Privacy Policy

Reiten & Co AS is registered in Norway with number 981 225 856. Its registered office is at Haakon VIIs gt 1, 0117 Oslo. Funds advised by Reiten & Co AS in the Channel Islands, Reiten & Co Capital Partners VI L.P. and Reiten & Co Capital Partners VII L.P., are regulated by the Guernsey Financial Services Commission (“GFSC”) in the Channel Islands.

For the purposes of this Privacy Policy, “Reiten” (and “we” and “us”) shall mean Reiten & Co AS and its related affiliates and its or their partners, members, directors, officers and employees, as the context requires.

Reiten is committed to maintaining, protecting and respecting your privacy and the confidentiality, integrity and security of personal data about yourself or others that you may provide. If you do give us any personal data about yourself or others, we are committed to treating it securely, fairly and lawfully and in a transparent manner.

This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us, and how we comply with our responsibilities under applicable data protection laws and regulations (“Data Protection Laws and Regulations”).

The “Data Protection Laws and Regulations” means all laws and regulations, including laws and regulations of the European Economic Area (“EEA”) and their member states, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”), and their respective successors, applicable to the protection of natural persons with regard to the processing of personal data (as defined under the GDPR) and on the free movement of such data.

 Please read this Privacy Policy carefully.

For the purpose of the Data Protection Laws and Regulations, the data controller of the personal data covered by this Privacy Policy is Reiten. We are responsible for, and control the processing of, your personal data. Please see the “How to Contact Us” section below for our contact information.

This Privacy Policy covers how we use personal data that you provide or we collect when you visit, register with or submit personal data through our website reitenco.com and when you use the investment services that we offer, including from our site.

This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed and used by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. Please do not use our site if you do not agree with the terms of this Privacy Policy.

Reiten acknowledges that the information you provide us may be confidential. We do not sell, rent, distribute or otherwise make your personal data commercially available to any third party, except that we may share information with our service providers for the purposes set out in this Privacy Policy (see the “Disclosure of your information” section for more information). We will maintain the confidentiality of and protect your information in accordance with our Privacy Policy and all applicable Data Protection Laws and Regulations.

Information you give us

You may give us information about you by filling in forms that we have given to you to fill in (which form part of your agreement with us), by corresponding with us via telephone, email, facsimile or otherwise. The information you give us may include:

• Your name;
• Your email address;
• Your telephone number;
• Your date of birth;
• Your client number or unique investor identification number;
• Your gender;
• Your financial information;
• Information about your investment strategies, objectives and risk tolerances;
• Your credit card information and/or your bank account details;
• Tax identification information;
• Anti-Mony-Laundering/Know-Your-Customer information as required;
• Any further personal data required as part of the provision of our services.

Information collected automatically

Each time you visit our site we may automatically collect the following information:

• technical information including the internet protocol (“IP”) address used to connect your computer to the internet, your log-in information, browser type and version, browser plug-in types and versions, time zone setting, operating system and platform; and
• information about your visit, including the Uniform Resource Locators (“URL”) clickstream to, through and from our site (including date and time); items you searched for; page response times; download errors, length of time spent on pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page and any phone number used to call us.

Information we receive from other sources

We work closely with third parties who may collect personal data from you and pass it onto us. For example, where we are conducting due diligence on prospective investee companies or decide to invest in third parties we may receive personal data, including but not limited to CV’s. Where this applies, the third party is responsible for providing you with relevant information and obtaining the relevant consents from you (if required) in respect to how your personal data will be used. We may combine this information with information you give to us and information we collect about you. We may use this information and combined information for the purposes set out below (depending on the types of information we receive).

Monitoring and recording communications

We may monitor and record communications with you (such as telephone conversations, emails and other electronic communications) for the purpose of quality assurance, training, fraud prevention and compliance with our obligations under applicable legislation.

Personal data about other individuals

If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf, has been informed of the disclosure and use of his/her personal data in accordance with this Privacy Policy and has agreed that you can:

• Give consent on his/her behalf to the processing of his/her personal data; and
• Receive on his/her behalf any data protection notices

We may use information which you have given to us and we have collected and hold about you in the following ways:

• To carry out our obligations arising from the contracts entered into between you and Reiten and to provide you with information that you request from us;
• To comply with our legal obligations to carry out identity and anti-money laundering checks (please see also the “Identity and Anti-Money Laundering Checking” section below);
• To fulfil other legal obligations, comply with court order, other judicial process, or the requirements of a regulator;
• To maintain our statutory registers;
• To provide you with information on our portfolio, which you have already invested in or enquired about;
• To notify you of investment/divestments that occur within our portfolio;
• To communicate with you in connection with your investment, including by sending you investor reports and invitations to investor meetings, as part of our Services;
• To notify you of fundraising activities;
• To notify you about changes to our services;
• To measure or understand the effectiveness of marketing communications, advertising and or financial promotions we serve to you and others, and to deliver relevant marketing communications, advertising and or financial promotions to you;
• To ensure that content from our site is presented in the most effective manner for you and for your computer;
• To administer our site and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes;
• As part of our efforts to keep our site safe and secure;
• To alert you to special events, and service offerings and for other legitimate business purposes;
• If you ask us to delete your data and we are required to fulfil your request, to keep basic data to identify you and prevent further unwanted processing; and
• To enforce our agreement with you, protect the rights, property or safety of us or and/or those of our affiliates, you or others; and in connection with a business transition such as a merger, acquisition by another company, or sale of all or a portion of our assets.

The legal basis on which we rely to process your personal data as described above is that (a) it is necessary to perform the contract we have entered into with you or to take steps prior to entering into a contract at your request, (b) it is necessary to comply with any legal obligations imposed upon us, or (c) it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.

Where the personal data we collect from you is needed to ensure compliance with legal obligations or to perform our agreement, failure to provide relevant personal data may prevent maintenance of a contractual relationship with you. Please see the “Marketing” section below for information on the legal basis we rely on for our marketing activities.

We may send you information by email, telephone, text message (sms) relating to products or services of ours which may be of interest to you and are similar to the services you subscribed to (such as information about similar funds you may be interested in), unless you have refused or opted out of receiving this information at the time you provided us with your data or you have later indicated to us that you do not wish to receive communications in this manner. You can opt out at any time of receiving such communications by contacting us as set out under the “How to Contact Us” section below or following the opt-out instructions included in each communication. Sending this type of communication is in our legitimate interest. We may also use your name and address to send you marketing communications by post. It is in our legitimate interest to use your personal data for postal marketing.

You can change your preferences for receiving marketing communications and other information from us at any time. You can unsubscribe at any time through the method referred to in the footer of sent marketing communications, or by contacting us. (See the “How to Contact Us” section below.) See the “Your Rights” section below for further information.

Email marketing messages may contain tracking beacons and/or tracked clickable links or similar server technologies in order to track your interaction with emails, for example to know when you have viewed particular content or a particular email message. Where used, such marketing communications may record a range of information relating to engagement, geographic, demographics and already stored subscriber data.

Please note that we may use your marketing and content preferences, and other information you provide to us (including details of your attendance at, or interest in, events) or information on your use of our site in order to send you personalised marketing and try and ensure that you only receive information that you are likely to find of interest.

We may do an identity and/or credit check on you:

• So that we and other related affiliates can verify your identity;
• To make credit decisions about you; and
• To prevent and detect fraud and money laundering.

Our search will be recorded on the files of the credit reference agency. We may also disclose information about how you conduct your account to credit reference agencies and your information may be linked to records relating to other people living at the same address with whom you are financially linked.

Other credit businesses may use your information to:

• Make credit decisions about you and the people with whom you are financially associated;
• Trace debtors; and
• Prevent and detect fraud and money laundering. If you provide false or inaccurate information to us and we suspect fraud, we will record this.

It is our legal obligation to use your personal data to conduct identity and anti-money laundering checking, or it is in our or a third party’s legitimate interest to do so. In some instances, we may hold an identity check and/or credit file. Please contact us using the contact information below and we will provide you with the details of the agencies which we use so that you can contact them directly to obtain the relevant information.

Reiten may disclose your personal data to another entity for the purposes of outsourcing one or more of the services provided by us; or, to confirm or update information provided by you; or to inform you of events, information about our services, and other important information, or for other purposes disclosed at or before the time the information is collected. We may share your information when legally required to do so.

We may share your personal data with:

• Other companies affiliated with us;
• Our agents, service providers, suppliers and sub-contractors who assist us with the performance of our Services and meeting business operation needs: custodians; data storage companies who assist us in storing and backing up the data relating to our business; web hosting companies who assist us with the hosting, operation and maintenance of our site; compliance and anti-money laundering identification; and providers of software that we use in our business, including in relation to the production of investor notices and financial statements, client relationship management, investment management, reporting software and other software;
• Credit reference agents – see “Identity and Anti-Money Laundering Checking” section above;
• Our business partners in accordance with the “Marketing” section above;
• In the event that we buy or sell any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets, or their advisors;
• Law enforcement agencies in connection with any investigation to help prevent unlawful activity;
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, where requested by regulatory agencies, or in order to enforce or apply our terms of business and other agreements or to protect the rights, property or safety of Reiten. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
• Financial institutions and other similar organisations that we deal with in the course of the Services we offer; and
• Auditors, accountants, legal counsel or contractors or other advisers auditing, assisting with or advising on any of our business purposes, in any jurisdiction where we operate.

When we share your information with third parties, they will process your information either as a data controller or as our data processor and this will depend on the purpose of our sharing the personal data. We will only share your personal data in compliance with the applicable data protection legislation and the Data Protection Laws and Regulations.

We have put in place what we consider to be appropriate security measures against unlawful or unauthorised processing of the personal data we hold about you, and against the accidental loss of, or damage to, such personal data. We use both technical and procedural methods to maintain the integrity and security of our databases, including firewalls. But please be aware though that no security measures are perfect or impenetrable.

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the

We try to ensure that the information we hold about you is accurate and kept up-to-date by contacting you at regular intervals and asking you to confirm that this is the case, or if not, to provide us with updated details. However, if at any time you believe that any information we are holding about you is inaccurate, out-of-date or incomplete, please notify us at reporting@reitenco.no as soon as possible. We will correct or delete any information found to be incorrect.

We store your personal data on our secure servers located in Norway. Reiten operates internationally and processing of your personal data for the purposes described above may occur in countries outside of the European Economic Area (“EEA”), such as the United States, which may not have data protection regulations as stringent as those in the EEA.

You have the following rights with respect to your personal data. If you want to exercise any of these rights you can do so by contacting us at reporting@reitenco.no

• The right to access your personal data

You can request information on what personal data we hold along with certain other details (this is known as a “Data Subject Access Request” or “DSAR”). If you would like to obtain a copy of some or all of your information, please contact us and let us know what information you require. In some cases we may need to charge a reasonable fee in relation to your Data Subject Access Request, for example if you require additional copies of your personal data based on the administrative cost of providing you with such further copies.

• The right to correct your personal data
• The right to object to the processing of your personal data
• The right to request deletion of your personal data

You can ask us to erase your personal data (also known as the “right to be forgotten”) in the following circumstances:

• It is no longer necessary for Reiten to hold that personal data with respect to the purpose for which it was originally collected or processed;
• It is no longer necessary for Retien to hold that personal data to comply with its legal obligations;
• You wish to withdraw your consent to us holding and processing your personal data (where applicable because that was the legal basis on which we were processing your data);
• You object to us holding and processing your personal data that we process based on a legitimate interest (and there is no overriding legitimate interest to allow us to continue doing so) or you object to the processing of your personal data for direct marketing purposes;
• The personal data has been processed unlawfully; or
• The personal data needs to be erased in order for us to comply with a particular legal obligation.
• We will comply with your request unless we have reasonable grounds to refuse to erase your personal data.

 

• Right to withdraw consent

If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. Withdrawal of consent will not affect any processing of your data before we received notice that you wished to withdraw consent.

• Right to restrict processing

You may ask us to restrict or ‘block’ the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data or object to us processing it (please read above for information on your right to object).

• Right to data portability

You have the right to obtain your personal data from us that you consented to give us or that was provided to us as necessary in connection with our contract with you, and that is processed by us by automated means.

• Right to lodge a complaint with the data protection authority

If you have a concern about our privacy practices, including the way we handled your personal data, you can report it to the data protection authority that is authorised to hear those concerns.

We will keep your personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, while we have a legitimate business need to do so, or as required by law (e.g. for tax, legal, accounting or other purposes), whichever is the longer.

We may change this Privacy Policy from time to time, and we reserve the right to update or otherwise vary this Privacy Policy without giving notice to you. It is your responsibility to review this Privacy Policy regularly to make sure you are aware of any changes and comply with the changed policy. If required by the applicable law, we will notify you of any material or substantive changes to this Privacy Policy. Changes to our Privacy Policy in the future will be posted on our site.

If you have any questions about this Privacy Policy or the information we hold about you, or you wish to submit a Data Subject Access Request or raise a complaint about the way your personal data has been handled, please send an email to reporting@reitenco.no or write to us; or call us on +47 23113700.