of our administration systems and records and controls.|
|Provision of products and services to you: administering relationships and related activities, communicating with you in relation to these products/ services and compliance with our internal control framework.|
|Establishment of new entities (for example, companies, limited partnerships, foundations and trusts) and communicating with yourself or third parties including the Guernsey Registry and/or legal counsel in relation to this activity.|
|Legal compliance: compliance with our and your legal and regulatory obligations under applicable laws.|
|Legal proceedings: establishing, exercising and defending legal rights.|
|Risk Management: audit, compliance, controls and other risk management activities.|
|Relationship management: to manage our client, intermediary and other business relationships (e.g. bankers).|
|Access to our Client Portal for the communication and storage of relevant material (such use being subject to the terms and conditions of that portal)|
|IT: operation of our IT security, management of our IT infrastructure and communication systems and IT security audits.|
|Security: to ensure the security of PEA Group electronic systems, staff and premises|
Please note that your consent is not required to process your Personal Data for the purposes referenced above.
Please note that where Personal Data is processed for the purpose of legitimate interests, you have a right to object to such processing. In such cases, PEA Group will no longer process the Personal Data unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Please note that it is PEA Group policy not to engage in Direct Marketing. Should this policy change then we must seek your explicit written consent to use your Personal Data for this purpose.
6. Disclosure of Personal Data
We may disclose your Personal Data to other entities within the PEA Group, for legitimate business purposes, in accordance with applicable law. Where we transfer your Personal Data across the PEA Group, we do so, based on:
- Adequacy decisions;
- Binding Corporate Rules;
- Suitable Standard Contractual Clauses; or
- Other valid transfer mechanisms
In addition, we may disclose your Personal Data to:
- Clients and their professional advisors;
- Other service providers (legal, financial or otherwise, including any bank or financial institution providing services in relation to any client or serviced Entity, where disclosure to that provider of services is considered necessary to fulfil the purposes set out above;
- Any registrar of a public register where the data is to be included in a public registry;
- To comply with legal or regulatory requirements;
- Any sub-contractors, agents or service providers to PEA Group (e.g. Auditors, Lawyers, IT Providers etc.)
- Law enforcement agencies where considered necessary for the PEA Group to fulfil legal obligations applicable to it;
- Regulators or other governmental or supervisory bodies with a legal right to the material or a legitimate interest in any material
- Potential parties with whom PEA Group intends to merge or sell any part of the PEA Group.
Where PEA Group is entering into an engagement with a third party pursuant to which Personal Data may be processed by that third party, we will seek to enter into an agreement with that third party setting out the respective obligations of each party and will seek to be reasonably satisfied that the third party has measures in place to protect data against unauthorised or accidental use, access, disclosure, damage, loss or destruction.
7. International Transfers
The disclosure of Personal Data to the third parties set out above may involve the transfer of data outside of the EEA in accordance with the requirements of Data Protection Legislation. Such countries may not afford individuals the same level of protection as the EU or Guernsey. Therefore, we will only transfer Personal Data outside of the EEA where we are satisfied that:
- The non-European Union country has Data Protection laws similar to the laws in the European Union;
The recipient has agreed through contract to protect the information to the same Data Protection standards as the European Union;
- We have obtained consent from relevant data subjects to the transfer; or
- If transferred to the USA, the transfer will be to organisations that are part of the Privacy Shield.
8. Data Security
We have implemented appropriate technical and organisational security measures designed to protect your Personal Data.
You are responsible for ensuring that any Personal Data that you send to us, is sent securely.
9. Rights of Data Subjects
Data subjects in the European Union (or any jurisdiction with equivalent legislation to the EU General Data Protection Regulation) have certain rights in respect of their Personal Data. The exercise of these rights is subject to the provisions of the Data Protection Legislation.
- You have a right of access to and the right to amend and rectify your Personal Data
- You have the right to have any incomplete Personal Data completed
- You have the right to lodge a complaint with a Supervisory Authority, in Guernsey or the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of the Personal Data relating to you carried out by PEA Group infringes the Data Protection Legislation (details of the relevant Supervisory Authority are provided in Section 11).
- You have the right to request that Personal Data is erased (in certain specific circumstances).
- You have the right to be notified of a Personal Data Breach which is likely to result in high risk to your rights and freedoms;
- You have the right to data portability (in certain specific circumstances).
- You also have the right to object to processing where Personal Data is being processed for marketing purposes and where PEA Group is processing Personal Data for legitimate interests.
Anybody wishing to exercise any rights under the applicable Data Protection Legislation should send the request in the first instance to DPO@peadm.com.
Please be aware that in the event a data subject chooses not to provide any Personal Data or where any of the rights set out above are exercised to limit the processing of Personal Data, PEA Group may be unable to provide relevant services, or there may be a restriction on the services which can be provided.
PEA Group will only keep your data as long as necessary to fulfil the purposes (as set out above) for which we collected it, or as necessary for fulfilling any minimum statutory retention period.
Once the retention periods have ended, we will either:
- Permanently delete or destroy the relevant Personal Data
- Archive your Personal Data so that it is beyond use; or
- Anonymise the relevant Personal Data.
Any request for further information in relation to the continued processing of specific data and requests for destruction of data, should be made to DPO@peadm.com.
11. PEA Group Entities
In respect of any administration agreement with PEA Group, the primary Data Controller will be deemed the Client Entity issuing the letter of engagement or administration agreement. The PEA Group entity will be deemed the Data Processor.
For the purposes of this Privacy Statement the PEA Group entities are:
Private Equity Administrators Limited is registered with the Data Protection Commissioner in Guernsey. Any complaint may be brought to the attention of the Commissioner via either online enquiry at https://dataci.gg/online-enquiry/#/complain/form or by post to: The Office of the Data Protection Commissioner, Guernsey Information Centre, North Esplanade, St Peter Port, Guernsey, GY1 2LQ.
Private Equity Administrators ApS is registered with Datatilsynet in Denmark (www.datatilsynet.dk). Any complaint may be brought to their attention. The e-service for reporting the incidents is available through their website.
PEA Depositary Services ApS is registered with Datatilsynet in Denmark (www.datatilsynet.dk). Any complaint may be brought to their attention. The e-service for reporting the incidents is available through their website.
Private Equity Administrators Sweden AB is registered with Datainspektionen.se (www.datainspektionen.se) in Sweden. Any complaint may be brought to their attention. Note: at the time of writing this policy the e-service for reporting any incidents is not ready and it is recommended that reference be made to the website provided for details of the reporting process. The address of the Datainspektionen is PO Box 81141, 104 20 Stockholm.
PEA Depositary Services AB is registered with Datainspektionen.se (www.datainspektionen.se) in Sweden. Any complaint may be brought to their attention. Note: at the time of writing this policy the e-service for reporting any incidents is not ready and it is recommended that reference be made to the website provided for details of the reporting process. The address of the Datainspektionen is PO Box 81141, 104 20 Stockholm.
12. Changes to this Privacy Notice
PEA Group reserves the right to modify or amend this Privacy Notice at any time and an updated version of it will be placed on our website www.peadm.com.
13. Contact details
If you have any comments, questions or concerns about any of the information in this Privacy Statement, or any other issues relating to the Processing of Personal Data by PEA Group, please contact the PEA Group at DPO@peadm.com.
14. Defined Terms
|Data Controller||The entity that provides instructions to the Processor on how data should be processed.|
|Data Processor||Any person or entity that Processes Personal Data as instructed by the Data Controller.|
|Data Subject||Any natural person for whom Personal Data is held.|
|Personal Data||Information about an individual, from which an individual is identifiable.|
|Process or Processed or Processing||Anything that is done with Personal Data, such as collection, recording, structuring, storage, disclosure etc.|
|Personnel||Any current, former or prospective directors, officers, controllers, consultants, employees etc.|
|Sensitive Personal Data||Data about race, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexuality, or any other information that may be deemed to be sensitive.|
|Supervisory Authority||The Data Protection Authority established pursuant to the Data Protection Legislation.|
Private Equity Administrators Limited (Registration No 40749) is licensed by the Guernsey Financial Services Commission under The Protection of Investors (Bailiwick of Guernsey) Law, 1987, as amended and The Regulation of Fiduciaries, Administration Businesses and Company Directors, etc. (Bailiwick of Guernsey) Law, 2000 having its principle place of business at its registered office, P.O. Box 669, Elm House St Peter Port, Guernsey GY1 3SR